package org.wso2.carbon.user.core.common;

import java.lang.reflect.Method;
import java.nio.CharBuffer;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import javax.sql.DataSource;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.user.api.Permission;
import org.wso2.carbon.user.api.RealmConfiguration;
import org.wso2.carbon.user.core.UserCoreConstants;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.authorization.AuthorizationCache;
import org.wso2.carbon.user.core.claim.Claim;
import org.wso2.carbon.user.core.claim.ClaimManager;
import org.wso2.carbon.user.core.claim.ClaimMapping;
import org.wso2.carbon.user.core.constants.UserCoreClaimConstants;
import org.wso2.carbon.user.core.dto.RoleDTO;
import org.wso2.carbon.user.core.hybrid.HybridRoleManager;
import org.wso2.carbon.user.core.internal.UMListenerServiceComponent;
import org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager;
import org.wso2.carbon.user.core.ldap.LDAPConstants;
import org.wso2.carbon.user.core.listener.SecretHandleableListener;
import org.wso2.carbon.user.core.listener.UserOperationEventListener;
import org.wso2.carbon.user.core.listener.UserStoreManagerConfigurationListener;
import org.wso2.carbon.user.core.listener.UserStoreManagerListener;
import org.wso2.carbon.user.core.profile.ProfileConfigurationManager;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.system.SystemUserRoleManager;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.utils.Secret;
import org.wso2.carbon.utils.UnsupportedSecretTypeException;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/user/core/common/AbstractUserStoreManager.class */
public abstract class AbstractUserStoreManager implements UserStoreManager {
    protected static final String TRUE_VALUE = "true";
    protected static final String FALSE_VALUE = "false";
    private static final String MAX_LIST_LENGTH = "100";
    private static final int MAX_ITEM_LIMIT_UNLIMITED = -1;
    private static final String MULIPLE_ATTRIBUTE_ENABLE = "MultipleAttributeEnable";
    private static final String DISAPLAY_NAME_CLAIM = "http://wso2.org/claims/displayName";
    private static final String SCIM_USERNAME_CLAIM_URI = "urn:scim:schemas:core:1.0:userName";
    private static final String USERNAME_CLAIM_URI = "http://wso2.org/claims/username";
    private static final String APPLICATION_DOMAIN = "Application";
    private static final String WORKFLOW_DOMAIN = "Workflow";
    private static final String USER_NOT_FOUND = "UserNotFound";
    private static final String EXISTING_USER = "UserAlreadyExisting";
    private static final String INVALID_CLAIM_URL = "InvalidClaimUrl";
    private static final String INVALID_USER_NAME = "InvalidUserName";
    private static final String EXISTING_ROLE = "RoleExisting";
    private static final String READ_ONLY_STORE = "ReadOnlyUserStoreManager";
    private static final String READ_ONLY_PRIMARY_STORE = "ReadOnlyPrimaryUserStoreManager";
    private static final String INVALID_ROLE = "InvalidRole";
    private static final String ANONYMOUS_USER = "AnonymousUser";
    private static final String INVALID_OPERATION = "InvalidOperation";
    private static final String NO_READ_WRITE_PERMISSIONS = "NoReadWritePermission";
    private static final String SHARED_USER_ROLES = "SharedUserRoles";
    private static final String REMOVE_ADMIN_USER = "RemoveAdminUser";
    private static final String LOGGED_IN_USER = "LoggedInUser";
    private static final String ADMIN_USER = "AdminUser";
    private static final String INVALID_PASSWORD = "PasswordInvalid";
    private static final String PROPERTY_PASSWORD_ERROR_MSG = "PasswordJavaRegExViolationErrorMsg";
    private static final String MULTI_ATTRIBUTE_SEPARATOR = "MultiAttributeSeparator";
    protected int tenantId;
    private UserStoreManager secondaryUserStoreManager;
    private String cacheIdentifier;
    private static Log log = LogFactory.getLog(AbstractUserStoreManager.class);
    private static final ThreadLocal<Boolean> isSecureCall = new ThreadLocal<Boolean>() { // from class: org.wso2.carbon.user.core.common.AbstractUserStoreManager.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.lang.ThreadLocal
        public Boolean initialValue() {
            return Boolean.FALSE;
        }
    };
    protected DataSource dataSource = null;
    protected RealmConfiguration realmConfig = null;
    protected ClaimManager claimManager = null;
    protected UserRealm userRealm = null;
    protected HybridRoleManager hybridRoleManager = null;
    protected UserRolesCache userRolesCache = null;
    protected SystemUserRoleManager systemUserRoleManager = null;
    protected boolean readGroupsEnabled = false;
    protected boolean writeGroupsEnabled = false;
    private boolean userRolesCacheEnabled = true;
    private boolean replaceEscapeCharactersAtUserLogin = true;
    private Map<String, UserStoreManager> userStoreManagerHolder = new HashMap();
    private Map<String, Integer> maxUserListCount = null;
    private Map<String, Integer> maxRoleListCount = null;
    private List<UserStoreManagerConfigurationListener> listener = new ArrayList();

    private void setClaimManager(ClaimManager claimManager) throws IllegalAccessException {
        if (!Boolean.parseBoolean(this.realmConfig.getRealmProperty(UserCoreClaimConstants.INITIALIZE_NEW_CLAIM_MANAGER))) {
            throw new IllegalAccessException("Set claim manager is not allowed");
        }
        this.claimManager = claimManager;
    }

    private Object callSecure(String str, final Object[] objArr, Class[] clsArr) throws UserStoreException {
        isSecureCall.set(Boolean.TRUE);
        try {
            final Method declaredMethod = Class.forName("org.wso2.carbon.user.core.common.AbstractUserStoreManager").getDeclaredMethod(str, clsArr);
            try {
                try {
                    Object doPrivileged = AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { // from class: org.wso2.carbon.user.core.common.AbstractUserStoreManager.2
                        @Override // java.security.PrivilegedExceptionAction
                        public Object run() throws Exception {
                            return declaredMethod.invoke(this, objArr);
                        }
                    });
                    isSecureCall.set(Boolean.FALSE);
                    return doPrivileged;
                } catch (PrivilegedActionException e) {
                    if (e.getCause() != null && e.getCause().getCause() != null && (e.getCause().getCause() instanceof UserStoreException)) {
                        throw new UserStoreException(e.getCause().getCause().getMessage(), e);
                    }
                    log.error("Error occurred while accessing Java Security Manager Privilege Block");
                    throw new UserStoreException("Error occurred while accessing Java Security Manager Privilege Block", e);
                }
            } catch (Throwable th) {
                isSecureCall.set(Boolean.FALSE);
                throw th;
            }
        } catch (ClassNotFoundException e2) {
            log.error("Error occurred when calling class " + str, e2);
            throw new UserStoreException(e2);
        } catch (NoSuchMethodException e3) {
            log.error("Error occurred when calling method " + str, e3);
            throw new UserStoreException(e3);
        }
    }

    protected abstract Map<String, String> getUserPropertyValues(String str, String[] strArr, String str2) throws UserStoreException;

    protected abstract boolean doCheckExistingRole(String str) throws UserStoreException;

    protected abstract RoleContext createRoleContext(String str) throws UserStoreException;

    protected abstract boolean doCheckExistingUser(String str) throws UserStoreException;

    protected abstract String[] getUserListFromProperties(String str, String str2, String str3) throws UserStoreException;

    protected abstract boolean doAuthenticate(String str, Object obj) throws UserStoreException;

    protected abstract void doAddUser(String str, Object obj, String[] strArr, Map<String, String> map, String str2, boolean z) throws UserStoreException;

    protected abstract void doUpdateCredential(String str, Object obj, Object obj2) throws UserStoreException;

    protected abstract void doUpdateCredentialByAdmin(String str, Object obj) throws UserStoreException;

    protected abstract void doDeleteUser(String str) throws UserStoreException;

    protected abstract void doSetUserClaimValue(String str, String str2, String str3, String str4) throws UserStoreException;

    protected abstract void doSetUserClaimValues(String str, Map<String, String> map, String str2) throws UserStoreException;

    protected abstract void doDeleteUserClaimValue(String str, String str2, String str3) throws UserStoreException;

    protected abstract void doDeleteUserClaimValues(String str, String[] strArr, String str2) throws UserStoreException;

    protected abstract void doUpdateUserListOfRole(String str, String[] strArr, String[] strArr2) throws UserStoreException;

    protected abstract void doUpdateRoleListOfUser(String str, String[] strArr, String[] strArr2) throws UserStoreException;

    /* JADX INFO: Access modifiers changed from: protected */
    public String[] doGetInternalRoleListOfUser(String str, String str2) throws UserStoreException {
        String userStoreProperty;
        String str3;
        if (Boolean.parseBoolean(this.realmConfig.getUserStoreProperty(MULIPLE_ATTRIBUTE_ENABLE)) && (userStoreProperty = this.realmConfig.getUserStoreProperty("UserNameAttribute")) != null && userStoreProperty.trim().length() > 0 && (str3 = getUserPropertyValues(str, new String[]{userStoreProperty}, null).get(userStoreProperty)) != null) {
            str = str3;
            if (log.isDebugEnabled()) {
                log.debug("Replaced user name : " + str + " from user property value : " + str3);
            }
        }
        log.debug("Retrieving internal roles for user name :  " + str + " and search filter " + str2);
        return this.hybridRoleManager.getHybridRoleListOfUser(str, str2);
    }

    protected abstract String[] doGetExternalRoleListOfUser(String str, String str2) throws UserStoreException;

    protected abstract String[] doGetSharedRoleListOfUser(String str, String str2, String str3) throws UserStoreException;

    protected abstract void doAddRole(String str, String[] strArr, boolean z) throws UserStoreException;

    protected abstract void doDeleteRole(String str) throws UserStoreException;

    protected abstract void doUpdateRoleName(String str, String str2) throws UserStoreException;

    protected abstract String[] doGetRoleNames(String str, int i) throws UserStoreException;

    protected abstract String[] doListUsers(String str, int i) throws UserStoreException;

    protected abstract String[] doGetDisplayNamesForInternalRole(String[] strArr) throws UserStoreException;

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final boolean authenticate(final String str, final Object obj) throws UserStoreException {
        try {
            return ((Boolean) AccessController.doPrivileged(new PrivilegedExceptionAction<Boolean>() { // from class: org.wso2.carbon.user.core.common.AbstractUserStoreManager.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public Boolean run() throws Exception {
                    if (str != null && obj != null) {
                        return Boolean.valueOf(AbstractUserStoreManager.this.authenticate(str, obj, (str != null ? str.indexOf(CarbonConstants.DOMAIN_SEPARATOR) : AbstractUserStoreManager.MAX_ITEM_LIMIT_UNLIMITED) > 0));
                    }
                    AbstractUserStoreManager.log.error("Authentication failure. Either Username or Password is null");
                    return false;
                }
            })).booleanValue();
        } catch (PrivilegedActionException e) {
            throw ((UserStoreException) e.getException());
        }
    }

