package org.wso2.carbon.identity.api.expired.password.identification.v1.core;

import java.time.LocalDate;
import java.time.LocalDateTime;
import java.time.format.DateTimeParseException;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Pattern;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.api.expired.password.identification.common.PasswordExpiryServiceHolder;
import org.wso2.carbon.identity.api.expired.password.identification.common.util.ExpiredPasswordIdentificationConstants;
import org.wso2.carbon.identity.api.expired.password.identification.v1.model.PasswordExpiredUser;
import org.wso2.carbon.identity.api.server.common.error.APIError;
import org.wso2.carbon.identity.api.server.common.error.ErrorResponse;
import org.wso2.carbon.identity.application.authentication.framework.exception.PostAuthenticationFailedException;
import org.wso2.carbon.identity.password.expiry.exceptions.ExpiredPasswordIdentificationClientException;
import org.wso2.carbon.identity.password.expiry.exceptions.ExpiredPasswordIdentificationException;
import org.wso2.carbon.identity.password.expiry.exceptions.ExpiredPasswordIdentificationServerException;
import org.wso2.carbon.identity.password.expiry.models.PasswordExpiredUserModel;
import org.wso2.carbon.identity.password.expiry.util.PasswordPolicyUtils;

/* loaded from: input_file:WEB-INF/lib/org.wso2.carbon.identity.api.expired.password.identification.v1-1.2.112.jar:org/wso2/carbon/identity/api/expired/password/identification/v1/core/PasswordExpiredUsersManagementApiService.class */
public class PasswordExpiredUsersManagementApiService {
    private static final Log LOG = LogFactory.getLog(PasswordExpiredUsersManagementApiService.class);

    public List<PasswordExpiredUser> getPasswordExpiredUsers(String str, String str2, String str3) {
        try {
            validateDates(str, str2);
            validatePasswordExpiryFeatureEnabled(str3);
            LocalDateTime convertToDateObject = convertToDateObject(str, ExpiredPasswordIdentificationConstants.DATE_EXPIRED_AFTER);
            LocalDateTime convertToDateObject2 = convertToDateObject(str2, ExpiredPasswordIdentificationConstants.DATE_EXCLUDE_AFTER);
            return buildResponse(convertToDateObject2 == null ? PasswordExpiryServiceHolder.getExpiredPasswordIdentificationService().getPasswordExpiredUsersFromSpecificDate(convertToDateObject, str3) : PasswordExpiryServiceHolder.getExpiredPasswordIdentificationService().getPasswordExpiredUsersBetweenSpecificDates(convertToDateObject, convertToDateObject2, str3));
        } catch (ExpiredPasswordIdentificationException e) {
            throw handleExpiredPasswordIdentificationException(e, ExpiredPasswordIdentificationConstants.ErrorMessage.ERROR_RETRIEVING_PASSWORD_EXPIRED_USERS, str3);
        }
    }

    private void validateDates(String str, String str2) throws ExpiredPasswordIdentificationClientException {
        validateDateFormat(str, ExpiredPasswordIdentificationConstants.DATE_EXPIRED_AFTER);
        if (StringUtils.isNotEmpty(str2)) {
            validateDateFormat(str2, ExpiredPasswordIdentificationConstants.DATE_EXCLUDE_AFTER);
        }
    }

    private void validateDateFormat(String str, String str2) throws ExpiredPasswordIdentificationClientException {
        if (Pattern.matches("^\\d{4}-\\d{2}-\\d{2}$", str)) {
            return;
        }
        ExpiredPasswordIdentificationConstants.ErrorMessage errorMessage = ExpiredPasswordIdentificationConstants.ErrorMessage.ERROR_DATE_REGEX_MISMATCH;
        throw new ExpiredPasswordIdentificationClientException(errorMessage.getCode(), errorMessage.getMessage(), String.format(errorMessage.getDescription(), str2));
    }

    private LocalDateTime convertToDateObject(String str, String str2) throws ExpiredPasswordIdentificationClientException {
        try {
            if (StringUtils.isEmpty(str)) {
                return null;
            }
            return LocalDate.parse(str).atStartOfDay();
        } catch (DateTimeParseException e) {
            ExpiredPasswordIdentificationConstants.ErrorMessage errorMessage = ExpiredPasswordIdentificationConstants.ErrorMessage.ERROR_INVALID_DATE;
            throw new ExpiredPasswordIdentificationClientException(errorMessage.getCode(), errorMessage.getMessage(), String.format(errorMessage.getDescription(), str2));
        }
    }

