package org.wso2.carbon.identity.mgt.endpoint.util;

import com.google.gson.Gson;
import com.google.gson.JsonSyntaxException;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.ResourceBundle;
import java.util.StringTokenizer;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.axiom.om.util.Base64;
import org.apache.axis2.client.ServiceClient;
import org.apache.commons.collections.MapUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
import org.json.JSONArray;
import org.json.JSONObject;
import org.owasp.encoder.Encode;
import org.wso2.carbon.core.SameSiteCookie;
import org.wso2.carbon.identity.base.IdentityRuntimeException;
import org.wso2.carbon.identity.core.ServiceURLBuilder;
import org.wso2.carbon.identity.core.URLBuilderException;
import org.wso2.carbon.identity.core.model.CookieBuilder;
import org.wso2.carbon.identity.core.model.IdentityCookieConfig;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.mgt.endpoint.util.IdentityManagementEndpointConstants;
import org.wso2.carbon.identity.mgt.endpoint.util.client.ApiException;
import org.wso2.carbon.identity.mgt.endpoint.util.client.ApplicationDataRetrievalClient;
import org.wso2.carbon.identity.mgt.endpoint.util.client.ApplicationDataRetrievalClientException;
import org.wso2.carbon.identity.mgt.endpoint.util.client.model.Claim;
import org.wso2.carbon.identity.mgt.endpoint.util.client.model.Error;
import org.wso2.carbon.identity.mgt.endpoint.util.client.model.RetryError;
import org.wso2.carbon.identity.mgt.endpoint.util.client.model.User;
import org.wso2.carbon.identity.mgt.stub.beans.VerificationBean;
import org.wso2.securevault.SecretResolver;
import org.wso2.securevault.SecretResolverFactory;
import org.wso2.securevault.commons.MiscellaneousUtil;

/* loaded from: input_file:WEB-INF/lib/org.wso2.carbon.identity.mgt.endpoint.util-5.25.14.jar:org/wso2/carbon/identity/mgt/endpoint/util/IdentityManagementEndpointUtil.class */
public class IdentityManagementEndpointUtil {
    public static final String PADDING_CHAR = "=";
    public static final String UNDERSCORE = "_";
    public static final String SPLITTING_CHAR = "&";
    public static final String PII_CATEGORIES = "piiCategories";
    public static final String PII_CATEGORY = "piiCategory";
    public static final String PURPOSES = "purposes";
    public static final String MANDATORY = "mandatory";
    public static final String DISPLAY_NAME = "displayName";
    public static final String ROOT_DOMAIN = "/";
    private static final String PROTECTED_TOKENS = "protectedTokens";
    private static final String DEFAULT_CALLBACK_HANDLER = "org.wso2.carbon.securevault.DefaultSecretCallbackHandler";
    private static final String SECRET_PROVIDER = "secretProvider";
    private static final String CODE = "51007";
    private static final String UNEXPECTED_ERROR = "Unexpected Error.";
    private static final Log log = LogFactory.getLog(IdentityManagementEndpointUtil.class);
    private static String accessUsername = null;
    private static String accessPassword = null;

    private IdentityManagementEndpointUtil() {
    }

    public static final String getFullQualifiedUsername(String str, String str2, String str3) {
        String str4 = str;
        if (StringUtils.isNotBlank(str3) && !IdentityManagementEndpointConstants.PRIMARY_USER_STORE_DOMAIN.equals(str3)) {
            str4 = str3 + "/" + str4;
        }
        if (StringUtils.isNotBlank(str2) && !IdentityManagementEndpointConstants.SUPER_TENANT.equals(str2)) {
            str4 = str4 + IdentityManagementEndpointConstants.TENANT_DOMAIN_SEPARATOR + str2;
        }
        return str4;
    }

    public static String getPrintableError(String str, String str2, VerificationBean verificationBean) {
        StringBuilder sb = new StringBuilder(str);
        if (verificationBean != null && StringUtils.isNotBlank(verificationBean.getError())) {
            sb.append(" ").append(verificationBean.getError().split(" ", 2)[1]);
        } else if (StringUtils.isNotBlank(str2)) {
            sb.append(" ").append(str2);
        }
        return sb.toString();
    }