    protected boolean authenticate(final String str, final Object obj, final boolean z) throws UserStoreException {
        try {
            return ((Boolean) AccessController.doPrivileged(new PrivilegedExceptionAction<Boolean>() { // from class: org.wso2.carbon.user.core.common.AbstractUserStoreManager.4
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public Boolean run() throws Exception {
                    return Boolean.valueOf(AbstractUserStoreManager.this.authenticateInternal(str, obj, z));
                }
            })).booleanValue();
        } catch (PrivilegedActionException e) {
            throw ((UserStoreException) e.getException());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean authenticateInternal(String str, Object obj, boolean z) throws UserStoreException {
        boolean z2;
        String domainName;
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive() && (userStore.getUserStoreManager() instanceof AbstractUserStoreManager)) {
            return ((AbstractUserStoreManager) userStore.getUserStoreManager()).authenticate(userStore.getDomainFreeName(), obj, z);
        }
        try {
            Secret secret = Secret.getSecret(obj);
            try {
                for (UserStoreManagerListener userStoreManagerListener : UMListenerServiceComponent.getUserStoreManagerListeners()) {
                    if (!userStoreManagerListener.authenticate(str, userStoreManagerListener instanceof SecretHandleableListener ? secret : obj, this)) {
                        return true;
                    }
                }
                for (UserOperationEventListener userOperationEventListener : UMListenerServiceComponent.getUserOperationEventListeners()) {
                    if (!userOperationEventListener.doPreAuthenticate(str, userOperationEventListener instanceof SecretHandleableListener ? secret : obj, this)) {
                        secret.clear();
                        return false;
                    }
                }
                int tenantId = getTenantId();
                try {
                    RealmService realmService = UserCoreUtil.getRealmService();
                    if (realmService != null && !realmService.m27getTenantManager().isTenantActive(tenantId)) {
                        log.warn("Tenant has been deactivated. TenantID : " + tenantId);
                        secret.clear();
                        return false;
                    }
                    try {
                        z2 = doAuthenticate(str, secret);
                    } catch (Exception e) {
                        log.error(e);
                        z2 = false;
                    }
                    secret.clear();
                    if (z2 && (domainName = UserCoreUtil.getDomainName(this.realmConfig)) != null) {
                        UserCoreUtil.setDomainInThreadLocal(domainName.toUpperCase());
                    }
                    if (!z2 && !z && getSecondaryUserStoreManager() != null) {
                        z2 = ((AbstractUserStoreManager) getSecondaryUserStoreManager()).authenticate(str, obj, z);
                    }
                    Iterator<UserOperationEventListener> it = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
                    while (it.hasNext()) {
                        if (!it.next().doPostAuthenticate(str, z2, this)) {
                            return false;
                        }
                    }
                    if (log.isDebugEnabled() && !z2) {
                        log.debug("Authentication failure. Wrong username or password is provided.");
                    }
                    return z2;
                } catch (org.wso2.carbon.user.api.UserStoreException e2) {
                    throw new UserStoreException("Error while trying to check Tenant status for Tenant : " + tenantId, (Throwable) e2);
                }
            } finally {
            }
            secret.clear();
        } catch (UnsupportedSecretTypeException e3) {
            throw new UserStoreException("Unsupported credential type", (Throwable) e3);
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final String getUserClaimValue(String str, String str2, String str3) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return (String) callSecure("getUserClaimValue", new Object[]{str, str2, str3}, new Class[]{String.class, String.class, String.class});
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            return userStore.getUserStoreManager().getUserClaimValue(userStore.getDomainFreeName(), str2, str3);
        }
        if (!doCheckExistingUser(str)) {
            throw new UserStoreException("UserNotFound: User " + str + "does not exist in: " + this.realmConfig.getUserStoreProperty("DomainName"));
        }
        Map<String, String> doGetUserClaimValues = doGetUserClaimValues(str, new String[]{str2}, userStore.getDomainName(), str3);
        String str4 = doGetUserClaimValues != null ? doGetUserClaimValues.get(str2) : null;
        ArrayList arrayList = new ArrayList();
        if (str4 != null) {
            arrayList.add(str4);
        }
        for (UserOperationEventListener userOperationEventListener : UMListenerServiceComponent.getUserOperationEventListeners()) {
            if ((userOperationEventListener instanceof AbstractUserOperationEventListener) && !((AbstractUserOperationEventListener) userOperationEventListener).doPostGetUserClaimValue(str, str2, arrayList, str3, this)) {
                break;
            }
        }
        return !arrayList.isEmpty() ? (String) arrayList.get(0) : str4;
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    /* renamed from: getUserClaimValues, reason: merged with bridge method [inline-methods] */
    public final Claim[] m20getUserClaimValues(String str, String str2) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return (Claim[]) callSecure("getUserClaimValues", new Object[]{str, str2}, new Class[]{String.class, String.class});
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            return userStore.getUserStoreManager().m20getUserClaimValues(userStore.getDomainFreeName(), str2);
        }
        if (!doCheckExistingUser(str)) {
            throw new UserStoreException("UserNotFound: User " + str + "does not exist in: " + this.realmConfig.getUserStoreProperty("DomainName"));
        }
        if (str2 == null || str2.trim().length() == 0) {
            str2 = "default";
        }
        try {
            Map<String, String> userClaimValues = getUserClaimValues(str, this.claimManager.getAllClaimUris(), str2);
            Claim[] claimArr = new Claim[userClaimValues.size()];
            int i = 0;
            for (Map.Entry<String, String> entry : userClaimValues.entrySet()) {
                Claim claim = new Claim();
                claim.setValue(entry.getValue());
                claim.setClaimUri(entry.getKey());
                try {
                    claim.setDisplayTag(this.claimManager.getClaim(entry.getKey()).getDisplayTag());
                    claimArr[i] = claim;
                    i++;
                } catch (org.wso2.carbon.user.api.UserStoreException e) {
                    throw new UserStoreException((Throwable) e);
                }
            }
            return claimArr;
        } catch (org.wso2.carbon.user.api.UserStoreException e2) {
            throw new UserStoreException((Throwable) e2);
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final Map<String, String> getUserClaimValues(String str, String[] strArr, String str2) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return (Map) callSecure("getUserClaimValues", new Object[]{str, strArr, str2}, new Class[]{String.class, String[].class, String.class});
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            return userStore.getUserStoreManager().getUserClaimValues(userStore.getDomainFreeName(), strArr, str2);
        }
        if (!doCheckExistingUser(str)) {
            throw new UserStoreException("UserNotFound: User " + str + "does not exist in: " + this.realmConfig.getUserStoreProperty("DomainName"));
        }
        if (strArr == null) {
            strArr = new String[0];
        }
        Map<String, String> doGetUserClaimValues = doGetUserClaimValues(str, strArr, userStore.getDomainName(), str2);
        for (UserOperationEventListener userOperationEventListener : UMListenerServiceComponent.getUserOperationEventListeners()) {
            if ((userOperationEventListener instanceof AbstractUserOperationEventListener) && !((AbstractUserOperationEventListener) userOperationEventListener).doPostGetUserClaimValues(userStore.getDomainFreeName(), strArr, str2, doGetUserClaimValues, this)) {
                break;
            }
        }
        return doGetUserClaimValues;
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final String[] getUserList(String str, String str2, String str3) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return (String[]) callSecure("getUserList", new Object[]{str, str2, str3}, new Class[]{String.class, String.class, String.class});
        }
        if (str == null) {
            throw new IllegalArgumentException("Claim URI cannot be null");
        }
        if (str2 == null) {
            throw new IllegalArgumentException("Claim value cannot be null");
        }
        if (log.isDebugEnabled()) {
            log.debug("Listing users who having value as " + str2 + " for the claim " + str);
        }
        if (USERNAME_CLAIM_URI.equalsIgnoreCase(str)) {
            if (log.isDebugEnabled()) {
                log.debug("Switching to list users using username");
            }
            String[] listUsers = listUsers(str2, MAX_ITEM_LIMIT_UNLIMITED);
            if (log.isDebugEnabled()) {
                log.debug("Filtered users: " + Arrays.toString(listUsers));
            }
            return listUsers;
        }
        String trim = str2.indexOf(CarbonConstants.DOMAIN_SEPARATOR) > 0 ? str2.split(CarbonConstants.DOMAIN_SEPARATOR)[0].trim() : null;
        UserStoreManager userStoreManager = null;
        if (StringUtils.isNotEmpty(trim)) {
            userStoreManager = getSecondaryUserStoreManager(trim);
            if (log.isDebugEnabled()) {
                log.debug("Domain: " + trim + " is passed with the claim and user store manager is loaded for the given domain name.");
            }
        }
        if ((userStoreManager instanceof JDBCUserStoreManager) && SCIM_USERNAME_CLAIM_URI.equalsIgnoreCase(str)) {
            return userStoreManager.isExistingUser(str2) ? new String[]{str2} : new String[0];
        }
        String removeDomainFromName = UserCoreUtil.removeDomainFromName(str2);
        ArrayList arrayList = new ArrayList();
        if (StringUtils.isNotEmpty(trim)) {
            for (UserOperationEventListener userOperationEventListener : UMListenerServiceComponent.getUserOperationEventListeners()) {
                if ((userOperationEventListener instanceof AbstractUserOperationEventListener) && !((AbstractUserOperationEventListener) userOperationEventListener).doPreGetUserList(str, removeDomainFromName, arrayList, userStoreManager)) {
                    break;
                }
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("Pre listener user list: " + arrayList + " for domain: " + trim);
        }
        List<String> doGetUserList = doGetUserList(str, removeDomainFromName, str3, trim, userStoreManager);
        if (log.isDebugEnabled()) {
            log.debug("Users from user store: " + trim + " : " + doGetUserList);
        }
        arrayList.addAll(doGetUserList);
        if (StringUtils.isNotEmpty(trim)) {
            for (UserOperationEventListener userOperationEventListener2 : UMListenerServiceComponent.getUserOperationEventListeners()) {
                if ((userOperationEventListener2 instanceof AbstractUserOperationEventListener) && !((AbstractUserOperationEventListener) userOperationEventListener2).doPostGetUserList(str, removeDomainFromName, arrayList, userStoreManager)) {
                    break;
                }
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("Post listener user list: " + arrayList + " for domain: " + trim);
        }
        Collections.sort(arrayList);
        return (String[]) arrayList.toArray(new String[0]);
    }

    private List<String> doGetUserList(String str, String str2, String str3, String str4, UserStoreManager userStoreManager) throws UserStoreException {
        if (!StringUtils.isNotEmpty(str4)) {
            if (log.isDebugEnabled()) {
                log.debug("No domain name found in claim value. Searching through all user stores for possible matches");
            }
            ArrayList arrayList = new ArrayList();
            for (UserStoreManager userStoreManager2 : getUserStoreMangers()) {
                if (userStoreManager2 instanceof AbstractUserStoreManager) {
                    String myDomainName = ((AbstractUserStoreManager) userStoreManager2).getMyDomainName();
                    String addDomainToName = StringUtils.equalsIgnoreCase(myDomainName, "PRIMARY") ? myDomainName + CarbonConstants.DOMAIN_SEPARATOR + str2 : UserCoreUtil.addDomainToName(str2, myDomainName);
                    if (log.isDebugEnabled()) {
                        log.debug("Invoking the get user list for domain: " + myDomainName + " for claim: " + str + " value: " + addDomainToName);
                    }
                    List asList = Arrays.asList(getUserList(str, addDomainToName, str3));
                    if (log.isDebugEnabled()) {
                        log.debug("Secondary user list for domain: " + myDomainName + " : " + asList);
                    }
                    arrayList.addAll(asList);
                }
            }
            return arrayList;
        }
        if (userStoreManager == null) {
            if (log.isDebugEnabled()) {
                log.debug("No user store manager found for domain: " + str4);
            }
            return Collections.emptyList();
        }
        if (log.isDebugEnabled()) {
            log.debug("Domain found in claim value. Searching only in the " + str4 + " for possible matches");
        }
        try {
            String attributeName = this.claimManager.getAttributeName(str4, str);
            if (attributeName == null) {
                if (log.isDebugEnabled()) {
                    log.debug("Could not find matching property for\nclaim :" + str + "domain :" + str4);
                }
                return Collections.emptyList();
            }
            if (!(userStoreManager instanceof AbstractUserStoreManager)) {
                if (log.isDebugEnabled()) {
                    log.debug("getUserListFromProperties is not supported by this user store: " + userStoreManager.getClass());
                }
                return Collections.emptyList();
            }
            String[] userListFromProperties = ((AbstractUserStoreManager) userStoreManager).getUserListFromProperties(attributeName, str2, str3);
            if (log.isDebugEnabled()) {
                log.debug("List of filtered users for: " + str4 + " : " + Arrays.asList(userListFromProperties));
            }
            return Arrays.asList(UserCoreUtil.addDomainToNames(userListFromProperties, str4));
        } catch (org.wso2.carbon.user.api.UserStoreException e) {
            throw new UserStoreException("Error occurred while retrieving attribute name for domain : " + str4 + " and claim " + str);
        }
    }