    private List<PasswordExpiredUser> buildResponse(List<PasswordExpiredUserModel> list) {
        ArrayList arrayList = new ArrayList();
        for (PasswordExpiredUserModel passwordExpiredUserModel : list) {
            PasswordExpiredUser passwordExpiredUser = new PasswordExpiredUser();
            passwordExpiredUser.setUsername(passwordExpiredUserModel.getUsername());
            passwordExpiredUser.setUserStoreDomain(passwordExpiredUserModel.getUserStoreDomain());
            passwordExpiredUser.setUserId(passwordExpiredUserModel.getUserId());
            arrayList.add(passwordExpiredUser);
        }
        return arrayList;
    }

    private APIError handleExpiredPasswordIdentificationException(ExpiredPasswordIdentificationException expiredPasswordIdentificationException, ExpiredPasswordIdentificationConstants.ErrorMessage errorMessage, String str) {
        ErrorResponse build;
        Response.Status status;
        if (expiredPasswordIdentificationException instanceof ExpiredPasswordIdentificationClientException) {
            build = getErrorBuilder(errorMessage, str).build(LOG, expiredPasswordIdentificationException.getMessage());
            if (expiredPasswordIdentificationException.getErrorCode() != null) {
                build.setCode(expiredPasswordIdentificationException.getErrorCode());
            }
            build.setDescription(expiredPasswordIdentificationException.getMessage());
            if (StringUtils.isNotEmpty(expiredPasswordIdentificationException.getDescription())) {
                build.setMessage(expiredPasswordIdentificationException.getMessage());
                build.setDescription(expiredPasswordIdentificationException.getDescription());
            }
            status = ExpiredPasswordIdentificationConstants.ErrorMessage.ERROR_REQUIRED_PARAMETER_MISSING.getCode().equals(expiredPasswordIdentificationException.getErrorCode()) ? Response.Status.NOT_FOUND : ExpiredPasswordIdentificationConstants.ErrorMessage.PASSWORD_EXPIRY_FEATURE_NOT_ENABLED.getCode().equals(expiredPasswordIdentificationException.getErrorCode()) ? Response.Status.METHOD_NOT_ALLOWED : Response.Status.BAD_REQUEST;
        } else if (expiredPasswordIdentificationException instanceof ExpiredPasswordIdentificationServerException) {
            build = getErrorBuilder(errorMessage, str).build(LOG, expiredPasswordIdentificationException, errorMessage.getDescription());
            if (expiredPasswordIdentificationException.getErrorCode() != null) {
                build.setCode(expiredPasswordIdentificationException.getErrorCode());
            }
            build.setDescription(expiredPasswordIdentificationException.getMessage());
            status = Response.Status.INTERNAL_SERVER_ERROR;
        } else {
            build = getErrorBuilder(errorMessage, str).build(LOG, expiredPasswordIdentificationException, errorMessage.getDescription());
            status = Response.Status.INTERNAL_SERVER_ERROR;
        }
        return new APIError(status, build);
    }

    private ErrorResponse.Builder getErrorBuilder(ExpiredPasswordIdentificationConstants.ErrorMessage errorMessage, String str) {
        return new ErrorResponse.Builder().withCode(errorMessage.getCode()).withMessage(errorMessage.getMessage()).withDescription(includeData(errorMessage, str));
    }

    private String includeData(ExpiredPasswordIdentificationConstants.ErrorMessage errorMessage, String str) {
        return StringUtils.isNotBlank(str) ? String.format(errorMessage.getDescription(), str) : errorMessage.getDescription();
    }

    private void validatePasswordExpiryFeatureEnabled(String str) throws ExpiredPasswordIdentificationException {
        try {
            if (PasswordPolicyUtils.isPasswordExpiryEnabled(str)) {
                return;
            }
            ExpiredPasswordIdentificationConstants.ErrorMessage errorMessage = ExpiredPasswordIdentificationConstants.ErrorMessage.PASSWORD_EXPIRY_FEATURE_NOT_ENABLED;
            throw new ExpiredPasswordIdentificationClientException(errorMessage.getCode(), errorMessage.getMessage(), errorMessage.getDescription());
        } catch (PostAuthenticationFailedException e) {
            throw new ExpiredPasswordIdentificationServerException(e);
        }
    }
}
