package org.wso2.carbon.identity.governance.listener;

import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.AbstractIdentityUserOperationEventListener;
import org.wso2.carbon.identity.core.model.IdentityErrorMsgContext;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.governance.model.UserIdentityClaim;
import org.wso2.carbon.identity.governance.store.UserIdentityDataStore;
import org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore;
import org.wso2.carbon.user.core.UserCoreConstants;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/identity/governance/listener/IdentityStoreEventListener.class */
public class IdentityStoreEventListener extends AbstractIdentityUserOperationEventListener {
    private static final Log log = LogFactory.getLog(IdentityStoreEventListener.class);
    private static final String PRE_SET_USER_CLAIM_VALUES = "PreSetUserClaimValues";
    private static final String PRE_USER_ADD_CLAIM_VALUES = "PreAddUserClaimValues";
    private static final String USER_OPERATION_EVENT_LISTENER_TYPE = "org.wso2.carbon.user.core.listener.UserOperationEventListener";
    private static final String DATA_STORE_PROPERTY_NAME = "Data.Store";
    private UserIdentityDataStore identityDataStore = (UserIdentityDataStore) Class.forName(IdentityUtil.readEventListenerProperty(USER_OPERATION_EVENT_LISTENER_TYPE, getClass().getName()).getProperties().get(DATA_STORE_PROPERTY_NAME).toString().trim()).newInstance();
    private static final String INVALID_OPERATION = "InvalidOperation";
    private static final String USER_IDENTITY_CLAIMS = "UserIdentityClaims";

    public int getExecutionOrderId() {
        int orderId = getOrderId();
        if (orderId != -1) {
            return orderId;
        }
        return 100;
    }

    public boolean doPreAddUser(String str, Object obj, String[] strArr, Map<String, String> map, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        if (!isEnable()) {
            return true;
        }
        if (log.isDebugEnabled()) {
            log.debug("doPreAddUser executed in the IdentityStoreEventListener for user: " + str);
        }
        ((Map) IdentityUtil.threadLocalProperties.get()).remove(USER_IDENTITY_CLAIMS);
        HashMap hashMap = new HashMap();
        Iterator<Map.Entry<String, String>> it = map.entrySet().iterator();
        while (it.hasNext()) {
            Map.Entry<String, String> next = it.next();
            if (next.getKey().contains("http://wso2.org/claims/identity") && !(this.identityDataStore instanceof UserStoreBasedIdentityDataStore)) {
                hashMap.put(next.getKey(), next.getValue());
                if (log.isDebugEnabled()) {
                    log.debug(next.getKey() + " claim added to thread local for user: " + str + " in preUserAdd");
                }
                it.remove();
            }
        }
        UserIdentityClaim userIdentityClaim = new UserIdentityClaim(str, hashMap);
        userIdentityClaim.setTenantId(userStoreManager.getTenantId());
        ((Map) IdentityUtil.threadLocalProperties.get()).put(USER_IDENTITY_CLAIMS, userIdentityClaim);
        return true;
    }

    public boolean doPostAddUser(String str, Object obj, String[] strArr, Map<String, String> map, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        Map<String, String> userIdentityDataMap;
        if (!isEnable()) {
            return true;
        }
        if (log.isDebugEnabled()) {
            log.debug("doPostAddUser executed in the IdentityStoreEventListener for user: " + str);
        }
        try {
            UserIdentityClaim userIdentityClaim = (UserIdentityClaim) ((Map) IdentityUtil.threadLocalProperties.get()).get(USER_IDENTITY_CLAIMS);
            if (userIdentityClaim == null) {
                userIdentityDataMap = new HashMap();
            } else {
                userIdentityDataMap = userIdentityClaim.getUserIdentityDataMap();
                map.putAll(userIdentityDataMap);
            }
            boolean storeInIdentityDataStore = storeInIdentityDataStore(str, userStoreManager, PRE_USER_ADD_CLAIM_VALUES, userIdentityDataMap);
            ((Map) IdentityUtil.threadLocalProperties.get()).remove(USER_IDENTITY_CLAIMS);
            return storeInIdentityDataStore;
        } catch (Throwable th) {
            ((Map) IdentityUtil.threadLocalProperties.get()).remove(USER_IDENTITY_CLAIMS);
            throw th;
        }
    }

    public boolean doPreSetUserClaimValues(String str, Map<String, String> map, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        if (!isEnable()) {
            return true;
        }
        if (log.isDebugEnabled()) {
            log.debug("doPreSetUserClaimValues executed in the IdentityStoreEventListener for user: " + str);
        }
        if (Boolean.parseBoolean(map.get("http://wso2.org/claims/identity/accountLocked"))) {
            IdentityUtil.setIdentityErrorMsg(new IdentityErrorMsgContext("17003"));
        }
        return storeInIdentityDataStore(str, userStoreManager, PRE_SET_USER_CLAIM_VALUES, map);
    }

