package org.wso2.carbon.identity.recovery;

import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.common.model.User;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.base.IdentityRuntimeException;
import org.wso2.carbon.identity.core.persistence.registry.RegistryResourceMgtService;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.recovery.IdentityRecoveryConstants;
import org.wso2.carbon.identity.recovery.internal.IdentityRecoveryServiceDataHolder;
import org.wso2.carbon.identity.recovery.model.ChallengeQuestion;
import org.wso2.carbon.identity.recovery.model.UserChallengeAnswer;
import org.wso2.carbon.identity.recovery.util.Utils;
import org.wso2.carbon.registry.core.CollectionImpl;
import org.wso2.carbon.registry.core.Resource;
import org.wso2.carbon.registry.core.ResourceImpl;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/recovery/ChallengeQuestionManager.class */
public class ChallengeQuestionManager {
    private static final Log log = LogFactory.getLog(ChallengeQuestionManager.class);
    private static ChallengeQuestionManager instance = new ChallengeQuestionManager();
    private IdentityRecoveryServiceDataHolder dataHolder = IdentityRecoveryServiceDataHolder.getInstance();
    private RegistryResourceMgtService resourceMgtService = this.dataHolder.getResourceMgtService();
    private static final String QUESTIONS_BASE_PATH = "/identity/questionCollection";

    private ChallengeQuestionManager() {
    }

    public static ChallengeQuestionManager getInstance() {
        return instance;
    }

    public List<ChallengeQuestion> getAllChallengeQuestions(String str) throws IdentityRecoveryServerException {
        String validateTenantDomain = validateTenantDomain(str);
        ArrayList arrayList = new ArrayList();
        try {
            if (this.resourceMgtService.getIdentityResource("/identity/questionCollection", validateTenantDomain) != null) {
                for (String str2 : this.resourceMgtService.getIdentityResource("/identity/questionCollection", validateTenantDomain).getChildren()) {
                    for (String str3 : this.resourceMgtService.getIdentityResource(str2, validateTenantDomain).getChildren()) {
                        for (String str4 : this.resourceMgtService.getIdentityResource(str3, validateTenantDomain).getChildren()) {
                            Resource identityResource = this.resourceMgtService.getIdentityResource(str4, validateTenantDomain);
                            if (identityResource != null) {
                                arrayList.add(createChallengeQuestion(identityResource));
                            }
                        }
                    }
                }
            }
            return arrayList;
        } catch (RegistryException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_REGISTRY_EXCEPTION_GET_CHALLENGE_QUESTIONS, null, e);
        }
    }

    public List<ChallengeQuestion> getAllChallengeQuestions(String str, String str2) throws IdentityRecoveryException {
        String validateLocale = validateLocale(str2);
        String validateTenantDomain = validateTenantDomain(str);
        ArrayList arrayList = new ArrayList();
        try {
            if (this.resourceMgtService.getIdentityResource("/identity/questionCollection", validateTenantDomain) != null) {
                for (String str3 : this.resourceMgtService.getIdentityResource("/identity/questionCollection", validateTenantDomain).getChildren()) {
                    for (String str4 : this.resourceMgtService.getIdentityResource(str3, validateTenantDomain).getChildren()) {
                        Resource identityResource = this.resourceMgtService.getIdentityResource(str4, validateTenantDomain, validateLocale);
                        if (identityResource != null) {
                            arrayList.add(createChallengeQuestion(identityResource));
                        }
                    }
                }
            }
            return arrayList;
        } catch (RegistryException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_REGISTRY_EXCEPTION_GET_CHALLENGE_QUESTIONS, null, e);
        }
    }

    public List<String> getAllChallengeQuestionSetsURIs(String str) throws IdentityRecoveryServerException {
        String validateTenantDomain = validateTenantDomain(str);
        ArrayList arrayList = new ArrayList();
        try {
            if (this.resourceMgtService.getIdentityResource("/identity/questionCollection", validateTenantDomain) != null) {
                for (String str2 : this.resourceMgtService.getIdentityResource("/identity/questionCollection", validateTenantDomain).getChildren()) {
                    arrayList.add(str2.replace("/identity/questionCollection", IdentityRecoveryConstants.WSO2CARBON_CLAIM_DIALECT));
                }
            }
            return arrayList;
        } catch (RegistryException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_REGISTRY_EXCEPTION_GET_CHALLENGE_QUESTIONS, null, e);
        }
    }

