package org.wso2.carbon.identity.application.mgt;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.axis2.AxisFault;
import org.apache.axis2.description.Parameter;
import org.apache.axis2.engine.AxisConfiguration;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.rahas.impl.SAMLTokenIssuerConfig;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.ApplicationBasicInfo;
import org.wso2.carbon.identity.application.common.model.ApplicationPermission;
import org.wso2.carbon.identity.application.common.model.IdentityProvider;
import org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig;
import org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig;
import org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.mgt.cache.IdentityServiceProviderCache;
import org.wso2.carbon.identity.application.mgt.cache.IdentityServiceProviderCacheKey;
import org.wso2.carbon.identity.application.mgt.dao.ApplicationDAO;
import org.wso2.carbon.identity.application.mgt.dao.impl.IdentityProviderDAOImpl;
import org.wso2.carbon.identity.application.mgt.internal.ApplicationManagementServiceComponentHolder;
import org.wso2.carbon.identity.application.mgt.internal.ApplicationMgtListenerServiceComponent;
import org.wso2.carbon.identity.application.mgt.listener.ApplicationMgtListener;
import org.wso2.carbon.registry.api.RegistryException;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.Resource;
import org.wso2.carbon.security.SecurityConfigException;
import org.wso2.carbon.security.config.SecurityServiceAdmin;
import org.wso2.carbon.user.api.ClaimMapping;

/* loaded from: input_file:org/wso2/carbon/identity/application/mgt/ApplicationManagementServiceImpl.class */
public class ApplicationManagementServiceImpl extends ApplicationManagementService {
    private static Log log = LogFactory.getLog(ApplicationManagementServiceImpl.class);
    private static volatile ApplicationManagementServiceImpl appMgtService;

    private ApplicationManagementServiceImpl() {
    }

    public static ApplicationManagementServiceImpl getInstance() {
        if (appMgtService == null) {
            synchronized (ApplicationManagementServiceImpl.class) {
                if (appMgtService == null) {
                    appMgtService = new ApplicationManagementServiceImpl();
                }
            }
        }
        return appMgtService;
    }

    @Override // org.wso2.carbon.identity.application.mgt.ApplicationManagementService
    public int createApplication(ServiceProvider serviceProvider) throws IdentityApplicationManagementException {
        try {
            Iterator<ApplicationMgtListener> it = ApplicationMgtListenerServiceComponent.getListners().iterator();
            while (it.hasNext()) {
                it.next().createApplication(serviceProvider);
            }
            String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
            ApplicationMgtUtil.createAppRole(serviceProvider.getApplicationName());
            ApplicationDAO applicationDAO = ApplicationMgtSystemConfig.getInstance().getApplicationDAO();
            ApplicationMgtUtil.storePermission(serviceProvider.getApplicationName(), serviceProvider.getPermissionAndRoleConfig());
            return applicationDAO.createApplication(serviceProvider, tenantDomain);
        } catch (Exception e) {
            String str = "Error occurred while creating the application, " + serviceProvider.getApplicationName();
            log.error(str, e);
            throw new IdentityApplicationManagementException(str, e);
        }
    }

    @Override // org.wso2.carbon.identity.application.mgt.ApplicationManagementService
    public ServiceProvider getApplication(String str) throws IdentityApplicationManagementException {
        try {
            ServiceProvider application = ApplicationMgtSystemConfig.getInstance().getApplicationDAO().getApplication(str, CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
            List<ApplicationPermission> loadPermissions = ApplicationMgtUtil.loadPermissions(str);
            if (loadPermissions != null) {
                PermissionsAndRoleConfig permissionsAndRoleConfig = application.getPermissionAndRoleConfig() == null ? new PermissionsAndRoleConfig() : application.getPermissionAndRoleConfig();
                permissionsAndRoleConfig.setPermissions((ApplicationPermission[]) loadPermissions.toArray(new ApplicationPermission[loadPermissions.size()]));
                application.setPermissionAndRoleConfig(permissionsAndRoleConfig);
            }
            return application;
        } catch (Exception e) {
            String str2 = "Error occurred while retrieving the application, " + str;
            log.error(str2, e);
            throw new IdentityApplicationManagementException(str2, e);
        }
    }

