package org.wso2.carbon.is.migration.service.v570.migrator;

import java.sql.Connection;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.io.Charsets;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.json.JSONException;
import org.json.JSONObject;
import org.wso2.carbon.core.util.CryptoException;
import org.wso2.carbon.core.util.CryptoUtil;
import org.wso2.carbon.identity.core.migrate.MigrationClientException;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
import org.wso2.carbon.identity.oauth.tokenprocessor.HashingPersistenceProcessor;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.is.migration.service.Migrator;
import org.wso2.carbon.is.migration.service.v550.bean.AuthzCodeInfo;
import org.wso2.carbon.is.migration.service.v550.bean.OauthTokenInfo;
import org.wso2.carbon.is.migration.service.v550.util.OAuth2Util;
import org.wso2.carbon.is.migration.service.v570.dao.OAuthDAO;

/* loaded from: input_file:org/wso2/carbon/is/migration/service/v570/migrator/OAuthDataMigrator.class */
public class OAuthDataMigrator extends Migrator {
    private static final Log log = LogFactory.getLog(OAuthDataMigrator.class);
    private static String hashingAlgo = OAuthServerConfiguration.getInstance().getHashAlgorithm();
    private static final String ALGORITHM = "algorithm";
    private static final String HASH = "hash";

    @Override // org.wso2.carbon.is.migration.service.Migrator
    public void migrate() throws MigrationClientException {
        migrateTokenHash();
        migrateAuthzCodeHash();
    }

    public void migrateTokenHash() throws MigrationClientException {
        log.info(" WSO2 Product Migration Service Task : Migration starting on OAuth2 access token table.");
        try {
            List<OauthTokenInfo> updateHashColumnValues = updateHashColumnValues(getTokenList(), hashingAlgo);
            try {
                Connection connection = getDataSource().getConnection();
                Throwable th = null;
                try {
                    try {
                        OAuthDAO.getInstance().updateNewTokenHash(updateHashColumnValues, connection);
                        connection.commit();
                        if (connection != null) {
                            if (0 != 0) {
                                try {
                                    connection.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                connection.close();
                            }
                        }
                    } finally {
                    }
                } catch (Throwable th3) {
                    if (connection != null) {
                        if (th != null) {
                            try {
                                connection.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            connection.close();
                        }
                    }
                    throw th3;
                }
            } catch (SQLException e) {
                throw new MigrationClientException("SQL error while updating token hash", e);
            }
        } catch (IdentityOAuth2Exception e2) {
            throw new MigrationClientException("Error while migrating tokens.", e2);
        } catch (CryptoException e3) {
            throw new MigrationClientException("Error while encrypting tokens.", e3);
        }
    }

    public void migrateAuthzCodeHash() throws MigrationClientException {
        log.info(" WSO2 Product Migration Service Task : Migration starting on Authorization code table");
        try {
            List<AuthzCodeInfo> updateAuthzCodeHashColumnValues = updateAuthzCodeHashColumnValues(getAuthzCoedList(), hashingAlgo);
            try {
                Connection connection = getDataSource().getConnection();
                Throwable th = null;
                try {
                    try {
                        OAuthDAO.getInstance().updateNewAuthzCodeHash(updateAuthzCodeHashColumnValues, connection);
                        connection.commit();
                        if (connection != null) {
                            if (0 != 0) {
                                try {
                                    connection.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                connection.close();
                            }
                        }
                    } finally {
                    }
                } catch (Throwable th3) {
                    if (connection != null) {
                        if (th != null) {
                            try {
                                connection.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            connection.close();
                        }
                    }
                    throw th3;
                }
            } catch (SQLException e) {
                throw new MigrationClientException("SQL error while updating authorization code hash", e);
            }
        } catch (IdentityOAuth2Exception e2) {
            throw new MigrationClientException("Error while migrating authorization codes.", e2);
        } catch (CryptoException e3) {
            throw new MigrationClientException("Error while encrypting authorization codes.", e3);
        }
    }

    private List<OauthTokenInfo> getTokenList() throws MigrationClientException {
        try {
            Connection connection = getDataSource().getConnection();
            Throwable th = null;
            try {
                try {
                    List<OauthTokenInfo> allAccessTokens = OAuthDAO.getInstance().getAllAccessTokens(connection);
                    connection.commit();
                    if (connection != null) {
                        if (0 != 0) {
                            try {
                                connection.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            connection.close();
                        }
                    }
                    return allAccessTokens;
                } finally {
                }
            } finally {
            }
        } catch (SQLException e) {
            throw new MigrationClientException("SQL error while retrieving token hash", e);
        }
    }

