package org.wso2.carbon.user.core.config;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.regex.Pattern;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMNamespace;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.osgi.framework.BundleContext;
import org.wso2.carbon.CarbonException;
import org.wso2.carbon.user.core.UserCoreConstants;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.claim.builder.ClaimBuilder;
import org.wso2.carbon.user.core.jdbc.JDBCRealmConstants;
import org.wso2.carbon.utils.CarbonUtils;
import org.wso2.securevault.SecretResolver;
import org.wso2.securevault.SecretResolverFactory;

/* loaded from: input_file:org/wso2/carbon/user/core/config/RealmConfigXMLProcessor.class */
public class RealmConfigXMLProcessor {
    private static final Log log = LogFactory.getLog(RealmConfigXMLProcessor.class);
    public static final String REALM_CONFIG_FILE = "user-mgt.xml";
    private SecretResolver secretResolver;
    private static BundleContext bundleContext;
    InputStream inStream = null;

    public static void setBundleContext(BundleContext bundleContext2) {
        bundleContext = bundleContext2;
    }

    public org.wso2.carbon.user.api.RealmConfiguration buildRealmConfigurationFromFile() throws UserStoreException {
        try {
            org.wso2.carbon.user.api.RealmConfiguration buildRealmConfiguration = buildRealmConfiguration(getRealmElement());
            if (this.inStream != null) {
                this.inStream.close();
            }
            return buildRealmConfiguration;
        } catch (Exception e) {
            log.error("Error while reading realm configuration from file", e);
            throw new UserStoreException("Error while reading realm configuration from file", e);
        }
    }

    public org.wso2.carbon.user.api.RealmConfiguration buildRealmConfiguration(InputStream inputStream) throws UserStoreException {
        try {
            InputStream replaceSystemVariablesInXml = CarbonUtils.replaceSystemVariablesInXml(inputStream);
            org.wso2.carbon.user.api.RealmConfiguration buildRealmConfiguration = buildRealmConfiguration(new StAXOMBuilder(replaceSystemVariablesInXml).getDocumentElement().getFirstChildWithName(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_REALM)));
            if (replaceSystemVariablesInXml != null) {
                replaceSystemVariablesInXml.close();
            }
            return buildRealmConfiguration;
        } catch (RuntimeException e) {
            log.error("An unexpected error occurred while building the realm configuration.", e);
            throw new UserStoreException("An unexpected error occurred while building the realm configuration.", e);
        } catch (Exception e2) {
            log.error("Error while reading realm configuration from file", e2);
            throw new UserStoreException("Error while reading realm configuration from file", e2);
        }
    }