    public boolean doPostGetUserClaimValues(String str, String[] strArr, String str2, Map<String, String> map, UserStoreManager userStoreManager) {
        UserIdentityClaim load;
        if (!isEnable()) {
            return true;
        }
        if (log.isDebugEnabled()) {
            log.debug("doPostGetUserClaimValues getting executed in the IdentityStoreEventListener for user: " + str);
        }
        if (this.identityDataStore instanceof UserStoreBasedIdentityDataStore) {
            return true;
        }
        if (map == null) {
            map = new HashMap();
        }
        boolean z = false;
        int length = strArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            if (strArr[i].contains("http://wso2.org/claims/identity")) {
                z = true;
                break;
            }
            i++;
        }
        if (!z || (load = this.identityDataStore.load(str, userStoreManager)) == null) {
            return true;
        }
        for (String str3 : strArr) {
            if (load.getUserIdentityDataMap().containsKey(str3)) {
                map.put(str3, load.getUserIdentityDataMap().get(str3));
            }
        }
        return true;
    }

    public boolean doPreGetUserClaimValue(String str, String str2, String str3, UserStoreManager userStoreManager) throws UserStoreException {
        if (isEnable() && StringUtils.isNotBlank(str2) && str2.contains("http://wso2.org/claims/identity")) {
            throw new UserStoreException("InvalidOperation This operation is not supported for Identity claims");
        }
        return true;
    }

    public boolean doPreSetUserClaimValue(String str, String str2, String str3, String str4, UserStoreManager userStoreManager) throws UserStoreException {
        if (isEnable() && StringUtils.isNotBlank(str2) && str2.contains("http://wso2.org/claims/identity")) {
            throw new UserStoreException("InvalidOperation This operation is not supported for Identity claims");
        }
        return true;
    }

    public boolean doPreGetUserList(String str, String str2, List<String> list, UserStoreManager userStoreManager) throws UserStoreException {
        if (!isEnable()) {
            return true;
        }
        if (log.isDebugEnabled()) {
            log.debug("doPreGetUserList executed in the IdentityStoreEventListener for claim URI: " + str + " and claim value: " + str2);
        }
        try {
            List<String> list2 = this.identityDataStore.list(str, str2, userStoreManager);
            if (StringUtils.equalsIgnoreCase(UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration()), "PRIMARY")) {
                for (String str3 : list2) {
                    if (!StringUtils.contains(str3, UserCoreConstants.DOMAIN_SEPARATOR) || StringUtils.startsWith(str3, "PRIMARY" + UserCoreConstants.DOMAIN_SEPARATOR)) {
                        list.add(str3);
                    }
                }
            } else {
                list.addAll(list2);
            }
            if (!log.isDebugEnabled()) {
                return true;
            }
            log.debug("Retrieved " + list2.size() + " users for claim: " + str);
            return true;
        } catch (IdentityException e) {
            throw new UserStoreException("Error while listing the users for given claim: " + str, e);
        }
    }

    public boolean doPostDeleteUser(String str, UserStoreManager userStoreManager) throws UserStoreException {
        if (!isEnable()) {
            return true;
        }
        if (log.isDebugEnabled()) {
            log.debug("doPostDeleteUser executed in the IdentityStoreEventListener for user: " + str);
        }
        try {
            if (log.isDebugEnabled()) {
                log.debug("Removed Identity Claims of user: " + str + " from IdentityDataStore.");
            }
            this.identityDataStore.remove(str, userStoreManager);
            return true;
        } catch (IdentityException e) {
            throw new UserStoreException("Error while removing user: " + str + " from identity data store", e);
        }
    }

    private boolean storeInIdentityDataStore(String str, UserStoreManager userStoreManager, String str2, Map<String, String> map) throws UserStoreException {
        if (this.identityDataStore instanceof UserStoreBasedIdentityDataStore) {
            return true;
        }
        try {
            if (!((Map) IdentityUtil.threadLocalProperties.get()).containsKey(str2)) {
                ((Map) IdentityUtil.threadLocalProperties.get()).put(str2, true);
                UserIdentityClaim userIdentityClaim = null;
                if (!StringUtils.equalsIgnoreCase(str2, PRE_USER_ADD_CLAIM_VALUES)) {
                    userIdentityClaim = this.identityDataStore.load(str, userStoreManager);
                }
                if (userIdentityClaim == null) {
                    userIdentityClaim = new UserIdentityClaim(str);
                }
                Iterator<Map.Entry<String, String>> it = map.entrySet().iterator();
                while (it.hasNext()) {
                    Map.Entry<String, String> next = it.next();
                    String key = next.getKey();
                    String value = next.getValue();
                    if (key.contains("http://wso2.org/claims/identity")) {
                        userIdentityClaim.setUserIdentityDataClaim(key, value);
                        it.remove();
                    }
                }
                try {
                    this.identityDataStore.store(userIdentityClaim, userStoreManager);
                } catch (IdentityException e) {
                    throw new UserStoreException("Error while saving user identityDataStore data for user : " + str, e);
                }
            }
            ((Map) IdentityUtil.threadLocalProperties.get()).remove(str2);
            return true;
        } catch (Throwable th) {
            ((Map) IdentityUtil.threadLocalProperties.get()).remove(str2);
            throw th;
        }
    }
}
