package org.wso2.carbon.identity.provider;

import java.io.ByteArrayInputStream;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
import org.apache.axiom.om.impl.dom.factory.OMDOMFactory;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.rahas.RahasData;
import org.w3c.dom.Element;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.IdentityClaimManager;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.claim.Claim;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/provider/GenericIdentityProviderData.class */
public class GenericIdentityProviderData {
    public static final String USERMAN_SERVICE = "UserManServiceURL";
    public static final String USER_CLASS = "UserClass";
    private static final Log log = LogFactory.getLog(GenericIdentityProviderData.class);
    protected X509Certificate rpCert;
    protected String cardID = null;
    protected Map<String, RequestedClaimData> requestedClaims = new HashMap();
    protected Map<String, Claim> supportedClaims = new HashMap();
    protected String displayTokenLang = null;
    protected int authMechanism = -1;
    protected String userIdentifier = null;
    protected String requiredTokenType = null;

    public GenericIdentityProviderData(RahasData rahasData) throws IdentityProviderException, ClassNotFoundException {
        OMElement rstElement = rahasData.getRstElement();
        OMElement claimElem = rahasData.getClaimElem();
        readAuthenticationMechanism(rahasData);
        processUserIdentifier(rahasData);
        loadClaims();
        processClaimData(rahasData, claimElem);
        processInfoCardReference(rstElement);
        readRequestedTokenType(rahasData);
        populateClaimValues(rahasData);
        extracAndValidatetRPCert(rahasData);
    }

    public String getRequiredTokenType() {
        return this.requiredTokenType;
    }

    public void setRequiredTokenType(String str) {
        if (StringUtils.isBlank(str)) {
            this.requiredTokenType = getDefautTokenType();
        } else {
            this.requiredTokenType = str;
        }
    }

    public String getDefautTokenType() {
        return "urn:oasis:names:tc:SAML:1.0:assertion";
    }

    public X509Certificate getRpCert() {
        return this.rpCert;
    }

    public String getUserIdentifier() {
        return null;
    }

    public String getCardID() {
        return null;
    }

    public String getDisplayTokenLang() {
        return null;
    }

    public String getDisplayName(String str) {
        return null;
    }

    public String getTenantDomain() throws IdentityProviderException {
        return null;
    }

    protected void loadClaims() throws IdentityProviderException {
        if (log.isDebugEnabled()) {
            log.debug("Loading claims");
        }
        try {
            for (Claim claim : IdentityClaimManager.getInstance().getAllSupportedClaims("http://schemas.xmlsoap.org/ws/2005/05/identity", IdentityTenantUtil.getRealm((String) null, this.userIdentifier))) {
                this.supportedClaims.put(claim.getClaimUri(), claim);
            }
            Claim claim2 = new Claim();
            claim2.setClaimUri("http://wso2.org/claims/tenant");
            claim2.setDescription("Tenant");
            claim2.setDisplayTag("Tenant");
            claim2.setSupportedByDefault(true);
            claim2.setDialectURI("http://wso2.org");
            this.supportedClaims.put(claim2.getClaimUri(), claim2);
        } catch (IdentityException e) {
            log.error("Error while loading claims", e);
            throw new IdentityProviderException("Error while loading claims", e);
        }
    }

    protected void processClaimData(RahasData rahasData, OMElement oMElement) throws IdentityProviderException {
        if (oMElement == null) {
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug("Processing claim data");
        }
        Iterator childrenWithName = oMElement.getChildrenWithName(new QName("http://schemas.xmlsoap.org/ws/2005/05/identity", "ClaimType"));
        while (childrenWithName.hasNext()) {
            OMElement oMElement2 = (OMElement) childrenWithName.next();
            RequestedClaimData requestedClaim = getRequestedClaim();
            String attributeValue = oMElement2.getAttributeValue(new QName(null, "Uri"));
            if (attributeValue == null) {
                log.error("Empty claim uri found while procession claim data");
                throw new IdentityProviderException("Empty claim uri found while procession claim data");
            }
            requestedClaim.setUri(attributeValue);
            String attributeValue2 = oMElement2.getAttributeValue(new QName(null, "Optional"));
            if (StringUtils.isNotBlank(attributeValue2)) {
                requestedClaim.setBOptional("true".equals(attributeValue2));
            } else {
                requestedClaim.setBOptional(true);
            }
            this.requestedClaims.put(requestedClaim.getUri(), requestedClaim);
        }
    }

    protected void processInfoCardReference(OMElement oMElement) throws IdentityProviderException {
    }

    protected void readAuthenticationMechanism(RahasData rahasData) throws IdentityProviderException {
    }

    protected void extracAndValidatetRPCert(RahasData rahasData) throws IdentityProviderException {
    }

    protected void processUserIdentifier(RahasData rahasData) throws IdentityProviderException {
        if (log.isDebugEnabled()) {
            log.debug("Processing user identifier");
        }
        this.userIdentifier = rahasData.getPrincipal().getName();
    }