    @Deprecated
    public static final String getUserPortalUrl(String str) {
        return getUserPortalUrl(str, null);
    }

    public static final String getUserPortalUrl(String str, String str2) {
        if (StringUtils.isNotBlank(str)) {
            return str;
        }
        try {
            if (StringUtils.isNotEmpty(str2)) {
                try {
                    String applicationAccessURL = new ApplicationDataRetrievalClient().getApplicationAccessURL(IdentityManagementEndpointConstants.SUPER_TENANT, IdentityManagementEndpointConstants.My_ACCOUNT_APPLICATION_NAME);
                    if (StringUtils.isNotEmpty(applicationAccessURL)) {
                        return replaceUserTenantHintPlaceholder(applicationAccessURL, str2);
                    }
                } catch (ApplicationDataRetrievalClientException e) {
                }
            }
            return ServiceURLBuilder.create().addPath(new String[]{IdentityManagementEndpointConstants.USER_PORTAL_URL}).build().getAbsolutePublicURL();
        } catch (URLBuilderException e2) {
            throw new IdentityRuntimeException("Error while building url for context: /myaccount");
        }
    }

    public static String replaceUserTenantHintPlaceholder(String str, String str2) {
        if (!StringUtils.isBlank(str) && str.contains(IdentityManagementEndpointConstants.USER_TENANT_HINT_PLACE_HOLDER)) {
            if (StringUtils.isBlank(str2)) {
                str2 = IdentityManagementEndpointConstants.SUPER_TENANT;
            }
            return str.replaceAll(Pattern.quote(IdentityManagementEndpointConstants.USER_TENANT_HINT_PLACE_HOLDER), str2).replaceAll(Pattern.quote("/t/carbon.super"), "");
        }
        return str;
    }

    public static boolean getBooleanValue(Object obj) {
        if (obj == null || !(obj instanceof Boolean)) {
            return false;
        }
        return ((Boolean) obj).booleanValue();
    }

    public static String getStringValue(Object obj) {
        return (obj == null || !(obj instanceof String)) ? "" : (String) obj;
    }

    public static int getIntValue(Object obj) {
        if (obj == null || !(obj instanceof Integer)) {
            return 0;
        }
        return ((Integer) obj).intValue();
    }

    public static String[] getStringArray(Object obj) {
        return (obj == null || !(obj instanceof String[])) ? ArrayUtils.EMPTY_STRING_ARRAY : (String[]) obj;
    }

    public static <T> T create(String str, Class<T> cls, List<?> list, String str2, Map<String, String> map) {
        JAXRSClientFactoryBean bean = getBean(str, cls, str2, map);
        bean.setProviders(list);
        return (T) bean.create(cls, new Object[0]);
    }

    private static JAXRSClientFactoryBean getBean(String str, Class<?> cls, String str2, Map<String, String> map) {
        JAXRSClientFactoryBean bean = getBean(str, str2, map);
        bean.setServiceClass(cls);
        return bean;
    }

    static JAXRSClientFactoryBean getBean(String str, String str2, Map<String, String> map) {
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        if (str2 != null) {
            jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(str2));
        }
        jAXRSClientFactoryBean.setAddress(str);
        if (map != null && !map.isEmpty()) {
            jAXRSClientFactoryBean.setHeaders(map);
        }
        return jAXRSClientFactoryBean;
    }

    public static void addReCaptchaHeaders(HttpServletRequest httpServletRequest, Map<String, List<String>> map) {
        if (map == null || map.get("reCaptcha") == null) {
            return;
        }
        httpServletRequest.setAttribute("reCaptcha", Boolean.TRUE.toString());
        httpServletRequest.setAttribute("reCaptchaAPI", map.get("reCaptchaAPI").get(0));
        httpServletRequest.setAttribute("reCaptchaKey", map.get("reCaptchaKey").get(0));
    }

    public static String buildConsentForResidentIDP(String str, String str2, String str3, String str4, String str5, String str6, String str7, boolean z, boolean z2, String str8) {
        if (StringUtils.isEmpty(str2)) {
            if (log.isDebugEnabled()) {
                log.debug("Empty consent string. Hence returning without building consent from endpoint");
            }
            return str2;
        }
        String piiPrincipalID = getPiiPrincipalID(str);
        JSONObject jSONObject = new JSONObject(str2);
        jSONObject.put(IdentityManagementEndpointConstants.Consent.JURISDICTION_KEY, str3);
        jSONObject.put(IdentityManagementEndpointConstants.Consent.COLLECTION_METHOD_KEY, str4);
        jSONObject.put(IdentityManagementEndpointConstants.Consent.LANGUAGE_KEY, str5);
        jSONObject.put(IdentityManagementEndpointConstants.Consent.PII_PRINCIPAL_ID_KEY, piiPrincipalID);
        jSONObject.put(IdentityManagementEndpointConstants.Consent.POLICY_URL_KEY, str6);
        buildServices(jSONObject, str7, z, z2, str8);
        if (log.isDebugEnabled()) {
            log.debug("Built consent from endpoint util : " + str2);
        }
        return jSONObject.toString();
    }

