package org.wso2.carbon.identity.organization.management.application.listener;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.stream.Collectors;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementClientException;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.AssociatedRolesConfig;
import org.wso2.carbon.identity.application.common.model.AuthenticationStep;
import org.wso2.carbon.identity.application.common.model.Claim;
import org.wso2.carbon.identity.application.common.model.ClaimConfig;
import org.wso2.carbon.identity.application.common.model.ClaimMapping;
import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.IdentityProvider;
import org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig;
import org.wso2.carbon.identity.application.common.model.RoleV2;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.common.model.ServiceProviderProperty;
import org.wso2.carbon.identity.application.common.model.script.AuthenticationScriptConfig;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
import org.wso2.carbon.identity.application.mgt.listener.AbstractApplicationMgtListener;
import org.wso2.carbon.identity.application.mgt.listener.ApplicationMgtListener;
import org.wso2.carbon.identity.core.model.IdentityEventListenerConfig;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.organization.management.application.constant.OrgApplicationMgtConstants;
import org.wso2.carbon.identity.organization.management.application.dao.OrgApplicationMgtDAO;
import org.wso2.carbon.identity.organization.management.application.internal.OrgApplicationMgtDataHolder;
import org.wso2.carbon.identity.organization.management.application.model.MainApplicationDO;
import org.wso2.carbon.identity.organization.management.application.model.SharedApplicationDO;
import org.wso2.carbon.identity.organization.management.application.util.OrgApplicationManagerUtil;
import org.wso2.carbon.identity.organization.management.service.OrganizationManager;
import org.wso2.carbon.identity.organization.management.service.constant.OrganizationManagementConstants;
import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementClientException;
import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException;
import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementServerException;
import org.wso2.carbon.identity.organization.management.service.util.OrganizationManagementUtil;
import org.wso2.carbon.identity.organization.management.service.util.Utils;
import org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementService;
import org.wso2.carbon.identity.role.v2.mgt.core.exception.IdentityRoleManagementException;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementClientException;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementException;
import org.wso2.carbon.idp.mgt.IdpManager;

/* loaded from: input_file:org/wso2/carbon/identity/organization/management/application/listener/FragmentApplicationMgtListener.class */
public class FragmentApplicationMgtListener extends AbstractApplicationMgtListener {
    private static final Log LOG = LogFactory.getLog(FragmentApplicationMgtListener.class);
    private static final String IS_APP_NAME_UPDATED = "isAppNameUpdated";
    private final ExecutorService executorService = Executors.newFixedThreadPool(5);

    public int getDefaultOrderId() {
        return 50;
    }

    public boolean isEnable() {
        IdentityEventListenerConfig readEventListenerProperty = IdentityUtil.readEventListenerProperty(ApplicationMgtListener.class.getName(), getClass().getName());
        if (readEventListenerProperty != null && StringUtils.isNotBlank(readEventListenerProperty.getEnable())) {
            return Boolean.parseBoolean(readEventListenerProperty.getEnable());
        }
        return false;
    }

    public boolean doPreCreateApplication(ServiceProvider serviceProvider, String str, String str2) throws IdentityApplicationManagementException {
        try {
            if (!Utils.isSubOrganization(getOrganizationManager().getOrganizationDepthInHierarchy(getOrganizationManager().resolveOrganizationId(str))) || isSharedAppFromInternalProcess(serviceProvider, str)) {
                return true;
            }
            throw new IdentityApplicationManagementClientException(OrganizationManagementConstants.ErrorMessages.ERROR_CODE_SUB_ORG_CANNOT_CREATE_APP.getCode(), OrganizationManagementConstants.ErrorMessages.ERROR_CODE_SUB_ORG_CANNOT_CREATE_APP.getMessage());
        } catch (OrganizationManagementException e) {
            throw new IdentityApplicationManagementException("An error occurred while getting depth of the organization", e);
        } catch (OrganizationManagementClientException e2) {
            if (!LOG.isDebugEnabled()) {
                return true;
            }
            LOG.debug("Organization not found for the tenant: " + str);
            return true;
        }
    }

