package org.wso2.carbon.identity.recovery.store;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.util.Date;
import java.util.concurrent.TimeUnit;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.common.model.User;
import org.wso2.carbon.identity.core.util.IdentityDatabaseUtil;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.governance.service.notification.NotificationChannels;
import org.wso2.carbon.identity.recovery.IdentityRecoveryConstants;
import org.wso2.carbon.identity.recovery.IdentityRecoveryException;
import org.wso2.carbon.identity.recovery.IdentityRecoveryServerException;
import org.wso2.carbon.identity.recovery.RecoveryScenarios;
import org.wso2.carbon.identity.recovery.RecoverySteps;
import org.wso2.carbon.identity.recovery.model.UserRecoveryData;
import org.wso2.carbon.identity.recovery.util.Utils;

/* loaded from: input_file:org/wso2/carbon/identity/recovery/store/JDBCRecoveryDataStore.class */
public class JDBCRecoveryDataStore implements UserRecoveryDataStore {
    private static UserRecoveryDataStore jdbcRecoveryDataStore = new JDBCRecoveryDataStore();
    private static final Log log = LogFactory.getLog(JDBCRecoveryDataStore.class);

    private JDBCRecoveryDataStore() {
    }

    public static UserRecoveryDataStore getInstance() {
        return jdbcRecoveryDataStore;
    }

    @Override // org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore
    public void store(UserRecoveryData userRecoveryData) throws IdentityRecoveryException {
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = dBConnection.prepareStatement(IdentityRecoveryConstants.SQLQueries.STORE_RECOVERY_DATA);
                preparedStatement.setString(1, userRecoveryData.getUser().getUserName());
                preparedStatement.setString(2, userRecoveryData.getUser().getUserStoreDomain().toUpperCase());
                preparedStatement.setInt(3, IdentityTenantUtil.getTenantId(userRecoveryData.getUser().getTenantDomain()));
                preparedStatement.setString(4, userRecoveryData.getSecret());
                preparedStatement.setString(5, String.valueOf(userRecoveryData.getRecoveryScenario()));
                preparedStatement.setString(6, String.valueOf(userRecoveryData.getRecoveryStep()));
                preparedStatement.setTimestamp(7, new Timestamp(new Date().getTime()));
                preparedStatement.setString(8, userRecoveryData.getRemainingSetIds());
                preparedStatement.execute();
                IdentityDatabaseUtil.commitTransaction(dBConnection);
                IdentityDatabaseUtil.closeStatement(preparedStatement);
                IdentityDatabaseUtil.closeConnection(dBConnection);
            } catch (SQLException e) {
                IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_STORING_RECOVERY_DATA, (String) null, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeStatement(preparedStatement);
            IdentityDatabaseUtil.closeConnection(dBConnection);
            throw th;
        }
    }

    @Override // org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore
    public UserRecoveryData load(User user, Enum r10, Enum r11, String str) throws IdentityRecoveryException {
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
        try {
            try {
                preparedStatement = dBConnection.prepareStatement(IdentityUtil.isUserStoreCaseSensitive(user.getUserStoreDomain(), IdentityTenantUtil.getTenantId(user.getTenantDomain())) ? IdentityRecoveryConstants.SQLQueries.LOAD_RECOVERY_DATA : IdentityRecoveryConstants.SQLQueries.LOAD_RECOVERY_DATA_CASE_INSENSITIVE);
                preparedStatement.setString(1, user.getUserName());
                preparedStatement.setString(2, user.getUserStoreDomain().toUpperCase());
                preparedStatement.setInt(3, IdentityTenantUtil.getTenantId(user.getTenantDomain()));
                preparedStatement.setString(4, str);
                preparedStatement.setString(5, String.valueOf(r10));
                preparedStatement.setString(6, String.valueOf(r11));
                resultSet = preparedStatement.executeQuery();
                if (!resultSet.next()) {
                    IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
                    throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_CODE, str);
                }
                UserRecoveryData userRecoveryData = new UserRecoveryData(user, str, r10, r11);
                if (StringUtils.isNotBlank(resultSet.getString("REMAINING_SETS"))) {
                    userRecoveryData.setRemainingSetIds(resultSet.getString("REMAINING_SETS"));
                }
                if (isCodeExpired(user.getTenantDomain(), r10, r11, resultSet.getTimestamp("TIME_CREATED").getTime(), resultSet.getString("REMAINING_SETS"))) {
                    throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_EXPIRED_CODE, str);
                }
                IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
                return userRecoveryData;
            } catch (SQLException e) {
                throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED, (String) null, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
            throw th;
        }
    }