    private static String getPiiPrincipalID(String str) {
        User user = IdentityManagementServiceUtil.getInstance().getUser(str);
        return (!StringUtils.isNotBlank(user.getRealm()) || IdentityManagementEndpointConstants.PRIMARY_USER_STORE_DOMAIN.equals(user.getRealm())) ? user.getUsername() : user.getRealm() + "/" + user.getUsername();
    }

    private static void buildServices(JSONObject jSONObject, String str, boolean z, boolean z2, String str2) {
        JSONArray jSONArray = (JSONArray) jSONObject.get("services");
        for (int i = 0; i < jSONArray.length(); i++) {
            buildService((JSONObject) jSONArray.get(i), str, z, z2, str2);
        }
    }

    private static void buildService(JSONObject jSONObject, String str, boolean z, boolean z2, String str2) {
        JSONArray jSONArray = (JSONArray) jSONObject.get("purposes");
        for (int i = 0; i < jSONArray.length(); i++) {
            buildPurpose((JSONObject) jSONArray.get(i), str, z, z2, str2);
        }
    }

    private static void buildPurpose(JSONObject jSONObject, String str, boolean z, boolean z2, String str2) {
        jSONObject.put(IdentityManagementEndpointConstants.Consent.CONSENT_TYPE_KEY, str);
        jSONObject.put(IdentityManagementEndpointConstants.Consent.PRIMARY_PURPOSE_KEY, z);
        jSONObject.put(IdentityManagementEndpointConstants.Consent.THRID_PARTY_DISCLOSURE_KEY, z2);
        jSONObject.put(IdentityManagementEndpointConstants.Consent.TERMINATION_KEY, str2);
        JSONArray jSONArray = (JSONArray) jSONObject.get("piiCategory");
        for (int i = 0; i < jSONArray.length(); i++) {
            buildCategory((JSONObject) jSONArray.get(i), str2);
        }
    }

    private static void buildCategory(JSONObject jSONObject, String str) {
        jSONObject.put(IdentityManagementEndpointConstants.Consent.VALIDITY_KEY, str);
    }

    public static String i18n(ResourceBundle resourceBundle, String str) {
        try {
            return Encode.forHtml(StringUtils.isNotBlank(resourceBundle.getString(str)) ? resourceBundle.getString(str) : str);
        } catch (Exception e) {
            return Encode.forHtml(str);
        }
    }

    public static String i18nBase64(ResourceBundle resourceBundle, String str) {
        String replaceAll = Base64.encode(str.getBytes(StandardCharsets.UTF_8)).replaceAll(PADDING_CHAR, UNDERSCORE);
        try {
            return Encode.forHtml(StringUtils.isNotBlank(resourceBundle.getString(replaceAll)) ? resourceBundle.getString(replaceAll) : str);
        } catch (Exception e) {
            return Encode.forHtml(str);
        }
    }

    public static Map<String, Claim> getUniquePIIs(String str) {
        HashMap hashMap = new HashMap();
        JSONArray jSONArray = new JSONObject(str).getJSONArray("purposes");
        for (int i = 0; i < jSONArray.length(); i++) {
            JSONArray jSONArray2 = (JSONArray) jSONArray.getJSONObject(i).get(PII_CATEGORIES);
            for (int i2 = 0; i2 < jSONArray2.length(); i2++) {
                JSONObject jSONObject = jSONArray2.getJSONObject(i2);
                if (hashMap.get(jSONObject.getString("piiCategory")) == null) {
                    Claim claim = new Claim();
                    claim.displayName(getStringValue(jSONObject.get(DISPLAY_NAME)));
                    claim.setUri(getStringValue(jSONObject.get("piiCategory")));
                    claim.required(Boolean.valueOf(jSONObject.getBoolean(MANDATORY)));
                    hashMap.put(getStringValue(jSONObject.get("piiCategory")), claim);
                } else {
                    Claim claim2 = (Claim) hashMap.get(jSONObject.getString("piiCategory"));
                    if (jSONObject.getBoolean(MANDATORY)) {
                        claim2.required(true);
                    }
                }
            }
        }
        return hashMap;
    }

