package org.wso2.carbon.identity.api.server.application.management.v1.core;

import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants;
import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementServiceHolder;
import org.wso2.carbon.identity.api.server.application.management.v1.AdaptiveAuthTemplates;
import org.wso2.carbon.identity.api.server.application.management.v1.AuthProtocolMetadata;
import org.wso2.carbon.identity.api.server.application.management.v1.CustomInboundProtocolMetaData;
import org.wso2.carbon.identity.api.server.application.management.v1.CustomInboundProtocolProperty;
import org.wso2.carbon.identity.api.server.application.management.v1.GrantType;
import org.wso2.carbon.identity.api.server.application.management.v1.GrantTypeMetaData;
import org.wso2.carbon.identity.api.server.application.management.v1.MetadataProperty;
import org.wso2.carbon.identity.api.server.application.management.v1.OIDCMetaData;
import org.wso2.carbon.identity.api.server.application.management.v1.SAMLMetaData;
import org.wso2.carbon.identity.api.server.application.management.v1.WSTrustMetaData;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils;
import org.wso2.carbon.identity.api.server.common.error.APIError;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.identity.application.mgt.AbstractInboundAuthenticatorConfig;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl;
import org.wso2.carbon.identity.oauth.dto.OAuthIDTokenAlgorithmDTO;
import org.wso2.carbon.identity.oauth.dto.TokenBindingMetaDataDTO;
import org.wso2.carbon.identity.sso.saml.SAMLSSOConfigServiceImpl;
import org.wso2.carbon.security.SecurityConfigException;

/* loaded from: input_file:WEB-INF/lib/org.wso2.carbon.identity.api.server.application.management.v1-1.0.225.jar:org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationMetadataService.class */
public class ServerApplicationMetadataService {
    private static final Log LOG = LogFactory.getLog(ServerApplicationMetadataService.class);

    public List<AuthProtocolMetadata> getInboundProtocols(Boolean bool) {
        ArrayList arrayList = new ArrayList();
        for (Map.Entry entry : ApplicationManagementServiceHolder.getApplicationManagementService().getAllInboundAuthenticatorConfig().entrySet()) {
            arrayList.add(new AuthProtocolMetadata().name(((AbstractInboundAuthenticatorConfig) entry.getValue()).getName()).displayName(((AbstractInboundAuthenticatorConfig) entry.getValue()).getFriendlyName()));
        }
        if (bool == null || !bool.booleanValue()) {
            arrayList.add(new AuthProtocolMetadata().name("saml").displayName("SAML2 Web SSO Configuration"));
            arrayList.add(new AuthProtocolMetadata().name("oidc").displayName("OAuth/OpenID Connect Configuration"));
            arrayList.add(new AuthProtocolMetadata().name("ws-trust").displayName("WS-Trust Security Token Service Configuration"));
        }
        return arrayList;
    }

    public SAMLMetaData getSAMLMetadata() {
        SAMLMetaData sAMLMetaData = new SAMLMetaData();
        SAMLSSOConfigServiceImpl samlssoConfigService = ApplicationManagementServiceHolder.getSamlssoConfigService();
        sAMLMetaData.setDefaultNameIdFormat(ApplicationManagementConstants.DEFAULT_NAME_ID_FORMAT);
        try {
            sAMLMetaData.setCertificateAlias(new MetadataProperty().defaultValue(ApplicationManagementConstants.DEFAULT_CERTIFICATE_ALIAS).options(Arrays.asList(samlssoConfigService.getCertAliasOfPrimaryKeyStore())));
            sAMLMetaData.setResponseSigningAlgorithm(new MetadataProperty().defaultValue(samlssoConfigService.getSigningAlgorithmUriByConfig()).options(Arrays.asList(samlssoConfigService.getSigningAlgorithmUris())));
            sAMLMetaData.setResponseDigestAlgorithm(new MetadataProperty().defaultValue(samlssoConfigService.getDigestAlgorithmURIByConfig()).options(Arrays.asList(samlssoConfigService.getDigestAlgorithmURIs())));
            sAMLMetaData.setAssertionEncryptionAlgorithm(new MetadataProperty().defaultValue(samlssoConfigService.getAssertionEncryptionAlgorithmURIByConfig()).options(Arrays.asList(samlssoConfigService.getAssertionEncryptionAlgorithmURIs())));
            sAMLMetaData.setKeyEncryptionAlgorithm(new MetadataProperty().defaultValue(samlssoConfigService.getKeyEncryptionAlgorithmURIByConfig()).options(Arrays.asList(samlssoConfigService.getKeyEncryptionAlgorithmURIs())));
            return sAMLMetaData;
        } catch (IdentityException e) {
            throw handleException(e);
        }
    }

