package org.wso2.carbon.identity.oauth2.internal;

import java.util.HashSet;
import java.util.Iterator;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.InboundAuthenticationConfig;
import org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.mgt.listener.AbstractApplicationMgtListener;
import org.wso2.carbon.identity.oauth.IdentityOAuthAdminException;
import org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCache;
import org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheKey;
import org.wso2.carbon.identity.oauth.dao.OAuthAppDAO;
import org.wso2.carbon.identity.oauth.dao.OAuthConsumerDAO;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.dao.TokenMgtDAO;

/* loaded from: input_file:org/wso2/carbon/identity/oauth2/internal/OAuthApplicationMgtListener.class */
public class OAuthApplicationMgtListener extends AbstractApplicationMgtListener {
    public static final String OAUTH2 = "oauth2";
    public static final String OAUTH2_CONSUMER_SECRET = "oauthConsumerSecret";
    private static final String OAUTH = "oauth";

    public int getDefaultOrderId() {
        return 11;
    }

    public boolean doPreUpdateApplication(ServiceProvider serviceProvider, String str, String str2) throws IdentityApplicationManagementException {
        removeClientSecret(serviceProvider);
        return true;
    }

    public boolean doPostGetServiceProvider(ServiceProvider serviceProvider, String str, String str2) throws IdentityApplicationManagementException {
        addClientSecret(serviceProvider);
        return true;
    }

    public boolean doPostGetServiceProviderByClientId(ServiceProvider serviceProvider, String str, String str2, String str3) throws IdentityApplicationManagementException {
        addClientSecret(serviceProvider);
        return true;
    }

    public boolean doPostCreateApplication(ServiceProvider serviceProvider, String str, String str2) throws IdentityApplicationManagementException {
        addClientSecret(serviceProvider);
        return true;
    }

    public boolean doPostUpdateApplication(ServiceProvider serviceProvider, String str, String str2) throws IdentityApplicationManagementException {
        addClientSecret(serviceProvider);
        updateAuthApplication(serviceProvider);
        removeAccessTokensAndAuthCodeFromCache(serviceProvider, str, str2);
        return true;
    }

    public boolean doPostGetApplicationExcludingFileBasedSPs(ServiceProvider serviceProvider, String str, String str2) throws IdentityApplicationManagementException {
        addClientSecret(serviceProvider);
        return true;
    }

    private void removeClientSecret(ServiceProvider serviceProvider) {
        InboundAuthenticationRequestConfig[] inboundAuthenticationRequestConfigs;
        InboundAuthenticationConfig inboundAuthenticationConfig = serviceProvider.getInboundAuthenticationConfig();
        if (inboundAuthenticationConfig == null || (inboundAuthenticationRequestConfigs = inboundAuthenticationConfig.getInboundAuthenticationRequestConfigs()) == null) {
            return;
        }
        for (InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig : inboundAuthenticationRequestConfigs) {
            if (inboundAuthenticationRequestConfig.getInboundAuthType().equals("oauth2")) {
                Property[] properties = inboundAuthenticationRequestConfig.getProperties();
                for (Property property : properties) {
                    if (property.getName().equalsIgnoreCase(OAUTH2_CONSUMER_SECRET)) {
                        properties = (Property[]) ArrayUtils.removeElement(properties, property);
                        inboundAuthenticationRequestConfig.setProperties(properties);
                    }
                }
            }
        }
    }

    private void addClientSecret(ServiceProvider serviceProvider) throws IdentityApplicationManagementException {
        InboundAuthenticationRequestConfig[] inboundAuthenticationRequestConfigs;
        if (serviceProvider == null) {
            return;
        }
        try {
            InboundAuthenticationConfig inboundAuthenticationConfig = serviceProvider.getInboundAuthenticationConfig();
            if (inboundAuthenticationConfig != null && (inboundAuthenticationRequestConfigs = inboundAuthenticationConfig.getInboundAuthenticationRequestConfigs()) != null) {
                for (InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig : inboundAuthenticationRequestConfigs) {
                    if (inboundAuthenticationRequestConfig.getInboundAuthType().equals("oauth2")) {
                        Property[] properties = inboundAuthenticationRequestConfig.getProperties();
                        Property property = new Property();
                        property.setName(OAUTH2_CONSUMER_SECRET);
                        property.setValue(getClientSecret(inboundAuthenticationRequestConfig.getInboundAuthKey()));
                        inboundAuthenticationRequestConfig.setProperties((Property[]) ArrayUtils.add(properties, property));
                    }
                }
            }
        } catch (IdentityOAuthAdminException e) {
            throw new IdentityApplicationManagementException("Injecting client secret failed.", e);
        }
    }