    public boolean doPreUpdateApplication(ServiceProvider serviceProvider, String str, String str2) throws IdentityApplicationManagementException {
        ServiceProvider applicationByResourceId = getApplicationByResourceId(serviceProvider.getApplicationResourceId(), str);
        try {
            if (OrganizationManagementUtil.isOrganization(str)) {
                if (!isInternalProcess(str) && applicationByResourceId != null && !applicationByResourceId.getApplicationName().equals(serviceProvider.getApplicationName())) {
                    throw new IdentityApplicationManagementClientException("Application name modification is not allowed for this organization.");
                }
            } else if (applicationByResourceId != null && !applicationByResourceId.getApplicationName().equals(serviceProvider.getApplicationName())) {
                ((Map) IdentityUtil.threadLocalProperties.get()).put(IS_APP_NAME_UPDATED, true);
            }
            if (applicationByResourceId != null && Arrays.stream(applicationByResourceId.getSpProperties()).anyMatch(serviceProviderProperty -> {
                return OrgApplicationMgtConstants.IS_FRAGMENT_APP.equalsIgnoreCase(serviceProviderProperty.getName()) && Boolean.parseBoolean(serviceProviderProperty.getValue());
            })) {
                serviceProvider.setSpProperties(applicationByResourceId.getSpProperties());
                serviceProvider.setInboundAuthenticationConfig(applicationByResourceId.getInboundAuthenticationConfig());
                LocalAndOutboundAuthenticationConfig localAndOutBoundAuthenticationConfig = serviceProvider.getLocalAndOutBoundAuthenticationConfig();
                if (localAndOutBoundAuthenticationConfig != null && localAndOutBoundAuthenticationConfig.getAuthenticationScriptConfig() != null) {
                    AuthenticationScriptConfig authenticationScriptConfig = localAndOutBoundAuthenticationConfig.getAuthenticationScriptConfig();
                    if (authenticationScriptConfig.isEnabled() && !StringUtils.isBlank(authenticationScriptConfig.getContent())) {
                        throw new IdentityApplicationManagementClientException("Authentication script configuration not allowed for shared applications.");
                    }
                }
            }
            if (applicationByResourceId != null && !((Map) IdentityUtil.threadLocalProperties.get()).containsKey(OrgApplicationMgtConstants.UPDATE_SP_METADATA_SHARE_WITH_ALL_CHILDREN)) {
                Arrays.stream(applicationByResourceId.getSpProperties()).filter(serviceProviderProperty2 -> {
                    return OrgApplicationMgtConstants.SHARE_WITH_ALL_CHILDREN.equals(serviceProviderProperty2.getName());
                }).findFirst().ifPresent(serviceProviderProperty3 -> {
                    OrgApplicationManagerUtil.setShareWithAllChildrenProperty(serviceProvider, Boolean.parseBoolean(serviceProviderProperty3.getValue()));
                });
            }
            try {
                Optional findFirst = Arrays.stream(serviceProvider.getSpProperties()).filter(serviceProviderProperty4 -> {
                    return "isAppShared".equals(serviceProviderProperty4.getName());
                }).findFirst();
                boolean isOrganizationSSOAuthenticatorConfigured = isOrganizationSSOAuthenticatorConfigured(serviceProvider);
                if (findFirst.isPresent() && !Boolean.parseBoolean(((ServiceProviderProperty) findFirst.get()).getValue()) && isOrganizationSSOAuthenticatorConfigured) {
                    removeOrganizationSSOAuthenticator(serviceProvider);
                } else if (findFirst.isPresent() && Boolean.parseBoolean(((ServiceProviderProperty) findFirst.get()).getValue()) && !isOrganizationSSOAuthenticatorConfigured) {
                    addOrganizationSSOAuthenticator(serviceProvider, str);
                }
                return super.doPreUpdateApplication(serviceProvider, str, str2);
            } catch (OrganizationManagementException e) {
                throw new IdentityApplicationManagementException(String.format("Error while resolving the organization SSO authenticator configuration for service provider with ID: %s in tenant:  %s .", serviceProvider.getApplicationResourceId(), str), e);
            }
        } catch (OrganizationManagementException e2) {
            throw new IdentityApplicationManagementException(String.format("Error while resolving the organization for the tenant  %s .", str), e2);
        }
    }