    public List<ChallengeQuestion> getAllChallengeQuestionsForUser(String str, User user) throws IdentityRecoveryException {
        String localeOfUser = getLocaleOfUser(user, str);
        List<ChallengeQuestion> allChallengeQuestions = getAllChallengeQuestions(str, localeOfUser);
        if (allChallengeQuestions.isEmpty() && !StringUtils.equalsIgnoreCase(IdentityRecoveryConstants.LOCALE_EN_US, localeOfUser)) {
            log.error(String.format("No challenge questions available in '%s' locale in %s tenant. Sending questions of default '%s' locale", localeOfUser, str, IdentityRecoveryConstants.LOCALE_EN_US));
            allChallengeQuestions = getAllChallengeQuestions(str, IdentityRecoveryConstants.LOCALE_EN_US);
        }
        return allChallengeQuestions;
    }

    public void setDefaultChallengeQuestions(String str) throws IdentityRecoveryException {
        String validateTenantDomain = validateTenantDomain(str);
        if (!getAllChallengeQuestions(validateTenantDomain).isEmpty()) {
            if (log.isDebugEnabled()) {
                log.debug("Default Challenge Questions already available.");
            }
        } else {
            ChallengeQuestion[] defaultChallengeQuestions = Utils.getDefaultChallengeQuestions();
            addChallengeQuestions(defaultChallengeQuestions, validateTenantDomain);
            if (log.isDebugEnabled()) {
                log.debug(String.format("%d default challenge questions added to registry of %s tenant.", Integer.valueOf(defaultChallengeQuestions.length), validateTenantDomain));
            }
        }
    }

    public void addChallengeQuestions(ChallengeQuestion[] challengeQuestionArr, String str) throws IdentityRecoveryException {
        try {
            String validateTenantDomain = validateTenantDomain(str);
            if (this.resourceMgtService.getIdentityResource("/identity/questionCollection", validateTenantDomain) == null) {
                this.resourceMgtService.putIdentityResource(new CollectionImpl(), "/identity/questionCollection", validateTenantDomain);
            }
            for (ChallengeQuestion challengeQuestion : challengeQuestionArr) {
                validateChallengeQuestionAttributes(challengeQuestion);
                this.resourceMgtService.putIdentityResource(createRegistryResource(challengeQuestion), getQuestionPath(challengeQuestion), validateTenantDomain, validateLocale(challengeQuestion.getLocale()));
            }
        } catch (RegistryException | UnsupportedEncodingException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_REGISTRY_EXCEPTION_SET_CHALLENGE_QUESTIONS, null, e);
        }
    }

    public void deleteChallengeQuestions(ChallengeQuestion[] challengeQuestionArr, String str) throws IdentityRecoveryException {
        try {
            str = validateTenantDomain(str);
            for (ChallengeQuestion challengeQuestion : challengeQuestionArr) {
                if (isChallengeQuestionExists(challengeQuestion, str)) {
                    String questionPath = getQuestionPath(challengeQuestion);
                    if (StringUtils.isNotEmpty(challengeQuestion.getLocale())) {
                        this.resourceMgtService.deleteIdentityResource(questionPath, str, challengeQuestion.getLocale());
                    } else {
                        this.resourceMgtService.deleteIdentityResource(questionPath, str);
                    }
                }
            }
        } catch (IdentityRuntimeException e) {
            log.error("Error deleting challenge quesitons in " + str);
            throw new IdentityRecoveryException("Error when deleting challenge questions.", (Throwable) e);
        }
    }

    public void deleteChallengeQuestionSet(String str, String str2, String str3) throws IdentityRecoveryException {
        try {
            String validateTenantDomain = validateTenantDomain(str3);
            if (isChallengeQuestionSetExists(str, validateTenantDomain)) {
                String questionSetPath = getQuestionSetPath(str);
                if (StringUtils.isEmpty(str2)) {
                    this.resourceMgtService.deleteIdentityResource(questionSetPath, validateTenantDomain);
                } else {
                    deleteChallengeQuestionsByLocale(questionSetPath, validateTenantDomain, str2);
                }
            }
        } catch (IdentityRuntimeException e) {
            log.error("Error deleting challenge set in " + str3);
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_ERROR_DELETING_CHALLENGE_SET, str, e);
        }
    }