    private List<UserStoreManager> getUserStoreMangers() {
        ArrayList arrayList = new ArrayList();
        UserStoreManager userStoreManager = this;
        while (true) {
            UserStoreManager userStoreManager2 = userStoreManager;
            if (userStoreManager2 == null) {
                return arrayList;
            }
            arrayList.add(userStoreManager2);
            userStoreManager = userStoreManager2.getSecondaryUserStoreManager();
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void updateCredential(String str, Object obj, Object obj2) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            callSecure("updateCredential", new Object[]{str, obj, obj2}, new Class[]{String.class, Object.class, Object.class});
            return;
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            userStore.getUserStoreManager().updateCredential(userStore.getDomainFreeName(), obj, obj2);
            return;
        }
        if (isReadOnly()) {
            throw new UserStoreException("InvalidOperation Invalid operation. User store is read only");
        }
        try {
            Secret secret = Secret.getSecret(obj);
            Secret secret2 = Secret.getSecret(obj2);
            try {
                for (UserStoreManagerListener userStoreManagerListener : UMListenerServiceComponent.getUserStoreManagerListeners()) {
                    if (userStoreManagerListener instanceof SecretHandleableListener) {
                        if (!userStoreManagerListener.updateCredential(str, secret, secret2, this)) {
                            return;
                        }
                    } else if (!userStoreManagerListener.updateCredential(str, obj, obj2, this)) {
                        secret.clear();
                        secret2.clear();
                        return;
                    }
                }
                for (UserOperationEventListener userOperationEventListener : UMListenerServiceComponent.getUserOperationEventListeners()) {
                    if (userOperationEventListener instanceof SecretHandleableListener) {
                        if (!userOperationEventListener.doPreUpdateCredential(str, secret, secret2, this)) {
                            secret.clear();
                            secret2.clear();
                            return;
                        }
                    } else if (!userOperationEventListener.doPreUpdateCredential(str, obj, obj2, this)) {
                        secret.clear();
                        secret2.clear();
                        return;
                    }
                }
                if (!doAuthenticate(str, secret2)) {
                    throw new UserStoreException("PasswordInvalid Old credential does not match with the existing credentials.");
                }
                if (!checkUserPasswordValid(obj)) {
                    String userStoreProperty = this.realmConfig.getUserStoreProperty(PROPERTY_PASSWORD_ERROR_MSG);
                    if (userStoreProperty == null) {
                        throw new UserStoreException("Credential not valid. Credential must be a non null string with following format, " + this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_JAVA_REG_EX));
                    }
                    throw new UserStoreException(userStoreProperty);
                }
                doUpdateCredential(str, obj, obj2);
                for (UserOperationEventListener userOperationEventListener2 : UMListenerServiceComponent.getUserOperationEventListeners()) {
                    if (userOperationEventListener2 instanceof SecretHandleableListener) {
                        if (!userOperationEventListener2.doPostUpdateCredential(str, secret, this)) {
                            secret.clear();
                            secret2.clear();
                            return;
                        }
                    } else if (!userOperationEventListener2.doPostUpdateCredential(str, obj, this)) {
                        secret.clear();
                        secret2.clear();
                        return;
                    }
                }
                secret.clear();
                secret2.clear();
            } finally {
                secret.clear();
                secret2.clear();
            }
        } catch (UnsupportedSecretTypeException e) {
            throw new UserStoreException("Unsupported credential type");
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void updateCredentialByAdmin(String str, Object obj) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            callSecure("updateCredentialByAdmin", new Object[]{str, obj}, new Class[]{String.class, Object.class});
            return;
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            userStore.getUserStoreManager().updateCredentialByAdmin(userStore.getDomainFreeName(), obj);
            return;
        }
        if (isReadOnly()) {
            throw new UserStoreException("InvalidOperationInvalid operation. User store is read only");
        }
        try {
            Secret secret = Secret.getSecret(obj);
            try {
                for (UserStoreManagerListener userStoreManagerListener : UMListenerServiceComponent.getUserStoreManagerListeners()) {
                    if (!userStoreManagerListener.updateCredentialByAdmin(str, userStoreManagerListener instanceof SecretHandleableListener ? secret : obj, this)) {
                        secret.clear();
                        return;
                    }
                }
                for (UserOperationEventListener userOperationEventListener : UMListenerServiceComponent.getUserOperationEventListeners()) {
                    if (!(userOperationEventListener instanceof SecretHandleableListener)) {
                        StringBuffer stringBuffer = null;
                        if (obj == null) {
                            stringBuffer = new StringBuffer();
                        } else if (obj instanceof String) {
                            stringBuffer = new StringBuffer((String) obj);
                        }
                        if (stringBuffer == null) {
                            continue;
                        } else {
                            if (!userOperationEventListener.doPreUpdateCredentialByAdmin(str, stringBuffer, this)) {
                                secret.clear();
                                return;
                            }
                            obj = stringBuffer.toString();
                            secret.clear();
                            try {
                                secret = Secret.getSecret(obj);
                            } catch (UnsupportedSecretTypeException e) {
                                throw new UserStoreException("Unsupported credential type", (Throwable) e);
                            }
                        }
                    } else if (!userOperationEventListener.doPreUpdateCredentialByAdmin(str, secret, this)) {
                        return;
                    }
                }
                if (!checkUserPasswordValid(obj)) {
                    String userStoreProperty = this.realmConfig.getUserStoreProperty(PROPERTY_PASSWORD_ERROR_MSG);
                    if (userStoreProperty == null) {
                        throw new UserStoreException("Credential not valid. Credential must be a non null string with following format, " + this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_JAVA_REG_EX));
                    }
                    throw new UserStoreException(userStoreProperty);
                }
                if (!doCheckExistingUser(userStore.getDomainFreeName())) {
                    throw new UserStoreException("User " + str + " does not exisit in the user store");
                }
                doUpdateCredentialByAdmin(str, secret);
                for (UserOperationEventListener userOperationEventListener2 : UMListenerServiceComponent.getUserOperationEventListeners()) {
                    if (!userOperationEventListener2.doPostUpdateCredentialByAdmin(str, userOperationEventListener2 instanceof SecretHandleableListener ? secret : obj, this)) {
                        secret.clear();
                        return;
                    }
                }
                secret.clear();
            } finally {
                secret.clear();
            }
        } catch (UnsupportedSecretTypeException e2) {
            throw new UserStoreException("Unsupported credential type", (Throwable) e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getClaimAtrribute(String str, String str2, String str3) throws org.wso2.carbon.user.api.UserStoreException {
        String userStoreProperty = (str3 == null || str3.isEmpty()) ? str2.indexOf(UserCoreConstants.DOMAIN_SEPARATOR) > MAX_ITEM_LIMIT_UNLIMITED ? str2.split(UserCoreConstants.DOMAIN_SEPARATOR)[0] : this.realmConfig.getUserStoreProperty("DomainName") : str3;
        String str4 = null;
        if (userStoreProperty != null && !userStoreProperty.equals("PRIMARY")) {
            str4 = this.claimManager.getAttributeName(userStoreProperty, str);
        }
        if (str4 == null || str4.isEmpty()) {
            str4 = this.claimManager.getAttributeName(str);
        }
        if (str4 == null) {
            if (UserCoreConstants.PROFILE_CONFIGURATION.equals(str)) {
                str4 = str;
            } else {
                if (!DISAPLAY_NAME_CLAIM.equals(str)) {
                    throw new UserStoreException("Mapped attribute cannot be found for claim : " + str + " in user store : " + getMyDomainName());
                }
                str4 = this.realmConfig.getUserStoreProperty(LDAPConstants.DISPLAY_NAME_ATTRIBUTE);
            }
        }
        return str4;
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void deleteUser(String str) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            callSecure("deleteUser", new Object[]{str}, new Class[]{String.class});
            return;
        }
        String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
        if (username != null) {
            username = UserCoreUtil.addDomainToName(username, UserCoreUtil.getDomainFromThreadLocal());
            if (username.indexOf(UserCoreConstants.DOMAIN_SEPARATOR) < 0) {
                username = "PRIMARY" + CarbonConstants.DOMAIN_SEPARATOR + username;
            }
        }
        String addDomainToName = UserCoreUtil.addDomainToName(str, getMyDomainName());
        if (addDomainToName.indexOf(UserCoreConstants.DOMAIN_SEPARATOR) < 0) {
            addDomainToName = "PRIMARY" + CarbonConstants.DOMAIN_SEPARATOR + addDomainToName;
        }
        if (username != null && username.equals(addDomainToName)) {
            log.debug("User " + username + " tried to delete him/her self");
            throw new UserStoreException("LoggedInUser Cannot delete logged in user");
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            userStore.getUserStoreManager().deleteUser(userStore.getDomainFreeName());
            return;
        }
        if (UserCoreUtil.isPrimaryAdminUser(str, this.realmConfig)) {
            throw new UserStoreException("AdminUserCannot delete admin user");
        }
        if (UserCoreUtil.isRegistryAnnonymousUser(str)) {
            throw new UserStoreException("AnonymousUserCannot delete anonymous user");
        }
        if (isReadOnly()) {
            throw new UserStoreException("InvalidOperation Invalid operation. User store is read only");
        }
        Iterator<UserStoreManagerListener> it = UMListenerServiceComponent.getUserStoreManagerListeners().iterator();
        while (it.hasNext()) {
            if (!it.next().deleteUser(str, this)) {
                return;
            }
        }
        Iterator<UserOperationEventListener> it2 = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it2.hasNext()) {
            if (!it2.next().doPreDeleteUser(str, this)) {
                return;
            }
        }
        if (!doCheckExistingUser(str)) {
            throw new UserStoreException("Cannot delete user who is not exist");
        }
        this.hybridRoleManager.deleteUser(UserCoreUtil.addDomainToName(str, getMyDomainName()));
        doDeleteUser(str);
        clearUserRolesCache(UserCoreUtil.addDomainToName(str, getMyDomainName()));
        Iterator<UserOperationEventListener> it3 = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it3.hasNext() && it3.next().doPostDeleteUser(str, this)) {
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void setUserClaimValue(String str, String str2, String str3, String str4) throws UserStoreException {
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            userStore.getUserStoreManager().setUserClaimValue(userStore.getDomainFreeName(), str2, str3, str4);
            return;
        }
        if (!doCheckExistingUser(str)) {
            throw new UserStoreException("UserNotFound: User " + str + "does not exist in: " + this.realmConfig.getUserStoreProperty("DomainName"));
        }
        Iterator<UserOperationEventListener> it = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it.hasNext()) {
            if (!it.next().doPreSetUserClaimValue(str, str2, str3, str4, this)) {
                return;
            }
        }
        if (isReadOnly()) {
            throw new UserStoreException("InvalidOperation Invalid operation. User store is read only");
        }
        doSetUserClaimValue(str, str2, str3, str4);
        Iterator<UserOperationEventListener> it2 = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it2.hasNext() && it2.next().doPostSetUserClaimValue(str, this)) {
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void setUserClaimValues(String str, Map<String, String> map, String str2) throws UserStoreException {
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            userStore.getUserStoreManager().setUserClaimValues(userStore.getDomainFreeName(), map, str2);
            return;
        }
        if (!doCheckExistingUser(str)) {
            throw new UserStoreException("UserNotFound: User " + str + "does not exist in: " + this.realmConfig.getUserStoreProperty("DomainName"));
        }
        if (map == null) {
            map = new HashMap();
        }
        Iterator<UserOperationEventListener> it = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it.hasNext()) {
            if (!it.next().doPreSetUserClaimValues(str, map, str2, this)) {
                return;
            }
        }
        if (isReadOnly() && !map.isEmpty()) {
            throw new UserStoreException("InvalidOperation Invalid operation. User store is read only");
        }
        if (!isReadOnly()) {
            doSetUserClaimValues(str, map, str2);
        }
        Iterator<UserOperationEventListener> it2 = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it2.hasNext() && it2.next().doPostSetUserClaimValues(str, map, str2, this)) {
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void deleteUserClaimValue(String str, String str2, String str3) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            callSecure("deleteUserClaimValue", new Object[]{str, str2, str3}, new Class[]{String.class, String.class, String.class});
            return;
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            userStore.getUserStoreManager().deleteUserClaimValue(userStore.getDomainFreeName(), str2, str3);
            return;
        }
        if (isReadOnly()) {
            throw new UserStoreException("InvalidOperation Invalid operation. User store is read only");
        }
        if (!doCheckExistingUser(str)) {
            throw new UserStoreException("UserNotFound: User " + str + "does not exist in: " + this.realmConfig.getUserStoreProperty("DomainName"));
        }
        Iterator<UserOperationEventListener> it = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it.hasNext()) {
            if (!it.next().doPreDeleteUserClaimValue(str, str2, str3, this)) {
                return;
            }
        }
        doDeleteUserClaimValue(str, str2, str3);
        Iterator<UserOperationEventListener> it2 = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it2.hasNext() && it2.next().doPostDeleteUserClaimValue(str, this)) {
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void deleteUserClaimValues(String str, String[] strArr, String str2) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            callSecure("deleteUserClaimValues", new Object[]{str, strArr, str2}, new Class[]{String.class, String[].class, String.class});
            return;
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            userStore.getUserStoreManager().deleteUserClaimValues(userStore.getDomainFreeName(), strArr, str2);
            return;
        }
        if (isReadOnly()) {
            throw new UserStoreException("InvalidOperation Invalid operation. User store is read only");
        }
        if (!doCheckExistingUser(str)) {
            throw new UserStoreException("UserNotFound: User " + str + "does not exist in: " + this.realmConfig.getUserStoreProperty("DomainName"));
        }
        if (strArr == null) {
            strArr = new String[0];
        }
        Iterator<UserOperationEventListener> it = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it.hasNext()) {
            if (!it.next().doPreDeleteUserClaimValues(str, strArr, str2, this)) {
                return;
            }
        }
        doDeleteUserClaimValues(str, strArr, str2);
        Iterator<UserOperationEventListener> it2 = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it2.hasNext() && it2.next().doPostDeleteUserClaimValues(str, this)) {
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void addUser(String str, Object obj, String[] strArr, Map<String, String> map, String str2, boolean z) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            callSecure("addUser", new Object[]{str, obj, strArr, map, str2, Boolean.valueOf(z)}, new Class[]{String.class, Object.class, String[].class, Map.class, String.class, Boolean.TYPE});
            return;
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            userStore.getUserStoreManager().addUser(userStore.getDomainFreeName(), obj, strArr, map, str2, z);
            return;
        }
        try {
            Secret secret = Secret.getSecret(obj);
            try {
                if (userStore.isSystemStore()) {
                    this.systemUserRoleManager.addSystemUser(str, secret, strArr);
                    secret.clear();
                    return;
                }
                if (isReadOnly()) {
                    throw new UserStoreException("InvalidOperation Invalid operation. User store is read only");
                }
                if (str.indexOf(CarbonConstants.DOMAIN_SEPARATOR) > 0) {
                    str = userStore.getDomainFreeName();
                    strArr = UserCoreUtil.removeDomainFromNames(strArr);
                }
                if (strArr == null) {
                    strArr = new String[0];
                }
                if (map == null) {
                    map = new HashMap();
                }
                for (UserStoreManagerListener userStoreManagerListener : UMListenerServiceComponent.getUserStoreManagerListeners()) {
                    if (!userStoreManagerListener.addUser(str, userStoreManagerListener instanceof SecretHandleableListener ? secret : obj, strArr, map, str2, this)) {
                        secret.clear();
                        return;
                    }
                }
                for (UserOperationEventListener userOperationEventListener : UMListenerServiceComponent.getUserOperationEventListeners()) {
                    if (!(userOperationEventListener instanceof SecretHandleableListener)) {
                        StringBuffer stringBuffer = null;
                        if (obj == null) {
                            stringBuffer = new StringBuffer();
                        } else if (obj instanceof String) {
                            stringBuffer = new StringBuffer((String) obj);
                        }
                        if (stringBuffer == null) {
                            continue;
                        } else {
                            if (!userOperationEventListener.doPreAddUser(str, stringBuffer, strArr, map, str2, this)) {
                                secret.clear();
                                return;
                            }
                            obj = stringBuffer.toString();
                            secret.clear();
                            try {
                                secret = Secret.getSecret(obj);
                            } catch (UnsupportedSecretTypeException e) {
                                throw new UserStoreException("Unsupported credential type", (Throwable) e);
                            }
                        }
                    } else if (!userOperationEventListener.doPreAddUser(str, secret, strArr, map, str2, this)) {
                        return;
                    }
                }
                if (!checkUserNameValid(userStore.getDomainFreeName())) {
                    throw new UserStoreException(("Username " + userStore.getDomainFreeName() + " is not valid. User name must be a non null string with following format, ") + this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_USER_NAME_JAVA_REG_EX));
                }
                if (!checkUserPasswordValid(secret)) {
                    throw new UserStoreException("Credential not valid. Credential must be a non null string with following format, " + this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_JAVA_REG_EX));
                }
                if (doCheckExistingUser(userStore.getDomainFreeName())) {
                    throw new UserStoreException("UserAlreadyExistingUsername '" + str + "' already exists in the system. Please pick another username.");
                }
                ArrayList<String> arrayList = new ArrayList();
                ArrayList<String> arrayList2 = new ArrayList();
                if (strArr != null) {
                    for (String str3 : strArr) {
                        if (str3 != null && str3.trim().length() > 0) {
                            int indexOf = str3.indexOf(CarbonConstants.DOMAIN_SEPARATOR);
                            if (indexOf > 0) {
                                String substring = str3.substring(0, indexOf);
                                if ("Internal".equalsIgnoreCase(substring)) {
                                    arrayList.add(UserCoreUtil.removeDomainFromName(str3));
                                } else if (APPLICATION_DOMAIN.equalsIgnoreCase(substring) || WORKFLOW_DOMAIN.equalsIgnoreCase(substring)) {
                                    arrayList.add(str3);
                                }
                            }
                            arrayList2.add(UserCoreUtil.removeDomainFromName(str3));
                        }
                    }
                }
                for (String str4 : arrayList) {
                    if (!this.hybridRoleManager.isExistingRole(str4)) {
                        throw new UserStoreException("Internal role is not exist : " + str4);
                    }
                }
                for (String str5 : arrayList2) {
                    if (!doCheckExistingRole(str5)) {
                        throw new UserStoreException("External role is not exist : " + str5);
                    }
                }
                if (map != null) {
                    for (Map.Entry<String, String> entry : map.entrySet()) {
                        try {
                            if (((ClaimMapping) this.claimManager.getClaimMapping(entry.getKey())) == null) {
                                throw new UserStoreException("Invalid claim uri has been provided: " + entry.getKey());
                            }
                        } catch (org.wso2.carbon.user.api.UserStoreException e2) {
                            throw new UserStoreException("Error in obtaining claim mapping for persisting user attributes.", (Throwable) e2);
                        }
                    }
                }
                doAddUser(str, secret, (String[]) arrayList2.toArray(new String[arrayList2.size()]), map, str2, z);
                if (arrayList.size() > 0) {
                    this.hybridRoleManager.updateHybridRoleListOfUser(str, null, (String[]) arrayList.toArray(new String[arrayList.size()]));
                }
                for (UserOperationEventListener userOperationEventListener2 : UMListenerServiceComponent.getUserOperationEventListeners()) {
                    if (!userOperationEventListener2.doPostAddUser(str, userOperationEventListener2 instanceof SecretHandleableListener ? secret : obj, strArr, map, str2, this)) {
                        secret.clear();
                        return;
                    }
                }
                secret.clear();
                clearUserRolesCache(str);
            } finally {
                secret.clear();
            }
        } catch (UnsupportedSecretTypeException e3) {
            throw new UserStoreException("Unsupported credential type", (Throwable) e3);
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public void addUser(String str, Object obj, String[] strArr, Map<String, String> map, String str2) throws UserStoreException {
        addUser(str, obj, strArr, map, str2, false);
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void updateUserListOfRole(final String str, final String[] strArr, final String[] strArr2) throws UserStoreException {
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction<String>() { // from class: org.wso2.carbon.user.core.common.AbstractUserStoreManager.5
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public String run() throws Exception {
                    AbstractUserStoreManager.this.updateUserListOfRoleInternal(str, strArr, strArr2);
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            throw ((UserStoreException) e.getException());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void updateUserListOfRoleInternal(String str, String[] strArr, String[] strArr2) throws UserStoreException {
        String myDomainName = getMyDomainName();
        if (myDomainName != null) {
            myDomainName = myDomainName + CarbonConstants.DOMAIN_SEPARATOR;
        }
        if (strArr != null && strArr.length > 0) {
            Arrays.sort(strArr);
            if (UserCoreUtil.isPrimaryAdminRole(str, this.realmConfig)) {
                for (int i = 0; i < strArr.length; i++) {
                    if (strArr[i].equalsIgnoreCase(this.realmConfig.getAdminUserName()) || (myDomainName + strArr[i]).equalsIgnoreCase(this.realmConfig.getAdminUserName())) {
                        throw new UserStoreException("RemoveAdminUser Cannot remove Admin user from Admin role");
                    }
                }
            }
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isHybridRole()) {
            if (UserCoreUtil.isEveryoneRole(str, this.realmConfig)) {
                throw new UserStoreException("Cannot update everyone role");
            }
            if ("Internal".equalsIgnoreCase(userStore.getDomainName())) {
                this.hybridRoleManager.updateUserListOfHybridRole(userStore.getDomainFreeName(), strArr, strArr2);
            } else {
                this.hybridRoleManager.updateUserListOfHybridRole(userStore.getDomainAwareName(), strArr, strArr2);
            }
            clearUserRolesCacheByTenant(this.tenantId);
            return;
        }
        if (userStore.isSystemStore()) {
            this.systemUserRoleManager.updateUserListOfSystemRole(userStore.getDomainFreeName(), UserCoreUtil.removeDomainFromNames(strArr), UserCoreUtil.removeDomainFromNames(strArr2));
            return;
        }
        if (userStore.isRecurssive()) {
            userStore.getUserStoreManager().updateUserListOfRole(userStore.getDomainFreeName(), UserCoreUtil.removeDomainFromNames(strArr), UserCoreUtil.removeDomainFromNames(strArr2));
            return;
        }
        if (strArr == null) {
            strArr = new String[0];
        }
        if (strArr2 == null) {
            strArr2 = new String[0];
        }
        Iterator<UserOperationEventListener> it = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it.hasNext()) {
            if (!it.next().doPreUpdateUserListOfRole(str, strArr, strArr2, this)) {
                return;
            }
        }
        if ((strArr != null && strArr.length > 0) || (strArr2 != null && strArr2.length > 0)) {
            if (isReadOnly() || !this.writeGroupsEnabled) {
                throw new UserStoreException("Read-only user store.Roles cannot be added or modified");
            }
            doUpdateUserListOfRole(userStore.getDomainFreeName(), UserCoreUtil.removeDomainFromNames(strArr), UserCoreUtil.removeDomainFromNames(strArr2));
        }
        clearUserRolesCacheByTenant(this.tenantId);
        Iterator<UserOperationEventListener> it2 = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it2.hasNext() && it2.next().doPostUpdateUserListOfRole(str, strArr, strArr2, this)) {
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void updateRoleListOfUser(final String str, final String[] strArr, final String[] strArr2) throws UserStoreException {
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction<String>() { // from class: org.wso2.carbon.user.core.common.AbstractUserStoreManager.6
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public String run() throws Exception {
                    AbstractUserStoreManager.this.updateRoleListOfUserInternal(str, strArr, strArr2);
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            throw ((UserStoreException) e.getException());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void updateRoleListOfUserInternal(String str, String[] strArr, String[] strArr2) throws UserStoreException {
        String userStoreProperty = this.realmConfig.getUserStoreProperty("DomainName");
        if (userStoreProperty != null) {
            userStoreProperty = userStoreProperty + CarbonConstants.DOMAIN_SEPARATOR;
        }
        if (strArr != null && strArr.length > 0) {
            Arrays.sort(strArr);
            if (UserCoreUtil.isPrimaryAdminUser(str, this.realmConfig)) {
                for (int i = 0; i < strArr.length; i++) {
                    if (strArr[i].equalsIgnoreCase(this.realmConfig.getAdminRoleName()) || (userStoreProperty + strArr[i]).equalsIgnoreCase(this.realmConfig.getAdminRoleName())) {
                        throw new UserStoreException("Cannot remove Admin user from Admin role");
                    }
                }
            }
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            userStore.getUserStoreManager().updateRoleListOfUser(userStore.getDomainFreeName(), UserCoreUtil.removeDomainFromNames(strArr), UserCoreUtil.removeDomainFromNames(strArr2));
            return;
        }
        if (userStore.isSystemStore()) {
            this.systemUserRoleManager.updateSystemRoleListOfUser(userStore.getDomainFreeName(), UserCoreUtil.removeDomainFromNames(strArr), UserCoreUtil.removeDomainFromNames(strArr2));
            return;
        }
        if (strArr == null) {
            strArr = new String[0];
        }
        if (strArr2 == null) {
            strArr2 = new String[0];
        }
        if (str.indexOf(CarbonConstants.DOMAIN_SEPARATOR) > 0) {
            str = userStore.getDomainFreeName();
            strArr = UserCoreUtil.removeDomainFromNames(strArr);
            strArr2 = UserCoreUtil.removeDomainFromNames(strArr2);
        }
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        ArrayList arrayList4 = new ArrayList();
        if (strArr != null && strArr.length > 0) {
            for (String str2 : strArr) {
                if (UserCoreUtil.isEveryoneRole(str2, this.realmConfig)) {
                    throw new UserStoreException("Everyone role cannot be updated");
                }
                int indexOf = str2.indexOf(CarbonConstants.DOMAIN_SEPARATOR);
                String substring = indexOf > 0 ? str2.substring(0, indexOf) : null;
                if ("Internal".equalsIgnoreCase(substring) || isReadOnly()) {
                    arrayList.add(UserCoreUtil.removeDomainFromName(str2));
                } else if (APPLICATION_DOMAIN.equalsIgnoreCase(substring) || WORKFLOW_DOMAIN.equalsIgnoreCase(substring)) {
                    arrayList.add(str2);
                } else {
                    arrayList3.add(UserCoreUtil.removeDomainFromName(str2));
                }
            }
            strArr = (String[]) arrayList3.toArray(new String[arrayList3.size()]);
        }
        if (strArr2 != null && strArr2.length > 0) {
            for (String str3 : strArr2) {
                if (UserCoreUtil.isEveryoneRole(str3, this.realmConfig)) {
                    throw new UserStoreException("Everyone role cannot be updated");
                }
                int indexOf2 = str3.indexOf(CarbonConstants.DOMAIN_SEPARATOR);
                String substring2 = indexOf2 > 0 ? str3.substring(0, indexOf2) : null;
                if ("Internal".equalsIgnoreCase(substring2) || isReadOnly()) {
                    arrayList2.add(UserCoreUtil.removeDomainFromName(str3));
                } else if (APPLICATION_DOMAIN.equalsIgnoreCase(substring2) || WORKFLOW_DOMAIN.equalsIgnoreCase(substring2)) {
                    arrayList2.add(str3);
                } else {
                    arrayList4.add(UserCoreUtil.removeDomainFromName(str3));
                }
            }
            strArr2 = (String[]) arrayList4.toArray(new String[arrayList4.size()]);
        }
        if (arrayList.size() > 0 || arrayList2.size() > 0) {
            this.hybridRoleManager.updateHybridRoleListOfUser(userStore.getDomainFreeName(), (String[]) arrayList.toArray(new String[arrayList.size()]), (String[]) arrayList2.toArray(new String[arrayList2.size()]));
        }
        Iterator<UserOperationEventListener> it = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it.hasNext()) {
            if (!it.next().doPreUpdateRoleListOfUser(str, strArr, strArr2, this)) {
                return;
            }
        }
        if ((strArr != null && strArr.length > 0) || (strArr2 != null && strArr2.length > 0)) {
            if (isReadOnly() || !this.writeGroupsEnabled) {
                throw new UserStoreException("Read-only user store. Cannot add/modify roles.");
            }
            doUpdateRoleListOfUser(str, strArr, strArr2);
        }
        clearUserRolesCache(UserCoreUtil.addDomainToName(str, getMyDomainName()));
        Iterator<UserOperationEventListener> it2 = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it2.hasNext() && it2.next().doPostUpdateRoleListOfUser(str, strArr, strArr2, this)) {
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void updateRoleName(String str, String str2) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            callSecure("updateRoleName", new Object[]{str, str2}, new Class[]{String.class, String.class});
            return;
        }
        if (UserCoreUtil.isPrimaryAdminRole(str2, this.realmConfig)) {
            throw new UserStoreException("Cannot rename admin role");
        }
        if (UserCoreUtil.isEveryoneRole(str2, this.realmConfig)) {
            throw new UserStoreException("Cannot rename everyone role");
        }
        UserStore userStore = getUserStore(str);
        UserStore userStore2 = getUserStore(str2);
        if (!UserCoreUtil.canRoleBeRenamed(userStore, userStore2, this.realmConfig)) {
            throw new UserStoreException("The role cannot be renamed");
        }
        if (userStore.isRecurssive()) {
            userStore.getUserStoreManager().updateRoleName(userStore.getDomainFreeName(), userStore2.getDomainFreeName());
            return;
        }
        if (userStore.isHybridRole()) {
            if ("Internal".equalsIgnoreCase(userStore.getDomainName())) {
                this.hybridRoleManager.updateHybridRoleName(userStore.getDomainFreeName(), userStore2.getDomainFreeName());
            } else {
                this.hybridRoleManager.updateHybridRoleName(userStore.getDomainAwareName(), userStore2.getDomainAwareName());
            }
            this.userRealm.m25getAuthorizationManager().resetPermissionOnUpdateRole(userStore.getDomainAwareName(), userStore2.getDomainAwareName());
            clearUserRolesCacheByTenant(this.tenantId);
            return;
        }
        if (!isRoleNameValid(str)) {
            throw new UserStoreException("InvalidRole Role name not valid. Role name must be a non null string with following format, " + this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_ROLE_NAME_JAVA_REG_EX));
        }
        if (isExistingRole(str2)) {
            throw new UserStoreException("Role name: " + str2 + " in the system. Please pick another role name.");
        }
        Iterator<UserOperationEventListener> it = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it.hasNext()) {
            if (!it.next().doPreUpdateRoleName(str, str2, this)) {
                return;
            }
        }
        if (isReadOnly() || !this.writeGroupsEnabled) {
            throw new UserStoreException("ReadOnlyUserStoreManager Read-only UserStoreManager. Roles cannot be added or modified.");
        }
        doUpdateRoleName(userStore.getDomainFreeName(), userStore2.getDomainFreeName());
        this.userRealm.m25getAuthorizationManager().resetPermissionOnUpdateRole(userStore.getDomainAwareName(), userStore2.getDomainAwareName());
        clearUserRolesCacheByTenant(this.tenantId);
        Iterator<UserOperationEventListener> it2 = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it2.hasNext() && it2.next().doPostUpdateRoleName(str, str2, this)) {
        }
    }

