package org.wso2.carbon.identity.api.server.tenant.management.v1.core;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.time.ZoneId;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.ws.rs.core.Response;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.api.server.common.Constants;
import org.wso2.carbon.identity.api.server.common.ContextLoader;
import org.wso2.carbon.identity.api.server.common.error.APIError;
import org.wso2.carbon.identity.api.server.common.error.ErrorResponse;
import org.wso2.carbon.identity.api.server.tenant.management.common.TenantManagementConstants;
import org.wso2.carbon.identity.api.server.tenant.management.common.TenantManagementServiceHolder;
import org.wso2.carbon.identity.api.server.tenant.management.v1.model.AdditionalClaims;
import org.wso2.carbon.identity.api.server.tenant.management.v1.model.ChannelVerifiedTenantModel;
import org.wso2.carbon.identity.api.server.tenant.management.v1.model.LifeCycleStatus;
import org.wso2.carbon.identity.api.server.tenant.management.v1.model.Link;
import org.wso2.carbon.identity.api.server.tenant.management.v1.model.OwnerResponse;
import org.wso2.carbon.identity.api.server.tenant.management.v1.model.TenantListItem;
import org.wso2.carbon.identity.api.server.tenant.management.v1.model.TenantModel;
import org.wso2.carbon.identity.api.server.tenant.management.v1.model.TenantPutModel;
import org.wso2.carbon.identity.api.server.tenant.management.v1.model.TenantResponseModel;
import org.wso2.carbon.identity.api.server.tenant.management.v1.model.TenantsListResponse;
import org.wso2.carbon.identity.entitlement.endpoint.util.EntitlementEndpointConstants;
import org.wso2.carbon.identity.recovery.IdentityRecoveryException;
import org.wso2.carbon.identity.recovery.model.UserRecoveryData;
import org.wso2.carbon.identity.recovery.store.JDBCRecoveryDataStore;
import org.wso2.carbon.identity.recovery.store.UserRecoveryDataStore;
import org.wso2.carbon.stratos.common.constants.TenantConstants;
import org.wso2.carbon.stratos.common.exception.TenantManagementClientException;
import org.wso2.carbon.stratos.common.exception.TenantManagementServerException;
import org.wso2.carbon.stratos.common.exception.TenantMgtException;
import org.wso2.carbon.tenant.mgt.services.TenantMgtService;
import org.wso2.carbon.user.core.common.User;
import org.wso2.carbon.user.core.tenant.Tenant;
import org.wso2.carbon.user.core.tenant.TenantSearchResult;

/* loaded from: input_file:WEB-INF/lib/org.wso2.carbon.identity.api.server.tenant.management.v1-1.2.56.jar:org/wso2/carbon/identity/api/server/tenant/management/v1/core/ServerTenantManagementService.class */
public class ServerTenantManagementService {
    private static final Log log = LogFactory.getLog(ServerTenantManagementService.class);
    private static final String VERIFIED_LITE_USER = "verified-lite-user";
    private static final String INLINE_PASSWORD = "inline-password";
    private static final String CODE = "code";
    private static final String PURPOSE = "purpose";

    public String addTenant(TenantModel tenantModel) {
        try {
            return TenantManagementServiceHolder.getTenantMgtService().addTenant(createTenantInfoBean(tenantModel));
        } catch (TenantMgtException e) {
            throw handleTenantManagementException(e, TenantManagementConstants.ErrorMessage.ERROR_CODE_ERROR_ADDING_TENANT, null);
        }
    }

    public TenantsListResponse listTenants(Integer num, Integer num2, String str, String str2, String str3) {
        handleNotImplementedCapabilities(str3);
        try {
            return createTenantListResponse(TenantManagementServiceHolder.getTenantMgtService().listTenants(num, num2, str, str2, str3));
        } catch (TenantMgtException e) {
            throw handleTenantManagementException(e, TenantManagementConstants.ErrorMessage.ERROR_CODE_ERROR_LISTING_TENANTS, null);
        }
    }

    public TenantResponseModel getTenant(String str) {
        try {
            return createTenantResponse(TenantManagementServiceHolder.getTenantMgtService().getTenant(str));
        } catch (TenantMgtException e) {
            throw handleTenantManagementException(e, TenantManagementConstants.ErrorMessage.ERROR_CODE_ERROR_RETRIEVING_TENANT, str);
        }
    }