    private void deleteChallengeQuestionsByLocale(String str, String str2, String str3) throws IdentityRecoveryServerException {
        try {
            for (String str4 : this.resourceMgtService.getIdentityResource(getQuestionSetPath(str), str2).getChildren()) {
                if (this.resourceMgtService.getIdentityResource(str4, str2, str3) != null) {
                    this.resourceMgtService.deleteIdentityResource(str4, str2, str3);
                }
            }
        } catch (RegistryException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_REGISTRY_EXCEPTION_DELETE_CHALLENGE_QUESTIONS, str3, e);
        }
    }

    public UserChallengeAnswer[] getChallengeAnswersOfUser(User user) throws IdentityRecoveryException {
        validateUser(user);
        ArrayList arrayList = new ArrayList();
        if (log.isDebugEnabled()) {
            log.debug("Retrieving Challenge question from the user profile.");
        }
        Iterator<String> it = getChallengeQuestionUris(user).iterator();
        while (it.hasNext()) {
            String trim = it.next().trim();
            try {
                String[] split = Utils.getClaimFromUserStoreManager(user, trim).split(getChallengeSeparator());
                if (split != null && split.length == 2) {
                    arrayList.add(new UserChallengeAnswer(new ChallengeQuestion(trim, split[0].trim()), split[1].trim()));
                }
            } catch (UserStoreException e) {
                throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_GETTING_CHALLENGE_QUESTIONS, user.getUserName(), e);
            }
        }
        return !arrayList.isEmpty() ? (UserChallengeAnswer[]) arrayList.toArray(new UserChallengeAnswer[arrayList.size()]) : new UserChallengeAnswer[0];
    }

    public ChallengeQuestion getUserChallengeQuestion(User user, String str) throws IdentityRecoveryException {
        String[] split;
        validateUser(user);
        ChallengeQuestion challengeQuestion = null;
        if (log.isDebugEnabled()) {
            log.debug("Retrieving Challenge question from the user profile.");
        }
        try {
            String claimFromUserStoreManager = Utils.getClaimFromUserStoreManager(user, str);
            if (claimFromUserStoreManager != null && (split = claimFromUserStoreManager.split(getChallengeSeparator())) != null && split.length == 2) {
                challengeQuestion = new ChallengeQuestion(str, split[0].trim());
            }
            return challengeQuestion;
        } catch (UserStoreException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_GETTING_CHALLENGE_QUESTION, user.getUserName(), e);
        }
    }

    public String[] getUserChallengeQuestionIds(User user) throws IdentityRecoveryException {
        validateUser(user);
        if (log.isDebugEnabled()) {
            log.debug("Retrieving answered Challenge question set ids from the user profile.");
        }
        List<String> challengeQuestionUris = getChallengeQuestionUris(user);
        if (!challengeQuestionUris.isEmpty()) {
            return (String[]) challengeQuestionUris.toArray(new String[challengeQuestionUris.size()]);
        }
        String str = "No associated challenge question found for the user : " + user.getUserName();
        if (log.isDebugEnabled()) {
            log.debug(str);
        }
        return new String[0];
    }

    public List<String> getChallengeQuestionUris(User user) throws IdentityRecoveryException {
        validateUser(user);
        if (log.isDebugEnabled()) {
            log.debug(String.format("Getting answered challenge question uris from %s's profile.", user.toString()));
        }
        ArrayList arrayList = new ArrayList();
        try {
            String claimFromUserStoreManager = Utils.getClaimFromUserStoreManager(user, IdentityRecoveryConstants.CHALLENGE_QUESTION_URI);
            if (claimFromUserStoreManager != null) {
                String challengeSeparator = getChallengeSeparator();
                for (String str : claimFromUserStoreManager.contains(challengeSeparator) ? claimFromUserStoreManager.split(challengeSeparator) : new String[]{claimFromUserStoreManager.trim()}) {
                    if (StringUtils.isNotBlank(str)) {
                        arrayList.add(str.trim());
                    }
                }
            }
            return arrayList;
        } catch (UserStoreException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_GETTING_CHALLENGE_URIS, user.getUserName(), e);
        }
    }

