package org.wso2.carbon.identity.recovery.handler;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.common.model.User;
import org.wso2.carbon.identity.core.bean.context.MessageContext;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.event.IdentityEventClientException;
import org.wso2.carbon.identity.event.IdentityEventException;
import org.wso2.carbon.identity.event.IdentityEventServerException;
import org.wso2.carbon.identity.event.event.Event;
import org.wso2.carbon.identity.event.handler.AbstractEventHandler;
import org.wso2.carbon.identity.recovery.IdentityRecoveryClientException;
import org.wso2.carbon.identity.recovery.IdentityRecoveryConstants;
import org.wso2.carbon.identity.recovery.IdentityRecoveryServerException;
import org.wso2.carbon.identity.recovery.model.UserChallengeAnswer;
import org.wso2.carbon.identity.recovery.util.Utils;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;

/* loaded from: input_file:org/wso2/carbon/identity/recovery/handler/ChallengeAnswerValidationHandler.class */
public class ChallengeAnswerValidationHandler extends AbstractEventHandler {
    private static final Log log = LogFactory.getLog(ChallengeAnswerValidationHandler.class);

    public String getName() {
        return "challengeAnswerValidation";
    }

    public int getPriority(MessageContext messageContext) {
        return 50;
    }

    /* JADX WARN: Type inference failed for: r14v0, types: [java.lang.Throwable, org.wso2.carbon.identity.recovery.IdentityRecoveryServerException] */
    /* JADX WARN: Type inference failed for: r14v1, types: [java.lang.Throwable, org.wso2.carbon.identity.recovery.IdentityRecoveryClientException] */
    public void handleEvent(Event event) throws IdentityEventException {
        String eventName = event.getEventName();
        Map eventProperties = event.getEventProperties();
        UserStoreManager userStoreManager = (UserStoreManager) eventProperties.get("userStoreManager");
        User user = (User) eventProperties.get("USER");
        UserChallengeAnswer[] userChallengeAnswerArr = (UserChallengeAnswer[]) eventProperties.get("userChallengeAnswers");
        Map<String, String> map = (Map) eventProperties.get(IdentityRecoveryConstants.USER_OLD_CHALLENGE_ANSWERS);
        user.setUserStoreDomain(userStoreManager.getRealmConfiguration().getUserStoreProperty("DomainName"));
        if ("PRE_SET_CHALLENGE_QUESTION_ANSWERS".equals(eventName)) {
            try {
                validateChallengeAnswers(user, userChallengeAnswerArr, map);
            } catch (IdentityRecoveryClientException e) {
                throw new IdentityEventClientException(e.getErrorCode(), e.getMessage(), (Throwable) e);
            } catch (IdentityRecoveryServerException e2) {
                throw new IdentityEventServerException(e2.getErrorCode(), e2.getMessage(), (Throwable) e2);
            }
        }
    }

    private void validateChallengeAnswers(User user, UserChallengeAnswer[] userChallengeAnswerArr, Map<String, String> map) throws IdentityEventException, IdentityRecoveryClientException, IdentityRecoveryServerException {
        Map<String, List<UserChallengeAnswer>> filterChallengeAnswers = filterChallengeAnswers(userChallengeAnswerArr, map);
        List<UserChallengeAnswer> list = filterChallengeAnswers.get(IdentityRecoveryConstants.USER_OLD_CHALLENGE_ANSWERS);
        List<UserChallengeAnswer> list2 = filterChallengeAnswers.get(IdentityRecoveryConstants.USER_NEW_CHALLENGE_ANSWERS);
        validateChallengeAnswerRegex(user.getTenantDomain(), list2);
        if (Boolean.parseBoolean(Utils.getConnectorConfig(IdentityRecoveryConstants.ConnectorConfig.ENFORCE_CHALLENGE_QUESTION_ANSWER_UNIQUENESS, user.getTenantDomain()))) {
            validateChallengeAnswerUniqueness(list2, list);
        }
    }

    private Map<String, List<UserChallengeAnswer>> filterChallengeAnswers(UserChallengeAnswer[] userChallengeAnswerArr, Map<String, String> map) {
        HashMap hashMap = new HashMap();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        String property = IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.QUESTION_CHALLENGE_SEPARATOR);
        for (UserChallengeAnswer userChallengeAnswer : userChallengeAnswerArr) {
            if (StringUtils.isNotBlank(userChallengeAnswer.getQuestion().getQuestionSetId()) && StringUtils.isNotBlank(userChallengeAnswer.getQuestion().getQuestion()) && StringUtils.isNotBlank(userChallengeAnswer.getAnswer())) {
                String str = map.get(userChallengeAnswer.getQuestion().getQuestionSetId().trim());
                if (!StringUtils.isNotBlank(str) || !str.contains(property)) {
                    arrayList2.add(userChallengeAnswer);
                } else if (str.split(property)[1].trim().equals(userChallengeAnswer.getAnswer().trim())) {
                    arrayList.add(userChallengeAnswer);
                } else {
                    arrayList2.add(userChallengeAnswer);
                }
            }
        }
        hashMap.put(IdentityRecoveryConstants.USER_OLD_CHALLENGE_ANSWERS, arrayList);
        hashMap.put(IdentityRecoveryConstants.USER_NEW_CHALLENGE_ANSWERS, arrayList2);
        return hashMap;
    }

    private void validateChallengeAnswerRegex(String str, List<UserChallengeAnswer> list) throws IdentityRecoveryClientException, IdentityEventException {
        for (UserChallengeAnswer userChallengeAnswer : list) {
            if (!userChallengeAnswer.getAnswer().matches(Utils.getConnectorConfig(IdentityRecoveryConstants.ConnectorConfig.CHALLENGE_QUESTION_ANSWER_REGEX, str))) {
                if (log.isDebugEnabled()) {
                    log.debug(String.format("The challenge question answer for the question, '%s' is not in the expected format.", userChallengeAnswer.getQuestion().getQuestion()));
                }
                throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_ANSWER_FORMAT, userChallengeAnswer.getQuestion().getQuestion());
            }
        }
    }

    private void validateChallengeAnswerUniqueness(List<UserChallengeAnswer> list, List<UserChallengeAnswer> list2) throws IdentityRecoveryServerException, IdentityRecoveryClientException {
        HashSet hashSet = new HashSet();
        Iterator<UserChallengeAnswer> it = list2.iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getAnswer().trim());
        }
        for (UserChallengeAnswer userChallengeAnswer : list) {
            try {
                if (!hashSet.add(Utils.doHash(userChallengeAnswer.getAnswer().trim().toLowerCase()))) {
                    if (log.isDebugEnabled()) {
                        log.debug(String.format("The challenge question answer is not unique. The given answer for the challenge question '%s' has been used more than once.", userChallengeAnswer.getQuestion().getQuestion()));
                    }
                    throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_NOT_UNIQUE_ANSWER, userChallengeAnswer.getQuestion().getQuestion());
                }
            } catch (UserStoreException e) {
                throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_NO_HASHING_ALGO, null);
            }
        }
    }
}
