package org.wso2.carbon.identity.account.lock.handler;

import java.util.Dictionary;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.account.lock.constants.AccountLockConstants;
import org.wso2.carbon.identity.account.lock.internal.IdentityAccountLockServiceDataHolder;
import org.wso2.carbon.identity.base.IdentityRuntimeException;
import org.wso2.carbon.identity.core.handler.InitConfig;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.event.EventMgtException;
import org.wso2.carbon.identity.event.event.Event;
import org.wso2.carbon.identity.event.handler.AbstractEventHandler;
import org.wso2.carbon.identity.governance.IdentityGovernanceException;
import org.wso2.carbon.identity.governance.common.IdentityGovernanceConnector;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/identity/account/lock/handler/AccountLockHandler.class */
public class AccountLockHandler extends AbstractEventHandler implements IdentityGovernanceConnector {
    private static final Log log = LogFactory.getLog(AccountLockHandler.class);
    private static ThreadLocal<String> lockedState = new ThreadLocal<>();

    /* loaded from: input_file:org/wso2/carbon/identity/account/lock/handler/AccountLockHandler$lockedStates.class */
    private enum lockedStates {
        LOCKED,
        UNLOCKED,
        NO_CHANGE
    }

    public String getName() {
        return "accountLock";
    }

    public String getFriendlyName() {
        return "Account Locking";
    }

    public boolean handleEvent(Event event) throws EventMgtException {
        Map eventProperties = event.getEventProperties();
        String str = (String) eventProperties.get("user-name");
        UserStoreManager userStoreManager = (UserStoreManager) eventProperties.get("userStoreManager");
        try {
            Map configuration = IdentityAccountLockServiceDataHolder.getInstance().getIdentityGovernanceService().getConfiguration(getPropertyNames(), (String) eventProperties.get("tenant-domain"));
            IdentityUtil.clearIdentityErrorMsg();
            if (!Boolean.parseBoolean((String) configuration.get(AccountLockConstants.ACCOUNT_LOCKED_PROPERTY))) {
                return true;
            }
            try {
                boolean isExistingUser = userStoreManager.isExistingUser(UserCoreUtil.addDomainToName(str, userStoreManager.getRealmConfiguration().getUserStoreProperty("DomainName")));
                if ("PRE_AUTHENTICATION".equals(event.getEventName())) {
                    if (!isExistingUser) {
                        return true;
                    }
                    try {
                        if (Boolean.parseBoolean(userStoreManager.getUserClaimValue(str, AccountLockConstants.ACCOUNT_LOCKED_CLAIM, (String) null))) {
                            long parseLong = Long.parseLong(userStoreManager.getUserClaimValue(str, AccountLockConstants.ACCOUNT_UNLOCK_TIME_CLAIM, (String) null));
                            if (parseLong == 0 || System.currentTimeMillis() < parseLong) {
                                throw new EventMgtException("17003 " + ("User account is locked for user : " + str + ". cannot login until the account is unlocked "));
                            }
                            HashMap hashMap = new HashMap();
                            hashMap.put(AccountLockConstants.ACCOUNT_LOCKED_CLAIM, Boolean.FALSE.toString());
                            hashMap.put(AccountLockConstants.ACCOUNT_UNLOCK_TIME_CLAIM, "0");
                            userStoreManager.setUserClaimValues(str, hashMap, (String) null);
                        }
                        return true;
                    } catch (UserStoreException e) {
                        throw new EventMgtException("Error while retrieving account lock claim value", e);
                    }
                }
                if (!"POST_AUTHENTICATION".equals(event.getEventName())) {
                    if (!"PRE_SET_USER_CLAIMS".equals(event.getEventName())) {
                        if (!"POST_SET_USER_CLAIMS".equals(event.getEventName())) {
                            return true;
                        }
                        if (lockedStates.UNLOCKED.toString().equals(lockedState.get())) {
                            triggerNotification(str, AccountLockConstants.EMAIL_TEMPLATE_TYPE_ACC_UNLOCKED);
                        } else if (lockedStates.LOCKED.toString().equals(lockedState.get())) {
                            triggerNotification(str, AccountLockConstants.EMAIL_TEMPLATE_TYPE_ACC_LOCKED);
                        }
                        lockedState.remove();
                        return true;
                    }
                    if (lockedState.get() != null) {