    public TenantResponseModel getTenantByDomain(String str) {
        try {
            return createTenantResponse(TenantManagementServiceHolder.getTenantMgtService().getTenantByDomain(str));
        } catch (TenantMgtException e) {
            throw handleTenantManagementException(e, TenantManagementConstants.ErrorMessage.ERROR_CODE_ERROR_RETRIEVING_TENANT, str);
        }
    }

    public boolean isDomainAvailable(String str) {
        try {
            return TenantManagementServiceHolder.getTenantMgtService().isDomainAvailable(str);
        } catch (TenantMgtException e) {
            throw handleTenantManagementException(e, TenantManagementConstants.ErrorMessage.ERROR_CODE_ERROR_RETRIEVING_TENANT, str);
        }
    }

    public List<OwnerResponse> getOwners(String str) {
        try {
            return createOwnerResponse(TenantManagementServiceHolder.getTenantMgtService().getOwner(str));
        } catch (TenantMgtException e) {
            throw handleTenantManagementException(e, TenantManagementConstants.ErrorMessage.ERROR_CODE_ERROR_RETRIEVING_TENANT, str);
        }
    }

    public void deleteTenantMetadata(String str) {
        try {
            TenantManagementServiceHolder.getTenantMgtService().deleteTenantMetaData(str);
        } catch (TenantMgtException e) {
            throw handleTenantManagementException(e, TenantManagementConstants.ErrorMessage.ERROR_CODE_DELETE_TENANT_METADATA, str);
        }
    }

    public String updateTenantStatus(String str, TenantPutModel tenantPutModel) {
        boolean booleanValue = tenantPutModel.getActivated().booleanValue();
        try {
            if (booleanValue) {
                TenantManagementServiceHolder.getTenantMgtService().activateTenant(str);
            } else {
                TenantManagementServiceHolder.getTenantMgtService().deactivateTenant(str);
            }
            return str;
        } catch (TenantMgtException e) {
            throw handleTenantManagementException(e, TenantManagementConstants.ErrorMessage.ERROR_CODE_UPDATE_LIFECYCLE_STATUS, String.valueOf(booleanValue));
        }
    }

    private List<OwnerResponse> createOwnerResponse(User user) {
        ArrayList arrayList = new ArrayList();
        OwnerResponse ownerResponse = new OwnerResponse();
        ownerResponse.setId(user.getUserID());
        ownerResponse.setUsername(user.getUsername());
        arrayList.add(ownerResponse);
        return arrayList;
    }

    private TenantResponseModel createTenantResponse(Tenant tenant) {
        TenantResponseModel tenantResponseModel = new TenantResponseModel();
        tenantResponseModel.setCreatedDate(getISOFormatDate(tenant.getCreatedDate()));
        tenantResponseModel.setDomain(tenant.getDomain());
        tenantResponseModel.setId(tenant.getTenantUniqueID());
        tenantResponseModel.setLifecycleStatus(getLifeCycleStatus(tenant.isActive()));
        tenantResponseModel.setOwners(getOwnerResponses(tenant));
        return tenantResponseModel;
    }

    private Tenant createTenantInfoBean(TenantModel tenantModel) throws TenantManagementClientException {
        Tenant tenant = new Tenant();
        tenant.setActive(true);
        tenant.setDomain(tenantModel.getDomain());
        if (tenantModel.getOwners() == null) {
            throw new TenantManagementClientException(TenantConstants.ErrorMessage.ERROR_CODE_OWNER_REQUIRED);
        }
        tenant.setAdminName(tenantModel.getOwners().get(0).getUsername());
        tenant.setAdminFirstName(tenantModel.getOwners().get(0).getFirstname());
        tenant.setAdminLastName(tenantModel.getOwners().get(0).getLastname());
        tenant.setEmail(tenantModel.getOwners().get(0).getEmail());
        String provisioningMethod = tenantModel.getOwners().get(0).getProvisioningMethod();
        if (INLINE_PASSWORD.equalsIgnoreCase(provisioningMethod)) {
            String password = tenantModel.getOwners().get(0).getPassword();
            if (StringUtils.isBlank(password)) {
                throw new TenantManagementClientException(TenantConstants.ErrorMessage.ERROR_CODE_MISSING_REQUIRED_PARAMETER.getCode(), String.format(TenantConstants.ErrorMessage.ERROR_CODE_MISSING_REQUIRED_PARAMETER.getMessage(), EntitlementEndpointConstants.AUTH_HEADER_PASSWORD));
            }
            tenant.setAdminPassword(password);
        }
        tenant.setProvisioningMethod(provisioningMethod);
        List<AdditionalClaims> additionalClaims = tenantModel.getOwners().get(0).getAdditionalClaims();
        if (CollectionUtils.isNotEmpty(additionalClaims)) {
            tenant.setClaimsMap(createClaimsMapping(additionalClaims));
        }
        return tenant;
    }