    protected void populateClaimValues(RahasData rahasData) throws IdentityProviderException {
        if (log.isDebugEnabled()) {
            log.debug("Populating claim values");
        }
        try {
            UserStoreManager userStoreManager = IdentityTenantUtil.getRealm((String) null, this.userIdentifier).getUserStoreManager();
            ArrayList arrayList = new ArrayList();
            for (RequestedClaimData requestedClaimData : this.requestedClaims.values()) {
                if (requestedClaimData != null && !requestedClaimData.getUri().equals("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier") && !requestedClaimData.getUri().equals("http://wso2.org/claims/tenant")) {
                    arrayList.add(requestedClaimData.getUri());
                }
            }
            String[] strArr = new String[arrayList.size()];
            try {
                Map userClaimValues = userStoreManager.getUserClaimValues(MultitenantUtils.getTenantAwareUsername(this.userIdentifier), (String[]) arrayList.toArray(strArr), (String) null);
                for (RequestedClaimData requestedClaimData2 : this.requestedClaims.values()) {
                    if ("http://wso2.org/claims/tenant".equals(requestedClaimData2.getUri())) {
                        String tenantDomain = MultitenantUtils.getTenantDomain(this.userIdentifier);
                        if (tenantDomain == null) {
                            tenantDomain = "identity.cloud.wso2.com";
                        }
                        requestedClaimData2.setValue(tenantDomain);
                    } else {
                        requestedClaimData2.setValue((String) userClaimValues.get(requestedClaimData2.getUri()));
                    }
                }
            } catch (Exception e) {
                throw new IdentityProviderException(e.getMessage(), e);
            }
        } catch (Exception e2) {
            log.error("Error while instantiating IdentityUserStore", e2);
            throw new IdentityProviderException("Error while instantiating IdentityUserStore", e2);
        }
    }

    protected boolean validateKeyInfo(String str, Element element) throws IdentityProviderException {
        if (log.isDebugEnabled()) {
            log.debug("Validating key info");
        }
        try {
            OMElement firstElement = new StAXOMBuilder(new ByteArrayInputStream(str.getBytes())).getDocumentElement().getFirstElement();
            if (firstElement == null || !firstElement.getQName().equals(new QName("http://www.w3.org/2000/09/xmldsig#", "KeyValue"))) {
                log.error("Unknown stored KeyInfo type");
                throw new IdentityProviderException("Unknown stored KeyInfo type");
            }
            OMElement firstElement2 = firstElement.getFirstElement();
            if (firstElement2 == null || !firstElement2.getQName().equals(new QName("http://www.w3.org/2000/09/xmldsig#", "RSAKeyValue"))) {
                log.error("Error while instantiating IdentityUserStore");
                throw new IdentityProviderException("Unknown received KeyInfo type");
            }
            String trim = firstElement2.getFirstChildWithName(new QName("http://www.w3.org/2000/09/xmldsig#", "Modulus")).getText().trim();
            String trim2 = firstElement2.getFirstChildWithName(new QName("http://www.w3.org/2000/09/xmldsig#", "Exponent")).getText().trim();
            OMElement firstElement3 = new OMDOMFactory().getDocument().importNode(element, true).getFirstElement();
            if (firstElement3 == null || !firstElement3.getQName().equals(new QName("http://www.w3.org/2000/09/xmldsig#", "KeyValue"))) {
                log.error("Unknown received KeyInfo type");
                throw new IdentityProviderException("Unknown received KeyInfo type");
            }
            OMElement firstChildWithName = firstElement3.getFirstChildWithName(new QName("http://www.w3.org/2000/09/xmldsig#", "RSAKeyValue"));
            if (firstChildWithName != null) {
                return trim.equals(firstChildWithName.getFirstChildWithName(new QName("http://www.w3.org/2000/09/xmldsig#", "Modulus")).getText().trim()) && trim2.equals(firstChildWithName.getFirstChildWithName(new QName("http://www.w3.org/2000/09/xmldsig#", "Exponent")).getText().trim());
            }
            log.error("Unknown received KeyInfo type");
            throw new IdentityProviderException("Unknown received KeyInfo type");
        } catch (XMLStreamException e) {
            log.error("Error parsing stored KeyInfo", e);
            throw new IdentityProviderException("Error parsing stored KeyInfo");
        }
    }

    protected void readRequestedTokenType(RahasData rahasData) {
        this.requiredTokenType = rahasData.getTokenType();
        if (this.requiredTokenType == null || this.requiredTokenType.trim().length() == 0) {
            this.requiredTokenType = getDefautTokenType();
        }
    }

    public Map<String, RequestedClaimData> getRequestedClaims() {
        return this.requestedClaims;
    }

    public void setRequestedClaims(Map<String, RequestedClaimData> map) {
        this.requestedClaims = map;
    }

    protected RequestedClaimData getRequestedClaim() {
        return new RequestedClaimData();
    }
}