    public OIDCMetaData getOIDCMetadata() {
        OIDCMetaData oIDCMetaData = new OIDCMetaData();
        OAuthAdminServiceImpl oAuthAdminService = ApplicationManagementServiceHolder.getOAuthAdminService();
        LinkedList<String> linkedList = new LinkedList(Arrays.asList(oAuthAdminService.getAllowedGrantTypes()));
        ArrayList arrayList = new ArrayList();
        for (String str : linkedList) {
            GrantType grantType = new GrantType();
            if (ApplicationManagementConstants.getOAuthGrantTypeNames().keySet().contains(str)) {
                grantType.setName(str);
                grantType.setDisplayName(ApplicationManagementConstants.getOAuthGrantTypeNames().get(str));
            } else {
                grantType.setName(str);
                grantType.setDisplayName(str);
            }
            arrayList.add(grantType);
        }
        oIDCMetaData.setAllowedGrantTypes(new GrantTypeMetaData().options(arrayList));
        oIDCMetaData.setDefaultUserAccessTokenExpiryTime(String.valueOf(oAuthAdminService.getTokenExpiryTimes().getUserAccessTokenExpiryTime()));
        oIDCMetaData.defaultApplicationAccessTokenExpiryTime(String.valueOf(oAuthAdminService.getTokenExpiryTimes().getApplicationAccessTokenExpiryTime()));
        oIDCMetaData.defaultRefreshTokenExpiryTime(String.valueOf(oAuthAdminService.getTokenExpiryTimes().getRefreshTokenExpiryTime()));
        oIDCMetaData.defaultIdTokenExpiryTime(String.valueOf(oAuthAdminService.getTokenExpiryTimes().getIdTokenExpiryTime()));
        OAuthIDTokenAlgorithmDTO supportedIDTokenAlgorithms = oAuthAdminService.getSupportedIDTokenAlgorithms();
        oIDCMetaData.setIdTokenEncryptionAlgorithm(new MetadataProperty().defaultValue(supportedIDTokenAlgorithms.getDefaultIdTokenEncryptionAlgorithm()).options(supportedIDTokenAlgorithms.getSupportedIdTokenEncryptionAlgorithms()));
        oIDCMetaData.idTokenEncryptionMethod(new MetadataProperty().defaultValue(supportedIDTokenAlgorithms.getDefaultIdTokenEncryptionMethod()).options(supportedIDTokenAlgorithms.getSupportedIdTokenEncryptionMethods()));
        oIDCMetaData.setScopeValidators(new MetadataProperty().defaultValue(null).options(Arrays.asList(oAuthAdminService.getAllowedScopeValidators())));
        oIDCMetaData.accessTokenType(new MetadataProperty().defaultValue(oAuthAdminService.getDefaultTokenType()).options(oAuthAdminService.getSupportedTokenTypes()));
        List supportedTokenBindingsMetaData = oAuthAdminService.getSupportedTokenBindingsMetaData();
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add("None");
        Iterator it = supportedTokenBindingsMetaData.iterator();
        while (it.hasNext()) {
            arrayList2.add(((TokenBindingMetaDataDTO) it.next()).getTokenBindingType());
        }
        oIDCMetaData.setAccessTokenBindingType(new MetadataProperty().defaultValue("None").options(arrayList2));
        return oIDCMetaData;
    }

    public WSTrustMetaData getWSTrustMetadata() {
        WSTrustMetaData wSTrustMetaData = new WSTrustMetaData();
        try {
            if (ApplicationManagementServiceHolder.getStsAdminService() == null) {
                throw new SecurityConfigException(ApplicationManagementConstants.ErrorMessage.ERROR_WS_TRUST_METADATA_SERVICE_NOT_FOUND.getDescription());
            }
            wSTrustMetaData.setCertificateAlias(new MetadataProperty().defaultValue(null).options(Arrays.asList(ApplicationManagementServiceHolder.getStsAdminService().getCertAliasOfPrimaryKeyStore())));
            return wSTrustMetaData;
        } catch (SecurityConfigException e) {
            if (e.getMessage().equals(ApplicationManagementConstants.ErrorMessage.ERROR_WS_TRUST_METADATA_SERVICE_NOT_FOUND.getDescription())) {
                throw handleNotFoundError(e);
            }
            throw handleException(e);
        }
    }