    private Map<String, String> createClaimsMapping(List<AdditionalClaims> list) {
        HashMap hashMap = new HashMap();
        for (AdditionalClaims additionalClaims : list) {
            hashMap.put(additionalClaims.getClaim(), additionalClaims.getValue());
        }
        return hashMap;
    }

    private TenantsListResponse createTenantListResponse(TenantSearchResult tenantSearchResult) {
        List<Tenant> tenantList = tenantSearchResult.getTenantList();
        TenantsListResponse tenantsListResponse = new TenantsListResponse();
        if (CollectionUtils.isNotEmpty(tenantList)) {
            List<TenantListItem> tenantListItems = getTenantListItems(tenantList);
            tenantsListResponse.setTenants(tenantListItems);
            tenantsListResponse.setCount(Integer.valueOf(tenantListItems.size()));
        } else {
            tenantsListResponse.setCount(0);
        }
        tenantsListResponse.setTotalResults(Integer.valueOf(tenantSearchResult.getTotalTenantCount()));
        tenantsListResponse.setStartIndex(Integer.valueOf(tenantSearchResult.getOffSet() + 1));
        tenantsListResponse.setLinks(createLinks("/v1/tenants", tenantSearchResult.getLimit(), tenantSearchResult.getOffSet(), tenantSearchResult.getTotalTenantCount(), tenantSearchResult.getFilter()));
        return tenantsListResponse;
    }

    private List<TenantListItem> getTenantListItems(List<Tenant> list) {
        ArrayList arrayList = new ArrayList();
        for (Tenant tenant : list) {
            TenantListItem tenantListItem = new TenantListItem();
            tenantListItem.setLifecycleStatus(getLifeCycleStatus(tenant.isActive()));
            tenantListItem.setCreatedDate(getISOFormatDate(tenant.getCreatedDate()));
            tenantListItem.setDomain(tenant.getDomain());
            tenantListItem.setId(tenant.getTenantUniqueID());
            tenantListItem.setOwners(getOwnerResponses(tenant));
            arrayList.add(tenantListItem);
        }
        return arrayList;
    }

    private LifeCycleStatus getLifeCycleStatus(boolean z) {
        LifeCycleStatus lifeCycleStatus = new LifeCycleStatus();
        lifeCycleStatus.setActivated(Boolean.valueOf(z));
        return lifeCycleStatus;
    }

    private List<OwnerResponse> getOwnerResponses(Tenant tenant) {
        ArrayList arrayList = new ArrayList();
        OwnerResponse ownerResponse = new OwnerResponse();
        ownerResponse.setUsername(tenant.getAdminName());
        ownerResponse.setId(tenant.getAdminUserId());
        arrayList.add(ownerResponse);
        return arrayList;
    }

    private List<Link> createLinks(String str, int i, int i2, int i3, String str2) {
        ArrayList arrayList = new ArrayList();
        if (i > 0 && i2 >= 0 && i2 + i < i3) {
            arrayList.add(buildPageLink(new StringBuilder(str), "next", i2 + i, i, str2));
        }
        if (i2 > 0 && i > 0) {
            if (i2 - i >= 0) {
                arrayList.add(buildPageLink(new StringBuilder(str), "previous", calculateOffsetForPreviousLink(i2, i, i3), i, str2));
            } else {
                arrayList.add(buildPageLink(new StringBuilder(str), "previous", 0, i2, str2));
            }
        }
        return arrayList;
    }

    private Link buildPageLink(StringBuilder sb, String str, int i, int i2, String str2) {
        if (StringUtils.isNotBlank(str2)) {
            try {
                sb.append(String.format("?offset=%d&limit=%d&filter=%s", Integer.valueOf(i), Integer.valueOf(i2), URLEncoder.encode(str2, StandardCharsets.UTF_8.name())));
            } catch (UnsupportedEncodingException e) {
                throw handleException(Response.Status.INTERNAL_SERVER_ERROR, TenantManagementConstants.ErrorMessage.ERROR_CODE_BUILDING_LINKS, "Unable to url-encode filter: " + str2);
            }
        } else {
            sb.append(String.format("?offset=%d&limit=%d", Integer.valueOf(i), Integer.valueOf(i2)));
        }
        return new Link().rel(str).href(ContextLoader.buildURIForBody(sb.toString()).toString());
    }

