package org.wso2.carbon.user.mgt.workflow.userstore;

import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.util.Arrays;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.core.util.CryptoException;
import org.wso2.carbon.core.util.CryptoUtil;
import org.wso2.carbon.identity.workflow.mgt.WorkflowService;
import org.wso2.carbon.identity.workflow.mgt.bean.Entity;
import org.wso2.carbon.identity.workflow.mgt.exception.InternalWorkflowException;
import org.wso2.carbon.identity.workflow.mgt.exception.WorkflowException;
import org.wso2.carbon.identity.workflow.mgt.extension.AbstractWorkflowRequestHandler;
import org.wso2.carbon.identity.workflow.mgt.util.WorkflowRequestStatus;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.user.mgt.workflow.internal.IdentityWorkflowDataHolder;

/* loaded from: input_file:org/wso2/carbon/user/mgt/workflow/userstore/AddUserWFRequestHandler.class */
public class AddUserWFRequestHandler extends AbstractWorkflowRequestHandler {
    private static final String FRIENDLY_NAME = "Add User";
    private static final String FRIENDLY_DESCRIPTION = "Triggered when a new user is created.";
    private static final String USERNAME = "Username";
    private static final String USER_STORE_DOMAIN = "User Store Domain";
    private static final String CREDENTIAL = "Credential";
    private static final String ROLE_LIST = "Roles";
    private static final String CLAIM_LIST = "Claims";
    private static final String PROFILE = "Profile";
    private static Log log = LogFactory.getLog(AddUserWFRequestHandler.class);
    private static final Map<String, String> PARAM_DEFINITION = new LinkedHashMap();

    public boolean startAddUserFlow(String str, String str2, Object obj, String[] strArr, Map<String, String> map, String str3) throws WorkflowException {
        WorkflowService workflowService = IdentityWorkflowDataHolder.getInstance().getWorkflowService();
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        if (strArr == null) {
            strArr = new String[0];
        }
        if (map == null) {
            map = new HashMap();
        }
        int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
        String addDomainToName = UserCoreUtil.addDomainToName(str2, str);
        try {
            if (log.isDebugEnabled()) {
                log.debug("Encrypting the password of user  " + str2);
            }
            String encryptAndBase64Encode = CryptoUtil.getDefaultCryptoUtil().encryptAndBase64Encode(obj.toString().getBytes(Charset.forName("UTF-8")));
            hashMap.put(USERNAME, str2);
            hashMap.put(USER_STORE_DOMAIN, str);
            hashMap.put(ROLE_LIST, Arrays.asList(strArr));
            hashMap.put(CLAIM_LIST, map);
            hashMap.put(PROFILE, str3);
            hashMap2.put(CREDENTIAL, encryptAndBase64Encode);
            String uuid = UUID.randomUUID().toString();
            Entity[] entityArr = new Entity[strArr.length + 1];
            entityArr[0] = new Entity(addDomainToName, UserStoreWFConstants.ENTITY_TYPE_USER, tenantId);
            for (int i = 0; i < strArr.length; i++) {
                entityArr[i + 1] = new Entity(UserCoreUtil.addDomainToName(strArr[i], str), UserStoreWFConstants.ENTITY_TYPE_ROLE, tenantId);
            }
            if (!Boolean.TRUE.equals(getWorkFlowCompleted()) && !isValidOperation(entityArr)) {
                throw new WorkflowException("Operation is not valid.");
            }
            boolean startWorkFlow = startWorkFlow(hashMap, hashMap2, uuid);
            if (!Boolean.TRUE.equals(getWorkFlowCompleted()) && !startWorkFlow) {
                try {
                    workflowService.addRequestEntityRelationships(uuid, entityArr);
                } catch (InternalWorkflowException e) {
                    if (log.isDebugEnabled()) {
                        log.debug("No workflow associated with the operation.", e);
                    }
                }
            }
            return startWorkFlow;
        } catch (CryptoException e2) {
            throw new WorkflowException("Error while encrypting the Credential for User Name " + str2, e2);
        }
    }

    public String getEventId() {
        return UserStoreWFConstants.ADD_USER_EVENT;
    }