    private List<AuthzCodeInfo> getAuthzCoedList() throws MigrationClientException {
        try {
            Connection connection = getDataSource().getConnection();
            Throwable th = null;
            try {
                try {
                    List<AuthzCodeInfo> allAuthzCodes = OAuthDAO.getInstance().getAllAuthzCodes(connection);
                    connection.commit();
                    if (connection != null) {
                        if (0 != 0) {
                            try {
                                connection.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            connection.close();
                        }
                    }
                    return allAuthzCodes;
                } finally {
                }
            } finally {
            }
        } catch (SQLException e) {
            throw new MigrationClientException("SQL error while retrieving authorization code hash", e);
        }
    }

    private boolean isBase64DecodeAndIsSelfContainedCipherText(String str) throws CryptoException {
        return CryptoUtil.getDefaultCryptoUtil().base64DecodeAndIsSelfContainedCipherText(str);
    }

    private List<OauthTokenInfo> updateHashColumnValues(List<OauthTokenInfo> list, String str) throws CryptoException, IdentityOAuth2Exception {
        ArrayList arrayList = new ArrayList();
        if (list != null) {
            boolean isEncryptionWithTransformationEnabled = OAuth2Util.isEncryptionWithTransformationEnabled();
            for (OauthTokenInfo oauthTokenInfo : list) {
                String accessToken = oauthTokenInfo.getAccessToken();
                String refreshToken = oauthTokenInfo.getRefreshToken();
                if (isEncryptionWithTransformationEnabled) {
                    if (!isBase64DecodeAndIsSelfContainedCipherText(accessToken)) {
                        byte[] base64DecodeAndDecrypt = CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(accessToken, "RSA");
                        String encryptAndBase64Encode = CryptoUtil.getDefaultCryptoUtil().encryptAndBase64Encode(base64DecodeAndDecrypt);
                        byte[] bArr = null;
                        String str2 = null;
                        if (refreshToken != null) {
                            bArr = CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(refreshToken, "RSA");
                            str2 = CryptoUtil.getDefaultCryptoUtil().encryptAndBase64Encode(bArr);
                        }
                        HashingPersistenceProcessor hashingPersistenceProcessor = new HashingPersistenceProcessor();
                        String processedAccessTokenIdentifier = hashingPersistenceProcessor.getProcessedAccessTokenIdentifier(new String(base64DecodeAndDecrypt, Charsets.UTF_8));
                        String processedRefreshToken = refreshToken != null ? hashingPersistenceProcessor.getProcessedRefreshToken(new String(bArr, Charsets.UTF_8)) : null;
                        OauthTokenInfo oauthTokenInfo2 = new OauthTokenInfo(encryptAndBase64Encode, str2, oauthTokenInfo.getTokenId());
                        oauthTokenInfo2.setAccessTokenHash(processedAccessTokenIdentifier);
                        if (refreshToken != null) {
                            oauthTokenInfo2.setRefreshTokenhash(processedRefreshToken);
                        }
                        arrayList.add(oauthTokenInfo2);
                    } else if (StringUtils.isBlank(oauthTokenInfo.getAccessTokenHash())) {
                        byte[] base64DecodeAndDecrypt2 = CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(accessToken);
                        byte[] base64DecodeAndDecrypt3 = refreshToken != null ? CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(refreshToken) : null;
                        HashingPersistenceProcessor hashingPersistenceProcessor2 = new HashingPersistenceProcessor();
                        String processedAccessTokenIdentifier2 = hashingPersistenceProcessor2.getProcessedAccessTokenIdentifier(new String(base64DecodeAndDecrypt2, Charsets.UTF_8));
                        String processedRefreshToken2 = refreshToken != null ? hashingPersistenceProcessor2.getProcessedRefreshToken(new String(base64DecodeAndDecrypt3, Charsets.UTF_8)) : null;
                        OauthTokenInfo oauthTokenInfo3 = new OauthTokenInfo(accessToken, refreshToken, oauthTokenInfo.getTokenId());
                        oauthTokenInfo3.setAccessTokenHash(processedAccessTokenIdentifier2);
                        if (refreshToken != null) {
                            oauthTokenInfo3.setRefreshTokenhash(processedRefreshToken2);
                        }
                        arrayList.add(oauthTokenInfo3);
                    }
                } else if (StringUtils.isBlank(oauthTokenInfo.getAccessTokenHash())) {
                    arrayList.add(getOauthTokenInfo(oauthTokenInfo, accessToken, refreshToken));
                } else {
                    String accessTokenHash = oauthTokenInfo.getAccessTokenHash();
                    try {
                        new JSONObject(accessTokenHash);
                    } catch (JSONException e) {
                        JSONObject jSONObject = new JSONObject();
                        jSONObject.put(ALGORITHM, str);
                        jSONObject.put(HASH, accessTokenHash);
                        oauthTokenInfo.setAccessTokenHash(jSONObject.toString());
                        JSONObject jSONObject2 = new JSONObject();
                        String refreshTokenhash = oauthTokenInfo.getRefreshTokenhash();
                        jSONObject2.put(ALGORITHM, str);
                        jSONObject2.put(HASH, refreshTokenhash);
                        oauthTokenInfo.setRefreshTokenhash(jSONObject2.toString());
                        arrayList.add(oauthTokenInfo);
                    }
                }
            }
        }
        return arrayList;
    }