    private int calculateOffsetForPreviousLink(int i, int i2, int i3) {
        int i4 = i - i2;
        return i4 < i3 ? i4 : calculateOffsetForPreviousLink(i4, i2, i3);
    }

    private APIError handleException(Response.Status status, TenantManagementConstants.ErrorMessage errorMessage, String str) {
        return new APIError(status, getErrorBuilder(errorMessage, str).build());
    }

    private APIError handleTenantManagementException(TenantMgtException tenantMgtException, TenantManagementConstants.ErrorMessage errorMessage, String str) {
        ErrorResponse build;
        Response.Status status;
        if (tenantMgtException instanceof TenantManagementClientException) {
            if (Constants.ERROR_CODE_RESOURCE_LIMIT_REACHED.equals(tenantMgtException.getErrorCode())) {
                return handleResourceLimitReached();
            }
            build = getErrorBuilder(errorMessage, str).build(log, tenantMgtException.getMessage());
            if (tenantMgtException.getErrorCode() != null) {
                build.setCode(tenantMgtException.getErrorCode());
            }
            build.setDescription(tenantMgtException.getMessage());
            status = Response.Status.BAD_REQUEST;
        } else if (tenantMgtException instanceof TenantManagementServerException) {
            build = getErrorBuilder(errorMessage, str).build(log, tenantMgtException, errorMessage.getDescription());
            if (tenantMgtException.getErrorCode() != null) {
                build.setCode(tenantMgtException.getErrorCode());
            }
            build.setDescription(tenantMgtException.getMessage());
            status = Response.Status.INTERNAL_SERVER_ERROR;
        } else {
            build = getErrorBuilder(errorMessage, str).build(log, tenantMgtException, errorMessage.getDescription());
            status = Response.Status.INTERNAL_SERVER_ERROR;
        }
        return new APIError(status, build);
    }

    private APIError handleResourceLimitReached() {
        return new APIError(Response.Status.FORBIDDEN, getErrorBuilder(TenantManagementConstants.ErrorMessage.ERROR_CODE_TENANT_LIMIT_REACHED, null).build(log, TenantManagementConstants.ErrorMessage.ERROR_CODE_TENANT_LIMIT_REACHED.getDescription()));
    }

    private ErrorResponse.Builder getErrorBuilder(TenantManagementConstants.ErrorMessage errorMessage, String str) {
        return new ErrorResponse.Builder().withCode(errorMessage.getCode()).withMessage(errorMessage.getMessage()).withDescription(includeData(errorMessage, str));
    }

    private static String includeData(TenantManagementConstants.ErrorMessage errorMessage, String str) {
        return StringUtils.isNotBlank(str) ? String.format(errorMessage.getDescription(), str) : errorMessage.getDescription();
    }

    private void handleNotImplementedCapabilities(String str) {
        TenantManagementConstants.ErrorMessage errorMessage = null;
        if (str != null) {
            errorMessage = TenantManagementConstants.ErrorMessage.ERROR_CODE_FILTER_NOT_IMPLEMENTED;
        }
        if (errorMessage != null) {
            throw new APIError(Response.Status.NOT_IMPLEMENTED, getErrorBuilder(errorMessage, null).build(log, errorMessage.getDescription()));
        }
    }

    public String addTenant(ChannelVerifiedTenantModel channelVerifiedTenantModel) {
        TenantMgtService tenantMgtService = TenantManagementServiceHolder.getTenantMgtService();
        try {
            validateInputAgainstCode(channelVerifiedTenantModel);
            return tenantMgtService.addTenant(createTenantInfoBean(channelVerifiedTenantModel));
        } catch (TenantMgtException e) {
            throw handleTenantManagementException(e, TenantManagementConstants.ErrorMessage.ERROR_CODE_ERROR_ADDING_TENANT, null);
        }
    }