    public Map<String, String> getParamDefinitions() {
        return PARAM_DEFINITION;
    }

    public String getFriendlyName() {
        return FRIENDLY_NAME;
    }

    public String getDescription() {
        return FRIENDLY_DESCRIPTION;
    }

    public String getCategory() {
        return UserStoreWFConstants.CATEGORY_USERSTORE_OPERATIONS;
    }

    public boolean retryNeedAtCallback() {
        return true;
    }

    public void onWorkflowCompletion(String str, Map<String, Object> map, Map<String, Object> map2, int i) throws WorkflowException {
        Object obj = map.get(USERNAME);
        Object obj2 = map.get(CREDENTIAL);
        if (obj == null || !(obj instanceof String)) {
            throw new WorkflowException("Callback request for Add User received without the mandatory parameter 'username'");
        }
        String str2 = (String) map.get(USER_STORE_DOMAIN);
        String str3 = StringUtils.isNotBlank(str2) ? str2 + "/" + obj : (String) obj;
        try {
            if (log.isDebugEnabled()) {
                log.debug("Decrypting the password of user  " + str3);
            }
            String str4 = new String(CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(obj2.toString()), "UTF-8");
            List list = (List) map.get(ROLE_LIST);
            String[] strArr = list != null ? (String[]) list.toArray(new String[list.size()]) : new String[0];
            Map map3 = (Map) map.get(CLAIM_LIST);
            String str5 = (String) map.get(PROFILE);
            if (WorkflowRequestStatus.APPROVED.toString().equals(str) || WorkflowRequestStatus.SKIPPED.toString().equals(str)) {
                try {
                    IdentityWorkflowDataHolder.getInstance().getRealmService().getTenantUserRealm(i).getUserStoreManager().addUser(str3, str4, strArr, map3, str5);
                } catch (UserStoreException e) {
                    throw new WorkflowException("Error when re-requesting addUser operation for " + str3, e);
                }
            } else {
                if (retryNeedAtCallback()) {
                    unsetWorkFlowCompleted();
                }
                if (log.isDebugEnabled()) {
                    log.debug("Adding user is aborted for user '" + str3 + "', Reason: Workflow response was " + str);
                }
            }
        } catch (CryptoException | UnsupportedEncodingException e2) {
            throw new WorkflowException("Error while decrypting the Credential for user " + str3, e2);
        }
    }

    public boolean isValidOperation(Entity[] entityArr) throws WorkflowException {
        WorkflowService workflowService = IdentityWorkflowDataHolder.getInstance().getWorkflowService();
        for (int i = 0; i < entityArr.length; i++) {
            try {
                if (entityArr[i].getEntityType() == UserStoreWFConstants.ENTITY_TYPE_USER && workflowService.entityHasPendingWorkflowsOfType(entityArr[i], UserStoreWFConstants.ADD_USER_EVENT)) {
                    throw new WorkflowException("Username already exists in the system. Please pick another username.");
                }
                if (workflowService.eventEngagedWithWorkflows(UserStoreWFConstants.ADD_USER_EVENT) && entityArr[i].getEntityType() == UserStoreWFConstants.ENTITY_TYPE_ROLE && (workflowService.entityHasPendingWorkflowsOfType(entityArr[i], UserStoreWFConstants.DELETE_ROLE_EVENT) || workflowService.entityHasPendingWorkflowsOfType(entityArr[i], UserStoreWFConstants.UPDATE_ROLE_NAME_EVENT))) {
                    throw new WorkflowException("One or more roles assigned has pending workflows which blocks this operation.");
                }
            } catch (InternalWorkflowException e) {
                throw new WorkflowException(e.getMessage(), e);
            }
        }
        return true;
    }

    static {
        PARAM_DEFINITION.put(USERNAME, "STRING");
        PARAM_DEFINITION.put(USER_STORE_DOMAIN, "STRING");
        PARAM_DEFINITION.put(PROFILE, "STRING");
        PARAM_DEFINITION.put(ROLE_LIST, "STRING_LIST");
        PARAM_DEFINITION.put(CLAIM_LIST, "STRING_STRING_MAP");
    }
}