    public void setChallengesOfUser(User user, UserChallengeAnswer[] userChallengeAnswerArr) throws IdentityRecoveryException {
        validateUser(user);
        if (log.isDebugEnabled()) {
            log.debug(String.format("Setting user challenge question answers in %s's profile.", user.toString()));
        }
        try {
            String tenantDomain = StringUtils.isBlank(user.getTenantDomain()) ? "carbon.super" : user.getTenantDomain();
            validateSecurityQuestionDuplicate(userChallengeAnswerArr);
            checkChallengeQuestionExists(userChallengeAnswerArr, tenantDomain);
            ArrayList<String> arrayList = new ArrayList();
            String str = "";
            String challengeSeparator = getChallengeSeparator();
            if (!ArrayUtils.isEmpty(userChallengeAnswerArr)) {
                for (UserChallengeAnswer userChallengeAnswer : userChallengeAnswerArr) {
                    if (userChallengeAnswer.getQuestion().getQuestionSetId() != null && userChallengeAnswer.getQuestion().getQuestion() != null && userChallengeAnswer.getAnswer() != null) {
                        String claimFromUserStoreManager = Utils.getClaimFromUserStoreManager(user, userChallengeAnswer.getQuestion().getQuestionSetId().trim());
                        if (claimFromUserStoreManager == null || !claimFromUserStoreManager.contains(challengeSeparator)) {
                            Utils.setClaimInUserStoreManager(user, userChallengeAnswer.getQuestion().getQuestionSetId().trim(), userChallengeAnswer.getQuestion().getQuestion().trim() + challengeSeparator + Utils.doHash(userChallengeAnswer.getAnswer().trim().toLowerCase()));
                        } else if (!claimFromUserStoreManager.split(challengeSeparator)[1].trim().equals(userChallengeAnswer.getAnswer().trim())) {
                            Utils.setClaimInUserStoreManager(user, userChallengeAnswer.getQuestion().getQuestionSetId().trim(), userChallengeAnswer.getQuestion().getQuestion().trim() + challengeSeparator + Utils.doHash(userChallengeAnswer.getAnswer().trim().toLowerCase()));
                        }
                        arrayList.add(userChallengeAnswer.getQuestion().getQuestionSetId().trim());
                    }
                }
                for (String str2 : arrayList) {
                    str = "".equals(str) ? str2 : str + challengeSeparator + str2;
                }
                Utils.setClaimInUserStoreManager(user, IdentityRecoveryConstants.CHALLENGE_QUESTION_URI, str);
            }
        } catch (UserStoreException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_REMOVING_CHALLENGE_QUESTIONS, user.getUserName(), e);
        }
    }

    private String getChallengeSeparator() {
        String property = IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.QUESTION_CHALLENGE_SEPARATOR);
        if (StringUtils.isEmpty(property)) {
            property = "!";
        }
        return property;
    }

    public void setChallengeOfUser(User user, UserChallengeAnswer userChallengeAnswer) throws IdentityRecoveryException {
        validateUser(user);
        if (log.isDebugEnabled()) {
            log.debug(String.format("Setting user challenge question answers in %s's profile.", user.toString()));
        }
        try {
            String tenantDomain = StringUtils.isBlank(user.getTenantDomain()) ? "carbon.super" : user.getTenantDomain();
            validateSecurityQuestionDuplicate(new UserChallengeAnswer[]{userChallengeAnswer});
            checkChallengeQuestionExists(new UserChallengeAnswer[]{userChallengeAnswer}, tenantDomain);
            HashSet hashSet = new HashSet(getChallengeQuestionUris(user));
            String challengeSeparator = getChallengeSeparator();
            if (userChallengeAnswer.getQuestion().getQuestionSetId() != null && userChallengeAnswer.getQuestion().getQuestion() != null && userChallengeAnswer.getAnswer() != null) {
                Utils.setClaimInUserStoreManager(user, userChallengeAnswer.getQuestion().getQuestionSetId().trim(), userChallengeAnswer.getQuestion().getQuestion().trim() + challengeSeparator + Utils.doHash(userChallengeAnswer.getAnswer().trim().toLowerCase()));
                hashSet.add(userChallengeAnswer.getQuestion().getQuestionSetId().trim());
                setUserChallengesURI(user, hashSet, challengeSeparator);
            }
        } catch (UserStoreException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_REMOVING_CHALLENGE_QUESTIONS, user.getUserName(), e);
        }
    }

    private void setUserChallengesURI(User user, Set<String> set, String str) throws UserStoreException {
        Utils.setClaimInUserStoreManager(user, IdentityRecoveryConstants.CHALLENGE_QUESTION_URI, getUserChallengesUriValue(set, str));
    }