    public boolean doPostUpdateApplication(ServiceProvider serviceProvider, String str, String str2) throws IdentityApplicationManagementException {
        Object obj;
        try {
            try {
                if (!OrganizationManagementUtil.isOrganization(str) && (obj = ((Map) IdentityUtil.threadLocalProperties.get()).get(IS_APP_NAME_UPDATED)) != null && ((Boolean) obj).booleanValue()) {
                    handleApplicationNameUpdate(serviceProvider.getApplicationResourceId(), str, str2, serviceProvider.getApplicationName());
                }
                ((Map) IdentityUtil.threadLocalProperties.get()).remove(IS_APP_NAME_UPDATED);
                return super.doPostUpdateApplication(serviceProvider, str, str2);
            } catch (OrganizationManagementException e) {
                throw new IdentityApplicationManagementException(String.format("Error while updating the application name related to application %s update.", Integer.valueOf(serviceProvider.getApplicationID())), e);
            }
        } catch (Throwable th) {
            ((Map) IdentityUtil.threadLocalProperties.get()).remove(IS_APP_NAME_UPDATED);
            throw th;
        }
    }

    public boolean doPostGetServiceProvider(ServiceProvider serviceProvider, String str, String str2) throws IdentityApplicationManagementException {
        if (serviceProvider != null && Arrays.stream(serviceProvider.getSpProperties()).anyMatch(serviceProviderProperty -> {
            return OrgApplicationMgtConstants.IS_FRAGMENT_APP.equalsIgnoreCase(serviceProviderProperty.getName()) && Boolean.parseBoolean(serviceProviderProperty.getValue());
        })) {
            try {
                Optional<MainApplicationDO> mainApplication = getOrgApplicationMgtDAO().getMainApplication(serviceProvider.getApplicationResourceId(), getOrganizationManager().resolveOrganizationId(str2));
                serviceProvider.getLocalAndOutBoundAuthenticationConfig().setSkipLogoutConsent(true);
                if (mainApplication.isPresent()) {
                    ServiceProvider applicationByResourceId = getApplicationByResourceId(mainApplication.get().getMainApplicationId(), getOrganizationManager().resolveTenantDomain(mainApplication.get().getOrganizationId()));
                    ClaimMapping[] claimMappingArr = (ClaimMapping[]) Arrays.stream(applicationByResourceId.getClaimConfig().getClaimMappings()).filter(claimMapping -> {
                        return !claimMapping.getLocalClaim().getClaimUri().startsWith(OrgApplicationMgtConstants.RUNTIME_CLAIM_URI_PREFIX);
                    }).toArray(i -> {
                        return new ClaimMapping[i];
                    });
                    if (Utils.isB2BApplicationRoleSupportEnabled()) {
                        claimMappingArr = addApplicationRolesToFilteredClaimMappings(claimMappingArr);
                    }
                    if (!CarbonConstants.ENABLE_LEGACY_AUTHZ_RUNTIME.booleanValue()) {
                        claimMappingArr = addRolesClaimToFilteredClaimMappings(claimMappingArr);
                    }
                    ClaimConfig claimConfig = new ClaimConfig();
                    claimConfig.setClaimMappings(claimMappingArr);
                    claimConfig.setAlwaysSendMappedLocalSubjectId(applicationByResourceId.getClaimConfig().isAlwaysSendMappedLocalSubjectId());
                    serviceProvider.setClaimConfig(claimConfig);
                    AssociatedRolesConfig associatedRolesConfig = applicationByResourceId.getAssociatedRolesConfig();
                    if (associatedRolesConfig != null) {
                        serviceProvider.setAssociatedRolesConfig(getAssociatedRolesConfigForSharedApp(associatedRolesConfig, str2));
                    }
                    inheritAPIBasedAuthenticationEnabledProperty(applicationByResourceId, serviceProvider);
                }
            } catch (OrganizationManagementException | IdentityRoleManagementException e) {
                throw new IdentityApplicationManagementException("Error while retrieving the fragment application details.", e);
            }
        }
        return super.doPostGetServiceProvider(serviceProvider, str, str2);
    }

