package org.wso2.carbon.identity.relyingparty;

import java.io.ByteArrayInputStream;
import java.util.ArrayList;
import java.util.Hashtable;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.transport.http.HTTPConstants;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.IdentityClaimManager;
import org.wso2.carbon.identity.core.IdentityUserStore;
import org.wso2.carbon.identity.core.persistence.IdentityPersistenceManager;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.relyingparty.dto.InfoCardAuthInfoDTO;
import org.wso2.carbon.identity.relyingparty.dto.InfoCardDTO;
import org.wso2.carbon.identity.relyingparty.dto.InfoCardSignInDTO;
import org.wso2.carbon.identity.relyingparty.dto.OpenIDAuthInfoDTO;
import org.wso2.carbon.identity.relyingparty.dto.OpenIDDTO;
import org.wso2.carbon.identity.relyingparty.dto.OpenIDSignInDTO;
import org.wso2.carbon.identity.relyingparty.internal.IdentityRPServiceComponent;
import org.wso2.carbon.identity.relyingparty.saml.SAMLTokenVerifier;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.registry.core.service.RegistryService;
import org.wso2.carbon.user.core.Claim;

/* loaded from: input_file:org/wso2/carbon/identity/relyingparty/RelyingPartyService.class */
public class RelyingPartyService {
    public InfoCardSignInDTO signInWithInfoCard(InfoCardDTO infoCardDTO) throws Exception {
        SAMLTokenVerifier sAMLTokenVerifier = new SAMLTokenVerifier();
        HttpServletRequest httpServletRequest = (HttpServletRequest) MessageContext.getCurrentMessageContext().getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);
        HttpSession session = httpServletRequest.getSession();
        InfoCardSignInDTO infoCardSignInDTO = new InfoCardSignInDTO();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(infoCardDTO.getXmlToken().getBytes());
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        if (sAMLTokenVerifier.verifyDecryptedToken(newInstance.newDocumentBuilder().parse(byteArrayInputStream).getDocumentElement(), RelyingPartyData.getInstance())) {
            Hashtable<String, String> attributeTable = sAMLTokenVerifier.getAttributeTable();
            if (validateIssuerInfoPolicy(sAMLTokenVerifier, RelyingPartyData.getInstance())) {
                String str = attributeTable.get("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier");
                session.setAttribute("wso2carbon.admin.logged.in", "true");
                RegistryService registry = IdentityRPServiceComponent.getRegistry();
                String userName = getUserName(str);
                if ("http://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self".equals(sAMLTokenVerifier.getIssuerName())) {
                    infoCardSignInDTO.setPpid(str);
                }
                httpServletRequest.getSession().setAttribute("wso2carbon.admin.username", userName);
                httpServletRequest.getSession().setAttribute("user_registry", registry.getUserRegistry(userName));
                infoCardSignInDTO.setAuthenticated(true);
                infoCardSignInDTO.setUserID(userName);
                return infoCardSignInDTO;
            }
        }
        httpServletRequest.getSession().invalidate();
        return infoCardSignInDTO;
    }

    public OpenIDSignInDTO signInWithOpenID(OpenIDDTO openIDDTO) throws Exception {
        OpenIDSignInDTO openIDSignInDTO = new OpenIDSignInDTO();
        HttpServletRequest httpServletRequest = (HttpServletRequest) MessageContext.getCurrentMessageContext().getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);
        HttpSession session = httpServletRequest.getSession();
        String userNameFromOpenID = getUserNameFromOpenID(openIDDTO.getOpenID());
        if (IdentityUserStore.getInstance().isExistingUser(userNameFromOpenID)) {
            session.setAttribute("wso2carbon.admin.logged.in", "true");
            RegistryService registry = IdentityRPServiceComponent.getRegistry();
            httpServletRequest.getSession().setAttribute("wso2carbon.admin.username", userNameFromOpenID);
            httpServletRequest.getSession().setAttribute("user_registry", registry.getUserRegistry(userNameFromOpenID));
            openIDSignInDTO.setAuthenticated(true);
            openIDSignInDTO.setUserID(userNameFromOpenID);
        } else {
            IdentityPersistenceManager persistanceManager = IdentityPersistenceManager.getPersistanceManager(IdentityRPServiceComponent.getRegistry().getSystemRegistry());
            if (persistanceManager.hasSignedUpForOpenId(openIDDTO.getOpenID())) {
                String userIdForOpenIDSignUp = persistanceManager.getUserIdForOpenIDSignUp(openIDDTO.getOpenID());
                session.setAttribute("wso2carbon.admin.logged.in", "true");
                RegistryService registry2 = IdentityRPServiceComponent.getRegistry();
                httpServletRequest.getSession().setAttribute("wso2carbon.admin.username", userIdForOpenIDSignUp);
                httpServletRequest.getSession().setAttribute("user_registry", registry2.getUserRegistry(userIdForOpenIDSignUp));
                openIDSignInDTO.setUserID(userIdForOpenIDSignUp);
                openIDSignInDTO.setAuthenticated(true);
            }
        }
        return openIDSignInDTO;
    }

