package org.wso2.carbon.identity.scim.common.listener;

import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.UUID;
import java.util.regex.Pattern;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.core.AbstractIdentityUserOperationEventListener;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.scim.common.group.SCIMGroupHandler;
import org.wso2.carbon.identity.scim.common.utils.IdentitySCIMException;
import org.wso2.carbon.identity.scim.common.utils.SCIMCommonUtils;
import org.wso2.carbon.user.api.Permission;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.charon.core.util.AttributeUtil;

/* loaded from: input_file:org/wso2/carbon/identity/scim/common/listener/SCIMUserOperationListener.class */
public class SCIMUserOperationListener extends AbstractIdentityUserOperationEventListener {
    private static Log log = LogFactory.getLog(SCIMUserOperationListener.class);

    public int getExecutionOrderId() {
        int orderId = getOrderId();
        if (orderId != -1) {
            return orderId;
        }
        return 90;
    }

    public boolean doPreAuthenticate(String str, Object obj, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPostAuthenticate(String str, boolean z, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable()) {
                return true;
            }
            if (!userStoreManager.isSCIMEnabled()) {
                return true;
            }
            String userStoreProperty = userStoreManager.getRealmConfiguration().getUserStoreProperty("DomainName");
            if (z) {
                if (StringUtils.isNotEmpty(UserCoreUtil.getDomainFromThreadLocal())) {
                    if (!StringUtils.equals(UserCoreUtil.getDomainFromThreadLocal(), userStoreProperty)) {
                        return true;
                    }
                } else if (!StringUtils.equals("PRIMARY", userStoreProperty)) {
                    return true;
                }
            } else if (!userStoreManager.isExistingUser(UserCoreUtil.addDomainToName(str, userStoreProperty))) {
                if (!log.isDebugEnabled()) {
                    return true;
                }
                log.debug("User, " + str + " does not exist in " + userStoreProperty);
                return true;
            }
            try {
                String userClaimValue = userStoreManager.getUserClaimValue(str, "urn:scim:schemas:core:1.0:active", (String) null);
                if (userClaimValue == null || Boolean.parseBoolean(userClaimValue)) {
                    return true;
                }
                log.error("Trying to login from an inactive account of user: " + str);
                return false;
            } catch (org.wso2.carbon.user.api.UserStoreException e) {
                if (!e.getMessage().contains("UserNotFound")) {
                    throw new UserStoreException(e);
                }
                if (!log.isDebugEnabled()) {
                    return false;
                }
                log.debug("User " + str + " not found in user store", e);
                return false;
            }
        } catch (org.wso2.carbon.user.api.UserStoreException e2) {
            throw new UserStoreException("Error while reading isScimEnabled from userstore manager", e2);
        }
    }

    public boolean doPreAddUser(String str, Object obj, String[] strArr, Map<String, String> map, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable()) {
                return true;
            }
            if (!userStoreManager.isSCIMEnabled()) {
                return true;
            }
            getSCIMAttributes(str, map);
            return true;
        } catch (org.wso2.carbon.user.api.UserStoreException e) {
            throw new UserStoreException("Error while reading isScimEnabled from userstore manager", e);
        }
    }

    public boolean doPostAddUser(String str, Object obj, String[] strArr, Map<String, String> map, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPreUpdateCredential(String str, Object obj, Object obj2, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPostUpdateCredential(String str, Object obj, UserStoreManager userStoreManager) throws UserStoreException {
        return doPostUpdateCredentialByAdmin(str, obj, userStoreManager);
    }

    public boolean doPreUpdateCredentialByAdmin(String str, Object obj, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPostUpdateCredentialByAdmin(String str, Object obj, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable()) {
                return true;
            }
            if (!userStoreManager.isSCIMEnabled()) {
                return true;
            }
            try {
                userStoreManager.setUserClaimValue(str, "urn:scim:schemas:core:1.0:meta.lastModified", AttributeUtil.formatDateTime(new Date()), (String) null);
                return true;
            } catch (org.wso2.carbon.user.api.UserStoreException e) {
                if (!e.getMessage().contains("UserNotFound")) {
                    throw new UserStoreException("Error updating SCIM metadata in doPostUpdateCredentialByAdmin listener", e);
                }
                if (!log.isDebugEnabled()) {
                    return true;
                }
                log.debug("User " + str + " doesn't exist");
                return true;
            }
        } catch (org.wso2.carbon.user.api.UserStoreException e2) {
            throw new UserStoreException("Error while reading isScimEnabled from userstore manager", e2);
        }
    }

    public boolean doPreDeleteUser(String str, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPostDeleteUser(String str, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPreSetUserClaimValue(String str, String str2, String str3, String str4, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPostSetUserClaimValue(String str, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPreSetUserClaimValues(String str, Map<String, String> map, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable()) {
                return true;
            }
            if (!userStoreManager.isSCIMEnabled()) {
                return true;
            }
            map.put("urn:scim:schemas:core:1.0:meta.lastModified", AttributeUtil.formatDateTime(new Date()));
            return true;
        } catch (org.wso2.carbon.user.api.UserStoreException e) {
            throw new UserStoreException("Error while reading isScimEnabled from userstore manager", e);
        }
    }