    public CustomInboundProtocolMetaData getCustomProtocolMetadata(String str) {
        String decode = URLDecoder.decode(str);
        for (Map.Entry entry : ApplicationManagementServiceHolder.getApplicationManagementService().getAllInboundAuthenticatorConfig().entrySet()) {
            if (((AbstractInboundAuthenticatorConfig) entry.getValue()).getName().equals(decode)) {
                return new CustomInboundProtocolMetaData().displayName(((AbstractInboundAuthenticatorConfig) entry.getValue()).getFriendlyName()).configName(((AbstractInboundAuthenticatorConfig) entry.getValue()).getConfigName()).properties(getCustomInboundProtocolProperties(((AbstractInboundAuthenticatorConfig) entry.getValue()).getConfigurationProperties()));
            }
        }
        throw handleInvalidInboundProtocol(str);
    }

    private List<CustomInboundProtocolProperty> getCustomInboundProtocolProperties(Property[] propertyArr) {
        ArrayList arrayList = new ArrayList();
        for (Property property : propertyArr) {
            CustomInboundProtocolProperty customInboundProtocolProperty = new CustomInboundProtocolProperty();
            if (StringUtils.isNotBlank(property.getName())) {
                customInboundProtocolProperty.setName(property.getName());
            }
            if (StringUtils.isNotBlank(property.getDisplayName())) {
                customInboundProtocolProperty.setDisplayName(property.getDisplayName());
            }
            if (StringUtils.isNotBlank(property.getType())) {
                customInboundProtocolProperty.setType(CustomInboundProtocolProperty.TypeEnum.valueOf(property.getType().toUpperCase(Locale.ENGLISH)));
            } else {
                customInboundProtocolProperty.setType(CustomInboundProtocolProperty.TypeEnum.STRING);
            }
            customInboundProtocolProperty.setRequired(Boolean.valueOf(property.isRequired()));
            if (property.getOptions() != null) {
                customInboundProtocolProperty.setAvailableValues(Arrays.asList(property.getOptions()));
            }
            if (StringUtils.isNotBlank(property.getDefaultValue())) {
                customInboundProtocolProperty.setDefaultValue(property.getDefaultValue());
            }
            if (StringUtils.isNotBlank(property.getRegex())) {
                customInboundProtocolProperty.setValidationRegex(property.getRegex());
            }
            customInboundProtocolProperty.setDisplayOrder(Integer.valueOf(property.getDisplayOrder()));
            customInboundProtocolProperty.setIsConfidential(Boolean.valueOf(property.isConfidential()));
            arrayList.add(customInboundProtocolProperty);
        }
        return arrayList;
    }

    public AdaptiveAuthTemplates getAdaptiveAuthTemplates() {
        AdaptiveAuthTemplates adaptiveAuthTemplates = new AdaptiveAuthTemplates();
        adaptiveAuthTemplates.setTemplatesJSON(ApplicationManagementServiceHolder.getApplicationManagementService().getAuthenticationTemplatesJSON());
        return adaptiveAuthTemplates;
    }

    private APIError handleException(Exception exc) {
        ApplicationManagementConstants.ErrorMessage errorMessage = ApplicationManagementConstants.ErrorMessage.ERROR_RETRIEVING_SAML_METADATA;
        String description = errorMessage.getDescription();
        if (StringUtils.isNotBlank(exc.getMessage())) {
            description = exc.getMessage();
        }
        return Utils.buildServerError(errorMessage.getCode(), errorMessage.getMessage(), description, exc);
    }

    private APIError handleNotFoundError(Exception exc) {
        ApplicationManagementConstants.ErrorMessage errorMessage = ApplicationManagementConstants.ErrorMessage.ERROR_WS_TRUST_METADATA_SERVICE_NOT_FOUND;
        return Utils.buildNotFoundError(errorMessage.getCode(), errorMessage.getMessage(), exc.getMessage());
    }

    private APIError handleInvalidInboundProtocol(String str) {
        return Utils.buildClientError(ApplicationManagementConstants.ErrorMessage.INVALID_INBOUND_PROTOCOL.getCode(), ApplicationManagementConstants.ErrorMessage.INVALID_INBOUND_PROTOCOL.getMessage(), String.format(ApplicationManagementConstants.ErrorMessage.INVALID_INBOUND_PROTOCOL.getDescription(), str));
    }
}