    private String getClientSecret(String str) throws IdentityOAuthAdminException {
        return new OAuthConsumerDAO().getOAuthConsumerSecret(str);
    }

    private void updateAuthApplication(ServiceProvider serviceProvider) throws IdentityApplicationManagementException {
        InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig = null;
        if (serviceProvider.getInboundAuthenticationConfig() != null && serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs() != null) {
            for (InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig2 : serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs()) {
                if (StringUtils.equals(inboundAuthenticationRequestConfig2.getInboundAuthType(), OAUTH) || StringUtils.equals(inboundAuthenticationRequestConfig2.getInboundAuthType(), "oauth2")) {
                    inboundAuthenticationRequestConfig = inboundAuthenticationRequestConfig2;
                    break;
                }
            }
        }
        if (inboundAuthenticationRequestConfig == null) {
            return;
        }
        new OAuthAppDAO().updateOAuthConsumerApp(serviceProvider.getApplicationName(), inboundAuthenticationRequestConfig.getInboundAuthKey());
    }

    private void removeAccessTokensAndAuthCodeFromCache(ServiceProvider serviceProvider, String str, String str2) throws IdentityApplicationManagementException {
        InboundAuthenticationRequestConfig[] inboundAuthenticationRequestConfigs;
        TokenMgtDAO tokenMgtDAO = new TokenMgtDAO();
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        HashSet<String> hashSet3 = new HashSet();
        try {
            InboundAuthenticationConfig inboundAuthenticationConfig = serviceProvider.getInboundAuthenticationConfig();
            if (inboundAuthenticationConfig != null && (inboundAuthenticationRequestConfigs = inboundAuthenticationConfig.getInboundAuthenticationRequestConfigs()) != null) {
                for (InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig : inboundAuthenticationRequestConfigs) {
                    if (StringUtils.equals("oauth2", inboundAuthenticationRequestConfig.getInboundAuthType()) || StringUtils.equals(inboundAuthenticationRequestConfig.getInboundAuthType(), OAUTH)) {
                        hashSet3.add(inboundAuthenticationRequestConfig.getInboundAuthKey());
                    }
                }
            }
            if (hashSet3.size() > 0) {
                for (String str3 : hashSet3) {
                    hashSet.addAll(tokenMgtDAO.getActiveTokensForConsumerKey(str3));
                    hashSet2.addAll(tokenMgtDAO.getAuthorizationCodesForConsumerKey(str3));
                }
            }
            if (hashSet.size() > 0) {
                Iterator it = hashSet.iterator();
                while (it.hasNext()) {
                    AuthorizationGrantCacheKey authorizationGrantCacheKey = new AuthorizationGrantCacheKey((String) it.next());
                    if (AuthorizationGrantCache.getInstance().getValueFromCacheByToken(authorizationGrantCacheKey) != null) {
                        AuthorizationGrantCache.getInstance().clearCacheEntryByToken(authorizationGrantCacheKey);
                    }
                }
            }
            if (hashSet2.size() > 0) {
                Iterator it2 = hashSet2.iterator();
                while (it2.hasNext()) {
                    AuthorizationGrantCacheKey authorizationGrantCacheKey2 = new AuthorizationGrantCacheKey((String) it2.next());
                    if (AuthorizationGrantCache.getInstance().getValueFromCacheByToken(authorizationGrantCacheKey2) != null) {
                        AuthorizationGrantCache.getInstance().clearCacheEntryByCode(authorizationGrantCacheKey2);
                    }
                }
            }
        } catch (IdentityOAuth2Exception e) {
            throw new IdentityApplicationManagementException("Error occurred when removing oauth cache entries upon service provider update. ", e);
        }
    }
}