    public boolean isExistingRole(String str, boolean z) throws org.wso2.carbon.user.api.UserStoreException {
        return z ? isExistingShareRole(str) : isExistingRole(str);
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public boolean isExistingRole(String str) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return ((Boolean) callSecure("isExistingRole", new Object[]{str}, new Class[]{String.class})).booleanValue();
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            return userStore.getUserStoreManager().isExistingRole(userStore.getDomainFreeName());
        }
        if (userStore.isSystemStore()) {
            return this.systemUserRoleManager.isExistingRole(userStore.getDomainFreeName());
        }
        if (userStore.isHybridRole()) {
            return !"Internal".equalsIgnoreCase(userStore.getDomainName()) ? this.hybridRoleManager.isExistingRole(userStore.getDomainAwareName()) : this.hybridRoleManager.isExistingRole(userStore.getDomainFreeName());
        }
        String domainFreeName = userStore.getDomainFreeName();
        if (isSharedGroupEnabled() && domainFreeName.contains(UserCoreConstants.TENANT_DOMAIN_COMBINER)) {
            return false;
        }
        boolean doCheckExistingRole = doCheckExistingRole(domainFreeName);
        if (!doCheckExistingRole && (isReadOnly() || !this.readGroupsEnabled)) {
            doCheckExistingRole = this.hybridRoleManager.isExistingRole(domainFreeName);
        }
        if (!doCheckExistingRole && this.systemUserRoleManager.isExistingRole(domainFreeName)) {
            doCheckExistingRole = true;
        }
        return doCheckExistingRole;
    }

    public boolean isExistingShareRole(String str) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return ((Boolean) callSecure("isExistingShareRole", new Object[]{str}, new Class[]{String.class})).booleanValue();
        }
        UserStoreManager userStoreWithSharedRoles = getUserStoreWithSharedRoles();
        if (userStoreWithSharedRoles == null) {
            throw new UserStoreException("Share Groups are not supported by this realm");
        }
        return ((AbstractUserStoreManager) userStoreWithSharedRoles).doCheckExistingRole(str);
    }

    public void updateUsersOfSharedRole(String str, String[] strArr, String[] strArr2) throws UserStoreException {
        UserStoreManager userStoreWithSharedRoles = getUserStoreWithSharedRoles();
        if (userStoreWithSharedRoles == null) {
            throw new UserStoreException("Share Groups are not supported by this realm");
        }
        ((AbstractUserStoreManager) userStoreWithSharedRoles).doUpdateUserListOfRole(str, strArr, strArr2);
    }

    public String[] getSharedRolesOfUser(String str, String str2, String str3) throws UserStoreException {
        UserStore userStore = getUserStore(str);
        UserStoreManager userStoreManager = userStore.getUserStoreManager();
        if (((AbstractUserStoreManager) userStoreManager).isSharedGroupEnabled()) {
            return UserCoreUtil.removeDomainFromNames(((AbstractUserStoreManager) userStoreManager).doGetSharedRoleListOfUser(userStore.getDomainFreeName(), str2, str3));
        }
        throw new UserStoreException("Share Groups are not supported by user store");
    }

    public String[] getUsersOfSharedRole(String str, String str2) throws UserStoreException {
        UserStoreManager userStoreWithSharedRoles = getUserStoreWithSharedRoles();
        if (userStoreWithSharedRoles == null) {
            throw new UserStoreException("Share Groups are not supported by this realm");
        }
        return UserCoreUtil.removeDomainFromNames(((AbstractUserStoreManager) userStoreWithSharedRoles).doGetUserListOfRole(str, str2));
    }