    private void inheritAPIBasedAuthenticationEnabledProperty(ServiceProvider serviceProvider, ServiceProvider serviceProvider2) {
        if (Arrays.stream(serviceProvider.getSpProperties()).anyMatch(serviceProviderProperty -> {
            return "isAPIBasedAuthenticationEnabled".equalsIgnoreCase(serviceProviderProperty.getName()) && Boolean.parseBoolean(serviceProviderProperty.getValue());
        })) {
            ServiceProviderProperty[] spProperties = serviceProvider2.getSpProperties();
            if (!Arrays.stream(spProperties).anyMatch(serviceProviderProperty2 -> {
                return "isAPIBasedAuthenticationEnabled".equalsIgnoreCase(serviceProviderProperty2.getName());
            })) {
                ServiceProviderProperty serviceProviderProperty3 = new ServiceProviderProperty();
                serviceProviderProperty3.setName("isAPIBasedAuthenticationEnabled");
                serviceProviderProperty3.setValue("true");
                ServiceProviderProperty[] serviceProviderPropertyArr = (ServiceProviderProperty[]) Arrays.copyOf(spProperties, spProperties.length + 1);
                serviceProviderPropertyArr[spProperties.length] = serviceProviderProperty3;
                serviceProvider2.setSpProperties(serviceProviderPropertyArr);
                return;
            }
            int length = spProperties.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                ServiceProviderProperty serviceProviderProperty4 = spProperties[i];
                if ("isAPIBasedAuthenticationEnabled".equalsIgnoreCase(serviceProviderProperty4.getName())) {
                    serviceProviderProperty4.setValue("true");
                    break;
                }
                i++;
            }
            serviceProvider2.setSpProperties(spProperties);
        }
    }

    private ClaimMapping[] addRolesClaimToFilteredClaimMappings(ClaimMapping[] claimMappingArr) {
        if (claimMappingArr == null) {
            return null;
        }
        for (ClaimMapping claimMapping : claimMappingArr) {
            if (OrgApplicationMgtConstants.ROLES_CLAIM_URI.equals(claimMapping.getLocalClaim().getClaimUri())) {
                return claimMappingArr;
            }
        }
        ClaimMapping claimMapping2 = new ClaimMapping();
        Claim claim = new Claim();
        claim.setClaimUri(OrgApplicationMgtConstants.ROLES_CLAIM_URI);
        Claim claim2 = new Claim();
        claim2.setClaimUri(OrgApplicationMgtConstants.ROLES_CLAIM_URI);
        claimMapping2.setLocalClaim(claim);
        claimMapping2.setRemoteClaim(claim2);
        claimMapping2.setRequested(true);
        ClaimMapping[] claimMappingArr2 = new ClaimMapping[claimMappingArr.length + 1];
        System.arraycopy(claimMappingArr, 0, claimMappingArr2, 0, claimMappingArr.length);
        claimMappingArr2[claimMappingArr.length] = claimMapping2;
        return claimMappingArr2;
    }

    private AssociatedRolesConfig getAssociatedRolesConfigForSharedApp(AssociatedRolesConfig associatedRolesConfig, String str) throws IdentityRoleManagementException {
        String allowedAudience = associatedRolesConfig.getAllowedAudience();
        List asList = Arrays.asList(associatedRolesConfig.getRoles());
        AssociatedRolesConfig associatedRolesConfig2 = new AssociatedRolesConfig();
        associatedRolesConfig2.setAllowedAudience(allowedAudience);
        associatedRolesConfig2.setRoles((RoleV2[]) getRoleManagementServiceV2().getMainRoleToSharedRoleMappingsBySubOrg((List) asList.stream().map((v0) -> {
            return v0.getId();
        }).collect(Collectors.toList()), str).entrySet().stream().map(entry -> {
            String str2 = (String) entry.getValue();
            String str3 = (String) entry.getKey();
            String str4 = (String) asList.stream().filter(roleV2 -> {
                return roleV2.getId().equals(str3);
            }).findFirst().map((v0) -> {
                return v0.getName();
            }).orElse(null);
            RoleV2 roleV22 = new RoleV2();
            roleV22.setId(str2);
            roleV22.setName(str4);
            return roleV22;
        }).toArray(i -> {
            return new RoleV2[i];
        }));
        return associatedRolesConfig2;
    }