    private void validateInputAgainstCode(ChannelVerifiedTenantModel channelVerifiedTenantModel) throws TenantManagementClientException {
        String code = channelVerifiedTenantModel.getCode();
        if (StringUtils.isBlank(code)) {
            throw new TenantManagementClientException(TenantConstants.ErrorMessage.ERROR_CODE_MISSING_REQUIRED_PARAMETER.getCode(), String.format(TenantConstants.ErrorMessage.ERROR_CODE_MISSING_REQUIRED_PARAMETER.getMessage(), CODE));
        }
        UserRecoveryDataStore jDBCRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
        try {
            UserRecoveryData load = jDBCRecoveryDataStore.load(code);
            if (load != null && load.getUser() != null && channelVerifiedTenantModel.getOwners() != null && channelVerifiedTenantModel.getOwners().get(0) != null && channelVerifiedTenantModel.getOwners().get(0).getEmail() != null && channelVerifiedTenantModel.getOwners().get(0).getEmail().equalsIgnoreCase(load.getUser().getUserName())) {
                jDBCRecoveryDataStore.invalidate(code);
            } else {
                jDBCRecoveryDataStore.invalidate(code);
                log.warn("The confirmed email using the code and submitted emails are different.");
                throw new TenantManagementClientException(TenantConstants.ErrorMessage.ERROR_CODE_INVALID_EMAIL.getCode(), String.format(TenantConstants.ErrorMessage.ERROR_CODE_INVALID_EMAIL.getMessage(), CODE));
            }
        } catch (IdentityRecoveryException e) {
            throw handleException(Response.Status.UNAUTHORIZED, TenantManagementConstants.ErrorMessage.ERROR_CODE_ERROR_VALIDATING_TENANT_CODE, null);
        }
    }

    private Tenant createTenantInfoBean(ChannelVerifiedTenantModel channelVerifiedTenantModel) throws TenantManagementClientException {
        Tenant tenant = new Tenant();
        HashMap hashMap = new HashMap();
        tenant.setActive(true);
        tenant.setDomain(StringUtils.lowerCase(channelVerifiedTenantModel.getDomain()));
        if (channelVerifiedTenantModel.getOwners() == null || channelVerifiedTenantModel.getOwners().size() <= 0 || channelVerifiedTenantModel.getOwners().get(0) == null) {
            throw new TenantManagementClientException(TenantConstants.ErrorMessage.ERROR_CODE_OWNER_REQUIRED);
        }
        tenant.setAdminName(channelVerifiedTenantModel.getOwners().get(0).getEmail());
        tenant.setAdminFirstName(channelVerifiedTenantModel.getOwners().get(0).getFirstname());
        tenant.setAdminLastName(channelVerifiedTenantModel.getOwners().get(0).getLastname());
        tenant.setEmail(channelVerifiedTenantModel.getOwners().get(0).getEmail());
        tenant.setProvisioningMethod(VERIFIED_LITE_USER);
        String password = channelVerifiedTenantModel.getOwners().get(0).getPassword();
        if (StringUtils.isBlank(channelVerifiedTenantModel.getCode())) {
            throw new TenantManagementClientException(TenantConstants.ErrorMessage.ERROR_CODE_MISSING_REQUIRED_PARAMETER.getCode(), String.format(TenantConstants.ErrorMessage.ERROR_CODE_MISSING_REQUIRED_PARAMETER.getMessage(), CODE));
        }
        if (channelVerifiedTenantModel.getPurpose() != null) {
            hashMap.put(PURPOSE, channelVerifiedTenantModel.getPurpose().getName());
            if (!CollectionUtils.isEmpty(channelVerifiedTenantModel.getPurpose().getAttributes())) {
                channelVerifiedTenantModel.getPurpose().getAttributes().forEach(attribute -> {
                    hashMap.put("purpose_" + attribute.getKey(), attribute.getValue());
                });
            }
        }
        tenant.setClaimsMap(hashMap);
        tenant.setAdminPassword(password);
        List<AdditionalClaims> additionalClaims = channelVerifiedTenantModel.getOwners().get(0).getAdditionalClaims();
        if (CollectionUtils.isNotEmpty(additionalClaims)) {
            tenant.setClaimsMap(createClaimsMapping(additionalClaims));
        }
        return tenant;
    }

    private String getISOFormatDate(Date date) {
        return DateTimeFormatter.ISO_OFFSET_DATE_TIME.format(ZonedDateTime.ofInstant(date.toInstant(), ZoneId.systemDefault()).withZoneSameInstant(ZoneId.of("UTC")));
    }
}