    private void setUserChallengesURI(User user, Set<String> set) throws UserStoreException {
        setUserChallengesURI(user, set, getChallengeSeparator());
    }

    private String getUserChallengesUriValue(Set<String> set, String str) {
        String str2 = "";
        for (String str3 : set) {
            str2 = "".equals(str2) ? str3 : str2 + str + str3;
        }
        return str2;
    }

    public void removeChallengeAnswersOfUser(User user) throws IdentityRecoveryException {
        validateUser(user);
        if (log.isDebugEnabled()) {
            log.debug("Removing Challenge question answers from the user profile.");
        }
        List<String> challengeQuestionUris = getChallengeQuestionUris(user);
        challengeQuestionUris.add(IdentityRecoveryConstants.CHALLENGE_QUESTION_URI);
        try {
            Utils.removeClaimFromUserStoreManager(user, (String[]) challengeQuestionUris.toArray(new String[challengeQuestionUris.size()]));
        } catch (UserStoreException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_REMOVING_CHALLENGE_QUESTIONS, user.getUserName(), e);
        }
    }

    public void removeChallengeAnswerOfUser(User user, String str) throws IdentityRecoveryException {
        validateUser(user);
        if (log.isDebugEnabled()) {
            log.debug("Removing a Challenge answer from the user profile.");
        }
        HashSet hashSet = new HashSet(getChallengeQuestionUris(user));
        if (hashSet.contains(str)) {
            try {
                Utils.removeClaimFromUserStoreManager(user, new String[]{str});
                hashSet.remove(str);
                setUserChallengesURI(user, hashSet);
            } catch (UserStoreException e) {
                throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_GETTING_CHALLENGE_QUESTIONS, user.getUserName(), e);
            }
        }
    }

    public boolean verifyChallengeAnswer(User user, UserChallengeAnswer[] userChallengeAnswerArr) throws IdentityRecoveryException {
        validateUser(user);
        boolean z = false;
        if (log.isDebugEnabled()) {
            log.debug(String.format("Verifying challenge question answers for %s.", user.toString()));
        }
        UserChallengeAnswer[] challengeAnswersOfUser = getChallengeAnswersOfUser(user);
        for (UserChallengeAnswer userChallengeAnswer : userChallengeAnswerArr) {
            if (StringUtils.isBlank(userChallengeAnswer.getAnswer())) {
                return false;
            }
            for (UserChallengeAnswer userChallengeAnswer2 : challengeAnswersOfUser) {
                if ((userChallengeAnswer.getQuestion().getQuestionSetId() != null && userChallengeAnswer.getQuestion().getQuestionSetId().trim().equals(userChallengeAnswer2.getQuestion().getQuestionSetId())) || (userChallengeAnswer.getQuestion().getQuestion() != null && userChallengeAnswer.getQuestion().getQuestion().trim().equals(userChallengeAnswer2.getQuestion().getQuestion()))) {
                    try {
                        if (!Utils.doHash(userChallengeAnswer.getAnswer().trim().toLowerCase()).equals(userChallengeAnswer2.getAnswer())) {
                            return false;
                        }
                        z = true;
                    } catch (UserStoreException e) {
                        throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_NO_HASHING_ALGO, null, e);
                    }
                }
            }
        }
        return z;
    }

    public boolean verifyUserChallengeAnswer(User user, UserChallengeAnswer userChallengeAnswer) throws IdentityRecoveryException {
        validateUser(user);
        boolean z = false;
        if (log.isDebugEnabled()) {
            log.debug(String.format("Verifying challenge question answer for %s.", user.toString()));
        }
        UserChallengeAnswer[] challengeAnswersOfUser = getChallengeAnswersOfUser(user);
        if (StringUtils.isBlank(userChallengeAnswer.getAnswer())) {
            log.error("Invalid. Empty answer provided for the challenge question.");
            return false;
        }
        for (UserChallengeAnswer userChallengeAnswer2 : challengeAnswersOfUser) {
            if (userChallengeAnswer2.getQuestion().getQuestionSetId().equals(userChallengeAnswer.getQuestion().getQuestionSetId())) {
                try {
                    if (!Utils.doHash(userChallengeAnswer.getAnswer().trim().toLowerCase()).equals(userChallengeAnswer2.getAnswer())) {
                        if (!log.isDebugEnabled()) {
                            return false;
                        }
                        log.debug("Challenge question answer verification failed.");
                        return false;
                    }
                    z = true;
                    if (log.isDebugEnabled()) {
                        log.debug("Challenge question answer verified successfully.");
                    }
                } catch (UserStoreException e) {
                    throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_NO_HASHING_ALGO, null, e);
                }
            }
        }
        return z;
    }