    @Override // org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore
    public UserRecoveryData load(String str) throws IdentityRecoveryException {
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
        try {
            try {
                preparedStatement = dBConnection.prepareStatement(IdentityRecoveryConstants.SQLQueries.LOAD_RECOVERY_DATA_FROM_CODE);
                preparedStatement.setString(1, str);
                resultSet = preparedStatement.executeQuery();
                if (!resultSet.next()) {
                    IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
                    throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_CODE, str);
                }
                User user = new User();
                user.setUserName(resultSet.getString("USER_NAME"));
                user.setTenantDomain(IdentityTenantUtil.getTenantDomain(resultSet.getInt("TENANT_ID")));
                user.setUserStoreDomain(resultSet.getString("USER_DOMAIN"));
                UserRecoveryData userRecoveryData = new UserRecoveryData(user, str, RecoveryScenarios.valueOf(resultSet.getString("SCENARIO")), RecoverySteps.valueOf(resultSet.getString("STEP")));
                if (StringUtils.isNotBlank(resultSet.getString("REMAINING_SETS"))) {
                    userRecoveryData.setRemainingSetIds(resultSet.getString("REMAINING_SETS"));
                }
                if (isCodeExpired(user.getTenantDomain(), userRecoveryData.getRecoveryScenario(), userRecoveryData.getRecoveryStep(), resultSet.getTimestamp("TIME_CREATED").getTime(), userRecoveryData.getRemainingSetIds())) {
                    throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_EXPIRED_CODE, str);
                }
                IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
                return userRecoveryData;
            } catch (SQLException e) {
                throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED, (String) null, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
            throw th;
        }
    }

    @Override // org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore
    public void invalidate(String str) throws IdentityRecoveryException {
        PreparedStatement preparedStatement = null;
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
        try {
            try {
                preparedStatement = dBConnection.prepareStatement(IdentityRecoveryConstants.SQLQueries.INVALIDATE_CODE);
                preparedStatement.setString(1, str);
                preparedStatement.execute();
                IdentityDatabaseUtil.commitTransaction(dBConnection);
                IdentityDatabaseUtil.closeStatement(preparedStatement);
                IdentityDatabaseUtil.closeConnection(dBConnection);
            } catch (SQLException e) {
                IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED, (String) null, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeStatement(preparedStatement);
            IdentityDatabaseUtil.closeConnection(dBConnection);
            throw th;
        }
    }

