package org.picketlink.idm.jpa.internal;

import java.io.Serializable;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import javax.persistence.EntityManager;
import javax.persistence.NoResultException;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.Order;
import javax.persistence.criteria.Predicate;
import javax.persistence.criteria.Root;
import org.picketlink.common.properties.Property;
import org.picketlink.common.properties.query.AnnotatedPropertyCriteria;
import org.picketlink.common.properties.query.NamedPropertyCriteria;
import org.picketlink.common.properties.query.PropertyQueries;
import org.picketlink.common.util.Base64;
import org.picketlink.idm.IdentityManagementException;
import org.picketlink.idm.SecurityConfigurationException;
import org.picketlink.idm.credential.Credentials;
import org.picketlink.idm.credential.spi.CredentialHandler;
import org.picketlink.idm.credential.spi.CredentialStorage;
import org.picketlink.idm.credential.spi.annotations.Stored;
import org.picketlink.idm.jpa.annotations.PropertyType;
import org.picketlink.idm.ldap.internal.LDAPConstants;
import org.picketlink.idm.model.Agent;
import org.picketlink.idm.spi.CredentialStore;
import org.picketlink.idm.spi.IdentityStoreInvocationContext;

/* loaded from: input_file:org/picketlink/idm/jpa/internal/JPACredentialStore.class */
public class JPACredentialStore implements CredentialStore {
    private JPAIdentityStore identityStore;

    public JPACredentialStore(JPAIdentityStore jPAIdentityStore) {
        this.identityStore = jPAIdentityStore;
    }

    public void storeCredential(Agent agent, CredentialStorage credentialStorage) {
        checkCredentialClassProvided();
        Property<Object> modelProperty = getConfig().getModelProperty(PropertyType.CREDENTIAL_EXPIRY_DATE);
        try {
            Object newInstance = getConfig().getCredentialClass().newInstance();
            Date effectiveDate = credentialStorage.getEffectiveDate();
            if (effectiveDate == null) {
                effectiveDate = new Date();
            }
            Object lookupIdentityObjectById = this.identityStore.lookupIdentityObjectById(agent.getId());
            Property<Object> modelProperty2 = getConfig().getModelProperty(PropertyType.CREDENTIAL_IDENTITY);
            Property<Object> modelProperty3 = getConfig().getModelProperty(PropertyType.CREDENTIAL_TYPE);
            Property<Object> modelProperty4 = getConfig().getModelProperty(PropertyType.CREDENTIAL_EFFECTIVE_DATE);
            modelProperty2.setValue(newInstance, lookupIdentityObjectById);
            modelProperty3.setValue(newInstance, credentialStorage.getClass().getName());
            modelProperty4.setValue(newInstance, effectiveDate);
            modelProperty.setValue(newInstance, credentialStorage.getExpiryDate());
            EntityManager entityManager = getEntityManager();
            entityManager.persist(newInstance);
            List<Property> resultList = PropertyQueries.createQuery(credentialStorage.getClass()).addCriteria(new AnnotatedPropertyCriteria(Stored.class)).getResultList();
            Property<Object> modelProperty5 = getConfig().getModelProperty(PropertyType.CREDENTIAL_ATTRIBUTE_NAME);
            Property<Object> modelProperty6 = getConfig().getModelProperty(PropertyType.CREDENTIAL_ATTRIBUTE_VALUE);
            Property<Object> modelProperty7 = getConfig().getModelProperty(PropertyType.CREDENTIAL_ATTRIBUTE_CREDENTIAL);
            for (Property property : resultList) {
                try {
                    Object newInstance2 = getConfig().getCredentialAttributeClass().newInstance();
                    modelProperty5.setValue(newInstance2, property.getName());
                    modelProperty6.setValue(newInstance2, Base64.encodeObject((Serializable) property.getValue(credentialStorage)));
                    modelProperty7.setValue(newInstance2, newInstance);
                    entityManager.persist(newInstance2);
                } catch (Exception e) {
                    throw new IdentityManagementException("Could not instantiate credential attribute class [" + getConfig().getCredentialAttributeClass().getName() + "].", e);
                }
            }
            entityManager.flush();
        } catch (Exception e2) {
            throw new IdentityManagementException("Could not instantiate credential class [" + getConfig().getCredentialClass().getName() + "].", e2);
        }
    }