                        return true;
                    }
                    try {
                        Boolean valueOf = Boolean.valueOf(Boolean.parseBoolean(userStoreManager.getUserClaimValue(str, AccountLockConstants.ACCOUNT_LOCKED_CLAIM, (String) null)));
                        if (valueOf == Boolean.valueOf(Boolean.parseBoolean((String) ((Map) event.getEventProperties().get("USER_CLAIMS")).get(AccountLockConstants.ACCOUNT_LOCKED_CLAIM)))) {
                            lockedState.set(lockedStates.NO_CHANGE.toString());
                        } else if (valueOf.booleanValue()) {
                            lockedState.set(lockedStates.UNLOCKED.toString());
                        } else {
                            lockedState.set(lockedStates.LOCKED.toString());
                        }
                        return true;
                    } catch (UserStoreException e2) {
                        e2.printStackTrace();
                        return true;
                    }
                }
                if (((Boolean) eventProperties.get("OPERATION_STATUS")).booleanValue()) {
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put(AccountLockConstants.FAILED_LOGIN_ATTEMPTS_CLAIM, "0");
                    hashMap2.put(AccountLockConstants.ACCOUNT_UNLOCK_TIME_CLAIM, "0");
                    hashMap2.put(AccountLockConstants.ACCOUNT_LOCKED_CLAIM, Boolean.FALSE.toString());
                    try {
                        userStoreManager.setUserClaimValues(str, hashMap2, (String) null);
                        return true;
                    } catch (UserStoreException e3) {
                        throw new EventMgtException("Error while setting up user identity claims.", e3);
                    }
                }
                try {
                    String userClaimValue = userStoreManager.getUserClaimValue(str, AccountLockConstants.FAILED_LOGIN_ATTEMPTS_CLAIM, (String) null);
                    if (userClaimValue == null) {
                        userClaimValue = "0";
                    }
                    int parseInt = Integer.parseInt(userClaimValue) + 1;
                    HashMap hashMap3 = new HashMap();
                    hashMap3.put(AccountLockConstants.FAILED_LOGIN_ATTEMPTS_CLAIM, parseInt + "");
                    if (parseInt >= Integer.parseInt((String) configuration.get(AccountLockConstants.FAILED_LOGIN_ATTEMPTS_PROPERTY))) {
                        hashMap3.put(AccountLockConstants.ACCOUNT_LOCKED_CLAIM, "true");
                        String str2 = (String) configuration.get(AccountLockConstants.ACCOUNT_UNLOCK_TIME_PROPERTY);
                        if (!"0".equals(str2) && str2 != null) {
                            hashMap3.put(AccountLockConstants.ACCOUNT_UNLOCK_TIME_CLAIM, (System.currentTimeMillis() + (Integer.parseInt(str2) * 60 * 1000)) + "");
                        }
                    }
                    userStoreManager.setUserClaimValues(str, hashMap3, (String) null);
                    return true;
                } catch (UserStoreException e4) {
                    throw new EventMgtException("Error while locking account.", e4);
                }
            } catch (UserStoreException e5) {
                throw new EventMgtException("Error in accessing user store");
            }
        } catch (IdentityGovernanceException e6) {
            throw new EventMgtException("Error while retrieving account lock handler properties.", e6);
        }
    }

    public void init(InitConfig initConfig) throws IdentityRuntimeException {
        super.init(initConfig);
        IdentityAccountLockServiceDataHolder.getInstance().getBundleContext().registerService(IdentityGovernanceConnector.class.getName(), this, (Dictionary) null);
    }

    public String[] getPropertyNames() {
        return (String[]) this.properties.keySet().toArray(new String[this.properties.keySet().size()]);
    }

    public Properties getDefaultPropertyValues(String str) throws IdentityGovernanceException {
        return this.properties;
    }

    public Map<String, String> getDefaultPropertyValues(String[] strArr, String str) throws IdentityGovernanceException {
        return null;
    }

    private void triggerNotification(String str, String str2) throws EventMgtException {
        HashMap hashMap = new HashMap();
        hashMap.put("user-name", str);
        hashMap.put("tenant-domain", PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain());
        hashMap.put("TEMPLATE_TYPE", str2);
        IdentityAccountLockServiceDataHolder.getInstance().getEventMgtService().handleEvent(new Event("TRIGGER_NOTIFICATION", hashMap));
    }
}