    @Override // org.wso2.carbon.identity.application.mgt.ApplicationManagementService
    public ApplicationBasicInfo[] getAllApplicationBasicInfo() throws IdentityApplicationManagementException {
        try {
            return ApplicationMgtSystemConfig.getInstance().getApplicationDAO().getAllApplicationBasicInfo();
        } catch (Exception e) {
            log.error("Error occurred while retrieving the all applications", e);
            throw new IdentityApplicationManagementException("Error occurred while retrieving the all applications", e);
        }
    }

    @Override // org.wso2.carbon.identity.application.mgt.ApplicationManagementService
    public void updateApplication(ServiceProvider serviceProvider) throws IdentityApplicationManagementException {
        try {
            String str = null;
            int i = -1234;
            if (CarbonContext.getThreadLocalCarbonContext() != null) {
                str = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
                i = CarbonContext.getThreadLocalCarbonContext().getTenantId();
            }
            try {
                PrivilegedCarbonContext.startTenantFlow();
                PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
                threadLocalCarbonContext.setTenantId(-1234);
                threadLocalCarbonContext.setTenantDomain("carbon.super");
                IdentityServiceProviderCache.getInstance().clearCacheEntry(new IdentityServiceProviderCacheKey(str, serviceProvider.getApplicationName()));
                PrivilegedCarbonContext.endTenantFlow();
                if (str != null) {
                    PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(str);
                    PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(i);
                }
                Iterator<ApplicationMgtListener> it = ApplicationMgtListenerServiceComponent.getListners().iterator();
                while (it.hasNext()) {
                    it.next().updateApplication(serviceProvider);
                }
                if (!ApplicationConstants.LOCAL_SP.equals(serviceProvider.getApplicationName()) && !ApplicationMgtUtil.isUserAuthorized(serviceProvider.getApplicationName(), serviceProvider.getApplicationID())) {
                    log.warn("Illegal Access! User " + CarbonContext.getThreadLocalCarbonContext().getUsername() + " does not have access to the application " + serviceProvider.getApplicationName());
                    throw new IdentityApplicationManagementException("User not authorized");
                }
                ApplicationDAO applicationDAO = ApplicationMgtSystemConfig.getInstance().getApplicationDAO();
                String applicationName = applicationDAO.getApplicationName(serviceProvider.getApplicationID());
                applicationDAO.updateApplication(serviceProvider);
                ApplicationPermission[] permissions = serviceProvider.getPermissionAndRoleConfig().getPermissions();
                if (!applicationName.equals(serviceProvider.getApplicationName())) {
                    ApplicationMgtUtil.renameAppPermissionPathNode(applicationName, serviceProvider.getApplicationName());
                }
                if (permissions != null) {
                    ApplicationMgtUtil.updatePermissions(serviceProvider.getApplicationName(), permissions);
                }
            } catch (Throwable th) {
                PrivilegedCarbonContext.endTenantFlow();
                if (str != null) {
                    PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(str);
                    PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(i);
                }
                throw th;
            }
        } catch (Exception e) {
            log.error("Error occurred while updating the application", e);
            throw new IdentityApplicationManagementException("Error occurred while updating the application", e);
        }
    }

