package org.wso2.carbon.identity.recovery.handler;

import java.util.HashMap;
import java.util.Map;
import org.apache.commons.collections.MapUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.common.model.User;
import org.wso2.carbon.identity.base.IdentityRuntimeException;
import org.wso2.carbon.identity.core.bean.context.MessageContext;
import org.wso2.carbon.identity.core.handler.InitConfig;
import org.wso2.carbon.identity.event.IdentityEventException;
import org.wso2.carbon.identity.event.event.Event;
import org.wso2.carbon.identity.event.handler.AbstractEventHandler;
import org.wso2.carbon.identity.governance.service.notification.NotificationChannels;
import org.wso2.carbon.identity.recovery.IdentityRecoveryConstants;
import org.wso2.carbon.identity.recovery.IdentityRecoveryException;
import org.wso2.carbon.identity.recovery.RecoveryScenarios;
import org.wso2.carbon.identity.recovery.RecoverySteps;
import org.wso2.carbon.identity.recovery.internal.IdentityRecoveryServiceDataHolder;
import org.wso2.carbon.identity.recovery.model.Property;
import org.wso2.carbon.identity.recovery.model.UserRecoveryData;
import org.wso2.carbon.identity.recovery.store.JDBCRecoveryDataStore;
import org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore;
import org.wso2.carbon.identity.recovery.util.Utils;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;

/* loaded from: input_file:org/wso2/carbon/identity/recovery/handler/MobileNumberVerificationHandler.class */
public class MobileNumberVerificationHandler extends AbstractEventHandler {
    private static final Log log = LogFactory.getLog(MobileNumberVerificationHandler.class);

    public String getName() {
        return "userMobileVerification";
    }

    public String getFriendlyName() {
        return "User Mobile Number Verification";
    }

    public void handleEvent(Event event) throws IdentityEventException {
        Map eventProperties = event.getEventProperties();
        String eventName = event.getEventName();
        UserStoreManager userStoreManager = (UserStoreManager) eventProperties.get("userStoreManager");
        User user = getUser(eventProperties, userStoreManager);
        Map<String, String> map = (Map) eventProperties.get("USER_CLAIMS");
        if (isMobileVerificationOnUpdateEnabled(user.getTenantDomain())) {
            if ("PRE_SET_USER_CLAIMS".equals(eventName)) {
                preSetUserClaimOnMobileNumberUpdate(map, userStoreManager, user);
            }
            if ("POST_SET_USER_CLAIMS".equals(eventName)) {
                postSetUserClaimOnMobileNumberUpdate(user, userStoreManager);
                return;
            }
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug("Mobile number verification handler is disabled in tenant: " + user.getTenantDomain() + " for event: " + eventName);
        }
        if (map.containsKey(IdentityRecoveryConstants.MOBILE_NUMBER_CLAIM)) {
            invalidatePendingMobileVerification(user, userStoreManager, map);
        }
    }

    public void init(InitConfig initConfig) throws IdentityRuntimeException {
        super.init(initConfig);
    }

    public int getPriority(MessageContext messageContext) {
        return 50;
    }

    private void initNotificationForMobileNumberVerificationOnUpdate(User user, String str) throws IdentityEventException {
        UserRecoveryDataStore jDBCRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
        try {
            jDBCRecoveryDataStore.invalidate(user, RecoveryScenarios.MOBILE_VERIFICATION_ON_UPDATE, RecoverySteps.VERIFY_MOBILE_NUMBER);
            String generateSecretKey = Utils.generateSecretKey(NotificationChannels.SMS_CHANNEL.getChannelType(), user.getTenantDomain(), String.valueOf(RecoveryScenarios.MOBILE_VERIFICATION_ON_UPDATE));
            UserRecoveryData userRecoveryData = new UserRecoveryData(user, generateSecretKey, RecoveryScenarios.MOBILE_VERIFICATION_ON_UPDATE, RecoverySteps.VERIFY_MOBILE_NUMBER);
            userRecoveryData.setRemainingSetIds(str);
            jDBCRecoveryDataStore.store(userRecoveryData);
            triggerNotification(user, generateSecretKey, Utils.getArbitraryProperties(), str);
        } catch (IdentityRecoveryException e) {
            throw new IdentityEventException("Error while sending notification to user: " + user.toFullQualifiedUsername() + " for mobile verification on update.", e);
        }
    }