    public <T extends CredentialStorage> List<T> retrieveCredentials(Agent agent, Class<T> cls) {
        checkCredentialClassProvided();
        Property<Object> modelProperty = getConfig().getModelProperty(PropertyType.CREDENTIAL_IDENTITY);
        Property<Object> modelProperty2 = getConfig().getModelProperty(PropertyType.CREDENTIAL_TYPE);
        EntityManager entityManager = getEntityManager();
        CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
        CriteriaQuery createQuery = criteriaBuilder.createQuery(getConfig().getCredentialClass());
        Root from = createQuery.from(getConfig().getCredentialClass());
        ArrayList arrayList = new ArrayList();
        arrayList.add(criteriaBuilder.equal(from.get(modelProperty.getName()), this.identityStore.lookupIdentityObjectById(agent.getId())));
        arrayList.add(criteriaBuilder.equal(from.get(modelProperty2.getName()), cls.getName()));
        createQuery.where((Predicate[]) arrayList.toArray(new Predicate[arrayList.size()]));
        List resultList = entityManager.createQuery(createQuery).getResultList();
        ArrayList arrayList2 = new ArrayList();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            arrayList2.add(convertToCredentialStorage(it.next(), cls));
        }
        return arrayList2;
    }

    public <T extends CredentialStorage> T retrieveCurrentCredential(Agent agent, Class<T> cls) {
        checkCredentialClassProvided();
        return (T) convertToCredentialStorage(retrieveLastCredentialEntity(agent, cls), cls);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void removeCredentials(Object obj) {
        if (getConfig().getCredentialClass() != null) {
            EntityManager entityManager = getEntityManager();
            CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
            CriteriaQuery createQuery = criteriaBuilder.createQuery(getConfig().getCredentialClass());
            Root from = createQuery.from(getConfig().getCredentialClass());
            ArrayList arrayList = new ArrayList();
            arrayList.add(criteriaBuilder.equal(from.get(getConfig().getModelProperty(PropertyType.CREDENTIAL_IDENTITY).getName()), obj));
            createQuery.where((Predicate[]) arrayList.toArray(new Predicate[arrayList.size()]));
            for (Object obj2 : entityManager.createQuery(createQuery).getResultList()) {
                CriteriaQuery createQuery2 = criteriaBuilder.createQuery(getConfig().getCredentialAttributeClass());
                new ArrayList().add(criteriaBuilder.equal(createQuery2.from(getConfig().getCredentialAttributeClass()).get(getConfig().getModelProperty(PropertyType.CREDENTIAL_ATTRIBUTE_CREDENTIAL).getName()), obj2));
                Iterator it = entityManager.createQuery(createQuery2).getResultList().iterator();
                while (it.hasNext()) {
                    entityManager.remove(it.next());
                }
                entityManager.remove(obj2);
            }
        }
    }

    public void validateCredentials(Credentials credentials) {
        CredentialHandler credentialValidator = getContext().getCredentialValidator(credentials.getClass(), this.identityStore);
        if (credentialValidator == null) {
            throw new SecurityConfigurationException("No suitable CredentialHandler available for validating Credentials of type [" + credentials.getClass() + "] for IdentityStore [" + getClass() + "]");
        }
        credentialValidator.validate(credentials, this.identityStore);
    }

    public void updateCredential(Agent agent, Object obj, Date date, Date date2) {
        CredentialHandler credentialUpdater = getContext().getCredentialUpdater(obj.getClass(), this.identityStore);
        if (credentialUpdater == null) {
            throw new SecurityConfigurationException("No suitable CredentialHandler available for updating Credentials of type [" + obj.getClass() + "] for IdentityStore [" + getClass() + "]");
        }
        credentialUpdater.update(agent, obj, this.identityStore, date, date2);
    }

    private IdentityStoreInvocationContext getContext() {
        return this.identityStore.getContext();
    }