    @Override // org.wso2.carbon.identity.application.mgt.ApplicationManagementService
    public void deleteApplication(String str) throws IdentityApplicationManagementException {
        try {
            Iterator<ApplicationMgtListener> it = ApplicationMgtListenerServiceComponent.getListners().iterator();
            while (it.hasNext()) {
                it.next().deleteApplication(str);
            }
            if (!ApplicationMgtUtil.isUserAuthorized(str)) {
                log.warn("Illegal Access! User " + CarbonContext.getThreadLocalCarbonContext().getUsername() + " does not have access to the application " + str);
                throw new IdentityApplicationManagementException("User not authorized");
            }
            ApplicationDAO applicationDAO = ApplicationMgtSystemConfig.getInstance().getApplicationDAO();
            ServiceProvider application = applicationDAO.getApplication(str, CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
            applicationDAO.deleteApplication(str);
            ApplicationMgtUtil.deleteAppRole(str);
            ApplicationMgtUtil.deletePermissions(str);
            if (application != null && application.getInboundAuthenticationConfig() != null && application.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs() != null) {
                for (InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig : application.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs()) {
                    if (IdentityProviderDAOImpl.SAML_SSO.equalsIgnoreCase(inboundAuthenticationRequestConfig.getInboundAuthType()) && inboundAuthenticationRequestConfig.getInboundAuthKey() != null) {
                        ApplicationMgtSystemConfig.getInstance().getSAMLClientDAO().removeServiceProviderConfiguration(inboundAuthenticationRequestConfig.getInboundAuthKey());
                    } else if ("oauth2".equalsIgnoreCase(inboundAuthenticationRequestConfig.getInboundAuthType()) && inboundAuthenticationRequestConfig.getInboundAuthKey() != null) {
                        ApplicationMgtSystemConfig.getInstance().getOAuthOIDCClientDAO().removeOAuthApplication(inboundAuthenticationRequestConfig.getInboundAuthKey());
                    } else if ("wstrust".equalsIgnoreCase(inboundAuthenticationRequestConfig.getInboundAuthType()) && inboundAuthenticationRequestConfig.getInboundAuthKey() != null) {
                        try {
                            Parameter parameter = getAxisConfig().getService("wso2carbon-sts").getParameter(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG.getLocalPart());
                            if (parameter == null) {
                                throw new IdentityApplicationManagementException("missing parameter : " + SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG.getLocalPart());
                            }
                            SAMLTokenIssuerConfig sAMLTokenIssuerConfig = new SAMLTokenIssuerConfig(parameter.getParameterElement().getFirstChildWithName(SAMLTokenIssuerConfig.SAML_ISSUER_CONFIG));
                            sAMLTokenIssuerConfig.getTrustedServices().remove(inboundAuthenticationRequestConfig.getInboundAuthKey());
                            setSTSParameter(sAMLTokenIssuerConfig);
                            removeTrustedService("wso2carbon-sts", "wso2carbon-sts", inboundAuthenticationRequestConfig.getInboundAuthKey());
                        } catch (Exception e) {
                            log.error("Error while removing a trusted service", e);
                            throw new IdentityApplicationManagementException("Error while removing a trusted service", e);
                        }
                    }
                }
            }
        } catch (Exception e2) {
            log.error("Error occurred while deleting the application", e2);
            throw new IdentityApplicationManagementException("Error occurred while deleting the application", e2);
        }
    }

    @Override // org.wso2.carbon.identity.application.mgt.ApplicationManagementService
    public IdentityProvider getIdentityProvider(String str) throws IdentityApplicationManagementException {
        try {
            return ApplicationMgtSystemConfig.getInstance().getIdentityProviderDAO().getIdentityProvider(str);
        } catch (Exception e) {
            log.error("Error occurred while retrieving Identity Provider", e);
            throw new IdentityApplicationManagementException("Error occurred while retrieving Identity Provider", e);
        }
    }

    @Override // org.wso2.carbon.identity.application.mgt.ApplicationManagementService
    public IdentityProvider[] getAllIdentityProviders() throws IdentityApplicationManagementException {
        try {
            List<IdentityProvider> allIdentityProviders = ApplicationMgtSystemConfig.getInstance().getIdentityProviderDAO().getAllIdentityProviders();
            if (allIdentityProviders != null) {
                return (IdentityProvider[]) allIdentityProviders.toArray(new IdentityProvider[allIdentityProviders.size()]);
            }
            return null;
        } catch (Exception e) {
            log.error("Error occurred while retrieving all Identity Providers", e);
            throw new IdentityApplicationManagementException("Error occurred while retrieving all Identity Providers", e);
        }
    }