    public boolean doPreDeleteApplication(String str, String str2, String str3) throws IdentityApplicationManagementException {
        ServiceProvider applicationByName = getApplicationByName(str, str2);
        if (applicationByName == null) {
            return false;
        }
        if (Arrays.stream(applicationByName.getSpProperties()).anyMatch(serviceProviderProperty -> {
            return OrgApplicationMgtConstants.IS_FRAGMENT_APP.equalsIgnoreCase(serviceProviderProperty.getName()) && Boolean.parseBoolean(serviceProviderProperty.getValue());
        })) {
            try {
                Optional<SharedApplicationDO> sharedApplication = getOrgApplicationMgtDAO().getSharedApplication(applicationByName.getApplicationID(), str2);
                if (sharedApplication.isPresent()) {
                    if (((Map) IdentityUtil.threadLocalProperties.get()).containsKey(OrgApplicationMgtConstants.DELETE_MAIN_APPLICATION) || ((Map) IdentityUtil.threadLocalProperties.get()).containsKey(OrgApplicationMgtConstants.DELETE_SHARE_FOR_MAIN_APPLICATION)) {
                        return true;
                    }
                    if (sharedApplication.get().shareWithAllChildren()) {
                        return false;
                    }
                    return ((Map) IdentityUtil.threadLocalProperties.get()).containsKey(OrgApplicationMgtConstants.DELETE_FRAGMENT_APPLICATION);
                }
            } catch (OrganizationManagementException e) {
                throw new IdentityApplicationManagementException(String.format("Unable to delete fragment application with resource id: %s ", applicationByName.getApplicationResourceId()));
            }
        }
        try {
            try {
                if (getOrgApplicationMgtDAO().hasFragments(applicationByName.getApplicationResourceId())) {
                    String resolveOrganizationId = getOrganizationManager().resolveOrganizationId(str2);
                    if (resolveOrganizationId == null) {
                        resolveOrganizationId = "10084a8d-113f-4211-a0d5-efe36b082211";
                    }
                    List<SharedApplicationDO> sharedApplications = getOrgApplicationMgtDAO().getSharedApplications(resolveOrganizationId, applicationByName.getApplicationResourceId());
                    ((Map) IdentityUtil.threadLocalProperties.get()).put(OrgApplicationMgtConstants.DELETE_MAIN_APPLICATION, true);
                    String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
                    Iterator<SharedApplicationDO> it = sharedApplications.iterator();
                    while (it.hasNext()) {
                        try {
                            String resolveTenantDomain = getOrganizationManager().resolveTenantDomain(it.next().getOrganizationId());
                            PrivilegedCarbonContext.startTenantFlow();
                            PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(resolveTenantDomain, true);
                            getApplicationMgtService().deleteApplication(applicationByName.getApplicationName(), resolveTenantDomain, username);
                            PrivilegedCarbonContext.endTenantFlow();
                        } catch (Throwable th) {
                            PrivilegedCarbonContext.endTenantFlow();
                            throw th;
                        }
                    }
                }
                ((Map) IdentityUtil.threadLocalProperties.get()).remove(OrgApplicationMgtConstants.DELETE_MAIN_APPLICATION);
                return super.doPreDeleteApplication(str, str2, str3);
            } catch (OrganizationManagementException e2) {
                throw new IdentityApplicationManagementException("Error in validating the application for deletion.", e2);
            }
        } catch (Throwable th2) {
            ((Map) IdentityUtil.threadLocalProperties.get()).remove(OrgApplicationMgtConstants.DELETE_MAIN_APPLICATION);
            throw th2;
        }
    }

    private ServiceProvider getApplicationByResourceId(String str, String str2) throws IdentityApplicationManagementException {
        return getApplicationMgtService().getApplicationByResourceId(str, str2);
    }

