package org.wso2.carbon.identity.mgt.services;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.mgt.ChallengeQuestionProcessor;
import org.wso2.carbon.identity.mgt.IdentityMgtServiceException;
import org.wso2.carbon.identity.mgt.constants.IdentityMgtConstants;
import org.wso2.carbon.identity.mgt.dto.ChallengeQuestionDTO;
import org.wso2.carbon.identity.mgt.dto.UserChallengesDTO;
import org.wso2.carbon.identity.mgt.dto.UserChallengesSetDTO;
import org.wso2.carbon.identity.mgt.dto.UserDTO;
import org.wso2.carbon.identity.mgt.dto.UserIdentityClaimDTO;
import org.wso2.carbon.identity.mgt.dto.UserRecoveryDTO;
import org.wso2.carbon.identity.mgt.internal.IdentityMgtServiceComponent;
import org.wso2.carbon.identity.mgt.util.UserIdentityManagementUtil;
import org.wso2.carbon.identity.mgt.util.Utils;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/identity/mgt/services/UserIdentityManagementAdminService.class */
public class UserIdentityManagementAdminService {
    private static Log log = LogFactory.getLog(UserIdentityManagementAdminService.class);

    public void deleteUser(String str) throws IdentityMgtServiceException {
        try {
            IdentityMgtServiceComponent.getRealmService().getTenantUserRealm(CarbonContext.getThreadLocalCarbonContext().getTenantId()).getUserStoreManager().deleteUser(str);
        } catch (UserStoreException e) {
            log.error("Error while deleting user", e);
            throw new IdentityMgtServiceException("Error while deleting user");
        }
    }

    public void lockUserAccount(String str) throws IdentityMgtServiceException {
        try {
            UserStoreManager userStore = getUserStore(str);
            String removeDomainFromName = UserCoreUtil.removeDomainFromName(str);
            UserIdentityManagementUtil.lockUserAccount(removeDomainFromName, userStore);
            log.info("User account " + removeDomainFromName + " locked");
        } catch (UserStoreException e) {
            log.error("Error while loading user store", e);
            throw new IdentityMgtServiceException("Unable to lock the account");
        } catch (IdentityException e2) {
            log.error("Error while reading registration info", e2);
            throw new IdentityMgtServiceException("Unable to lock the account");
        }
    }

    public void unlockUserAccount(String str, String str2) throws IdentityMgtServiceException {
        UserRecoveryDTO userRecoveryDTO;
        try {
            UserStoreManager userStore = getUserStore(str);
            String removeDomainFromName = UserCoreUtil.removeDomainFromName(str);
            UserIdentityManagementUtil.unlockUserAccount(removeDomainFromName, userStore);
            int tenantId = userStore.getTenantId();
            String domain = IdentityMgtServiceComponent.getRealmService().getTenantManager().getDomain(tenantId);
            if (str2 != null) {
                if ("carbon.super".equals(domain)) {
                    userRecoveryDTO = new UserRecoveryDTO(removeDomainFromName);
                } else {
                    UserDTO userDTO = new UserDTO(UserCoreUtil.addTenantDomainToEntry(removeDomainFromName, domain));
                    userDTO.setTenantId(tenantId);
                    userRecoveryDTO = new UserRecoveryDTO(userDTO);
                }
                userRecoveryDTO.setNotification(IdentityMgtConstants.Notification.ACCOUNT_UNLOCK);
                userRecoveryDTO.setNotificationType(str2);
                try {
                    IdentityMgtServiceComponent.getRecoveryProcessor().recoverWithNotification(userRecoveryDTO);
                } catch (IdentityException e) {
                    log.error("Error while password recovery", e);
                    throw new IdentityMgtServiceException("Error while password recovery");
                }
            }
        } catch (UserStoreException e2) {
            log.error("Error while loading user store", e2);
            throw new IdentityMgtServiceException("Unable to unlock the account");
        } catch (IdentityException e3) {
            log.error("Error while reading registration info", e3);
            throw new IdentityMgtServiceException("Unable to unlock the account");
        }
    }

    public void resetUserPassword(String str, String str2) throws IdentityMgtServiceException {
        try {
            getUserStore(str).updateCredentialByAdmin(UserCoreUtil.removeDomainFromName(str), str2);
        } catch (UserStoreException e) {
            log.error("Error while resetting the password", e);
            throw new IdentityMgtServiceException("Unable reset the password");
        }
    }

    public UserChallengesDTO[] getChallengeQuestionsOfUser(String str) throws IdentityMgtServiceException {
        return IdentityMgtServiceComponent.getRecoveryProcessor().getQuestionProcessor().getChallengeQuestionsOfUser(str, CarbonContext.getThreadLocalCarbonContext().getTenantId(), true);
    }