    private OauthTokenInfo getOauthTokenInfo(OauthTokenInfo oauthTokenInfo, String str, String str2) throws IdentityOAuth2Exception {
        HashingPersistenceProcessor hashingPersistenceProcessor = new HashingPersistenceProcessor();
        String str3 = null;
        String processedAccessTokenIdentifier = hashingPersistenceProcessor.getProcessedAccessTokenIdentifier(str);
        if (str2 != null) {
            str3 = hashingPersistenceProcessor.getProcessedRefreshToken(str2);
        }
        OauthTokenInfo oauthTokenInfo2 = new OauthTokenInfo(str, str2, oauthTokenInfo.getTokenId());
        oauthTokenInfo2.setAccessTokenHash(processedAccessTokenIdentifier);
        if (str2 != null) {
            oauthTokenInfo2.setRefreshTokenhash(str3);
        }
        return oauthTokenInfo2;
    }

    private AuthzCodeInfo getAuthzCodeInfo(AuthzCodeInfo authzCodeInfo, String str) throws IdentityOAuth2Exception {
        String processedAuthzCode = new HashingPersistenceProcessor().getProcessedAuthzCode(str);
        AuthzCodeInfo authzCodeInfo2 = new AuthzCodeInfo(str, authzCodeInfo.getCodeId());
        authzCodeInfo2.setAuthorizationCodeHash(processedAuthzCode);
        return authzCodeInfo2;
    }

    private List<AuthzCodeInfo> updateAuthzCodeHashColumnValues(List<AuthzCodeInfo> list, String str) throws IdentityOAuth2Exception, CryptoException {
        ArrayList arrayList = new ArrayList();
        if (list != null) {
            boolean isEncryptionWithTransformationEnabled = OAuth2Util.isEncryptionWithTransformationEnabled();
            for (AuthzCodeInfo authzCodeInfo : list) {
                String authorizationCode = authzCodeInfo.getAuthorizationCode();
                if (isEncryptionWithTransformationEnabled) {
                    if (!isBase64DecodeAndIsSelfContainedCipherText(authorizationCode)) {
                        byte[] base64DecodeAndDecrypt = CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(authorizationCode, "RSA");
                        String encryptAndBase64Encode = CryptoUtil.getDefaultCryptoUtil().encryptAndBase64Encode(base64DecodeAndDecrypt);
                        String processedAuthzCode = new HashingPersistenceProcessor().getProcessedAuthzCode(new String(base64DecodeAndDecrypt, Charsets.UTF_8));
                        AuthzCodeInfo authzCodeInfo2 = new AuthzCodeInfo(encryptAndBase64Encode, authzCodeInfo.getCodeId());
                        authzCodeInfo2.setAuthorizationCodeHash(processedAuthzCode);
                        arrayList.add(authzCodeInfo2);
                    } else if (StringUtils.isBlank(authzCodeInfo.getAuthorizationCodeHash())) {
                        String processedAuthzCode2 = new HashingPersistenceProcessor().getProcessedAuthzCode(new String(CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(authorizationCode), Charsets.UTF_8));
                        AuthzCodeInfo authzCodeInfo3 = new AuthzCodeInfo(authorizationCode, authzCodeInfo.getCodeId());
                        authzCodeInfo3.setAuthorizationCodeHash(processedAuthzCode2);
                        arrayList.add(authzCodeInfo3);
                    }
                } else if (StringUtils.isBlank(authzCodeInfo.getAuthorizationCodeHash())) {
                    arrayList.add(getAuthzCodeInfo(authzCodeInfo, authorizationCode));
                } else {
                    String authorizationCodeHash = authzCodeInfo.getAuthorizationCodeHash();
                    try {
                        new JSONObject(authorizationCodeHash);
                    } catch (JSONException e) {
                        JSONObject jSONObject = new JSONObject();
                        jSONObject.put(ALGORITHM, str);
                        jSONObject.put(HASH, authorizationCodeHash);
                        AuthzCodeInfo authzCodeInfo4 = new AuthzCodeInfo(authorizationCode, authzCodeInfo.getCodeId());
                        authzCodeInfo4.setAuthorizationCodeHash(jSONObject.toString());
                        arrayList.add(authzCodeInfo4);
                    }
                }
            }
        }
        return arrayList;
    }
}