    @Override // org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore
    public UserRecoveryData load(User user) throws IdentityRecoveryException {
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
        try {
            try {
                PreparedStatement prepareStatement = dBConnection.prepareStatement(IdentityUtil.isUserStoreCaseSensitive(user.getUserStoreDomain(), IdentityTenantUtil.getTenantId(user.getTenantDomain())) ? IdentityRecoveryConstants.SQLQueries.LOAD_RECOVERY_DATA_OF_USER : IdentityRecoveryConstants.SQLQueries.LOAD_RECOVERY_DATA_OF_USER_CASE_INSENSITIVE);
                prepareStatement.setString(1, user.getUserName());
                prepareStatement.setString(2, user.getUserStoreDomain().toUpperCase());
                prepareStatement.setInt(3, IdentityTenantUtil.getTenantId(user.getTenantDomain()));
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (!executeQuery.next()) {
                    IdentityDatabaseUtil.closeAllConnections(dBConnection, executeQuery, prepareStatement);
                    return null;
                }
                Timestamp timestamp = executeQuery.getTimestamp("TIME_CREATED");
                RecoveryScenarios valueOf = RecoveryScenarios.valueOf(executeQuery.getString("SCENARIO"));
                RecoverySteps valueOf2 = RecoverySteps.valueOf(executeQuery.getString("STEP"));
                String string = executeQuery.getString("CODE");
                String string2 = executeQuery.getString("REMAINING_SETS");
                if (isCodeExpired(user.getTenantDomain(), valueOf, valueOf2, timestamp.getTime(), string2)) {
                    throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_EXPIRED_CODE, string);
                }
                UserRecoveryData userRecoveryData = new UserRecoveryData(user, string, valueOf, valueOf2);
                if (StringUtils.isNotBlank(string2)) {
                    userRecoveryData.setRemainingSetIds(executeQuery.getString("REMAINING_SETS"));
                }
                IdentityDatabaseUtil.closeAllConnections(dBConnection, executeQuery, prepareStatement);
                return userRecoveryData;
            } catch (SQLException e) {
                throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED, (String) null, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections(dBConnection, (ResultSet) null, (PreparedStatement) null);
            throw th;
        }
    }

    @Override // org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore
    public UserRecoveryData loadWithoutCodeExpiryValidation(User user) throws IdentityRecoveryException {
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
        try {
            try {
                preparedStatement = dBConnection.prepareStatement(IdentityUtil.isUserStoreCaseSensitive(user.getUserStoreDomain(), IdentityTenantUtil.getTenantId(user.getTenantDomain())) ? IdentityRecoveryConstants.SQLQueries.LOAD_RECOVERY_DATA_OF_USER : IdentityRecoveryConstants.SQLQueries.LOAD_RECOVERY_DATA_OF_USER_CASE_INSENSITIVE);
                preparedStatement.setString(1, user.getUserName());
                preparedStatement.setString(2, user.getUserStoreDomain().toUpperCase());
                preparedStatement.setInt(3, IdentityTenantUtil.getTenantId(user.getTenantDomain()));
                resultSet = preparedStatement.executeQuery();
                if (!resultSet.next()) {
                    IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
                    return null;
                }
                UserRecoveryData userRecoveryData = new UserRecoveryData(user, resultSet.getString("CODE"), RecoveryScenarios.valueOf(resultSet.getString("SCENARIO")), RecoverySteps.valueOf(resultSet.getString("STEP")));
                if (StringUtils.isNotBlank(resultSet.getString("REMAINING_SETS"))) {
                    userRecoveryData.setRemainingSetIds(resultSet.getString("REMAINING_SETS"));
                }
                IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
                return userRecoveryData;
            } catch (SQLException e) {
                throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED, (String) null, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
            throw th;
        }
    }

    @Override // org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore
    public void invalidate(User user) throws IdentityRecoveryException {
        PreparedStatement preparedStatement = null;
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
        try {
            try {
                preparedStatement = dBConnection.prepareStatement(IdentityUtil.isUserStoreCaseSensitive(user.getUserStoreDomain(), IdentityTenantUtil.getTenantId(user.getTenantDomain())) ? IdentityRecoveryConstants.SQLQueries.INVALIDATE_USER_CODES : IdentityRecoveryConstants.SQLQueries.INVALIDATE_USER_CODES_CASE_INSENSITIVE);
                preparedStatement.setString(1, user.getUserName());
                preparedStatement.setString(2, user.getUserStoreDomain());
                preparedStatement.setInt(3, IdentityTenantUtil.getTenantId(user.getTenantDomain()));
                preparedStatement.execute();
                IdentityDatabaseUtil.commitTransaction(dBConnection);
                IdentityDatabaseUtil.closeStatement(preparedStatement);
                IdentityDatabaseUtil.closeConnection(dBConnection);
            } catch (SQLException e) {
                IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_UNEXPECTED, (String) null, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeStatement(preparedStatement);
            IdentityDatabaseUtil.closeConnection(dBConnection);
            throw th;
        }
    }

