package org.wso2.carbon.identity.application.authentication.endpoint.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.StringReader;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Properties;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathFactory;
import org.apache.axiom.om.util.Base64;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.wso2.securevault.SecretResolver;
import org.wso2.securevault.SecretResolverFactory;
import org.xml.sax.InputSource;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/endpoint/util/TenantDataManager.class */
public class TenantDataManager {
    private static final String USERNAME = "mutual.ssl.username";
    private static final String USERNAME_HEADER = "username.header";
    private static final String HOST = "identity.server.host";
    private static final String PORT = "identity.server.port";
    private static final String CLIENT_KEY_STORE = "client.keyStore";
    private static final String CLIENT_TRUST_STORE = "client.trustStore";
    private static final String CLIENT_KEY_STORE_PASSWORD = "Carbon.Security.KeyStore.Password";
    private static final String CLIENT_TRUST_STORE_PASSWORD = "Carbon.Security.TrustStore.Password";
    private static final String HOSTNAME_VERIFICATION_ENABLED = "hostname.verification.enabled";
    private static final String KEY_MANAGER_TYPE = "key.manager.type";
    private static final String TRUST_MANAGER_TYPE = "trust.manager.type";
    private static final String TENANT_LIST_ENABLED = "tenantListEnabled";
    private static final String HTTPS_URL = "https://";
    private static final String TENANT_MGT_ADMIN_SERVICE_URL = "/services/TenantMgtAdminService/retrieveTenants";
    private static final String COLON = ":";
    private static final String RETURN = "return";
    private static final String RETRIEVE_TENANTS_RESPONSE = "retrieveTenantsResponse";
    private static final String TENANT_DOMAIN = "tenantDomain";
    private static final String ACTIVE = "active";
    private static final String TENANT_DATA_SEPARATOR = ",";
    private static final String RELATIVE_PATH_START_CHAR = ".";
    private static final String CHARACTER_ENCODING = "UTF-8";
    private static final String CONFIG_RELATIVE_PATH = "./repository/conf/TenantConfig.properties";
    private static final String CONFIG_FILE_NAME = "TenantConfig.properties";
    private static Properties prop;
    private static String serviceURL;
    private static final Log log = LogFactory.getLog(TenantDataManager.class);
    private static String carbonLogin = "";
    private static String usernameHeaderName = "";
    private static List<String> tenantDomainList = new ArrayList();
    private static boolean initialized = false;
    private static boolean initAttempted = false;

    private TenantDataManager() {
    }

    public static synchronized void init() {
        InputStream inputStream = null;
        initAttempted = true;
        try {
            try {
                if (!initialized) {
                    prop = new Properties();
                    File file = new File(buildFilePath(CONFIG_RELATIVE_PATH));
                    if (file.exists()) {
                        log.info("TenantConfig.properties file loaded from ./repository/conf/TenantConfig.properties");
                        inputStream = new FileInputStream(file);
                        prop.load(inputStream);
                        resolveSecrets(prop);
                    } else {
                        log.info("TenantConfig.properties file loaded from authentication endpoint webapp");
                        inputStream = TenantDataManager.class.getClassLoader().getResourceAsStream(CONFIG_FILE_NAME);
                        prop.load(inputStream);
                    }
                    usernameHeaderName = getPropertyValue(USERNAME_HEADER);
                    carbonLogin = getPropertyValue(USERNAME);
                    carbonLogin = Base64.encode(carbonLogin.getBytes(CHARACTER_ENCODING));
                    String buildFilePath = buildFilePath(getPropertyValue(CLIENT_KEY_STORE));
                    String buildFilePath2 = buildFilePath(getPropertyValue(CLIENT_TRUST_STORE));
                    if (StringUtils.isNotEmpty(getPropertyValue(KEY_MANAGER_TYPE))) {
                        TenantMgtAdminServiceClient.setKeyManagerType(getPropertyValue(KEY_MANAGER_TYPE));
                    }
                    if (StringUtils.isNotEmpty(getPropertyValue(TRUST_MANAGER_TYPE))) {
                        TenantMgtAdminServiceClient.setTrustManagerType(getPropertyValue(TRUST_MANAGER_TYPE));
                    }
                    TenantMgtAdminServiceClient.loadKeyStore(buildFilePath, getPropertyValue(CLIENT_KEY_STORE_PASSWORD));
                    TenantMgtAdminServiceClient.loadTrustStore(buildFilePath2, getPropertyValue(CLIENT_TRUST_STORE_PASSWORD));
                    TenantMgtAdminServiceClient.initMutualSSLConnection(Boolean.parseBoolean(getPropertyValue(HOSTNAME_VERIFICATION_ENABLED)));
                    serviceURL = HTTPS_URL + getPropertyValue(HOST) + COLON + getPropertyValue(PORT) + TENANT_MGT_ADMIN_SERVICE_URL;
                    initialized = true;
                }
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                        log.error("Failed to close the FileInputStream, file : TenantConfig.properties", e);
                    }
                }
            } catch (Throwable th) {
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e2) {
                        log.error("Failed to close the FileInputStream, file : TenantConfig.properties", e2);
                    }
                }
                throw th;
            }
        } catch (IOException | AuthenticationException e3) {
            log.error("Initialization failed : ", e3);
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e4) {
                    log.error("Failed to close the FileInputStream, file : TenantConfig.properties", e4);
                }
            }
        }
    }