    public UserChallengesSetDTO[] getAllPromotedUserChallenge() throws IdentityMgtServiceException {
        ChallengeQuestionProcessor questionProcessor = IdentityMgtServiceComponent.getRecoveryProcessor().getQuestionProcessor();
        ArrayList arrayList = new ArrayList();
        try {
            List<ChallengeQuestionDTO> allChallengeQuestions = questionProcessor.getAllChallengeQuestions();
            HashMap hashMap = new HashMap();
            for (ChallengeQuestionDTO challengeQuestionDTO : allChallengeQuestions) {
                List list = (List) hashMap.get(challengeQuestionDTO.getQuestionSetId());
                if (list == null) {
                    list = new ArrayList();
                }
                UserChallengesDTO userChallengesDTO = new UserChallengesDTO();
                userChallengesDTO.setId(challengeQuestionDTO.getQuestionSetId());
                userChallengesDTO.setQuestion(challengeQuestionDTO.getQuestion());
                userChallengesDTO.setOrder(challengeQuestionDTO.getOrder());
                list.add(userChallengesDTO);
                hashMap.put(challengeQuestionDTO.getQuestionSetId(), list);
            }
            for (Map.Entry entry : hashMap.entrySet()) {
                UserChallengesSetDTO userChallengesSetDTO = new UserChallengesSetDTO();
                userChallengesSetDTO.setId((String) entry.getKey());
                List list2 = (List) entry.getValue();
                userChallengesSetDTO.setChallengesDTOs((UserChallengesDTO[]) list2.toArray(new UserChallengesDTO[list2.size()]));
                arrayList.add(userChallengesSetDTO);
            }
            return (UserChallengesSetDTO[]) arrayList.toArray(new UserChallengesSetDTO[arrayList.size()]);
        } catch (IdentityException e) {
            log.error("Error while loading user challenges", e);
            throw new IdentityMgtServiceException("Error while loading user challenges");
        }
    }

    public ChallengeQuestionDTO[] getAllChallengeQuestions() throws IdentityMgtServiceException {
        try {
            List<ChallengeQuestionDTO> allChallengeQuestions = IdentityMgtServiceComponent.getRecoveryProcessor().getQuestionProcessor().getAllChallengeQuestions();
            return (ChallengeQuestionDTO[]) allChallengeQuestions.toArray(new ChallengeQuestionDTO[allChallengeQuestions.size()]);
        } catch (IdentityException e) {
            log.error("Error while loading user challenges", e);
            throw new IdentityMgtServiceException("Error while loading user challenges");
        }
    }

    public void setChallengeQuestions(ChallengeQuestionDTO[] challengeQuestionDTOArr) throws IdentityMgtServiceException {
        try {
            IdentityMgtServiceComponent.getRecoveryProcessor().getQuestionProcessor().setChallengeQuestions(challengeQuestionDTOArr);
        } catch (IdentityException e) {
            log.error("Error while persisting user challenges", e);
            throw new IdentityMgtServiceException("Error while persisting user challenges");
        }
    }

    public void setChallengeQuestionsOfUser(String str, UserChallengesDTO[] userChallengesDTOArr) throws IdentityMgtServiceException {
        if (userChallengesDTOArr == null || userChallengesDTOArr.length < 1) {
            log.error("no challenges provided by user");
            throw new IdentityMgtServiceException("no challenges provided by user");
        }
        validateSecurityQuestionDuplicate(userChallengesDTOArr);
        ChallengeQuestionProcessor questionProcessor = IdentityMgtServiceComponent.getRecoveryProcessor().getQuestionProcessor();
        try {
            List<ChallengeQuestionDTO> allChallengeQuestions = questionProcessor.getAllChallengeQuestions();
            for (UserChallengesDTO userChallengesDTO : userChallengesDTOArr) {
                boolean z = false;
                Iterator<ChallengeQuestionDTO> it = allChallengeQuestions.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    ChallengeQuestionDTO next = it.next();
                    if (next.getQuestion().equals(userChallengesDTO.getQuestion()) && next.getQuestionSetId().equals(userChallengesDTO.getId())) {
                        z = true;
                        break;
                    }
                }
                if (!z) {
                    String str2 = "Error while persisting user challenges for user : " + str + ", because these user challengers are not registered with the tenant";
                    log.error(str2);
                    throw new IdentityMgtServiceException(str2);
                }
            }
            questionProcessor.setChallengesOfUser(str, CarbonContext.getThreadLocalCarbonContext().getTenantId(), userChallengesDTOArr);
        } catch (IdentityException e) {
            String str3 = "Error while persisting user challenges for user : " + str;
            log.error(str3, e);
            throw new IdentityMgtServiceException(str3);
        }
    }