    public org.wso2.carbon.user.api.RealmConfiguration buildRealmConfiguration(OMElement oMElement) {
        boolean z = false;
        String attributeValue = oMElement.getAttributeValue(new QName("class"));
        OMElement firstChildWithName = oMElement.getFirstChildWithName(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_CONFIGURATION));
        Map<String, String> childPropertyElements = getChildPropertyElements(firstChildWithName, this.secretResolver);
        childPropertyElements.put(JDBCRealmConstants.URL, constructDatabaseURL(childPropertyElements.get(JDBCRealmConstants.URL)));
        OMElement firstChildWithName2 = firstChildWithName.getFirstChildWithName(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_ADMIN_USER));
        String text = firstChildWithName2.getFirstChildWithName(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_USER_NAME)).getText();
        String text2 = firstChildWithName2.getFirstChildWithName(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_PASSWORD)).getText();
        if (this.secretResolver != null && this.secretResolver.isInitialized() && this.secretResolver.isTokenProtected("UserManager.AdminUser.Password")) {
            text2 = this.secretResolver.resolve("UserManager.AdminUser.Password");
        }
        String text3 = firstChildWithName.getFirstChildWithName(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_ADMIN_ROLE)).getText();
        String text4 = firstChildWithName.getFirstChildWithName(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_EVERYONE_ROLE)).getText();
        OMElement firstChildWithName3 = oMElement.getFirstChildWithName(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_USER_STORE_MANAGER));
        String attributeValue2 = firstChildWithName3.getAttributeValue(new QName("class"));
        Map<String, String> childPropertyElements2 = getChildPropertyElements(firstChildWithName3, this.secretResolver);
        String str = childPropertyElements2.get(UserCoreConstants.RealmConfig.LOCAL_PASSWORDS_EXTERNALLY_MANAGED);
        if (null != str && !str.trim().equals("")) {
            z = Boolean.parseBoolean(str);
        } else if (log.isDebugEnabled()) {
            log.debug("External password management is disabled.");
        }
        OMElement firstChildWithName4 = oMElement.getFirstChildWithName(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_ATHZ_MANAGER));
        String attributeValue3 = firstChildWithName4.getAttributeValue(new QName("class"));
        Map<String, String> childPropertyElements3 = getChildPropertyElements(firstChildWithName4, null);
        org.wso2.carbon.user.api.RealmConfiguration realmConfiguration = new org.wso2.carbon.user.api.RealmConfiguration();
        realmConfiguration.setRealmClassName(attributeValue);
        realmConfiguration.setUserStoreClass(attributeValue2);
        realmConfiguration.setAuthorizationManagerClass(attributeValue3);
        realmConfiguration.setAdminRoleName(text3);
        realmConfiguration.setAdminUserName(text);
        realmConfiguration.setAdminPassword(text2);
        realmConfiguration.setEveryOneRoleName(text4);
        realmConfiguration.setUserStoreProperties(childPropertyElements2);
        realmConfiguration.setAuthzProperties(childPropertyElements3);
        realmConfiguration.setRealmProperties(childPropertyElements);
        realmConfiguration.setPasswordsExternallyManaged(z);
        if (realmConfiguration.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_MAX_USER_LIST) == null) {
            realmConfiguration.getUserStoreProperties().put(UserCoreConstants.RealmConfig.PROPERTY_MAX_USER_LIST, UserCoreConstants.RealmConfig.PROPERTY_VALUE_DEFAULT_MAX_COUNT);
        }
        if (realmConfiguration.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_READ_ONLY) == null) {
            realmConfiguration.getUserStoreProperties().put(UserCoreConstants.RealmConfig.PROPERTY_READ_ONLY, UserCoreConstants.RealmConfig.PROPERTY_VALUE_DEFAULT_READ_ONLY);
        }
        return realmConfiguration;
    }

    private String constructDatabaseURL(String str) {
        if (str != null && str.contains("${carbon.home}")) {
            File file = new File(CarbonUtils.getCarbonHome());
            String replaceAll = file.getPath().replaceAll(Pattern.quote("\\"), "/");
            if (file.exists() && file.isDirectory()) {
                str = str.replaceAll(Pattern.quote("${carbon.home}"), replaceAll);
            } else {
                log.warn("carbon home invalid");
                String[] split = str.split(Pattern.quote("${carbon.home}"));
                String[] split2 = split[1].split("/");
                for (int i = 0; i < split2.length - 1; i++) {
                    str = split[0] + split2[i] + "/";
                }
                str = str + split2[split2.length - 1];
            }
        }
        return str;
    }

    private Map<String, String> getChildPropertyElements(OMElement oMElement, SecretResolver secretResolver) {
        HashMap hashMap = new HashMap();
        Iterator childrenWithName = oMElement.getChildrenWithName(new QName("Property"));
        while (childrenWithName.hasNext()) {
            OMElement oMElement2 = (OMElement) childrenWithName.next();
            String attributeValue = oMElement2.getAttributeValue(new QName("name"));
            String text = oMElement2.getText();
            if (secretResolver != null && secretResolver.isInitialized()) {
                if (secretResolver.isTokenProtected("UserManager.Configuration.Property." + attributeValue)) {
                    text = secretResolver.resolve("UserManager.Configuration.Property." + attributeValue);
                }
                if (secretResolver.isTokenProtected("UserStoreManager.Property." + attributeValue)) {
                    text = secretResolver.resolve("UserStoreManager.Property." + attributeValue);
                }
            }
            hashMap.put(attributeValue, text);
        }
        return hashMap;
    }