    private static String buildFilePath(String str) throws IOException {
        if (StringUtils.isNotEmpty(str) && str.startsWith(RELATIVE_PATH_START_CHAR)) {
            str = new File(new File(RELATIVE_PATH_START_CHAR).getAbsolutePath()).getCanonicalPath() + File.separator + str;
        }
        if (log.isDebugEnabled()) {
            log.debug("File path for KeyStore/TrustStore : " + str);
        }
        return str;
    }

    private static String getPropertyValue(String str) {
        return prop.getProperty(str);
    }

    private static String getServiceResponse(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put(usernameHeaderName, carbonLogin);
        return TenantMgtAdminServiceClient.sendPostRequest(str, null, hashMap);
    }

    public static List<String> getAllActiveTenantDomains() {
        if (initialized && tenantDomainList.isEmpty()) {
            refreshActiveTenantDomainsList();
        }
        return tenantDomainList;
    }

    public static void setTenantDataList(String str) {
        if (!initialized) {
            if (log.isDebugEnabled()) {
                log.debug("Tenant domains list not set as TenantDataManager is not initialized.");
            }
        } else {
            if (!StringUtils.isNotEmpty(str)) {
                tenantDomainList.clear();
                return;
            }
            synchronized (tenantDomainList) {
                String[] split = str.split(TENANT_DATA_SEPARATOR);
                tenantDomainList.clear();
                Collections.addAll(tenantDomainList, split);
                Collections.sort(tenantDomainList);
            }
        }
    }

    private static void refreshActiveTenantDomainsList() {
        try {
            String serviceResponse = getServiceResponse(serviceURL);
            if (StringUtils.isNotEmpty(serviceResponse)) {
                NodeList nodeList = (NodeList) XPathFactory.newInstance().newXPath().evaluate("/*[local-name() = 'retrieveTenantsResponse']/*[local-name() = 'return']", new InputSource(new StringReader(serviceResponse)), XPathConstants.NODESET);
                tenantDomainList.clear();
                for (int i = 0; i < nodeList.getLength(); i++) {
                    Node item = nodeList.item(i);
                    if (item != null && item.getNodeType() == 1) {
                        NodeList childNodes = ((Element) item).getChildNodes();
                        boolean z = false;
                        boolean z2 = false;
                        boolean z3 = false;
                        String str = null;
                        int i2 = 0;
                        while (true) {
                            if (i2 < childNodes.getLength()) {
                                Node item2 = childNodes.item(i2);
                                String localName = item2.getLocalName();
                                if (ACTIVE.equals(localName)) {
                                    z = true;
                                    if (Boolean.parseBoolean(item2.getTextContent())) {
                                        z3 = true;
                                    }
                                }
                                if (TENANT_DOMAIN.equals(localName)) {
                                    z2 = true;
                                    str = item2.getTextContent();
                                }
                                if (!z || !z2) {
                                    i2++;
                                } else if (z3) {
                                    tenantDomainList.add(str);
                                    if (log.isDebugEnabled()) {
                                        log.debug(str + " is active and added to the dropdown list");
                                    }
                                } else if (log.isDebugEnabled()) {
                                    log.debug(str + " is inactive and not added to the dropdown list");
                                }
                            }
                        }
                    }
                }
                Collections.sort(tenantDomainList);
            }
        } catch (Exception e) {
            log.error("Retrieving list of active tenant domains failed. Ignore this if there are no tenants : ", e);
        }
    }

    public static boolean isTenantListEnabled() {
        if (!initAttempted && !initialized) {
            init();
        }
        return Boolean.parseBoolean(getPropertyValue(TENANT_LIST_ENABLED));
    }

    private static void resolveSecrets(Properties properties) {
        SecretResolver create = SecretResolverFactory.create(properties);
        Enumeration<?> propertyNames = properties.propertyNames();
        if (create == null || !create.isInitialized()) {
            log.warn("Secret Resolver is not present. Will not resolve encryptions in ./repository/conf/TenantConfig.properties file");
            return;
        }
        while (propertyNames.hasMoreElements()) {
            String str = (String) propertyNames.nextElement();
            if (create.isTokenProtected(str)) {
                if (log.isDebugEnabled()) {
                    log.debug("Resolving and replacing secret for " + str);
                }
                properties.put(str, create.resolve(str));
            } else if (log.isDebugEnabled()) {
                log.debug("No encryption done for value with key :" + str);
            }
        }
    }
}