    public void updateUserIdentityClaims(UserIdentityClaimDTO[] userIdentityClaimDTOArr) throws IdentityMgtServiceException {
        String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
        try {
            UserStoreManager userStoreManager = IdentityMgtServiceComponent.getRealmService().getTenantUserRealm(CarbonContext.getThreadLocalCarbonContext().getTenantId()).getUserStoreManager();
            HashMap hashMap = new HashMap();
            for (UserIdentityClaimDTO userIdentityClaimDTO : userIdentityClaimDTOArr) {
                if (userIdentityClaimDTO.getClaimUri().contains("http://wso2.org/claims/identity")) {
                    log.warn("WARNING! User " + username + " tried to alter " + userIdentityClaimDTO.getClaimUri());
                    throw new IdentityException("Updates to the claim " + userIdentityClaimDTO.getClaimUri() + " are not allowed");
                }
                hashMap.put(userIdentityClaimDTO.getClaimUri(), userIdentityClaimDTO.getClaimValue());
            }
            userStoreManager.setUserClaimValues(username, hashMap, (String) null);
        } catch (IdentityException e) {
            log.error("Error while updating user identity recovery data", e);
            throw new IdentityMgtServiceException("Error while updating user identity recovery data");
        } catch (UserStoreException e2) {
            log.error("Error while updating user identity recovery data", e2);
            throw new IdentityMgtServiceException("Error while updating user identity recovery data");
        }
    }

    public UserIdentityClaimDTO[] getAllUserIdentityClaims() throws IdentityMgtServiceException {
        return UserIdentityManagementUtil.getAllUserIdentityClaims(CarbonContext.getThreadLocalCarbonContext().getUsername());
    }

    public void changeUserPassword(String str, String str2) throws IdentityMgtServiceException {
        String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
        try {
            getUserStore(username).updateCredential(UserCoreUtil.removeDomainFromName(username), str, str2);
        } catch (UserStoreException e) {
            log.error("Error while resetting the password", e);
            throw new IdentityMgtServiceException("Unable reset the password");
        }
    }

    public boolean isReadOnlyUserStore(String str, String str2) throws IdentityMgtServiceException {
        boolean z;
        org.wso2.carbon.user.core.UserStoreManager userStoreManager = null;
        if (str2 == null || str2.equals("")) {
            str2 = "carbon.super";
        }
        try {
            if (IdentityMgtServiceComponent.getRealmService().getTenantUserRealm(Utils.getTenantId(str2)) != null) {
                userStoreManager = (org.wso2.carbon.user.core.UserStoreManager) getUserStore(str);
            }
            if (userStoreManager != null) {
                try {
                    if (userStoreManager.isReadOnly()) {
                        z = true;
                        return z;
                    }
                } catch (org.wso2.carbon.user.core.UserStoreException e) {
                    log.error("Error while retrieving user store manager", e);
                    throw new IdentityMgtServiceException("Error while retrieving user store manager");
                }
            }
            z = false;
            return z;
        } catch (Exception e2) {
            log.error("Error retrieving the user store manager for the tenant", e2);
            throw new IdentityMgtServiceException("Error retrieving the user store manager for the tenant");
        }
    }

    private UserStoreManager getUserStore(String str) throws UserStoreException {
        AbstractUserStoreManager userStoreManager = IdentityMgtServiceComponent.getRealmService().getTenantUserRealm(CarbonContext.getThreadLocalCarbonContext().getTenantId()).getUserStoreManager();
        if (str == null || !str.contains("/")) {
            return userStoreManager;
        }
        return userStoreManager.getSecondaryUserStoreManager(getUserStoreDomainName(str));
    }

    private String getUserStoreDomainName(String str) {
        int indexOf = str.indexOf("/");
        if (indexOf >= 0) {
            str = str.substring(0, indexOf);
        }
        return str;
    }

    private void validateSecurityQuestionDuplicate(UserChallengesDTO[] userChallengesDTOArr) throws IdentityMgtServiceException {
        HashSet hashSet = new HashSet();
        for (UserChallengesDTO userChallengesDTO : userChallengesDTOArr) {
            if (hashSet.contains(userChallengesDTO.getId())) {
                log.error("Error while validating user challenges, because these can't be more than one security challenges for one claim uri");
                throw new IdentityMgtServiceException("Error while validating user challenges, because these can't be more than one security challenges for one claim uri");
            }
            hashSet.add(userChallengesDTO.getId());
        }
    }
}