    public static Map<String, Claim> fillPiisWithClaimInfo(Map<String, Claim> map, List<Claim> list) {
        if (map != null) {
            for (Claim claim : list) {
                if (claim != null && claim.getUri() != null && map.get(claim.getUri()) != null) {
                    map.get(claim.getUri()).setValidationRegex(claim.getValidationRegex());
                    map.get(claim.getUri()).setReadOnly(claim.getReadOnly());
                }
            }
        } else {
            map = new HashMap();
            for (Claim claim2 : list) {
                if (claim2 != null && claim2.getUri() != null) {
                    map.put(claim2.getUri(), claim2);
                }
            }
        }
        return map;
    }

    public static String encodeURL(String str) throws MalformedURLException {
        URL url = new URL(str);
        StringBuilder sb = new StringBuilder(new URL(url.getProtocol(), url.getHost(), url.getPort(), url.getPath(), null).toString());
        Map<String, String> encodedQueryParamMap = getEncodedQueryParamMap(url.getQuery());
        if (MapUtils.isNotEmpty(encodedQueryParamMap)) {
            sb.append("?");
            sb.append((String) encodedQueryParamMap.keySet().stream().map(str2 -> {
                return str2 + PADDING_CHAR + ((String) encodedQueryParamMap.get(str2));
            }).collect(Collectors.joining(SPLITTING_CHAR)));
        }
        return sb.toString();
    }

    @Deprecated
    public static String getURLEncodedCallback(String str) throws URISyntaxException {
        if (StringUtils.isBlank(str)) {
            return str;
        }
        URI uri = new URI(str.trim().replace(" ", "%20"));
        StringBuilder sb = new StringBuilder(new URI(uri.getScheme(), uri.getAuthority(), uri.getPath(), null, null).toString());
        Map<String, String> encodedQueryParamMap = getEncodedQueryParamMap(uri.getQuery());
        if (MapUtils.isNotEmpty(encodedQueryParamMap)) {
            sb.append("?");
            sb.append((String) encodedQueryParamMap.keySet().stream().map(str2 -> {
                return str2 + PADDING_CHAR + ((String) encodedQueryParamMap.get(str2));
            }).collect(Collectors.joining(SPLITTING_CHAR)));
        }
        return sb.toString();
    }

    public static Map<String, String> getEncodedQueryParamMap(String str) {
        HashMap hashMap = new HashMap();
        if (StringUtils.isBlank(str)) {
            return hashMap;
        }
        String[] split = str.split(SPLITTING_CHAR);
        if (ArrayUtils.isEmpty(split)) {
            return hashMap;
        }
        for (String str2 : split) {
            String[] split2 = str2.split(PADDING_CHAR);
            if (split2.length > 1) {
                hashMap.put(Encode.forUriComponent(split2[0]), Encode.forUriComponent(split2[1]));
            }
        }
        return hashMap;
    }

    @Deprecated
    public static String buildEndpointUrl(String str) {
        String replaceLastOccurrence = replaceLastOccurrence(IdentityManagementServiceUtil.getInstance().getServiceContextURL(), IdentityManagementEndpointConstants.UserInfoRecovery.SERVICE_CONTEXT_URL, "");
        return str.startsWith("/") ? replaceLastOccurrence + str : replaceLastOccurrence + "/" + str;
    }

    private static String replaceLastOccurrence(String str, String str2, String str3) {
        int lastIndexOf = str.lastIndexOf(str2);
        if (lastIndexOf == -1) {
            return str;
        }
        return str.substring(0, lastIndexOf) + str3 + str.substring(lastIndexOf + str2.length());
    }

    public static void addErrorInformation(HttpServletRequest httpServletRequest, Exception exc) {
        addErrorInformation(httpServletRequest, buildError(exc));
    }

    public static void addErrorInformation(HttpServletRequest httpServletRequest, Error error) {
        httpServletRequest.setAttribute("error", true);
        if (error != null) {
            httpServletRequest.setAttribute("errorMsg", error.getDescription());
            httpServletRequest.setAttribute("errorCode", error.getCode());
        }
    }

    public static Error buildError(Exception exc) {
        try {
            return (Error) new Gson().fromJson(exc.getMessage(), Error.class);
        } catch (JsonSyntaxException e) {
            log.error("Exception while retrieving error details from original exception. Original exception:", exc);
            return buildUnexpectedError();
        }
    }