    private void triggerNotification(User user, String str, Property[] propertyArr, String str2) throws IdentityRecoveryException {
        if (log.isDebugEnabled()) {
            log.debug("Sending: " + IdentityRecoveryConstants.NOTIFICATION_TYPE_VERIFY_MOBILE_ON_UPDATE + " notification to user: " + user.toFullQualifiedUsername());
        }
        HashMap hashMap = new HashMap();
        hashMap.put("user-name", user.getUserName());
        hashMap.put("tenant-domain", user.getTenantDomain());
        hashMap.put("userstore-domain", user.getUserStoreDomain());
        hashMap.put("notification-channel", NotificationChannels.SMS_CHANNEL.getChannelType());
        hashMap.put(IdentityRecoveryConstants.TEMPLATE_TYPE, IdentityRecoveryConstants.NOTIFICATION_TYPE_VERIFY_MOBILE_ON_UPDATE);
        if (StringUtils.isNotBlank(str2)) {
            hashMap.put(IdentityRecoveryConstants.SEND_TO, str2);
        }
        if (propertyArr != null && propertyArr.length > 0) {
            for (Property property : propertyArr) {
                hashMap.put(property.getKey(), property.getValue());
            }
        }
        if (StringUtils.isNotBlank(str)) {
            hashMap.put(IdentityRecoveryConstants.CONFIRMATION_CODE, str);
        }
        try {
            IdentityRecoveryServiceDataHolder.getInstance().getIdentityEventService().handleEvent(new Event("TRIGGER_SMS_NOTIFICATION", hashMap));
        } catch (IdentityEventException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_TRIGGER_NOTIFICATION, user.toFullQualifiedUsername(), (Throwable) e);
        }
    }

    private User getUser(Map map, UserStoreManager userStoreManager) {
        String str = (String) map.get("user-name");
        String str2 = (String) map.get("tenant-domain");
        String userStoreProperty = userStoreManager.getRealmConfiguration().getUserStoreProperty("DomainName");
        User user = new User();
        user.setUserName(str);
        user.setTenantDomain(str2);
        user.setUserStoreDomain(userStoreProperty);
        return user;
    }

    private void preSetUserClaimOnMobileNumberUpdate(Map<String, String> map, UserStoreManager userStoreManager, User user) throws IdentityEventException {
        if (IdentityRecoveryConstants.SkipMobileNumberVerificationOnUpdateStates.SKIP_ON_CONFIRM.toString().equals(Utils.getThreadLocalToSkipSendingSmsOtpVerificationOnUpdate())) {
            return;
        }
        if (Utils.getThreadLocalToSkipSendingSmsOtpVerificationOnUpdate() != null) {
            Utils.unsetThreadLocalToSkipSendingSmsOtpVerificationOnUpdate();
        }
        if (MapUtils.isEmpty(map)) {
            Utils.setThreadLocalToSkipSendingSmsOtpVerificationOnUpdate(IdentityRecoveryConstants.SkipMobileNumberVerificationOnUpdateStates.SKIP_ON_INAPPLICABLE_CLAIMS.toString());
            return;
        }
        String str = map.get(IdentityRecoveryConstants.MOBILE_NUMBER_CLAIM);
        if (!StringUtils.isNotBlank(str)) {
            Utils.setThreadLocalToSkipSendingSmsOtpVerificationOnUpdate(IdentityRecoveryConstants.SkipMobileNumberVerificationOnUpdateStates.SKIP_ON_INAPPLICABLE_CLAIMS.toString());
            return;
        }
        String userName = user.getUserName();
        try {
            if (!StringUtils.equals(str, userStoreManager.getUserClaimValue(userName, IdentityRecoveryConstants.MOBILE_NUMBER_CLAIM, (String) null))) {
                map.put(IdentityRecoveryConstants.MOBILE_NUMBER_PENDING_VALUE_CLAIM, str);
                map.remove(IdentityRecoveryConstants.MOBILE_NUMBER_CLAIM);
            } else {
                if (log.isDebugEnabled()) {
                    log.debug(String.format("The mobile number to be updated: %s is same as the existing mobile number for user: %s in domain: %s and user store: %s. Hence an SMS OTP verification will not be triggered.", str, userName, user.getTenantDomain(), user.getUserStoreDomain()));
                }
                Utils.setThreadLocalToSkipSendingSmsOtpVerificationOnUpdate(IdentityRecoveryConstants.SkipMobileNumberVerificationOnUpdateStates.SKIP_ON_EXISTING_MOBILE_NUM.toString());
                invalidatePendingMobileVerification(user, userStoreManager, map);
            }
        } catch (UserStoreException e) {
            throw new IdentityEventException(String.format("Error occurred while retrieving existing mobile number for user: %s in domain: %s and user store: %s", userName, user.getTenantDomain(), user.getUserStoreDomain()), e);
        }
    }