    public static OMElement serialize(org.wso2.carbon.user.api.RealmConfiguration realmConfiguration) {
        OMFactory oMFactory = OMAbstractFactory.getOMFactory();
        OMElement createOMElement = oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_USER_MANAGER));
        OMElement createOMElement2 = oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_REALM));
        createOMElement2.addAttribute(oMFactory.createOMAttribute("name", (OMNamespace) null, realmConfiguration.getRealmClassName()));
        createOMElement.addChild(createOMElement2);
        OMElement createOMElement3 = oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_CONFIGURATION));
        createOMElement2.addChild(createOMElement3);
        OMElement createOMElement4 = oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_ADMIN_USER));
        OMElement createOMElement5 = oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_USER_NAME));
        createOMElement5.setText(realmConfiguration.getAdminUserName());
        OMElement createOMElement6 = oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_PASSWORD));
        createOMElement6.setText(realmConfiguration.getAdminPassword());
        createOMElement4.addChild(createOMElement5);
        createOMElement4.addChild(createOMElement6);
        createOMElement3.addChild(createOMElement4);
        OMElement createOMElement7 = oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_ADMIN_ROLE));
        createOMElement7.setText(realmConfiguration.getAdminRoleName());
        createOMElement3.addChild(createOMElement7);
        createOMElement3.addChild(oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_SYSTEM_USER_NAME)));
        OMElement createOMElement8 = oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_ANONYMOUS_USER));
        OMElement createOMElement9 = oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_USER_NAME));
        OMElement createOMElement10 = oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_PASSWORD));
        createOMElement8.addChild(createOMElement9);
        createOMElement8.addChild(createOMElement10);
        createOMElement3.addChild(createOMElement8);
        OMElement createOMElement11 = oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_EVERYONE_ROLE));
        createOMElement11.setText(realmConfiguration.getEveryOneRoleName());
        createOMElement3.addChild(createOMElement11);
        addPropertyElements(oMFactory, createOMElement3, null, realmConfiguration.getRealmProperties());
        OMElement createOMElement12 = oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_USER_STORE_MANAGER));
        createOMElement2.addChild(createOMElement12);
        addPropertyElements(oMFactory, createOMElement12, realmConfiguration.getUserStoreClass(), realmConfiguration.getUserStoreProperties());
        OMElement createOMElement13 = oMFactory.createOMElement(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_ATHZ_MANAGER));
        createOMElement2.addChild(createOMElement13);
        addPropertyElements(oMFactory, createOMElement13, realmConfiguration.getAuthorizationManagerClass(), realmConfiguration.getAuthzProperties());
        return createOMElement;
    }

    private static void addPropertyElements(OMFactory oMFactory, OMElement oMElement, String str, Map<String, String> map) {
        if (str != null) {
            oMElement.addAttribute("class", str, (OMNamespace) null);
        }
        for (Map.Entry<String, String> entry : map.entrySet()) {
            String key = entry.getKey();
            String value = entry.getValue();
            OMElement createOMElement = oMFactory.createOMElement(new QName("Property"));
            createOMElement.addAttribute(oMFactory.createOMAttribute("name", (OMNamespace) null, key));
            createOMElement.setText(value);
            oMElement.addChild(createOMElement);
        }
    }

    private OMElement getRealmElement() throws XMLStreamException, IOException, UserStoreException {
        if (CarbonUtils.getCarbonHome() != null) {
            File file = new File(CarbonUtils.getCarbonConfigDirPath(), REALM_CONFIG_FILE);
            if (file.exists()) {
                this.inStream = new FileInputStream(file);
            }
        } else {
            this.inStream = RealmConfigXMLProcessor.class.getResourceAsStream(REALM_CONFIG_FILE);
        }
        String str = "";
        if (this.inStream == null) {
            if (bundleContext != null) {
                URL resource = bundleContext.getBundle().getResource(REALM_CONFIG_FILE);
                if (resource != null) {
                    this.inStream = resource.openStream();
                } else {
                    str = "Bundle context could not find resource user-mgt.xml or user does not have sufficient permission to access the resource.";
                }
            } else {
                URL resource2 = ClaimBuilder.class.getResource(REALM_CONFIG_FILE);
                if (resource2 != null) {
                    this.inStream = resource2.openStream();
                    log.error("Using the internal realm configuration. Strictly for non-production purposes.");
                } else {
                    str = "ClaimBuilder could not find resource user-mgt.xml or user does not have sufficient permission to access the resource.";
                }
            }
        }
        if (this.inStream == null) {
            String str2 = "Profile configuration not found. Cause - " + str;
            if (log.isDebugEnabled()) {
                log.debug(str2);
            }
            throw new FileNotFoundException(str2);
        }
        try {
            this.inStream = CarbonUtils.replaceSystemVariablesInXml(this.inStream);
            OMElement documentElement = new StAXOMBuilder(this.inStream).getDocumentElement();
            setSecretResolver(documentElement);
            return documentElement.getFirstChildWithName(new QName(UserCoreConstants.RealmConfig.LOCAL_NAME_REALM));
        } catch (CarbonException e) {
            throw new UserStoreException(e.getMessage(), (Throwable) e);
        }
    }

    public void setSecretResolver(OMElement oMElement) {
        this.secretResolver = SecretResolverFactory.create(oMElement, true);
    }
}