    private boolean isChallengeQuestionExists(ChallengeQuestion challengeQuestion, String str) throws IdentityRecoveryClientException {
        validateChallengeQuestionMandatoryParams(challengeQuestion);
        String questionPath = getQuestionPath(challengeQuestion);
        if (StringUtils.isNotEmpty(challengeQuestion.getLocale())) {
            return this.resourceMgtService.getIdentityResource(questionPath, str, validateLocale(challengeQuestion.getLocale())) != null;
        }
        return this.resourceMgtService.getIdentityResource(questionPath, str) != null;
    }

    private boolean isChallengeQuestionSetExists(String str, String str2) throws IdentityRecoveryClientException {
        validateChallengeSetURI(str);
        return this.resourceMgtService.getIdentityResource(getQuestionSetPath(str), str2) != null;
    }

    private ChallengeQuestion createChallengeQuestion(Resource resource) throws RegistryException {
        ChallengeQuestion challengeQuestion = null;
        String str = new String((byte[]) resource.getContent(), Charset.forName(IdentityRecoveryConstants.UTF_8));
        String property = resource.getProperty(IdentityRecoveryConstants.Questions.CHALLENGE_QUESTION_SET_ID);
        String property2 = resource.getProperty(IdentityRecoveryConstants.Questions.CHALLENGE_QUESTION_ID);
        String property3 = resource.getProperty(IdentityRecoveryConstants.Questions.CHALLENGE_QUESTION_LOCALE);
        if (property != null) {
            if (IdentityUtil.isBlank(property3)) {
                property3 = IdentityRecoveryConstants.LOCALE_EN_US;
            }
            challengeQuestion = new ChallengeQuestion(property, property2, str, property3);
        }
        return challengeQuestion;
    }

    private Resource createRegistryResource(ChallengeQuestion challengeQuestion) throws RegistryException, UnsupportedEncodingException {
        byte[] bytes = challengeQuestion.getQuestion().getBytes(IdentityRecoveryConstants.UTF_8);
        String questionSetId = challengeQuestion.getQuestionSetId();
        String questionId = challengeQuestion.getQuestionId();
        String locale = challengeQuestion.getLocale();
        ResourceImpl resourceImpl = new ResourceImpl();
        resourceImpl.setContent(bytes);
        resourceImpl.addProperty(IdentityRecoveryConstants.Questions.CHALLENGE_QUESTION_SET_ID, questionSetId);
        resourceImpl.addProperty(IdentityRecoveryConstants.Questions.CHALLENGE_QUESTION_ID, questionId);
        resourceImpl.addProperty(IdentityRecoveryConstants.Questions.CHALLENGE_QUESTION_LOCALE, locale);
        resourceImpl.setMediaType("tag");
        return resourceImpl;
    }

    private String getQuestionPath(ChallengeQuestion challengeQuestion) {
        return getQuestionSetPath(challengeQuestion.getQuestionSetId()) + "/" + challengeQuestion.getQuestionId();
    }

    private String getQuestionSetPath(String str) {
        return "/identity/questionCollection/" + Utils.getChallengeSetDirFromUri(str);
    }

    private void validateSecurityQuestionDuplicate(UserChallengeAnswer[] userChallengeAnswerArr) throws IdentityRecoveryException {
        HashSet hashSet = new HashSet();
        for (UserChallengeAnswer userChallengeAnswer : userChallengeAnswerArr) {
            ChallengeQuestion question = userChallengeAnswer.getQuestion();
            if (question == null) {
                throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CHALLENGE_QUESTION_NOT_FOUND, "Challenge question details not provided with the challenge answers.");
            }
            if (hashSet.contains(question.getQuestionSetId())) {
                log.error(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_DUPLICATE_ANSWERS.getMessage());
                throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_DUPLICATE_ANSWERS, null);
            }
            hashSet.add(question.getQuestionSetId());
        }
    }