    public String[] getSharedRoleNames(String str, String str2, int i) throws UserStoreException {
        UserStoreManager userStoreWithSharedRoles = getUserStoreWithSharedRoles();
        if (userStoreWithSharedRoles == null) {
            throw new UserStoreException("Share Groups are not supported by this realm");
        }
        try {
            return UserCoreUtil.removeDomainFromNames(((AbstractUserStoreManager) userStoreWithSharedRoles).doGetSharedRoleNames(str, str2, i));
        } catch (UserStoreException e) {
            throw new UserStoreException("Error while retrieving shared roles", (Throwable) e);
        }
    }

    public String[] getSharedRoleNames(String str, int i) throws UserStoreException {
        UserStoreManager userStoreWithSharedRoles = getUserStoreWithSharedRoles();
        if (userStoreWithSharedRoles == null) {
            throw new UserStoreException("Share Groups are not supported by this realm");
        }
        try {
            return UserCoreUtil.removeDomainFromNames(((AbstractUserStoreManager) userStoreWithSharedRoles).doGetSharedRoleNames(null, str, i));
        } catch (UserStoreException e) {
            throw new UserStoreException("Error while retrieving shared roles", (Throwable) e);
        }
    }

    public void addInternalRole(String str, String[] strArr, Permission[] permissionArr) throws UserStoreException {
        doAddInternalRole(str, strArr, permissionArr);
    }

    private UserStoreManager getUserStoreWithSharedRoles() throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return (UserStoreManager) callSecure("getUserStoreWithSharedRoles", new Object[0], new Class[0]);
        }
        UserStoreManager userStoreManager = null;
        if (isSharedGroupEnabled()) {
            return this;
        }
        Iterator<Map.Entry<String, UserStoreManager>> it = this.userStoreManagerHolder.entrySet().iterator();
        while (it.hasNext()) {
            UserStoreManager value = it.next().getValue();
            if (value != null && ((AbstractUserStoreManager) value).isSharedGroupEnabled()) {
                if (userStoreManager != null) {
                    throw new UserStoreException("There can not be more than one user store that supportshared groups");
                }
                userStoreManager = value;
            }
        }
        return userStoreManager;
    }

    public boolean isUserInRole(String str, String str2) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return ((Boolean) callSecure("isUserInRole", new Object[]{str, str2}, new Class[]{String.class, String.class})).booleanValue();
        }
        if (str2 == null || str2.trim().length() == 0 || str == null || str.trim().length() == 0) {
            return false;
        }
        if ("system/wso2.anonymous.role".equalsIgnoreCase(str2) && "wso2.anonymous.user".equalsIgnoreCase(str)) {
            return true;
        }
        if (!"wso2.anonymous.user".equalsIgnoreCase(str) && this.realmConfig.getEveryOneRoleName().equalsIgnoreCase(str2) && !this.systemUserRoleManager.isExistingSystemUser(UserCoreUtil.removeDomainFromName(str))) {
            return true;
        }
        String[] roleListOfUserFromCache = getRoleListOfUserFromCache(this.tenantId, str);
        if (roleListOfUserFromCache != null && roleListOfUserFromCache.length > 0 && UserCoreUtil.isContain(str2, roleListOfUserFromCache)) {
            return true;
        }
        String str3 = UserCoreConstants.IS_USER_IN_ROLE_CACHE_IDENTIFIER + str;
        String[] roleListOfUserFromCache2 = getRoleListOfUserFromCache(this.tenantId, str3);
        if (roleListOfUserFromCache2 != null && roleListOfUserFromCache2.length > 0 && UserCoreUtil.isContain(str2, roleListOfUserFromCache2)) {
            return true;
        }
        if (("Internal".equalsIgnoreCase(UserCoreUtil.extractDomainFromName(str2)) || APPLICATION_DOMAIN.equalsIgnoreCase(UserCoreUtil.extractDomainFromName(str2)) || WORKFLOW_DOMAIN.equalsIgnoreCase(UserCoreUtil.extractDomainFromName(str2))) && UserCoreUtil.isContain(str2, doGetInternalRoleListOfUser(str, "*"))) {
            addToIsUserHasRole(str3, str2, roleListOfUserFromCache2);
            return true;
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive() && (userStore.getUserStoreManager() instanceof AbstractUserStoreManager)) {
            return ((AbstractUserStoreManager) userStore.getUserStoreManager()).isUserInRole(userStore.getDomainFreeName(), str2);
        }
        if (userStore.isSystemStore()) {
            return this.systemUserRoleManager.isUserInRole(userStore.getDomainFreeName(), UserCoreUtil.removeDomainFromName(str2));
        }
        if (this.realmConfig.isPrimary() && str2.equalsIgnoreCase(this.realmConfig.getAdminRoleName()) && str.equalsIgnoreCase(this.realmConfig.getAdminUserName())) {
            return true;
        }
        String extractDomainFromName = UserCoreUtil.extractDomainFromName(str2);
        String userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_GROUP_SEARCH_DOMAINS);
        if (userStoreProperty != null && userStoreProperty.trim().length() > 0) {
            for (String str4 : userStoreProperty.split("#")) {
                if (str4 != null && !str4.trim().equalsIgnoreCase(extractDomainFromName)) {
                    return false;
                }
            }
        } else if (!userStore.getDomainName().equalsIgnoreCase(extractDomainFromName)) {
            return false;
        }
        boolean doCheckIsUserInRole = this.readGroupsEnabled ? doCheckIsUserInRole(userStore.getDomainFreeName(), UserCoreUtil.removeDomainFromName(str2)) : false;
        if (doCheckIsUserInRole) {
            addToIsUserHasRole(str3, str2, roleListOfUserFromCache2);
        }
        return doCheckIsUserInRole;
    }

    public abstract boolean doCheckIsUserInRole(String str, String str2) throws UserStoreException;

    private void addToIsUserHasRole(String str, String str2, String[] strArr) {
        ArrayList arrayList = strArr != null ? new ArrayList(Arrays.asList(strArr)) : new ArrayList();
        arrayList.add(str2);
        addToUserRolesCache(this.tenantId, str, (String[]) arrayList.toArray(new String[arrayList.size()]));
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public boolean isExistingUser(String str) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return ((Boolean) callSecure("isExistingUser", new Object[]{str}, new Class[]{String.class})).booleanValue();
        }
        if (UserCoreUtil.isRegistrySystemUser(str)) {
            return true;
        }
        UserStore userStore = getUserStore(str);
        return userStore.isRecurssive() ? userStore.getUserStoreManager().isExistingUser(userStore.getDomainFreeName()) : userStore.isSystemStore() ? this.systemUserRoleManager.isExistingSystemUser(userStore.getDomainFreeName()) : doCheckExistingUser(userStore.getDomainFreeName());
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final String[] listUsers(String str, int i) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return (String[]) callSecure("listUsers", new Object[]{str, Integer.valueOf(i)}, new Class[]{String.class, Integer.TYPE});
        }
        int indexOf = str.indexOf(CarbonConstants.DOMAIN_SEPARATOR);
        if (indexOf > 0) {
            UserStoreManager secondaryUserStoreManager = getSecondaryUserStoreManager(str.substring(0, indexOf));
            if (secondaryUserStoreManager != null) {
                String substring = str.substring(indexOf + 1);
                return secondaryUserStoreManager instanceof AbstractUserStoreManager ? ((AbstractUserStoreManager) secondaryUserStoreManager).doListUsers(substring, i) : secondaryUserStoreManager.listUsers(substring, i);
            }
        } else if (indexOf == 0) {
            return doListUsers(str.substring(indexOf + 1), i);
        }
        String[] doListUsers = doListUsers(str, i);
        String userStoreProperty = this.realmConfig.getUserStoreProperty("DomainName");
        if (getSecondaryUserStoreManager() != null) {
            for (Map.Entry<String, UserStoreManager> entry : this.userStoreManagerHolder.entrySet()) {
                if (!entry.getKey().equalsIgnoreCase(userStoreProperty)) {
                    UserStoreManager value = entry.getValue();
                    if (value instanceof AbstractUserStoreManager) {
                        try {
                            doListUsers = UserCoreUtil.combineArrays(doListUsers, ((AbstractUserStoreManager) value).doListUsers(str, i));
                        } catch (UserStoreException e) {
                            log.error(e);
                        }
                    } else {
                        doListUsers = UserCoreUtil.combineArrays(doListUsers, value.listUsers(str, i));
                    }
                }
            }
        }
        return doListUsers;
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final String[] getUserListOfRole(String str) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return (String[]) callSecure("getUserListOfRole", new Object[]{str}, new Class[]{String.class});
        }
        String[] strArr = new String[0];
        if (!isExistingRole(str)) {
            return strArr;
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            return userStore.getUserStoreManager().getUserListOfRole(userStore.getDomainFreeName());
        }
        if (userStore.isSystemStore()) {
            return this.systemUserRoleManager.getUserListOfSystemRole(userStore.getDomainFreeName());
        }
        String[] strArr2 = new String[0];
        if (!userStore.isHybridRole()) {
            if (this.readGroupsEnabled) {
                strArr = doGetUserListOfRole(str, "*");
            }
            return strArr;
        }
        String[] userListOfHybridRole = "Internal".equalsIgnoreCase(userStore.getDomainName()) ? this.hybridRoleManager.getUserListOfHybridRole(userStore.getDomainFreeName()) : this.hybridRoleManager.getUserListOfHybridRole(userStore.getDomainAwareName());
        ArrayList arrayList = new ArrayList();
        String userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.DISPLAY_NAME_ATTRIBUTE);
        if (userListOfHybridRole != null && userListOfHybridRole.length > 0) {
            if (userStoreProperty == null || userStoreProperty.trim().length() <= 0) {
                return userListOfHybridRole;
            }
            for (String str2 : userListOfHybridRole) {
                String extractDomainFromName = UserCoreUtil.extractDomainFromName(str2);
                if (extractDomainFromName == null || extractDomainFromName.trim().length() == 0) {
                    arrayList.add(str2);
                }
                UserStoreManager userStoreManager = this.userStoreManagerHolder.get(extractDomainFromName);
                String removeDomainFromName = UserCoreUtil.removeDomainFromName(str2);
                if (userStoreManager != null) {
                    for (String str3 : userStoreManager instanceof AbstractUserStoreManager ? ((AbstractUserStoreManager) userStoreManager).doGetDisplayNamesForInternalRole(new String[]{removeDomainFromName}) : userStoreManager.getRoleNames()) {
                        arrayList.add(UserCoreUtil.addDomainToName(str3, extractDomainFromName));
                    }
                }
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public String[] getRoleListOfUser(String str) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return (String[]) callSecure("getRoleListOfUser", new Object[]{str}, new Class[]{String.class});
        }
        if ("wso2.anonymous.user".equalsIgnoreCase(str)) {
            return new String[]{"system/wso2.anonymous.role"};
        }
        String[] roleListOfUserFromCache = getRoleListOfUserFromCache(this.tenantId, UserCoreUtil.addDomainToName(str, getMyDomainName()));
        if (roleListOfUserFromCache != null && roleListOfUserFromCache.length > 0) {
            return roleListOfUserFromCache;
        }
        UserStore userStore = getUserStore(str);
        return userStore.isRecurssive() ? userStore.getUserStoreManager().getRoleListOfUser(userStore.getDomainFreeName()) : userStore.isSystemStore() ? this.systemUserRoleManager.getSystemRoleListOfUser(userStore.getDomainFreeName()) : doGetRoleListOfUser(str, "*");
    }

    /* renamed from: getClaimManager, reason: merged with bridge method [inline-methods] */
    public ClaimManager m19getClaimManager() {
        return this.claimManager;
    }

    public void addRole(String str, String[] strArr, Permission[] permissionArr, boolean z) throws org.wso2.carbon.user.api.UserStoreException {
        UserStore userStore = getUserStore(str);
        if (z && !isSharedGroupEnabled()) {
            throw new org.wso2.carbon.user.api.UserStoreException("SharedUserRolesUser store doesn't support shared user roles functionality");
        }
        if (userStore.isHybridRole()) {
            doAddInternalRole(str, strArr, permissionArr);
            return;
        }
        if (userStore.isRecurssive()) {
            userStore.getUserStoreManager().addRole(userStore.getDomainFreeName(), UserCoreUtil.removeDomainFromNames(strArr), permissionArr, z);
            return;
        }
        if (strArr == null) {
            strArr = new String[0];
        }
        if (permissionArr == null) {
            permissionArr = new Permission[0];
        }
        if (str.indexOf(CarbonConstants.DOMAIN_SEPARATOR) > 0) {
            str = userStore.getDomainFreeName();
            strArr = UserCoreUtil.removeDomainFromNames(strArr);
        }
        Iterator<UserOperationEventListener> it = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it.hasNext()) {
            if (!it.next().doPreAddRole(str, strArr, permissionArr, this)) {
                return;
            }
        }
        if (isReadOnly()) {
            throw new UserStoreException("ReadOnlyPrimaryUserStoreManager Cannot add role to Read Only user store unless it is primary");
        }
        if (!isRoleNameValid(str)) {
            throw new UserStoreException("InvalidRole Role name not valid. Role name must be a non null string with following format, " + this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_ROLE_NAME_JAVA_REG_EX));
        }
        if (doCheckExistingRole(str)) {
            throw new UserStoreException("RoleExisting Role name: " + str + " in the system. Please pick another role name.");
        }
        if (isReadOnly() || !this.writeGroupsEnabled) {
            throw new UserStoreException("NoReadWritePermission Role cannot be added. User store is read only or cannot write groups.");
        }
        doAddRole(str, strArr, z);
        String addDomainToName = UserCoreUtil.addDomainToName(str, getMyDomainName());
        if (permissionArr != null) {
            for (Permission permission : permissionArr) {
                String resourceId = permission.getResourceId();
                String action = permission.getAction();
                if (resourceId != null && resourceId.trim().length() != 0) {
                    if (action == null || action.trim().length() == 0) {
                        action = "read";
                    }
                    this.userRealm.m25getAuthorizationManager().authorizeRole(addDomainToName, resourceId, action);
                }
            }
        }
        if (strArr != null && strArr.length > 0) {
            clearUserRolesCacheByTenant(this.tenantId);
        }
        Iterator<UserOperationEventListener> it2 = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it2.hasNext() && it2.next().doPostAddRole(str, strArr, permissionArr, this)) {
        }
    }

    public boolean isSharedGroupEnabled() {
        String userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.SHARED_GROUPS_ENABLED);
        try {
            if (this.realmConfig.isPrimary() && !isReadOnly()) {
                if ("true".equalsIgnoreCase(userStoreProperty)) {
                    return true;
                }
            }
            return false;
        } catch (UserStoreException e) {
            log.error(e);
            return false;
        }
    }