    public InfoCardAuthInfoDTO getInfoCardAuthInfo() throws Exception {
        Claim[] allSupportedClaims = IdentityClaimManager.getInstance().getAllSupportedClaims("http://schemas.xmlsoap.org/ws/2005/05/identity", (String) null);
        if (allSupportedClaims == null || allSupportedClaims.length == 0) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (Claim claim : allSupportedClaims) {
            if (claim.isRequired()) {
                arrayList.add(claim.getClaimUri());
            } else {
                arrayList2.add(claim.getClaimUri());
            }
        }
        InfoCardAuthInfoDTO infoCardAuthInfoDTO = new InfoCardAuthInfoDTO();
        infoCardAuthInfoDTO.setOptionalClaims((String[]) arrayList2.toArray(new String[arrayList2.size()]));
        infoCardAuthInfoDTO.setRequiredClaims((String[]) arrayList.toArray(new String[arrayList.size()]));
        infoCardAuthInfoDTO.setTokenType("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1");
        return infoCardAuthInfoDTO;
    }

    public OpenIDAuthInfoDTO getOpenIDAuthInfo() throws Exception {
        Claim[] allSupportedClaims = IdentityClaimManager.getInstance().getAllSupportedClaims("http://schema.openid.net/2007/05/claims", (String) null);
        if (allSupportedClaims == null || allSupportedClaims.length == 0) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (Claim claim : allSupportedClaims) {
            if (claim.isRequired()) {
                arrayList.add(claim.getClaimUri());
            } else {
                arrayList2.add(claim.getClaimUri());
            }
        }
        OpenIDAuthInfoDTO openIDAuthInfoDTO = new OpenIDAuthInfoDTO();
        openIDAuthInfoDTO.setOptionalClaims((String[]) arrayList2.toArray(new String[arrayList2.size()]));
        openIDAuthInfoDTO.setRequiredClaims((String[]) arrayList.toArray(new String[arrayList.size()]));
        openIDAuthInfoDTO.setRequestTypes(new String[]{"sreg"});
        return openIDAuthInfoDTO;
    }

    private String getUserName(String str) throws IdentityException, RegistryException {
        return IdentityPersistenceManager.getPersistanceManager(IdentityRPServiceComponent.getRegistry().getSystemRegistry()).getUserByPPID(str);
    }

    private boolean validateIssuerInfoPolicy(SAMLTokenVerifier sAMLTokenVerifier, RelyingPartyData relyingPartyData) throws RelyingPartyException {
        boolean z = false;
        String issuerName = sAMLTokenVerifier.getIssuerName();
        String issuerPolicy = relyingPartyData.getIssuerPolicy();
        try {
            if (!"http://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self".equals(issuerName)) {
                z = !issuerPolicy.equals(TokenVerifierConstants.SELF_ONLY);
            } else if (issuerPolicy == null || issuerPolicy.equals(TokenVerifierConstants.SELF_ONLY) || issuerPolicy.equals(TokenVerifierConstants.SELF_AND_MANGED)) {
                z = true;
            }
            return z;
        } catch (Exception e) {
            throw new RelyingPartyException("errorValidatingIssuerPolicy", e);
        }
    }

    private String getUserNameFromOpenID(String str) {
        String str2 = null;
        String property = IdentityUtil.getProperty("OpenIDUserPattern");
        if (str.length() > property.length()) {
            str2 = str.substring(property.length());
        }
        return str2;
    }

    public boolean addOpenIdToProfile(OpenIDDTO openIDDTO) throws IdentityException, RegistryException {
        IdentityUserStore identityUserStore = IdentityUserStore.getInstance();
        if (!identityUserStore.isExistingUser(openIDDTO.getUserName())) {
            return false;
        }
        if (openIDDTO.getPassword() == null || identityUserStore.authenticate(openIDDTO.getUserName(), openIDDTO.getPassword())) {
            return doOpenIDSignUp(openIDDTO.getUserName(), openIDDTO.getOpenID());
        }
        return false;
    }

    private boolean doOpenIDSignUp(String str, String str2) throws IdentityException, RegistryException {
        return IdentityPersistenceManager.getPersistanceManager(IdentityRPServiceComponent.getRegistry().getSystemRegistry()).doOpenIdSignUp(str2, str);
    }
}