    private ServiceProvider getApplicationByName(String str, String str2) throws IdentityApplicationManagementException {
        return getApplicationMgtService().getServiceProvider(str, str2);
    }

    private ApplicationManagementService getApplicationMgtService() {
        return OrgApplicationMgtDataHolder.getInstance().getApplicationManagementService();
    }

    private OrgApplicationMgtDAO getOrgApplicationMgtDAO() {
        return OrgApplicationMgtDataHolder.getInstance().getOrgApplicationMgtDAO();
    }

    private OrganizationManager getOrganizationManager() {
        return OrgApplicationMgtDataHolder.getInstance().getOrganizationManager();
    }

    private RoleManagementService getRoleManagementServiceV2() {
        return OrgApplicationMgtDataHolder.getInstance().getRoleManagementServiceV2();
    }

    private ClaimMapping[] addApplicationRolesToFilteredClaimMappings(ClaimMapping[] claimMappingArr) {
        if (claimMappingArr == null) {
            return claimMappingArr;
        }
        for (ClaimMapping claimMapping : claimMappingArr) {
            if (OrgApplicationMgtConstants.APP_ROLES_CLAIM_URI.equals(claimMapping.getLocalClaim().getClaimUri())) {
                return claimMappingArr;
            }
        }
        ClaimMapping claimMapping2 = new ClaimMapping();
        Claim claim = new Claim();
        claim.setClaimUri(OrgApplicationMgtConstants.APP_ROLES_CLAIM_URI);
        Claim claim2 = new Claim();
        claim2.setClaimUri(OrgApplicationMgtConstants.APP_ROLES_CLAIM_URI);
        claimMapping2.setLocalClaim(claim);
        claimMapping2.setRemoteClaim(claim2);
        claimMapping2.setRequested(true);
        ClaimMapping[] claimMappingArr2 = new ClaimMapping[claimMappingArr.length + 1];
        System.arraycopy(claimMappingArr, 0, claimMappingArr2, 0, claimMappingArr.length);
        claimMappingArr2[claimMappingArr.length] = claimMapping2;
        return claimMappingArr2;
    }

    private boolean isSharedAppFromInternalProcess(ServiceProvider serviceProvider, String str) {
        return (serviceProvider.getSpProperties() == null || !Arrays.stream(serviceProvider.getSpProperties()).anyMatch(serviceProviderProperty -> {
            return OrgApplicationMgtConstants.IS_FRAGMENT_APP.equals(serviceProviderProperty.getName()) && Boolean.parseBoolean(serviceProviderProperty.getValue());
        }) || StringUtils.equals(IdentityTenantUtil.getTenantDomainFromContext(), str)) ? false : true;
    }

    private boolean isInternalProcess(String str) {
        return !StringUtils.equals(IdentityTenantUtil.getTenantDomainFromContext(), str);
    }

    private void handleApplicationNameUpdate(String str, String str2, String str3, String str4) throws OrganizationManagementException {
        List<SharedApplicationDO> sharedApplications = getOrgApplicationMgtDAO().getSharedApplications(getOrganizationManager().resolveOrganizationId(str2), str);
        if (CollectionUtils.isEmpty(sharedApplications)) {
            return;
        }
        for (SharedApplicationDO sharedApplicationDO : sharedApplications) {
            String organizationId = sharedApplicationDO.getOrganizationId();
            CompletableFuture.runAsync(() -> {
                try {
                    updateFragmentApplication(organizationId, sharedApplicationDO.getFragmentApplicationId(), str4, str3);
                } catch (IdentityApplicationManagementException | OrganizationManagementException e) {
                    LOG.error(String.format("Error in updating application: %s in organization: %s", str, organizationId), e);
                }
            }, this.executorService);
        }
    }

    private void updateFragmentApplication(String str, String str2, String str3, String str4) throws OrganizationManagementException, IdentityApplicationManagementException {
        try {
            String resolveTenantDomain = getOrganizationManager().resolveTenantDomain(str);
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(resolveTenantDomain, true);
            ServiceProvider applicationByResourceId = getApplicationMgtService().getApplicationByResourceId(str2, resolveTenantDomain);
            applicationByResourceId.setApplicationName(str3);
            getApplicationMgtService().updateApplicationByResourceId(str2, applicationByResourceId, resolveTenantDomain, str4);
        } finally {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }

    private void removeOrganizationSSOAuthenticator(ServiceProvider serviceProvider) {
        LocalAndOutboundAuthenticationConfig localAndOutBoundAuthenticationConfig = serviceProvider.getLocalAndOutBoundAuthenticationConfig();
        AuthenticationStep[] authenticationSteps = localAndOutBoundAuthenticationConfig.getAuthenticationSteps();
        AuthenticationStep authenticationStep = new AuthenticationStep();
        if (ArrayUtils.isNotEmpty(authenticationSteps)) {
            AuthenticationStep authenticationStep2 = authenticationSteps[0];
            authenticationStep.setStepOrder(authenticationStep2.getStepOrder());
            authenticationStep.setSubjectStep(authenticationStep2.isSubjectStep());
            authenticationStep.setAttributeStep(authenticationStep2.isAttributeStep());
            authenticationStep.setFederatedIdentityProviders(authenticationStep2.getFederatedIdentityProviders());
            authenticationStep.setLocalAuthenticatorConfigs(authenticationStep2.getLocalAuthenticatorConfigs());
        }
        AuthenticationStep[] authenticationStepArr = ArrayUtils.isNotEmpty(authenticationSteps) ? (AuthenticationStep[]) authenticationSteps.clone() : new AuthenticationStep[1];
        ArrayList arrayList = new ArrayList();
        for (IdentityProvider identityProvider : authenticationStep.getFederatedIdentityProviders()) {
            if (!OrgApplicationMgtConstants.ORGANIZATION_LOGIN_AUTHENTICATOR.equals(identityProvider.getDefaultAuthenticatorConfig().getName())) {
                arrayList.add(identityProvider);
            }
        }
        authenticationStep.setFederatedIdentityProviders((IdentityProvider[]) arrayList.toArray(new IdentityProvider[0]));
        authenticationStepArr[0] = authenticationStep;
        localAndOutBoundAuthenticationConfig.setAuthenticationSteps(authenticationStepArr);
        serviceProvider.setLocalAndOutBoundAuthenticationConfig(localAndOutBoundAuthenticationConfig);
    }