    protected void filterSharedRoles(List<String> list, String str) {
        if (str != null) {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                if (it.next().indexOf(str) > MAX_ITEM_LIMIT_UNLIMITED) {
                    it.remove();
                }
            }
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void deleteRole(String str) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            callSecure("deleteRole", new Object[]{str}, new Class[]{String.class});
            return;
        }
        if (UserCoreUtil.isPrimaryAdminRole(str, this.realmConfig)) {
            throw new UserStoreException("Cannot delete admin role");
        }
        if (UserCoreUtil.isEveryoneRole(str, this.realmConfig)) {
            throw new UserStoreException("Cannot delete everyone role");
        }
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            userStore.getUserStoreManager().deleteRole(userStore.getDomainFreeName());
            return;
        }
        String addDomainToName = UserCoreUtil.addDomainToName(str, getMyDomainName());
        if (userStore.isHybridRole()) {
            if (APPLICATION_DOMAIN.equalsIgnoreCase(userStore.getDomainName()) || WORKFLOW_DOMAIN.equalsIgnoreCase(userStore.getDomainName())) {
                this.hybridRoleManager.deleteHybridRole(str);
            } else {
                this.hybridRoleManager.deleteHybridRole(userStore.getDomainFreeName());
            }
            clearUserRolesCacheByTenant(this.tenantId);
            return;
        }
        if (!doCheckExistingRole(str)) {
            throw new UserStoreException("Can not delete non exiting role");
        }
        Iterator<UserOperationEventListener> it = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it.hasNext()) {
            if (!it.next().doPreDeleteRole(str, this)) {
                return;
            }
        }
        if (isReadOnly() || !this.writeGroupsEnabled) {
            throw new UserStoreException("Role cannot be deleted. User store is read only or cannot write groups.");
        }
        doDeleteRole(str);
        this.userRealm.m25getAuthorizationManager().clearRoleAuthorization(addDomainToName);
        clearUserRolesCacheByTenant(this.tenantId);
        Iterator<UserOperationEventListener> it2 = UMListenerServiceComponent.getUserOperationEventListeners().iterator();
        while (it2.hasNext() && it2.next().doPostDeleteRole(str, this)) {
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public Date getPasswordExpirationTime(String str) throws UserStoreException {
        UserStore userStore = getUserStore(str);
        if (userStore.isRecurssive()) {
            return userStore.getUserStoreManager().getPasswordExpirationTime(userStore.getDomainFreeName());
        }
        return null;
    }

    private UserStore getUserStore(final String str) throws UserStoreException {
        try {
            return (UserStore) AccessController.doPrivileged(new PrivilegedExceptionAction<UserStore>() { // from class: org.wso2.carbon.user.core.common.AbstractUserStoreManager.7
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public UserStore run() throws Exception {
                    return AbstractUserStoreManager.this.getUserStoreInternal(str);
                }
            });
        } catch (PrivilegedActionException e) {
            throw ((UserStoreException) e.getException());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public UserStore getUserStoreInternal(String str) throws UserStoreException {
        int indexOf = str.indexOf(CarbonConstants.DOMAIN_SEPARATOR);
        UserStore userStore = new UserStore();
        if (indexOf <= 0) {
            String myDomainName = getMyDomainName();
            userStore.setUserStoreManager(this);
            if (indexOf > 0) {
                userStore.setDomainAwareName(str);
                userStore.setDomainFreeName(null);
            } else {
                userStore.setDomainAwareName(myDomainName + CarbonConstants.DOMAIN_SEPARATOR + str);
                userStore.setDomainFreeName(str);
            }
            userStore.setRecurssive(false);
            userStore.setDomainName(myDomainName);
            return userStore;
        }
        String substring = str.substring(0, indexOf);
        UserStoreManager secondaryUserStoreManager = getSecondaryUserStoreManager(substring);
        String substring2 = str.substring(indexOf + 1);
        if (secondaryUserStoreManager != null) {
            userStore.setUserStoreManager(secondaryUserStoreManager);
            userStore.setDomainAwareName(str);
            userStore.setDomainFreeName(substring2);
            userStore.setDomainName(substring);
            userStore.setRecurssive(true);
            return userStore;
        }
        if (!substring.equalsIgnoreCase(getMyDomainName())) {
            if ("Internal".equalsIgnoreCase(substring) || APPLICATION_DOMAIN.equalsIgnoreCase(substring) || WORKFLOW_DOMAIN.equalsIgnoreCase(substring)) {
                userStore.setHybridRole(true);
            } else {
                if (!UserCoreConstants.SYSTEM_DOMAIN_NAME.equalsIgnoreCase(substring)) {
                    throw new UserStoreException("Invalid Domain Name");
                }
                userStore.setSystemStore(true);
            }
        }
        userStore.setDomainAwareName(str);
        userStore.setDomainFreeName(substring2);
        userStore.setDomainName(substring);
        userStore.setRecurssive(false);
        return userStore;
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final UserStoreManager getSecondaryUserStoreManager() {
        return this.secondaryUserStoreManager;
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void setSecondaryUserStoreManager(UserStoreManager userStoreManager) {
        this.secondaryUserStoreManager = userStoreManager;
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final UserStoreManager getSecondaryUserStoreManager(String str) {
        if (str == null) {
            return null;
        }
        return this.userStoreManagerHolder.get(str.toUpperCase());
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final void addSecondaryUserStoreManager(String str, UserStoreManager userStoreManager) {
        if (str != null) {
            this.userStoreManagerHolder.put(str.toUpperCase(), userStoreManager);
        }
    }

    public final void clearAllSecondaryUserStores() {
        this.userStoreManagerHolder.clear();
        if (getMyDomainName() != null) {
            this.userStoreManagerHolder.put(getMyDomainName().toUpperCase(), this);
        }
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final String[] getAllSecondaryRoles() throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return (String[]) callSecure("getAllSecondaryRoles", new Object[0], new Class[0]);
        }
        ArrayList arrayList = new ArrayList();
        for (UserStoreManager secondaryUserStoreManager = getSecondaryUserStoreManager(); secondaryUserStoreManager != null; secondaryUserStoreManager = secondaryUserStoreManager.getSecondaryUserStoreManager()) {
            String[] roleNames = secondaryUserStoreManager.getRoleNames(true);
            if (roleNames != null && roleNames.length > 0) {
                Collections.addAll(arrayList, roleNames);
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    public boolean isSCIMEnabled() {
        String userStoreProperty = this.realmConfig.getUserStoreProperty("SCIMEnabled");
        if (userStoreProperty != null) {
            return Boolean.parseBoolean(userStoreProperty);
        }
        return false;
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final String[] getHybridRoles() throws UserStoreException {
        return this.hybridRoleManager.getHybridRoles("*");
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final String[] getRoleNames() throws UserStoreException {
        return getRoleNames(false);
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public final String[] getRoleNames(boolean z) throws UserStoreException {
        return getRoleNames("*", MAX_ITEM_LIMIT_UNLIMITED, z, true, true);
    }

    protected void doAddInternalRole(String str, String[] strArr, Permission[] permissionArr) throws UserStoreException {
        if (str.contains(UserCoreConstants.DOMAIN_SEPARATOR) && str.toLowerCase().startsWith(APPLICATION_DOMAIN.toLowerCase())) {
            if (this.hybridRoleManager.isExistingRole(str)) {
                throw new UserStoreException("Role name: " + str + " in the system. Please pick another role name.");
            }
            this.hybridRoleManager.addHybridRole(str, strArr);
        } else {
            if (this.hybridRoleManager.isExistingRole(UserCoreUtil.removeDomainFromName(str))) {
                throw new UserStoreException("Role name: " + str + " in the system. Please pick another role name.");
            }
            this.hybridRoleManager.addHybridRole(UserCoreUtil.removeDomainFromName(str), strArr);
        }
        if (permissionArr != null) {
            for (Permission permission : permissionArr) {
                this.userRealm.m25getAuthorizationManager().authorizeRole(UserCoreUtil.addInternalDomainName(str), permission.getResourceId(), permission.getAction());
            }
        }
        if (strArr == null || strArr.length <= 0) {
            return;
        }
        clearUserRolesCacheByTenant(this.tenantId);
    }

    protected abstract String[] doGetSharedRoleNames(String str, String str2, int i) throws UserStoreException;

    public final String[] getRoleNames(String str, int i, boolean z, boolean z2, boolean z3) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return (String[]) callSecure("getRoleNames", new Object[]{str, Integer.valueOf(i), Boolean.valueOf(z), Boolean.valueOf(z2), Boolean.valueOf(z3)}, new Class[]{String.class, Integer.TYPE, Boolean.TYPE, Boolean.TYPE, Boolean.TYPE});
        }
        String[] strArr = new String[0];
        if (!z && str.toLowerCase().startsWith(APPLICATION_DOMAIN.toLowerCase())) {
            strArr = this.hybridRoleManager.getHybridRoles(str);
        } else if (!z) {
            strArr = this.hybridRoleManager.getHybridRoles(UserCoreUtil.removeDomainFromName(str));
        }
        if (!z2) {
            strArr = UserCoreUtil.combineArrays(strArr, this.systemUserRoleManager.getSystemRoles());
        }
        int indexOf = str.indexOf(CarbonConstants.DOMAIN_SEPARATOR);
        if (indexOf > 0) {
            String substring = str.substring(0, indexOf);
            UserStoreManager secondaryUserStoreManager = getSecondaryUserStoreManager(substring);
            if ("Internal".equalsIgnoreCase(substring) || APPLICATION_DOMAIN.equalsIgnoreCase(substring) || WORKFLOW_DOMAIN.equalsIgnoreCase(substring)) {
                return new String[0];
            }
            if (secondaryUserStoreManager == null) {
                throw new UserStoreException("Invalid Domain Name");
            }
            str = str.substring(indexOf + 1);
            if (!(secondaryUserStoreManager instanceof AbstractUserStoreManager)) {
                return UserCoreUtil.combineArrays(strArr, secondaryUserStoreManager.getRoleNames());
            }
            if (this.readGroupsEnabled) {
                return UserCoreUtil.combineArrays(strArr, ((AbstractUserStoreManager) secondaryUserStoreManager).doGetRoleNames(str, i));
            }
        } else if (indexOf == 0 && this.readGroupsEnabled) {
            return UserCoreUtil.combineArrays(strArr, doGetRoleNames(str.substring(indexOf + 1), i));
        }
        if (this.readGroupsEnabled) {
            strArr = UserCoreUtil.combineArrays(doGetRoleNames(str, i), strArr);
        }
        String myDomainName = getMyDomainName();
        if (getSecondaryUserStoreManager() != null) {
            for (Map.Entry<String, UserStoreManager> entry : this.userStoreManagerHolder.entrySet()) {
                if (!entry.getKey().equalsIgnoreCase(myDomainName)) {
                    UserStoreManager value = entry.getValue();
                    if (value instanceof AbstractUserStoreManager) {
                        try {
                            if (this.readGroupsEnabled) {
                                strArr = UserCoreUtil.combineArrays(strArr, ((AbstractUserStoreManager) value).doGetRoleNames(str, i));
                            }
                        } catch (UserStoreException e) {
                            log.error(e);
                        }
                    } else {
                        strArr = UserCoreUtil.combineArrays(strArr, value.getRoleNames());
                    }
                }
            }
        }
        return strArr;
    }

    private Map<String, String> doGetUserClaimValues(String str, String[] strArr, String str2, String str3) throws UserStoreException {
        String[] doGetSharedRoleListOfUser;
        if (!isSecureCall.get().booleanValue()) {
            return (Map) callSecure("doGetUserClaimValues", new Object[]{str, strArr, str2, str3}, new Class[]{String.class, String[].class, String.class, String.class});
        }
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        String str4 = null;
        if (str3 == null || str3.trim().length() == 0) {
            str3 = "default";
        }
        HashSet hashSet = new HashSet();
        for (String str5 : strArr) {
            try {
                String claimAtrribute = getClaimAtrribute(str5, str, str2);
                if (claimAtrribute != null && (!"http://wso2.org/claims/role".equalsIgnoreCase(str5) || !UserCoreConstants.INT_ROLE_CLAIM.equalsIgnoreCase(str5) || !UserCoreConstants.EXT_ROLE_CLAIM.equalsIgnoreCase(str5))) {
                    hashSet.add(claimAtrribute);
                }
                if ("http://wso2.org/claims/role".equalsIgnoreCase(str5)) {
                    z = true;
                    str4 = str5;
                } else if (UserCoreConstants.INT_ROLE_CLAIM.equalsIgnoreCase(str5)) {
                    z2 = true;
                    str4 = str5;
                } else if (UserCoreConstants.EXT_ROLE_CLAIM.equalsIgnoreCase(str5)) {
                    z3 = true;
                    str4 = str5;
                }
            } catch (org.wso2.carbon.user.api.UserStoreException e) {
                throw new UserStoreException((Throwable) e);
            }
        }
        Map<String, String> userPropertyValues = getUserPropertyValues(str, (String[]) hashSet.toArray(new String[hashSet.size()]), str3);
        ArrayList arrayList = new ArrayList();
        HashMap hashMap = new HashMap();
        for (String str6 : strArr) {
            try {
                ClaimMapping claimMapping = (ClaimMapping) this.claimManager.getClaimMapping(str6);
                String str7 = null;
                if (claimMapping != null) {
                    if (str2 != null) {
                        Map mappedAttributes = claimMapping.getMappedAttributes();
                        if (mappedAttributes != null) {
                            String str8 = (String) mappedAttributes.get(str2.toUpperCase());
                            str7 = str8 != null ? str8 : claimMapping.getMappedAttribute();
                        }
                    } else {
                        str7 = claimMapping.getMappedAttribute();
                    }
                    String str9 = userPropertyValues.get(str7);
                    if (str3.equals("default")) {
                        if (str9 != null && str9.trim().length() > 0) {
                            hashMap.put(str6, str9);
                        }
                    } else if (str9 != null && str9.trim().length() > 0) {
                        hashMap.put(str6, str9);
                    }
                } else {
                    if (0 == 0 && str6.equals(DISAPLAY_NAME_CLAIM)) {
                        str7 = this.realmConfig.getUserStoreProperty(LDAPConstants.DISPLAY_NAME_ATTRIBUTE);
                    }
                    String str10 = userPropertyValues.get(str7);
                    if (str10 != null && str10.trim().length() > 0) {
                        hashMap.put(str6, str10);
                    }
                }
            } catch (org.wso2.carbon.user.api.UserStoreException e2) {
                throw new UserStoreException((Throwable) e2);
            }
        }
        if (arrayList.size() > 0) {
            for (Map.Entry<String, String> entry : getUserClaimValues(str, (String[]) arrayList.toArray(new String[arrayList.size()]), str3).entrySet()) {
                if (entry.getValue() != null) {
                    hashMap.put(entry.getKey(), entry.getValue());
                }
            }
        }
        String[] strArr2 = null;
        if (z) {
            strArr2 = getRoleListOfUser(str);
        } else if (z2) {
            strArr2 = doGetInternalRoleListOfUser(str, "*");
        } else if (z3) {
            ArrayList arrayList2 = new ArrayList();
            arrayList2.addAll(Arrays.asList(doGetExternalRoleListOfUser(str, "*")));
            if (isSharedGroupEnabled() && (doGetSharedRoleListOfUser = doGetSharedRoleListOfUser(str, null, "*")) != null) {
                arrayList2.addAll(Arrays.asList(doGetSharedRoleListOfUser));
            }
            strArr2 = (String[]) arrayList2.toArray(new String[arrayList2.size()]);
        }
        if (strArr2 != null && strArr2.length > 0) {
            String str11 = ",";
            String userStoreProperty = this.realmConfig.getUserStoreProperty(MULTI_ATTRIBUTE_SEPARATOR);
            if (userStoreProperty != null && !userStoreProperty.trim().isEmpty()) {
                str11 = userStoreProperty;
            }
            String str12 = "";
            StringBuffer stringBuffer = new StringBuffer();
            for (String str13 : strArr2) {
                stringBuffer.append(str12).append(str13);
                str12 = str11;
            }
            hashMap.put(str4, stringBuffer.toString());
        }
        return hashMap;
    }

