package org.wso2.carbon.identity.application.authenticator.fido2.endpoint.impl;

import java.util.Iterator;
import javax.ws.rs.core.Response;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authenticator.fido2.core.WebAuthnService;
import org.wso2.carbon.identity.application.authenticator.fido2.endpoint.CredentialIdApiService;
import org.wso2.carbon.identity.application.authenticator.fido2.endpoint.common.FIDO2Constants;
import org.wso2.carbon.identity.application.authenticator.fido2.endpoint.common.Util;
import org.wso2.carbon.identity.application.authenticator.fido2.endpoint.dto.PatchDTO;
import org.wso2.carbon.identity.application.authenticator.fido2.endpoint.dto.PatchRequestDTO;
import org.wso2.carbon.identity.application.authenticator.fido2.exception.FIDO2AuthenticatorClientException;
import org.wso2.carbon.identity.application.authenticator.fido2.exception.FIDO2AuthenticatorServerException;

/* loaded from: input_file:WEB-INF/lib/org.wso2.carbon.identity.api.user.fido2-5.3.23.jar:org/wso2/carbon/identity/application/authenticator/fido2/endpoint/impl/CredentialIdApiServiceImpl.class */
public class CredentialIdApiServiceImpl extends CredentialIdApiService {
    private static final Log LOG = LogFactory.getLog(CredentialIdApiServiceImpl.class);
    public static final String AUTHENTICATED_WITH_BASIC_AUTH = "AuthenticatedWithBasicAuth";

    @Override // org.wso2.carbon.identity.application.authenticator.fido2.endpoint.CredentialIdApiService
    public Response credentialIdDelete(String str) {
        if (!Util.isValidAuthenticationType()) {
            return Response.status(Response.Status.FORBIDDEN).entity(Util.getErrorDTO(FIDO2Constants.ErrorMessages.ERROR_CODE_ACCESS_DENIED_FOR_BASIC_AUTH, new String[0])).build();
        }
        try {
            new WebAuthnService().deregisterFIDO2Credential(str);
            return Response.ok().build();
        } catch (FIDO2AuthenticatorClientException e) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Client error while deleting FIDO2 credentialId: " + str, e);
            }
            return FIDO2Constants.ErrorMessages.ERROR_CODE_DELETE_REGISTRATION_CREDENTIAL_UNAVAILABLE.getCode().equals(e.getErrorCode()) ? Response.status(Response.Status.NOT_FOUND).entity(Util.getErrorDTO(FIDO2Constants.ErrorMessages.ERROR_CODE_DELETE_REGISTRATION_CREDENTIAL_UNAVAILABLE, str)).build() : Response.status(Response.Status.BAD_REQUEST).entity(Util.getErrorDTO(FIDO2Constants.ErrorMessages.ERROR_CODE_DELETE_REGISTRATION_INVALID_CREDENTIAL, str)).build();
        } catch (FIDO2AuthenticatorServerException e2) {
            LOG.error("Unexpected server exception while deleting FIDO2 credentialId: " + str, e2);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(Util.getErrorDTO(FIDO2Constants.ErrorMessages.ERROR_CODE_DELETE_CREDENTIALS, str)).build();
        }
    }

    @Override // org.wso2.carbon.identity.application.authenticator.fido2.endpoint.CredentialIdApiService
    public Response credentialIdPatch(String str, PatchRequestDTO patchRequestDTO) {
        if (!Util.isValidAuthenticationType()) {
            return Response.status(Response.Status.FORBIDDEN).entity(Util.getErrorDTO(FIDO2Constants.ErrorMessages.ERROR_CODE_ACCESS_DENIED_FOR_BASIC_AUTH, new String[0])).build();
        }
        WebAuthnService webAuthnService = new WebAuthnService();
        try {
            String processAndFetchNewDisplayName = processAndFetchNewDisplayName(patchRequestDTO);
            if (!StringUtils.isNotBlank(processAndFetchNewDisplayName)) {
                return Response.status(Response.Status.BAD_REQUEST).entity(Util.getErrorDTO(FIDO2Constants.ErrorMessages.ERROR_CODE_INVALID_INPUT, null)).build();
            }
            webAuthnService.updateFIDO2DeviceDisplayName(str, processAndFetchNewDisplayName);
            return Response.ok().build();
        } catch (FIDO2AuthenticatorServerException e) {
            LOG.error("Unexpected server exception while updating the display name of device with credentialId: " + str, e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(Util.getErrorDTO(FIDO2Constants.ErrorMessages.ERROR_CODE_UPDATE_DISPLAY_NAME, str)).build();
        } catch (FIDO2AuthenticatorClientException e2) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Client error while updating the display name of FIDO device with credentialId: " + str, e2);
            }
            return FIDO2Constants.ErrorMessages.ERROR_CODE_UPDATE_REGISTRATION_CREDENTIAL_UNAVAILABLE.getCode().equals(e2.getErrorCode()) ? Response.status(Response.Status.NOT_FOUND).entity(Util.getErrorDTO(FIDO2Constants.ErrorMessages.ERROR_CODE_UPDATE_REGISTRATION_CREDENTIAL_UNAVAILABLE, str)).build() : Response.status(Response.Status.BAD_REQUEST).entity(Util.getErrorDTO(FIDO2Constants.ErrorMessages.ERROR_CODE_UPDATE_REGISTRATION_INVALID_CREDENTIAL, str)).build();
        }
    }

    private String processAndFetchNewDisplayName(PatchRequestDTO patchRequestDTO) {
        if (CollectionUtils.isEmpty(patchRequestDTO)) {
            return null;
        }
        String str = null;
        Iterator<PatchDTO> it = patchRequestDTO.iterator();
        while (it.hasNext()) {
            PatchDTO next = it.next();
            String path = next.getPath();
            if (next.getOperation() == PatchDTO.OperationEnum.REPLACE && FIDO2Constants.DISPLAY_NAME_PATH.equals(path)) {
                str = next.getValue();
            }
        }
        return str;
    }
}