    private void addOrganizationSSOAuthenticator(ServiceProvider serviceProvider, String str) throws OrganizationManagementServerException, OrganizationManagementClientException {
        LocalAndOutboundAuthenticationConfig localAndOutBoundAuthenticationConfig = serviceProvider.getLocalAndOutBoundAuthenticationConfig();
        AuthenticationStep[] authenticationSteps = localAndOutBoundAuthenticationConfig.getAuthenticationSteps();
        if (StringUtils.equalsIgnoreCase(localAndOutBoundAuthenticationConfig.getAuthenticationType(), "default")) {
            LocalAndOutboundAuthenticationConfig defaultAuthenticationConfig = OrgApplicationManagerUtil.getDefaultAuthenticationConfig();
            if (defaultAuthenticationConfig != null) {
                authenticationSteps = defaultAuthenticationConfig.getAuthenticationSteps();
            }
            LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig = new LocalAndOutboundAuthenticationConfig();
            localAndOutboundAuthenticationConfig.setUseUserstoreDomainInLocalSubjectIdentifier(localAndOutBoundAuthenticationConfig.isUseUserstoreDomainInLocalSubjectIdentifier());
            localAndOutboundAuthenticationConfig.setUseTenantDomainInLocalSubjectIdentifier(localAndOutBoundAuthenticationConfig.isUseUserstoreDomainInLocalSubjectIdentifier());
            localAndOutboundAuthenticationConfig.setSkipConsent(localAndOutBoundAuthenticationConfig.isSkipConsent());
            localAndOutboundAuthenticationConfig.setSkipLogoutConsent(localAndOutBoundAuthenticationConfig.isSkipLogoutConsent());
            localAndOutBoundAuthenticationConfig = localAndOutboundAuthenticationConfig;
            localAndOutBoundAuthenticationConfig.setAuthenticationType("flow");
        }
        AuthenticationStep authenticationStep = new AuthenticationStep();
        if (ArrayUtils.isNotEmpty(authenticationSteps)) {
            AuthenticationStep authenticationStep2 = authenticationSteps[0];
            authenticationStep.setStepOrder(authenticationStep2.getStepOrder());
            authenticationStep.setSubjectStep(authenticationStep2.isSubjectStep());
            authenticationStep.setAttributeStep(authenticationStep2.isAttributeStep());
            authenticationStep.setFederatedIdentityProviders(authenticationStep2.getFederatedIdentityProviders());
            authenticationStep.setLocalAuthenticatorConfigs(authenticationStep2.getLocalAuthenticatorConfigs());
        }
        AuthenticationStep[] authenticationStepArr = ArrayUtils.isNotEmpty(authenticationSteps) ? (AuthenticationStep[]) authenticationSteps.clone() : new AuthenticationStep[1];
        try {
            Optional findFirst = Arrays.stream(getApplicationManagementService().getAllIdentityProviders(str)).filter(this::isOrganizationLoginIDP).findFirst();
            try {
                authenticationStep.setFederatedIdentityProviders((IdentityProvider[]) ArrayUtils.addAll(authenticationStep.getFederatedIdentityProviders(), new IdentityProvider[]{findFirst.isPresent() ? (IdentityProvider) findFirst.get() : getIdentityProviderManager().addIdPWithResourceId(OrgApplicationManagerUtil.createOrganizationSSOIDP(), str)}));
                authenticationStepArr[0] = authenticationStep;
                localAndOutBoundAuthenticationConfig.setAuthenticationSteps(authenticationStepArr);
                serviceProvider.setLocalAndOutBoundAuthenticationConfig(localAndOutBoundAuthenticationConfig);
            } catch (IdentityProviderManagementClientException e) {
                throw new OrganizationManagementClientException(e.getMessage(), e.getMessage(), e.getErrorCode());
            } catch (IdentityProviderManagementException e2) {
                throw Utils.handleServerException(OrganizationManagementConstants.ErrorMessages.ERROR_CODE_ERROR_CREATING_ORG_LOGIN_IDP, e2, new String[]{Utils.getOrganizationId()});
            }
        } catch (IdentityApplicationManagementException e3) {
            throw Utils.handleServerException(OrganizationManagementConstants.ErrorMessages.ERROR_CODE_ERROR_RETRIEVING_ORGANIZATION_IDP_LIST, e3, new String[]{Utils.getOrganizationId()});
        }
    }

    private boolean isOrganizationSSOAuthenticatorConfigured(ServiceProvider serviceProvider) {
        AuthenticationStep authenticationStep;
        AuthenticationStep[] authenticationSteps = serviceProvider.getLocalAndOutBoundAuthenticationConfig().getAuthenticationSteps();
        return ArrayUtils.isNotEmpty(authenticationSteps) && (authenticationStep = authenticationSteps[0]) != null && authenticationStep.getFederatedIdentityProviders() != null && Arrays.stream(authenticationStep.getFederatedIdentityProviders()).map((v0) -> {
            return v0.getDefaultAuthenticatorConfig();
        }).anyMatch(federatedAuthenticatorConfig -> {
            return federatedAuthenticatorConfig != null && OrgApplicationMgtConstants.ORGANIZATION_LOGIN_AUTHENTICATOR.equals(federatedAuthenticatorConfig.getName());
        });
    }

    private IdpManager getIdentityProviderManager() {
        return OrgApplicationMgtDataHolder.getInstance().getIdpManager();
    }

    private ApplicationManagementService getApplicationManagementService() {
        return OrgApplicationMgtDataHolder.getInstance().getApplicationManagementService();
    }

    private boolean isOrganizationLoginIDP(IdentityProvider identityProvider) {
        FederatedAuthenticatorConfig[] federatedAuthenticatorConfigs = identityProvider.getFederatedAuthenticatorConfigs();
        return ArrayUtils.isNotEmpty(federatedAuthenticatorConfigs) && OrgApplicationMgtConstants.ORGANIZATION_LOGIN_AUTHENTICATOR.equals(federatedAuthenticatorConfigs[0].getName());
    }
}