    protected String getEveryOneRoleName() {
        return this.realmConfig.getEveryOneRoleName();
    }

    protected String getAdminRoleName() {
        return this.realmConfig.getAdminRoleName();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean checkUserPasswordValid(Object obj) throws UserStoreException {
        boolean z;
        if (!isSecureCall.get().booleanValue()) {
            return ((Boolean) callSecure("checkUserPasswordValid", new Object[]{obj}, new Class[]{Object.class})).booleanValue();
        }
        if (obj == null) {
            return false;
        }
        try {
            Secret secret = Secret.getSecret(obj);
            try {
                if (secret.getChars().length < 1) {
                    return false;
                }
                String userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_JAVA_REG_EX);
                if (userStoreProperty != null) {
                    if (!isFormatCorrect(userStoreProperty, secret.getChars())) {
                        z = false;
                        boolean z2 = z;
                        secret.clear();
                        return z2;
                    }
                }
                z = true;
                boolean z22 = z;
                secret.clear();
                return z22;
            } finally {
                secret.clear();
            }
        } catch (UnsupportedSecretTypeException e) {
            throw new UserStoreException("Unsupported credential type", (Throwable) e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean checkUserNameValid(String str) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return ((Boolean) callSecure("checkUserNameValid", new Object[]{str}, new Class[]{String.class})).booleanValue();
        }
        if (str == null || "wso2.system.user".equals(str)) {
            return false;
        }
        String trim = str.trim();
        if (trim.length() < 1) {
            return false;
        }
        String userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_USER_NAME_JAVA_REG_EX);
        if (MultitenantUtils.isEmailUserName()) {
            userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_USER_NAME_WITH_EMAIL_JS_REG_EX);
            if (StringUtils.isEmpty(userStoreProperty) || StringUtils.isEmpty(userStoreProperty.trim())) {
                userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_USER_NAME_JAVA_REG_EX);
            }
            if (StringUtils.isEmpty(userStoreProperty) || StringUtils.isEmpty(userStoreProperty.trim())) {
                userStoreProperty = UserCoreConstants.RealmConfig.EMAIL_VALIDATION_REGEX;
            }
        }
        if (userStoreProperty != null) {
            userStoreProperty = userStoreProperty.trim();
        }
        return userStoreProperty == null || userStoreProperty.equals("") || isFormatCorrect(userStoreProperty, trim);
    }

    protected boolean isRoleNameValid(String str) {
        if (str == null || str.length() < 1) {
            return false;
        }
        String userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_ROLE_NAME_JAVA_REG_EX);
        return userStoreProperty == null || isFormatCorrect(userStoreProperty, str);
    }

    protected String[] getRoleListOfUserFromCache(int i, String str) {
        if (this.userRolesCache == null) {
            return null;
        }
        return this.userRolesCache.getRolesListOfUser(this.cacheIdentifier, i, UserCoreUtil.addDomainToName(str, getMyDomainName()));
    }

    protected void clearUserRolesCacheByTenant(int i) {
        if (this.userRolesCache != null) {
            this.userRolesCache.clearCacheByTenant(i);
        }
        AuthorizationCache.getInstance().clearCacheByTenant(i);
    }

    protected void clearUserRolesCache(String str) {
        String addDomainToName = UserCoreUtil.addDomainToName(str, getMyDomainName());
        if (this.userRolesCache != null) {
            this.userRolesCache.clearCacheEntry(this.cacheIdentifier, this.tenantId, addDomainToName);
        }
        AuthorizationCache.getInstance().clearCacheByUser(this.tenantId, addDomainToName);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addToUserRolesCache(int i, String str, String[] strArr) {
        if (this.userRolesCache != null) {
            this.userRolesCache.addToCache(this.cacheIdentifier, i, UserCoreUtil.addDomainToName(str, getMyDomainName()), strArr);
            AuthorizationCache.getInstance().clearCacheByTenant(i);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initUserRolesCache() {
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserRolesCacheEnabled");
        String userStoreProperty2 = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_USER_CORE_CACHE_IDENTIFIER);
        if (userStoreProperty2 == null || userStoreProperty2.trim().length() <= 0) {
            this.cacheIdentifier = UserCoreConstants.DEFAULT_CACHE_IDENTIFIER;
        } else {
            this.cacheIdentifier = userStoreProperty2;
        }
        if (userStoreProperty != null && !userStoreProperty.equals("")) {
            this.userRolesCacheEnabled = Boolean.parseBoolean(userStoreProperty);
            if (log.isDebugEnabled()) {
                log.debug("User Roles Cache is configured to:" + userStoreProperty);
            }
        } else if (log.isDebugEnabled()) {
            log.info("User Roles Cache is not configured. Default value: " + this.userRolesCacheEnabled + " is taken.");
        }
        if (this.userRolesCacheEnabled) {
            int i = 5;
            String userStoreProperty3 = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_USER_ROLE_CACHE_TIME_OUT);
            if (userStoreProperty3 != null) {
                i = Integer.parseInt(userStoreProperty3);
            }
            this.userRolesCache = UserRolesCache.getInstance();
            this.userRolesCache.setTimeOut(i);
        }
    }

    private boolean isFormatCorrect(String str, String str2) {
        return Pattern.compile(str).matcher(str2).matches();
    }

    private boolean isFormatCorrect(String str, char[] cArr) {
        return Pattern.compile(str).matcher(CharBuffer.wrap(cArr)).matches();
    }

    protected String replaceEscapeCharacters(String str) {
        if (log.isDebugEnabled()) {
            log.debug("Replacing escape characters in " + str);
        }
        String userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_REPLACE_ESCAPE_CHARACTERS_AT_USER_LOGIN);
        if (userStoreProperty != null) {
            this.replaceEscapeCharactersAtUserLogin = Boolean.parseBoolean(userStoreProperty);
            if (log.isDebugEnabled()) {
                log.debug("Replace escape characters at userlogin is configured to: " + userStoreProperty);
            }
            if (this.replaceEscapeCharactersAtUserLogin) {
                return str.replaceAll("\\\\", "\\\\\\\\");
            }
        }
        return str;
    }

    public RoleDTO[] getAllSecondaryRoleDTOs() throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return (RoleDTO[]) callSecure("getAllSecondaryRoleDTOs", new Object[0], new Class[0]);
        }
        ArrayList arrayList = new ArrayList();
        for (UserStoreManager secondaryUserStoreManager = getSecondaryUserStoreManager(); secondaryUserStoreManager != null; secondaryUserStoreManager = secondaryUserStoreManager.getSecondaryUserStoreManager()) {
            String userStoreProperty = secondaryUserStoreManager.getRealmConfiguration().getUserStoreProperty("DomainName");
            String[] roleNames = secondaryUserStoreManager.getRoleNames(true);
            if (roleNames != null && roleNames.length > 0) {
                Collections.addAll(arrayList, UserCoreUtil.convertRoleNamesToRoleDTO(roleNames, userStoreProperty));
            }
        }
        return (RoleDTO[]) arrayList.toArray(new RoleDTO[arrayList.size()]);
    }

    public void addSystemRole(String str, String[] strArr, org.wso2.carbon.user.core.Permission[] permissionArr) throws UserStoreException {
        if (!isRoleNameValid(str)) {
            throw new UserStoreException("InvalidRoleRole name not valid. Role name must be a non null string with following format, " + this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_ROLE_NAME_JAVA_REG_EX));
        }
        if (this.systemUserRoleManager.isExistingRole(str)) {
            throw new UserStoreException("Role name: " + str + " in the system. Please pick another role name.");
        }
        this.systemUserRoleManager.addSystemRole(str, strArr);
    }

    protected abstract String[] doGetUserListOfRole(String str, String str2) throws UserStoreException;

    public final String[] doGetRoleListOfUser(String str, String str2) throws UserStoreException {
        String[] doGetSharedRoleListOfUser;
        if (!isSecureCall.get().booleanValue()) {
            return (String[]) callSecure("doGetRoleListOfUser", new Object[]{str, str2}, new Class[]{String.class, String.class});
        }
        String[] doGetInternalRoleListOfUser = doGetInternalRoleListOfUser(str, str2);
        String[] strArr = new String[0];
        if (this.readGroupsEnabled && doCheckExistingUser(str)) {
            ArrayList arrayList = new ArrayList();
            arrayList.addAll(Arrays.asList(doGetExternalRoleListOfUser(str, "*")));
            if (isSharedGroupEnabled() && (doGetSharedRoleListOfUser = doGetSharedRoleListOfUser(str, null, "*")) != null) {
                arrayList.addAll(Arrays.asList(doGetSharedRoleListOfUser));
            }
            strArr = UserCoreUtil.addDomainToNames((String[]) arrayList.toArray(new String[arrayList.size()]), getMyDomainName());
        }
        String[] combine = UserCoreUtil.combine(doGetInternalRoleListOfUser, Arrays.asList(strArr));
        addToUserRolesCache(this.tenantId, str, combine);
        return combine;
    }

    public final String[] getHybridRoles(String str) throws UserStoreException {
        return this.hybridRoleManager.getHybridRoles(str);
    }

    protected List<String> getMappingAttributeList(List<String> list) throws UserStoreException {
        ArrayList arrayList = new ArrayList();
        if (list == null) {
            return arrayList;
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            try {
                arrayList.add(this.claimManager.getAttributeName(it.next()));
            } catch (org.wso2.carbon.user.api.UserStoreException e) {
                throw new UserStoreException((Throwable) e);
            }
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doInitialSetup() throws UserStoreException {
        this.systemUserRoleManager = new SystemUserRoleManager(this.dataSource, this.tenantId);
        this.hybridRoleManager = new HybridRoleManager(this.dataSource, this.tenantId, this.realmConfig, this.userRealm);
    }