    private void postSetUserClaimOnMobileNumberUpdate(User user, UserStoreManager userStoreManager) throws IdentityEventException {
        try {
            String threadLocalToSkipSendingSmsOtpVerificationOnUpdate = Utils.getThreadLocalToSkipSendingSmsOtpVerificationOnUpdate();
            if (!IdentityRecoveryConstants.SkipMobileNumberVerificationOnUpdateStates.SKIP_ON_CONFIRM.toString().equals(threadLocalToSkipSendingSmsOtpVerificationOnUpdate) && !IdentityRecoveryConstants.SkipMobileNumberVerificationOnUpdateStates.SKIP_ON_EXISTING_MOBILE_NUM.toString().equals(threadLocalToSkipSendingSmsOtpVerificationOnUpdate) && !IdentityRecoveryConstants.SkipMobileNumberVerificationOnUpdateStates.SKIP_ON_INAPPLICABLE_CLAIMS.toString().equals(threadLocalToSkipSendingSmsOtpVerificationOnUpdate)) {
                String verificationPendingMobileNumValue = getVerificationPendingMobileNumValue(userStoreManager, user);
                if (StringUtils.isNotBlank(verificationPendingMobileNumValue)) {
                    initNotificationForMobileNumberVerificationOnUpdate(user, verificationPendingMobileNumValue);
                }
            }
        } finally {
            Utils.unsetThreadLocalToSkipSendingSmsOtpVerificationOnUpdate();
        }
    }

    private String getVerificationPendingMobileNumValue(UserStoreManager userStoreManager, User user) throws IdentityEventException {
        try {
            Map userClaimValues = userStoreManager.getUserClaimValues(user.getUserName(), new String[]{IdentityRecoveryConstants.MOBILE_NUMBER_PENDING_VALUE_CLAIM}, (String) null);
            if (MapUtils.isEmpty(userClaimValues)) {
                return null;
            }
            for (Map.Entry entry : userClaimValues.entrySet()) {
                if (IdentityRecoveryConstants.MOBILE_NUMBER_PENDING_VALUE_CLAIM.equals((String) entry.getKey())) {
                    return (String) entry.getValue();
                }
            }
            return null;
        } catch (UserStoreException e) {
            throw new IdentityEventException("Error while retrieving verification pending mobile number claim value for user: " + user.toFullQualifiedUsername(), e);
        }
    }

    private boolean isMobileVerificationOnUpdateEnabled(String str) throws IdentityEventException {
        return Boolean.parseBoolean(Utils.getConnectorConfig(IdentityRecoveryConstants.ConnectorConfig.ENABLE_MOBILE_NUM_VERIFICATION_ON_UPDATE, str));
    }

    private void invalidatePendingMobileVerification(User user, UserStoreManager userStoreManager, Map<String, String> map) throws IdentityEventException {
        if (StringUtils.isNotBlank(getVerificationPendingMobileNumValue(userStoreManager, user))) {
            map.put(IdentityRecoveryConstants.MOBILE_NUMBER_PENDING_VALUE_CLAIM, "");
            try {
                JDBCRecoveryDataStore.getInstance().invalidate(user, RecoveryScenarios.MOBILE_VERIFICATION_ON_UPDATE, RecoverySteps.VERIFY_MOBILE_NUMBER);
            } catch (IdentityRecoveryException e) {
                throw new IdentityEventException("Error while invalidating previous mobile verification data from recovery store for user: " + user.toFullQualifiedUsername(), e);
            }
        }
    }
}