    @Override // org.wso2.carbon.identity.application.mgt.ApplicationManagementService
    public LocalAuthenticatorConfig[] getAllLocalAuthenticators() throws IdentityApplicationManagementException {
        try {
            List<LocalAuthenticatorConfig> allLocalAuthenticators = ApplicationMgtSystemConfig.getInstance().getIdentityProviderDAO().getAllLocalAuthenticators();
            if (allLocalAuthenticators != null) {
                return (LocalAuthenticatorConfig[]) allLocalAuthenticators.toArray(new LocalAuthenticatorConfig[allLocalAuthenticators.size()]);
            }
            return null;
        } catch (Exception e) {
            log.error("Error occurred while retrieving all Local Authenticators", e);
            throw new IdentityApplicationManagementException("Error occurred while retrieving all Local Authenticators", e);
        }
    }

    @Override // org.wso2.carbon.identity.application.mgt.ApplicationManagementService
    public RequestPathAuthenticatorConfig[] getAllRequestPathAuthenticators() throws IdentityApplicationManagementException {
        try {
            List<RequestPathAuthenticatorConfig> allRequestPathAuthenticators = ApplicationMgtSystemConfig.getInstance().getIdentityProviderDAO().getAllRequestPathAuthenticators();
            if (allRequestPathAuthenticators != null) {
                return (RequestPathAuthenticatorConfig[]) allRequestPathAuthenticators.toArray(new RequestPathAuthenticatorConfig[allRequestPathAuthenticators.size()]);
            }
            return null;
        } catch (Exception e) {
            log.error("Error occurred while retrieving all Request Path Authenticators", e);
            throw new IdentityApplicationManagementException("Error occurred while retrieving all Request Path Authenticators", e);
        }
    }

    @Override // org.wso2.carbon.identity.application.mgt.ApplicationManagementService
    public String[] getAllLocalClaimUris() throws IdentityApplicationManagementException {
        try {
            ClaimMapping[] allClaimMappings = CarbonContext.getThreadLocalCarbonContext().getUserRealm().getClaimManager().getAllClaimMappings(ApplicationMgtSystemConfig.getInstance().getClaimDialect());
            ArrayList arrayList = new ArrayList();
            for (ClaimMapping claimMapping : allClaimMappings) {
                arrayList.add(claimMapping.getClaim().getClaimUri());
            }
            return (String[]) arrayList.toArray(new String[arrayList.size()]);
        } catch (Exception e) {
            log.error("Error while reading system claims", e);
            throw new IdentityApplicationManagementException("Error while reading system claims", e);
        }
    }

    @Override // org.wso2.carbon.identity.application.mgt.ApplicationManagementService
    public String getServiceProviderNameByClientId(String str, String str2) throws IdentityApplicationManagementException {
        try {
            return ApplicationMgtSystemConfig.getInstance().getApplicationDAO().getServiceProviderNameByClientId(str, str2, CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
        } catch (Exception e) {
            String str3 = "Error occurred while retrieving the service provider for client id :  " + str;
            log.error(str3, e);
            throw new IdentityApplicationManagementException(str3, e);
        }
    }

    private void setSTSParameter(SAMLTokenIssuerConfig sAMLTokenIssuerConfig) throws AxisFault, RegistryException {
        new SecurityServiceAdmin(getAxisConfig(), getConfigSystemRegistry()).setServiceParameterElement("wso2carbon-sts", sAMLTokenIssuerConfig.getParameter());
    }

    private void removeTrustedService(String str, String str2, String str3) throws SecurityConfigException {
        try {
            String str4 = "/repository/axis2/service-groups/" + str + "/services/" + str2 + "/trustedServices";
            Registry configSystemRegistry = getConfigSystemRegistry();
            if (configSystemRegistry != null && configSystemRegistry.resourceExists(str4)) {
                Resource resource = configSystemRegistry.get(str4);
                if (resource.getProperty(str3) != null) {
                    resource.removeProperty(str3);
                }
                configSystemRegistry.put(str4, resource);
            }
        } catch (Exception e) {
            log.error("Error occurred while removing trusted service for STS", e);
            throw new SecurityConfigException("Error occurred while removing trusted service for STS", e);
        }
    }

    private AxisConfiguration getAxisConfig() {
        return ApplicationManagementServiceComponentHolder.getConfigContextService().getServerConfigContext().getAxisConfiguration();
    }

    private Registry getConfigSystemRegistry() throws RegistryException {
        return ApplicationManagementServiceComponentHolder.getRegistryService().getConfigSystemRegistry();
    }
}