    public boolean doPostSetUserClaimValues(String str, Map<String, String> map, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPreDeleteUserClaimValues(String str, String[] strArr, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPostDeleteUserClaimValues(String str, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPreDeleteUserClaimValue(String str, String str2, String str3, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPostDeleteUserClaimValue(String str, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPreAddRole(String str, String[] strArr, Permission[] permissionArr, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPostAddRole(String str, String[] strArr, Permission[] permissionArr, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable()) {
                return true;
            }
            if (!userStoreManager.isSCIMEnabled()) {
                return true;
            }
            try {
                SCIMGroupHandler sCIMGroupHandler = new SCIMGroupHandler(userStoreManager.getTenantId());
                String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
                if (domainName == null) {
                    domainName = "PRIMARY";
                }
                String groupNameWithDomain = SCIMCommonUtils.getGroupNameWithDomain(UserCoreUtil.addDomainToName(str, domainName));
                try {
                    if (!sCIMGroupHandler.isGroupExisting(groupNameWithDomain)) {
                        sCIMGroupHandler.addMandatoryAttributes(groupNameWithDomain);
                    }
                    return true;
                } catch (IdentitySCIMException e) {
                    throw new UserStoreException("Error retrieving group information from SCIM Tables.", e);
                }
            } catch (org.wso2.carbon.user.api.UserStoreException e2) {
                throw new UserStoreException(e2);
            }
        } catch (org.wso2.carbon.user.api.UserStoreException e3) {
            throw new UserStoreException("Error while reading isScimEnabled from userstore manager", e3);
        }
    }

    public boolean doPreDeleteRole(String str, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPostDeleteRole(String str, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable()) {
                return true;
            }
            if (!userStoreManager.isSCIMEnabled()) {
                return true;
            }
            try {
                SCIMGroupHandler sCIMGroupHandler = new SCIMGroupHandler(userStoreManager.getTenantId());
                String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
                if (domainName == null) {
                    domainName = "PRIMARY";
                }
                try {
                    sCIMGroupHandler.deleteGroupAttributes(IdentityUtil.addDomainToName(str, domainName));
                    return true;
                } catch (IdentitySCIMException e) {
                    throw new UserStoreException("Error retrieving group information from SCIM Tables.", e);
                }
            } catch (org.wso2.carbon.user.api.UserStoreException e2) {
                throw new UserStoreException(e2);
            }
        } catch (org.wso2.carbon.user.api.UserStoreException e3) {
            throw new UserStoreException("Error while reading isScimEnabled from userstore manager", e3);
        }
    }

    public boolean doPreUpdateRoleName(String str, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPostUpdateRoleName(String str, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable()) {
                return true;
            }
            if (!userStoreManager.isSCIMEnabled()) {
                return true;
            }
            try {
                SCIMGroupHandler sCIMGroupHandler = new SCIMGroupHandler(userStoreManager.getTenantId());
                String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
                if (domainName == null) {
                    domainName = "PRIMARY";
                }
                try {
                    sCIMGroupHandler.updateRoleName(UserCoreUtil.addDomainToName(str, domainName), UserCoreUtil.addDomainToName(str2, domainName));
                    return true;
                } catch (IdentitySCIMException e) {
                    throw new UserStoreException("Error updating group information in SCIM Tables.", e);
                }
            } catch (org.wso2.carbon.user.api.UserStoreException e2) {
                throw new UserStoreException(e2);
            }
        } catch (org.wso2.carbon.user.api.UserStoreException e3) {
            throw new UserStoreException("Error while reading isScimEnabled from userstore manager", e3);
        }
    }

    public boolean doPreUpdateUserListOfRole(String str, String[] strArr, String[] strArr2, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPostUpdateUserListOfRole(String str, String[] strArr, String[] strArr2, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPreUpdateRoleListOfUser(String str, String[] strArr, String[] strArr2, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPostUpdateRoleListOfUser(String str, String[] strArr, String[] strArr2, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public Map<String, String> getSCIMAttributes(String str, Map<String, String> map) throws UserStoreException {
        Map<String, String> hashMap = map != null ? map : new HashMap();
        Map<String, String> sCIMtoLocalMappings = SCIMCommonUtils.getSCIMtoLocalMappings();
        String str2 = sCIMtoLocalMappings.get("urn:scim:schemas:core:1.0:id");
        String str3 = sCIMtoLocalMappings.get("urn:scim:schemas:core:1.0:meta.created");
        String str4 = sCIMtoLocalMappings.get("urn:scim:schemas:core:1.0:meta.lastModified");
        String str5 = sCIMtoLocalMappings.get("urn:scim:schemas:core:1.0:userName");
        Pattern compile = Pattern.compile("urn:.*scim:schemas:core:.\\.0:id");
        boolean z = false;
        Iterator<String> it = hashMap.keySet().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            String next = it.next();
            if (compile.matcher(next).matches()) {
                z = true;
                break;
            }
            if (StringUtils.equals(next, str2)) {
                z = true;
                break;
            }
        }
        if (!z) {
            hashMap.put(str2, UUID.randomUUID().toString());
        }
        String formatDateTime = AttributeUtil.formatDateTime(new Date());
        if (!hashMap.containsKey("urn:scim:schemas:core:1.0:meta.created") || !hashMap.containsKey(str3)) {
            hashMap.put(str3, formatDateTime);
        }
        if (!hashMap.containsKey("urn:scim:schemas:core:1.0:meta.lastModified") || !hashMap.containsKey(str4)) {
            hashMap.put(str4, formatDateTime);
        }
        hashMap.put(str5, str);
        return hashMap;
    }
}