    private static Error buildUnexpectedError() {
        Error error = new Error();
        error.setCode(CODE);
        error.setMessage(UNEXPECTED_ERROR);
        error.setDescription(UNEXPECTED_ERROR);
        return error;
    }

    private static RetryError buildUnexpectedRetryError() {
        RetryError retryError = new RetryError();
        retryError.setCode(CODE);
        retryError.setMessage(UNEXPECTED_ERROR);
        retryError.setDescription(UNEXPECTED_ERROR);
        return retryError;
    }

    public static RetryError buildRetryError(Exception exc) {
        try {
            return (RetryError) new Gson().fromJson(exc.getMessage(), RetryError.class);
        } catch (JsonSyntaxException e) {
            log.error("Exception while retrieving error details from original exception. Original exception:", exc);
            return buildUnexpectedRetryError();
        }
    }

    public static void authenticate(ServiceClient serviceClient) throws Exception {
        if (accessPassword == null || accessUsername == null) {
            loadCredentials();
        }
        if (accessUsername == null || accessPassword == null) {
            throw new Exception("Authentication username or password not set");
        }
        setOptions(serviceClient, accessUsername, accessPassword);
    }

    private static void loadCredentials() throws IOException {
        Properties properties = new Properties();
        File file = new File(new File(new File(IdentityManagementEndpointConstants.RELATIVE_PATH_START_CHAR).getAbsolutePath()).getCanonicalPath() + File.separator + IdentityManagementEndpointConstants.SERVICE_CONFIG_RELATIVE_PATH);
        InputStream fileInputStream = file.exists() ? new FileInputStream(file) : IdentityManagementServiceUtil.class.getClassLoader().getResourceAsStream(IdentityManagementEndpointConstants.SERVICE_CONFIG_FILE_NAME);
        try {
            properties.load(fileInputStream);
            resolveSecrets(properties);
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            accessUsername = properties.getProperty(IdentityManagementEndpointConstants.ServiceConfigConstants.SERVICE_ACCESS_USERNAME);
            accessPassword = properties.getProperty(IdentityManagementEndpointConstants.ServiceConfigConstants.SERVICE_ACCESS_PASSWORD);
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    public static void setOptions(ServiceClient serviceClient, String str, String str2) {
        IdentityManagementServiceUtil.setAutheticationOptions(serviceClient, str, str2);
    }

    public static String getBasePath(String str, String str2) throws ApiException {
        return getBasePath(str, str2, true);
    }

    public static String getBasePath(String str, String str2, boolean z) throws ApiException {
        String str3;
        String contextURLFromFile = IdentityManagementServiceUtil.getInstance().getContextURLFromFile();
        try {
            if (!StringUtils.isBlank(contextURLFromFile)) {
                str3 = (StringUtils.isNotBlank(str) && !IdentityManagementEndpointConstants.SUPER_TENANT.equalsIgnoreCase(str) && z) ? contextURLFromFile + "/t/" + str + str2 : contextURLFromFile + str2;
            } else if (IdentityTenantUtil.isTenantQualifiedUrlsEnabled()) {
                str3 = ServiceURLBuilder.create().addPath(new String[]{str2}).setTenant(str).build().getAbsoluteInternalURL();
            } else {
                String absoluteInternalURL = ServiceURLBuilder.create().build().getAbsoluteInternalURL();
                str3 = (StringUtils.isNotBlank(str) && !IdentityManagementEndpointConstants.SUPER_TENANT.equalsIgnoreCase(str) && z) ? absoluteInternalURL + "/t/" + str + str2 : absoluteInternalURL + str2;
            }
            return str3;
        } catch (URLBuilderException e) {
            throw new ApiException("Error while building url for context: " + str2);
        }
    }

    private static boolean isSecuredPropertyAvailable(Properties properties) {
        Enumeration<?> propertyNames = properties.propertyNames();
        while (propertyNames.hasMoreElements()) {
            String str = (String) propertyNames.nextElement();
            if (PROTECTED_TOKENS.equals(str) && StringUtils.isNotBlank(properties.getProperty(str))) {
                return true;
            }
        }
        return false;
    }

