package org.wso2.carbon.identity.rest.api.user.authorized.apps.v1.core;

import java.util.Arrays;
import java.util.Hashtable;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
import javax.ws.rs.core.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.api.user.common.error.APIError;
import org.wso2.carbon.identity.api.user.common.error.ErrorResponse;
import org.wso2.carbon.identity.application.common.model.User;
import org.wso2.carbon.identity.oauth.IdentityOAuthAdminException;
import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl;
import org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO;
import org.wso2.carbon.identity.oauth.dto.OAuthRevocationRequestDTO;
import org.wso2.carbon.identity.rest.api.user.authorized.apps.v1.core.Constants;
import org.wso2.carbon.identity.rest.api.user.authorized.apps.v1.core.functions.OAuthConsumerAppToExternal;
import org.wso2.carbon.identity.rest.api.user.authorized.apps.v1.dto.AuthorizedAppDTO;
import org.wso2.carbon.user.core.UserCoreConstants;
import org.wso2.carbon.user.core.service.RealmService;

/* loaded from: input_file:WEB-INF/lib/org.wso2.carbon.identity.rest.api.user.authorized.apps.v1-1.1.22.jar:org/wso2/carbon/identity/rest/api/user/authorized/apps/v1/core/AuthorizedAppsService.class */
public class AuthorizedAppsService {
    private static final Log log = LogFactory.getLog(AuthorizedAppsService.class);
    private static OAuthAdminServiceImpl oAuthAdminService;
    private static RealmService realmService;

    public void deleteUserAuthorizedApps(User user) {
        OAuthRevocationRequestDTO oAuthRevocationRequestDTO = new OAuthRevocationRequestDTO();
        try {
            try {
                startTenantFlowWithUser(getUsernameWithUserStoreDomain(user), user.getTenantDomain());
                oAuthRevocationRequestDTO.setApps((String[]) ((List) listUserAuthorizedApps(user).stream().map((v0) -> {
                    return v0.getAppId();
                }).collect(Collectors.toList())).toArray(new String[0]));
                if (!oAuthAdminService.revokeAuthzForAppsByResourceOwner(oAuthRevocationRequestDTO).isError()) {
                    log.warn("No applications can be found for the user: " + user.getUserName());
                }
            } catch (IdentityOAuthAdminException e) {
                throw handleError(Response.Status.INTERNAL_SERVER_ERROR, Constants.ErrorMessages.ERROR_CODE_REVOKE_APP_BY_USER, user.toFullQualifiedUsername());
            }
        } finally {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }

    public void deleteUserAuthorizedApps(User user, String str) {
        OAuthRevocationRequestDTO oAuthRevocationRequestDTO = new OAuthRevocationRequestDTO();
        oAuthRevocationRequestDTO.setApps(new String[]{str});
        try {
            try {
                startTenantFlowWithUser(getUsernameWithUserStoreDomain(user), user.getTenantDomain());
                if (!Arrays.stream(oAuthAdminService.getAppsAuthorizedByUser()).filter(oAuthConsumerAppDTO -> {
                    return oAuthConsumerAppDTO.getApplicationName().equals(str);
                }).findFirst().isPresent()) {
                    throw handleError(Response.Status.NOT_FOUND, Constants.ErrorMessages.ERROR_CODE_INVALID_APPLICATION_ID, str, user.toFullQualifiedUsername());
                }
                if (!oAuthAdminService.revokeAuthzForAppsByResourceOwner(oAuthRevocationRequestDTO).isError()) {
                    log.warn("Given application: " + str + " has been deleted by a PreRevokeListener.");
                }
            } catch (IdentityOAuthAdminException e) {
                throw handleError(Response.Status.INTERNAL_SERVER_ERROR, Constants.ErrorMessages.ERROR_CODE_REVOKE_APP_BY_ID_BY_USER, str, user.toFullQualifiedUsername());
            }
        } finally {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }

    private String getUsernameWithUserStoreDomain(User user) {
        return user.getUserStoreDomain() + UserCoreConstants.DOMAIN_SEPARATOR + user.getUserName();
    }

    public List<AuthorizedAppDTO> listUserAuthorizedApps(User user) {
        try {
            try {
                startTenantFlowWithUser(getUsernameWithUserStoreDomain(user), user.getTenantDomain());
                List<AuthorizedAppDTO> list = (List) Arrays.stream(oAuthAdminService.getAppsAuthorizedByUser()).map(new OAuthConsumerAppToExternal()).collect(Collectors.toList());
                PrivilegedCarbonContext.endTenantFlow();
                return list;
            } catch (IdentityOAuthAdminException e) {
                throw handleError(Response.Status.INTERNAL_SERVER_ERROR, Constants.ErrorMessages.ERROR_CODE_GET_APP_BY_USER, user.toFullQualifiedUsername());
            }
        } catch (Throwable th) {
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    public AuthorizedAppDTO listUserAuthorizedAppsByAppId(User user, String str) {
        try {
            try {
                startTenantFlowWithUser(getUsernameWithUserStoreDomain(user), user.getTenantDomain());
                Optional findFirst = Arrays.stream(oAuthAdminService.getAppsAuthorizedByUser()).filter(oAuthConsumerAppDTO -> {
                    return oAuthConsumerAppDTO.getApplicationName().equals(str);
                }).findFirst();
                if (!findFirst.isPresent()) {
                    throw handleError(Response.Status.NOT_FOUND, Constants.ErrorMessages.ERROR_CODE_INVALID_APPLICATION_ID, str, user.toFullQualifiedUsername());
                }
                AuthorizedAppDTO apply = new OAuthConsumerAppToExternal().apply((OAuthConsumerAppDTO) findFirst.get());
                PrivilegedCarbonContext.endTenantFlow();
                return apply;
            } catch (IdentityOAuthAdminException e) {
                throw handleError(Response.Status.INTERNAL_SERVER_ERROR, Constants.ErrorMessages.ERROR_CODE_GET_APP_BY_ID_BY_USER, str, user.toFullQualifiedUsername());
            }
        } catch (Throwable th) {
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    private void startTenantFlowWithUser(String str, String str2) {
        startTenantFlow(str2);
        PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(str);
    }

    private void startTenantFlow(String str) {
        PrivilegedCarbonContext.startTenantFlow();
        PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(str, true);
    }

    private static APIError handleError(Response.Status status, Constants.ErrorMessages errorMessages, String... strArr) {
        return new APIError(status, new ErrorResponse.Builder().withCode(errorMessages.getCode()).withMessage(errorMessages.getMessage()).withDescription(strArr != null ? String.format(errorMessages.getDescription(), strArr) : errorMessages.getMessage()).build());
    }

    static {
        oAuthAdminService = null;
        realmService = null;
        oAuthAdminService = (OAuthAdminServiceImpl) PrivilegedCarbonContext.getThreadLocalCarbonContext().getOSGiService(OAuthAdminServiceImpl.class, (Hashtable) null);
        realmService = (RealmService) PrivilegedCarbonContext.getThreadLocalCarbonContext().getOSGiService(RealmService.class, (Hashtable) null);
    }
}