    private <T extends CredentialStorage> T convertToCredentialStorage(Object obj, Class<T> cls) {
        T t = null;
        if (obj != null) {
            try {
                t = cls.newInstance();
                Property<Object> modelProperty = getConfig().getModelProperty(PropertyType.CREDENTIAL_EFFECTIVE_DATE);
                Property<Object> modelProperty2 = getConfig().getModelProperty(PropertyType.CREDENTIAL_EXPIRY_DATE);
                ((Property) PropertyQueries.createQuery(cls).addCriteria(new NamedPropertyCriteria(new String[]{"effectiveDate"})).getResultList().get(0)).setValue(t, modelProperty.getValue(obj));
                ((Property) PropertyQueries.createQuery(cls).addCriteria(new NamedPropertyCriteria(new String[]{LDAPConstants.CUSTOM_ATTRIBUTE_EXPIRY_DATE})).getResultList().get(0)).setValue(t, modelProperty2.getValue(obj));
                EntityManager entityManager = getEntityManager();
                CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
                CriteriaQuery createQuery = criteriaBuilder.createQuery(getConfig().getCredentialAttributeClass());
                Root from = createQuery.from(getConfig().getCredentialAttributeClass());
                ArrayList arrayList = new ArrayList();
                arrayList.add(criteriaBuilder.equal(from.get(getConfig().getModelProperty(PropertyType.CREDENTIAL_ATTRIBUTE_CREDENTIAL).getName()), obj));
                createQuery.where((Predicate[]) arrayList.toArray(new Predicate[arrayList.size()]));
                List resultList = entityManager.createQuery(createQuery).getResultList();
                Property<Object> modelProperty3 = getConfig().getModelProperty(PropertyType.CREDENTIAL_ATTRIBUTE_NAME);
                Property<Object> modelProperty4 = getConfig().getModelProperty(PropertyType.CREDENTIAL_ATTRIBUTE_VALUE);
                for (Object obj2 : resultList) {
                    String obj3 = modelProperty3.getValue(obj2).toString();
                    String obj4 = modelProperty4.getValue(obj2).toString();
                    List resultList2 = PropertyQueries.createQuery(cls).addCriteria(new NamedPropertyCriteria(new String[]{obj3})).getResultList();
                    if (resultList2.isEmpty()) {
                        throw new IdentityManagementException("Could not find property [" + modelProperty3.getName() + "] on CredentialStorage [" + cls.getName() + "].");
                    }
                    if (resultList2.size() > 1) {
                        throw new IdentityManagementException("Ambiguos property [" + modelProperty3.getName() + "] on CredentialStorage [" + cls.getName() + "].");
                    }
                    ((Property) resultList2.get(0)).setValue(t, Base64.decodeToObject(obj4));
                }
            } catch (Exception e) {
                throw new IdentityManagementException("Could not instantiate storage class [" + cls.getName() + "].", e);
            }
        }
        return t;
    }

    private <T> Object retrieveLastCredentialEntity(Agent agent, Class<T> cls) {
        Property<Object> modelProperty = getConfig().getModelProperty(PropertyType.CREDENTIAL_IDENTITY);
        Property<Object> modelProperty2 = getConfig().getModelProperty(PropertyType.CREDENTIAL_TYPE);
        Property<Object> modelProperty3 = getConfig().getModelProperty(PropertyType.CREDENTIAL_EFFECTIVE_DATE);
        EntityManager entityManager = getEntityManager();
        CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
        CriteriaQuery createQuery = criteriaBuilder.createQuery(getConfig().getCredentialClass());
        Root from = createQuery.from(getConfig().getCredentialClass());
        ArrayList arrayList = new ArrayList();
        arrayList.add(criteriaBuilder.equal(from.get(modelProperty.getName()), this.identityStore.lookupIdentityObjectById(agent.getId())));
        arrayList.add(criteriaBuilder.equal(from.get(modelProperty2.getName()), cls.getName()));
        Predicate conjunction = criteriaBuilder.conjunction();
        conjunction.getExpressions().add(criteriaBuilder.lessThanOrEqualTo(from.get(modelProperty3.getName()), new Date()));
        arrayList.add(conjunction);
        createQuery.where((Predicate[]) arrayList.toArray(new Predicate[arrayList.size()]));
        createQuery.orderBy(new Order[]{criteriaBuilder.desc(from.get(modelProperty3.getName()))});
        Object obj = null;
        try {
            List resultList = entityManager.createQuery(createQuery).getResultList();
            if (!resultList.isEmpty()) {
                obj = resultList.get(0);
            }
        } catch (Exception e) {
            throw new IdentityManagementException("Could not query credentials.", e);
        } catch (NoResultException e2) {
        }
        return obj;
    }

    private JPAIdentityStoreConfiguration getConfig() {
        return this.identityStore.m6getConfig();
    }

    private void checkCredentialClassProvided() {
        if (getConfig().getClass() == null) {
            throw new IdentityManagementException("No class Entity class provided to store credentials.");
        }
    }

    private EntityManager getEntityManager() {
        return this.identityStore.getEntityManager();
    }
}