    protected void doInitialUserAdding() throws UserStoreException {
        String removeDomainFromName = UserCoreUtil.removeDomainFromName("wso2.anonymous.user");
        String removeDomainFromName2 = UserCoreUtil.removeDomainFromName("system/wso2.anonymous.role");
        if (!this.systemUserRoleManager.isExistingSystemUser(removeDomainFromName)) {
            this.systemUserRoleManager.addSystemUser(removeDomainFromName, UserCoreUtil.getPolicyFriendlyRandomPassword(removeDomainFromName), null);
        }
        if (!this.systemUserRoleManager.isExistingRole(removeDomainFromName2)) {
            this.systemUserRoleManager.addSystemRole(removeDomainFromName2, new String[]{removeDomainFromName});
        }
        if (this.hybridRoleManager.isExistingRole(UserCoreUtil.removeDomainFromName(this.realmConfig.getEveryOneRoleName()))) {
            return;
        }
        this.hybridRoleManager.addHybridRole(UserCoreUtil.removeDomainFromName(this.realmConfig.getEveryOneRoleName()), null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isInitSetupDone() throws UserStoreException {
        boolean z = false;
        String removeDomainFromName = UserCoreUtil.removeDomainFromName("wso2.anonymous.user");
        String removeDomainFromName2 = UserCoreUtil.removeDomainFromName("system/wso2.anonymous.role");
        if (this.systemUserRoleManager.isExistingSystemUser(removeDomainFromName)) {
            z = true;
        }
        if (this.systemUserRoleManager.isExistingRole(removeDomainFromName2)) {
            z = true;
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addInitialAdminData(boolean z, boolean z2) throws UserStoreException {
        if (this.realmConfig.getAdminRoleName() == null || this.realmConfig.getAdminUserName() == null) {
            log.error("Admin user name or role name is not valid. Please provide valid values.");
            throw new UserStoreException("Admin user name or role name is not valid. Please provide valid values.");
        }
        String removeDomainFromName = UserCoreUtil.removeDomainFromName(this.realmConfig.getAdminUserName());
        String removeDomainFromName2 = UserCoreUtil.removeDomainFromName(this.realmConfig.getAdminRoleName());
        boolean z3 = false;
        boolean z4 = false;
        boolean z5 = false;
        try {
            if (Boolean.parseBoolean(getRealmConfiguration().getUserStoreProperty("ReadGroups"))) {
                z4 = doCheckExistingRole(removeDomainFromName2);
            }
        } catch (Exception e) {
        }
        if (!z4) {
            try {
                z4 = this.hybridRoleManager.isExistingRole(removeDomainFromName2);
            } catch (Exception e2) {
            }
            if (z4) {
                z5 = true;
            }
        }
        try {
            z3 = doCheckExistingUser(removeDomainFromName);
        } catch (Exception e3) {
        }
        if (!z3) {
            if (isReadOnly()) {
                if (z2) {
                    throw new UserStoreException("Admin user can not be created in primary user store. User store is read only. Please pick a user name which is exist in the primary user store as Admin user");
                }
                if (log.isDebugEnabled()) {
                    log.error("Admin user can not be created in primary user store. User store is read only. Please pick a user name which is exist in the primary user store as Admin user");
                }
            } else if (z) {
                try {
                    doAddUser(removeDomainFromName, this.realmConfig.getAdminPassword(), null, null, null, false);
                } catch (Exception e4) {
                    if (z2) {
                        throw new UserStoreException("Admin user has not been created. Error occurs while creating Admin user in primary user store.", e4);
                    }
                    if (log.isDebugEnabled()) {
                        log.error("Admin user has not been created. Error occurs while creating Admin user in primary user store.", e4);
                    }
                }
            } else if (z2) {
                if (z2) {
                    throw new UserStoreException("Admin user can not be created in primary user store. Add-Admin has been set to false. Please pick a User name which is exist in the primary user store as Admin user");
                }
                if (log.isDebugEnabled()) {
                    log.error("Admin user can not be created in primary user store. Add-Admin has been set to false. Please pick a User name which is exist in the primary user store as Admin user");
                }
            }
        }
        if (!z4) {
            if (z) {
                if (isReadOnly() || !this.writeGroupsEnabled) {
                    try {
                        this.hybridRoleManager.addHybridRole(removeDomainFromName2, new String[]{removeDomainFromName});
                        z5 = true;
                    } catch (Exception e5) {
                        if (z2) {
                            throw new UserStoreException("Admin role has not been created. Error occurs while creating Admin role in primary user store.", e5);
                        }
                        if (log.isDebugEnabled()) {
                            log.error("Admin role has not been created. Error occurs while creating Admin role in primary user store.", e5);
                        }
                    }
                } else {
                    try {
                        doAddRole(removeDomainFromName2, new String[]{removeDomainFromName}, false);
                    } catch (org.wso2.carbon.user.api.UserStoreException e6) {
                        if (z2) {
                            throw new UserStoreException("Admin role has not been created. Error occurs while creating Admin role in primary user store.", e6);
                        }
                        if (log.isDebugEnabled()) {
                            log.error("Admin role has not been created. Error occurs while creating Admin role in primary user store.", e6);
                        }
                    }
                }
            } else {
                if (z2) {
                    throw new UserStoreException("Admin role can not be created in primary user store. Add-Admin has been set to false. Please pick a Role name which is exist in the primary user store as Admin Role");
                }
                if (log.isDebugEnabled()) {
                    log.error("Admin role can not be created in primary user store. Add-Admin has been set to false. Please pick a Role name which is exist in the primary user store as Admin Role");
                }
            }
        }
        if (z5) {
            if (!this.hybridRoleManager.isUserInRole(removeDomainFromName, removeDomainFromName2)) {
                try {
                    this.hybridRoleManager.updateHybridRoleListOfUser(removeDomainFromName, null, new String[]{removeDomainFromName2});
                } catch (Exception e7) {
                    if (z2) {
                        throw new UserStoreException("Admin user has not been assigned to Admin role. Error while assignment is done", e7);
                    }
                    if (log.isDebugEnabled()) {
                        log.error("Admin user has not been assigned to Admin role. Error while assignment is done", e7);
                    }
                }
            }
            this.realmConfig.setAdminRoleName(UserCoreUtil.addInternalDomainName(removeDomainFromName2));
        } else if (!isReadOnly() && this.writeGroupsEnabled && !doCheckIsUserInRole(removeDomainFromName, removeDomainFromName2)) {
            if (z) {
                try {
                    doUpdateRoleListOfUser(removeDomainFromName, null, new String[]{removeDomainFromName2});
                } catch (Exception e8) {
                    if (z2) {
                        throw new UserStoreException("Admin user has not been assigned to Admin role. Error while assignment is done", e8);
                    }
                    if (log.isDebugEnabled()) {
                        log.error("Admin user has not been assigned to Admin role. Error while assignment is done", e8);
                    }
                }
            } else {
                if (z2) {
                    throw new UserStoreException("Admin user can not be assigned to Admin role Add-Admin has been set to false. Please do the assign it in user store level");
                }
                if (log.isDebugEnabled()) {
                    log.error("Admin user can not be assigned to Admin role Add-Admin has been set to false. Please do the assign it in user store level");
                }
            }
        }
        doInitialUserAdding();
    }

    public Map<String, Integer> getMaxListCount(String str) throws UserStoreException {
        if (!str.equals("MaxUserNameListLength") && !str.equals("MaxRoleNameListLength")) {
            throw new UserStoreException("Invalid count parameter");
        }
        if (str.equals("MaxUserNameListLength") && this.maxUserListCount != null) {
            return this.maxUserListCount;
        }
        if (str.equals("MaxRoleNameListLength") && this.maxRoleListCount != null) {
            return this.maxRoleListCount;
        }
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, UserStoreManager> entry : this.userStoreManagerHolder.entrySet()) {
            String userStoreProperty = entry.getValue().getRealmConfiguration().getUserStoreProperty(str);
            if (userStoreProperty == null) {
                userStoreProperty = "100";
            }
            hashMap.put(entry.getKey(), Integer.valueOf(Integer.parseInt(userStoreProperty)));
        }
        if (this.realmConfig.getUserStoreProperty("DomainName") == null) {
            String userStoreProperty2 = this.realmConfig.getUserStoreProperty(str);
            if (userStoreProperty2 == null) {
                userStoreProperty2 = "100";
            }
            hashMap.put(null, Integer.valueOf(Integer.parseInt(userStoreProperty2)));
        }
        if (str.equals("MaxUserNameListLength")) {
            this.maxUserListCount = hashMap;
            return this.maxUserListCount;
        }
        if (!str.equals("MaxRoleNameListLength")) {
            throw new UserStoreException("Invalid count parameter");
        }
        this.maxRoleListCount = hashMap;
        return this.maxRoleListCount;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getMyDomainName() {
        return UserCoreUtil.getDomainName(this.realmConfig);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void persistDomain() throws UserStoreException {
        String domainName = UserCoreUtil.getDomainName(this.realmConfig);
        if (domainName != null) {
            UserCoreUtil.persistDomain(domainName, this.tenantId, this.dataSource);
        }
    }

    public void deletePersistedDomain(String str) throws UserStoreException {
        if (str != null) {
            if (log.isDebugEnabled()) {
                log.debug("Deleting persisted domain " + str);
            }
            UserCoreUtil.deletePersistedDomain(str, this.tenantId, this.dataSource);
        }
    }

    public void updatePersistedDomain(String str, String str2) throws UserStoreException {
        if (str == null || str2 == null) {
            return;
        }
        RealmConfiguration realmConfiguration = getRealmConfiguration();
        while (true) {
            RealmConfiguration realmConfiguration2 = realmConfiguration;
            if (realmConfiguration2 == null) {
                if (log.isDebugEnabled()) {
                    log.debug("Renaming persisted domain " + str + " to " + str2);
                }
                UserCoreUtil.updatePersistedDomain(str, str2, this.tenantId, this.dataSource);
                return;
            } else {
                if (str2.equalsIgnoreCase(realmConfiguration2.getUserStoreProperty("DomainName"))) {
                    throw new UserStoreException("Cannot update persisted domain name " + str + " into " + str2 + ". New domain name already in use");
                }
                realmConfiguration = realmConfiguration2.getSecondaryRealmConfig();
            }
        }
    }

    public boolean isSharedRole(String str, String str2) {
        return isSharedGroupEnabled();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isOwnRole(String str) {
        return true;
    }

    public void addRole(String str, String[] strArr, Permission[] permissionArr) throws org.wso2.carbon.user.api.UserStoreException {
        addRole(str, strArr, permissionArr, false);
    }

    public boolean isOthersSharedRole(String str) {
        return false;
    }

    public void notifyListeners(String str) {
        Iterator<UserStoreManagerConfigurationListener> it = this.listener.iterator();
        while (it.hasNext()) {
            it.next().propertyChange(str);
        }
    }

    public void addChangeListener(UserStoreManagerConfigurationListener userStoreManagerConfigurationListener) {
        this.listener.add(userStoreManagerConfigurationListener);
    }

    private UserStoreManager createSecondaryUserStoreManager(RealmConfiguration realmConfiguration, UserRealm userRealm) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            return (UserStoreManager) callSecure("createSecondaryUserStoreManager", new Object[]{realmConfiguration, userRealm}, new Class[]{RealmConfiguration.class, UserRealm.class});
        }
        realmConfiguration.setEveryOneRoleName(this.realmConfig.getEveryOneRoleName());
        realmConfiguration.setAdminUserName(this.realmConfig.getAdminUserName());
        realmConfiguration.setAdminRoleName(this.realmConfig.getAdminRoleName());
        String userStoreClass = realmConfiguration.getUserStoreClass();
        if (userStoreClass == null) {
            log.error("Unable to add user store. UserStoreManager class name is null.");
            throw new UserStoreException("Unable to add user store. UserStoreManager class name is null.");
        }
        HashMap hashMap = new HashMap();
        hashMap.put(UserCoreConstants.DATA_SOURCE, this.dataSource);
        hashMap.put(UserCoreConstants.FIRST_STARTUP_CHECK, false);
        Class<?>[] clsArr = {RealmConfiguration.class, Map.class, ClaimManager.class, ProfileConfigurationManager.class, UserRealm.class, Integer.class};
        Object[] objArr = {realmConfiguration, hashMap, userRealm.m23getClaimManager(), null, userRealm, Integer.valueOf(this.tenantId)};
        Class<?>[] clsArr2 = {RealmConfiguration.class, Map.class, ClaimManager.class, ProfileConfigurationManager.class, UserRealm.class};
        Object[] objArr2 = {realmConfiguration, hashMap, userRealm.m23getClaimManager(), null, userRealm};
        Class<?>[] clsArr3 = {RealmConfiguration.class, Map.class};
        Object[] objArr3 = {realmConfiguration, hashMap};
        try {
            Class<?> cls = Class.forName(userStoreClass);
            if (log.isDebugEnabled()) {
                log.debug("Start initializing class with the first option");
            }
            try {
                return (UserStoreManager) cls.getConstructor(clsArr).newInstance(objArr);
            } catch (NoSuchMethodException e) {
                if (log.isDebugEnabled()) {
                    log.debug("Cannont initialize " + userStoreClass + " using the option 1");
                }
                if (log.isDebugEnabled()) {
                    log.debug("End initializing class with the first option");
                }
                try {
                    return (UserStoreManager) cls.getConstructor(clsArr2).newInstance(objArr2);
                } catch (NoSuchMethodException e2) {
                    if (log.isDebugEnabled()) {
                        log.debug("Cannot initialize " + userStoreClass + " using the option 2");
                    }
                    if (log.isDebugEnabled()) {
                        log.debug("End initializing class with the second option");
                    }
                    try {
                        return (UserStoreManager) cls.getConstructor(clsArr3).newInstance(objArr3);
                    } catch (NoSuchMethodException e3) {
                        String str = "Cannot initialize " + userStoreClass + ". Error " + e3.getMessage();
                        log.error(str);
                        throw new UserStoreException(str);
                    }
                }
            }
        } catch (Throwable th) {
            log.error("Cannot create " + userStoreClass, th);
            throw new UserStoreException(th.getMessage() + "Type " + th.getClass(), th);
        }
    }

    public void addSecondaryUserStoreManager(RealmConfiguration realmConfiguration, UserRealm userRealm) throws UserStoreException {
        UserStoreManager userStoreManager;
        if (!isSecureCall.get().booleanValue()) {
            callSecure("addSecondaryUserStoreManager", new Object[]{realmConfiguration, userRealm}, new Class[]{RealmConfiguration.class, UserRealm.class});
            return;
        }
        boolean parseBoolean = Boolean.parseBoolean(realmConfiguration.getUserStoreProperty("Disabled"));
        String userStoreProperty = realmConfiguration.getUserStoreProperty("DomainName");
        if (parseBoolean) {
            log.warn("Secondary user store disabled with domain " + userStoreProperty + ".");
            return;
        }
        UserStoreManager createSecondaryUserStoreManager = createSecondaryUserStoreManager(realmConfiguration, userRealm);
        if (userStoreProperty == null) {
            log.warn("Could not initialize new user store manager.  Domain name is not defined");
            return;
        }
        if (getSecondaryUserStoreManager(userStoreProperty) != null) {
            String str = "Could not initialize new user store manager : " + userStoreProperty + " Duplicate domain names not allowed.";
            if (log.isDebugEnabled()) {
                log.debug(str);
            }
            throw new UserStoreException(str);
        }
        UserStoreManager userStoreManager2 = this;
        while (true) {
            userStoreManager = userStoreManager2;
            if (userStoreManager.getSecondaryUserStoreManager() == null) {
                break;
            } else {
                userStoreManager2 = userStoreManager.getSecondaryUserStoreManager();
            }
        }
        userStoreManager.setSecondaryUserStoreManager(createSecondaryUserStoreManager);
        addSecondaryUserStoreManager(userStoreProperty.toUpperCase(), userStoreManager.getSecondaryUserStoreManager());
        if (log.isDebugEnabled()) {
            log.debug("UserStoreManager : " + userStoreProperty + "added to the list");
        }
    }

    public void removeSecondaryUserStoreManager(String str) throws UserStoreException {
        if (!isSecureCall.get().booleanValue()) {
            callSecure("removeSecondaryUserStoreManager", new Object[]{str}, new Class[]{String.class});
            return;
        }
        if (str == null) {
            throw new UserStoreException("Cannot remove user store. User store domain name is null");
        }
        if ("".equals(str)) {
            throw new UserStoreException("Cannot remove user store. User store domain name is empty");
        }
        String upperCase = str.toUpperCase();
        boolean z = false;
        if (this.userStoreManagerHolder.containsKey(upperCase.toUpperCase())) {
            z = true;
            this.userStoreManagerHolder.remove(upperCase.toUpperCase());
            if (log.isDebugEnabled()) {
                log.debug("UserStore: " + upperCase + " removed from map");
            }
        }
        AbstractUserStoreManager abstractUserStoreManager = this;
        while (true) {
            AbstractUserStoreManager abstractUserStoreManager2 = abstractUserStoreManager;
            if (abstractUserStoreManager2.getSecondaryUserStoreManager() == null) {
                if (!z && 0 != 0) {
                    throw new UserStoreException("Removed user store manager : " + upperCase + " didnt exists in userStoreManagerHolder map");
                }
                if (z && 0 == 0) {
                    throw new UserStoreException("Removed user store manager : " + upperCase + " didnt exists in user store manager chain");
                }
                return;
            }
            UserStoreManager secondaryUserStoreManager = abstractUserStoreManager2.getSecondaryUserStoreManager();
            if (secondaryUserStoreManager.getRealmConfiguration().getUserStoreProperty("DomainName").equalsIgnoreCase(upperCase)) {
                abstractUserStoreManager2.setSecondaryUserStoreManager(secondaryUserStoreManager.getSecondaryUserStoreManager());
                log.info("User store: " + upperCase + " of tenant:" + this.tenantId + " is removed from user store chain.");
                return;
            }
            abstractUserStoreManager = secondaryUserStoreManager;
        }
    }

    public HybridRoleManager getInternalRoleManager() {
        return this.hybridRoleManager;
    }
}