    private void checkChallengeQuestionExists(UserChallengeAnswer[] userChallengeAnswerArr, String str) throws IdentityRecoveryException {
        for (UserChallengeAnswer userChallengeAnswer : userChallengeAnswerArr) {
            ChallengeQuestion question = userChallengeAnswer.getQuestion();
            if (question == null) {
                Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CHALLENG_ANSWER_MISSING, null);
            }
            if (StringUtils.isBlank(question.getQuestion())) {
                Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_CHALLENGE_QUESTION_VALUE, null);
            }
            boolean z = false;
            for (ChallengeQuestion challengeQuestion : getAllChallengeQuestions(str, validateLocale(question.getLocale()))) {
                if (StringUtils.equals(challengeQuestion.getQuestionSetId(), question.getQuestionSetId().trim()) && StringUtils.equals(challengeQuestion.getQuestion().trim(), question.getQuestion().trim())) {
                    z = true;
                }
            }
            if (!z) {
                throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CHALLENGE_QUESTION_NOT_FOUND, String.format("Error persisting user challenge answers for user. Challenge question answered is not registered with %s domain.", str));
            }
        }
    }

    private String validateTenantDomain(String str) {
        return StringUtils.isBlank(str) ? "carbon.super" : str;
    }

    private String validateLocale(String str) throws IdentityRecoveryClientException {
        if (StringUtils.isBlank(str)) {
            str = IdentityRecoveryConstants.LOCALE_EN_US;
        }
        if (!str.matches(IdentityRecoveryConstants.Questions.BLACKLIST_REGEX)) {
            return str;
        }
        log.error("Invalid locale value provided : " + str);
        throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_LOCALE, str);
    }

    private void validateUser(User user) throws IdentityRecoveryClientException {
        if (user == null || StringUtils.isBlank(user.getUserName())) {
            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_USER, "Invalid User Data provided.");
        }
    }

    private void validateChallengeQuestionAttributes(ChallengeQuestion challengeQuestion) throws IdentityRecoveryClientException {
        String questionSetId = challengeQuestion.getQuestionSetId();
        String questionId = challengeQuestion.getQuestionId();
        String question = challengeQuestion.getQuestion();
        String locale = challengeQuestion.getLocale();
        if (StringUtils.isBlank(questionSetId) || StringUtils.isBlank(questionId) || StringUtils.isBlank(question) || StringUtils.isBlank(locale)) {
            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_CHALLENGE, null);
        }
        validateChallengePathParams(questionSetId, questionId);
    }

    private void validateChallengeQuestionMandatoryParams(ChallengeQuestion challengeQuestion) throws IdentityRecoveryClientException {
        String questionSetId = challengeQuestion.getQuestionSetId();
        String questionId = challengeQuestion.getQuestionId();
        if (StringUtils.isBlank(questionSetId) || StringUtils.isBlank(questionId)) {
            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_CHALLENGE, null);
        }
        validateChallengePathParams(questionSetId, questionId);
    }

    private void validateChallengePathParams(String str, String str2) throws IdentityRecoveryClientException {
        validateChallengeSetURI(str);
        validateChallengePathParam(str2, "QuestionId");
    }

    private void validateChallengeSetURI(String str) throws IdentityRecoveryClientException {
        validateChallengePathParam(Utils.getChallengeSetDirFromUri(str), "ChallengeSetId");
    }

    private void validateChallengePathParam(String str, String str2) throws IdentityRecoveryClientException {
        if (StringUtils.isBlank(str) || !StringUtils.isAlphanumeric(str)) {
            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_CHALLENGE_PATH, str2);
        }
    }

    private String getLocaleOfUser(User user, String str) throws IdentityRecoveryException {
        String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(user.getUserName());
        String str2 = IdentityRecoveryConstants.LOCALE_EN_US;
        try {
            String claimFromUserStoreManager = Utils.getClaimFromUserStoreManager(user, IdentityRecoveryConstants.Questions.LOCALE_CLAIM);
            if (StringUtils.isNotBlank(claimFromUserStoreManager)) {
                str2 = claimFromUserStoreManager;
            }
            return str2;
        } catch (UserStoreException e) {
            String format = String.format(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_ERROR_RETRIVING_CLAIM.getMessage(), tenantAwareUsername, str);
            log.error(format);
            throw ((IdentityRecoveryServerException) IdentityException.error(IdentityRecoveryServerException.class, IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_ERROR_RETRIVING_CLAIM.getCode(), format, e));
        }
    }
}