    private static void resolveSecrets(Properties properties) {
        if (StringUtils.isBlank((String) properties.get(SECRET_PROVIDER))) {
            properties.put(SECRET_PROVIDER, DEFAULT_CALLBACK_HANDLER);
        }
        SecretResolver create = SecretResolverFactory.create(properties);
        if (create != null && create.isInitialized()) {
            for (Map.Entry entry : properties.entrySet()) {
                String obj = entry.getKey().toString();
                String obj2 = entry.getValue().toString();
                if (obj2 != null) {
                    obj2 = MiscellaneousUtil.resolve(obj2, create);
                }
                properties.put(obj, obj2);
            }
        }
        if (!isSecuredPropertyAvailable(properties)) {
            if (log.isDebugEnabled()) {
                log.debug("Secure vault encryption ignored since no protected tokens available.");
                return;
            }
            return;
        }
        SecretResolver create2 = SecretResolverFactory.create(properties, "");
        StringTokenizer stringTokenizer = new StringTokenizer((String) properties.get(PROTECTED_TOKENS), ",");
        while (stringTokenizer.hasMoreElements()) {
            String trim = stringTokenizer.nextElement().toString().trim();
            if (create2.isTokenProtected(trim)) {
                if (log.isDebugEnabled()) {
                    log.debug("Resolving and replacing secret for " + trim);
                }
                properties.put(trim, create2.resolve(trim));
            } else if (log.isDebugEnabled()) {
                log.debug("No encryption done for value with key :" + trim);
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v13, types: [java.util.Map] */
    public static String getQueryParameter(String str, String str2) throws URISyntaxException {
        String query = new URI(str).getQuery();
        HashMap hashMap = new HashMap();
        if (StringUtils.isNotBlank(query)) {
            hashMap = (Map) Arrays.stream(query.split(SPLITTING_CHAR)).map(str3 -> {
                return str3.split(PADDING_CHAR);
            }).collect(Collectors.toMap(strArr -> {
                return strArr[0];
            }, strArr2 -> {
                return strArr2[1];
            }));
        }
        return (String) hashMap.get(str2);
    }

    public static void setCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, Integer num, SameSiteCookie sameSiteCookie, String str3, String str4) {
        CookieBuilder cookieBuilder = new CookieBuilder(str, str2);
        IdentityCookieConfig identityCookieConfig = IdentityUtil.getIdentityCookieConfig(str);
        if (identityCookieConfig != null) {
            updateCookieConfig(cookieBuilder, identityCookieConfig, num, str3, sameSiteCookie, str4);
        } else {
            cookieBuilder.setSecure(true).setHttpOnly(true).setPath(StringUtils.isNotBlank(str3) ? str3 : "/").setDomain(str4).setSameSite(sameSiteCookie);
            if (num != null && num.intValue() > 0) {
                cookieBuilder.setMaxAge(num.intValue());
            }
        }
        httpServletResponse.addCookie(cookieBuilder.build());
    }

    private static void updateCookieConfig(CookieBuilder cookieBuilder, IdentityCookieConfig identityCookieConfig, Integer num, String str, SameSiteCookie sameSiteCookie, String str2) {
        if (identityCookieConfig.getDomain() != null) {
            cookieBuilder.setDomain(identityCookieConfig.getDomain());
        } else if (StringUtils.isNotBlank(str2)) {
            cookieBuilder.setDomain(str2);
        }
        if (identityCookieConfig.getPath() != null) {
            cookieBuilder.setPath(identityCookieConfig.getPath());
        } else if (StringUtils.isNotBlank(str)) {
            cookieBuilder.setPath(str);
        }
        if (identityCookieConfig.getComment() != null) {
            cookieBuilder.setComment(identityCookieConfig.getComment());
        }
        if (identityCookieConfig.getMaxAge() > 0) {
            cookieBuilder.setMaxAge(identityCookieConfig.getMaxAge());
        } else if (num != null && num.intValue() > 0) {
            cookieBuilder.setMaxAge(num.intValue());
        }
        if (identityCookieConfig.getVersion() > 0) {
            cookieBuilder.setVersion(identityCookieConfig.getVersion());
        }
        if (identityCookieConfig.getSameSite() != null) {
            cookieBuilder.setSameSite(identityCookieConfig.getSameSite());
        } else if (sameSiteCookie != null) {
            cookieBuilder.setSameSite(sameSiteCookie);
        }
        cookieBuilder.setHttpOnly(identityCookieConfig.isHttpOnly());
        cookieBuilder.setSecure(identityCookieConfig.isSecure());
    }
}