    private boolean isCodeExpired(String str, Enum r8, Enum r9, long j, String str2) throws IdentityRecoveryServerException {
        int parseInt;
        if (!RecoveryScenarios.SELF_SIGN_UP.equals(r8) || !RecoverySteps.CONFIRM_SIGN_UP.equals(r9)) {
            parseInt = RecoveryScenarios.ASK_PASSWORD.equals(r8) ? Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.ASK_PASSWORD_EXPIRY_TIME, str)) : RecoveryScenarios.USERNAME_RECOVERY.equals(r8) ? getRecoveryCodeExpiryTime() : RecoveryScenarios.NOTIFICATION_BASED_PW_RECOVERY.equals(r8) ? RecoverySteps.RESEND_CONFIRMATION_CODE.toString().equals(r9.toString()) ? getResendCodeExpiryTime() : RecoverySteps.SEND_RECOVERY_INFORMATION.toString().equals(r9.toString()) ? getRecoveryCodeExpiryTime() : NotificationChannels.SMS_CHANNEL.getChannelType().equals(str2) ? Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.PASSWORD_RECOVERY_SMS_OTP_EXPIRY_TIME, str)) : Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.EXPIRY_TIME, str)) : RecoveryScenarios.EMAIL_VERIFICATION_ON_UPDATE.equals(r8) ? Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.EMAIL_VERIFICATION_ON_UPDATE_EXPIRY_TIME, str)) : RecoveryScenarios.TENANT_ADMIN_ASK_PASSWORD.equals(r8) ? Integer.parseInt(IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.TENANT_ADMIN_ASK_PASSWORD_EXPIRY_TIME)) : Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.EXPIRY_TIME, str));
        } else if (NotificationChannels.EMAIL_CHANNEL.getChannelType().equalsIgnoreCase(str2)) {
            if (log.isDebugEnabled()) {
                log.debug(String.format("Verification channel: %s was detected for recovery scenario: %s and recovery step: %s", str2, r8, r9));
            }
            parseInt = Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_VERIFICATION_CODE_EXPIRY_TIME, str));
        } else if (NotificationChannels.SMS_CHANNEL.getChannelType().equals(str2)) {
            if (log.isDebugEnabled()) {
                log.debug(String.format("Verification channel: %s was detected for recovery scenario: %s and recovery step: %s", str2, r8, r9));
            }
            parseInt = Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_SMSOTP_VERIFICATION_CODE_EXPIRY_TIME, str));
        } else {
            if (log.isDebugEnabled()) {
                log.debug(String.format("No verification channel for recovery scenario: %s and recovery step: %s .Therefore, using verification link default timeout configs", r8, r9));
            }
            parseInt = Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_VERIFICATION_CODE_EXPIRY_TIME, str));
        }
        if (parseInt < 0) {
            parseInt = Integer.MAX_VALUE;
        }
        return System.currentTimeMillis() > j + TimeUnit.MINUTES.toMillis((long) parseInt);
    }

    private int getRecoveryCodeExpiryTime() {
        String property = IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_CODE_EXPIRY_TIME);
        if (StringUtils.isEmpty(property)) {
            return 1;
        }
        try {
            return Integer.parseInt(property);
        } catch (NumberFormatException e) {
            if (!log.isDebugEnabled()) {
                return 1;
            }
            log.debug(String.format("User recovery code expired. Therefore setting DEFAULT expiry time : %s minutes", 1));
            return 1;
        }
    }

    private int getResendCodeExpiryTime() {
        String property = IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.RESEND_CODE_EXPIRY_TIME);
        if (StringUtils.isEmpty(property)) {
            return 1;
        }
        try {
            return Integer.parseInt(property);
        } catch (NumberFormatException e) {
            if (!log.isDebugEnabled()) {
                return 1;
            }
            log.debug(String.format("User recovery code expired. Therefore setting DEFAULT expiry time : %s minutes", 1));
            return 1;
        }
    }
}
