package com.appiancorp.ag;

import com.appiancorp.ag.user.UserUpdateLogger;
import com.appiancorp.ag.util.Utilities;
import com.appiancorp.cache.persist.MessageBroadcaster;
import com.appiancorp.common.config.ApplicationContextHolder;
import com.appiancorp.content.NoopEventBroadcaster;
import com.appiancorp.eventobservers.EventBroadcaster;
import com.appiancorp.kougar.mapper.parameters.UuidParameterConverter;
import com.appiancorp.kougar.mapper.parameters.annotations.ConvertWith;
import com.appiancorp.kougar.services.HybridServiceJavaComponent;
import com.appiancorp.process.execution.service.ExtendedProcessExecutionService;
import com.appiancorp.quickaccess.kafka.QuickAccessUserCleanupMessenger;
import com.appiancorp.security.auth.session.LogoutUsers;
import com.appiancorp.security.auth.session.SessionDeletionReason;
import com.appiancorp.services.AuthorizationInterceptorProvider;
import com.appiancorp.services.ContextSensitiveSingletonService;
import com.appiancorp.services.ServiceContext;
import com.appiancorp.services.spring.ServiceContextProvider;
import com.appiancorp.suite.cfg.AdminSecurityConfiguration;
import com.appiancorp.suiteapi.common.ServiceLocator;
import com.appiancorp.suiteapi.common.SuggestParam;
import com.appiancorp.suiteapi.common.exceptions.AppianRuntimeException;
import com.appiancorp.suiteapi.common.exceptions.DuplicateNameException;
import com.appiancorp.suiteapi.common.exceptions.ErrorCode;
import com.appiancorp.suiteapi.common.exceptions.InvalidNameException;
import com.appiancorp.suiteapi.common.exceptions.InvalidSupervisorException;
import com.appiancorp.suiteapi.common.exceptions.InvalidUserException;
import com.appiancorp.suiteapi.common.exceptions.LocaleFormatter;
import com.appiancorp.suiteapi.common.exceptions.PrivilegeException;
import com.appiancorp.suiteapi.common.exceptions.SelfRenameException;
import com.appiancorp.suiteapi.personalization.User;
import com.appiancorp.suiteapi.personalization.UserProfile;
import com.appiancorp.suiteapi.personalization.UserProfileService;
import com.appiancorp.suiteapi.personalization.UserService;
import com.google.common.base.Charsets;
import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.stream.Collectors;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.NoSuchBeanDefinitionException;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;

/* loaded from: input_file:com/appiancorp/ag/UserServiceJavaImpl.class */
public class UserServiceJavaImpl implements HybridServiceJavaComponent<UserService>, ContextSensitiveSingletonService {
    private EventBroadcaster eventBroadcaster;
    private UserService kougarService;
    private AdminSecurityConfiguration config;
    protected ServiceContextProvider scp;
    private static final List<UserServiceObserver> observers = new ArrayList();
    private QuickAccessUserCleanupMessenger quickAccessUserCleanupMessenger;

    public UserServiceJavaImpl() {
    }

    public UserServiceJavaImpl(AdminSecurityConfiguration adminSecurityConfiguration) {
        this.config = adminSecurityConfiguration;
    }

    @Override // 
    public void setKougarService(UserService userService) {
        this.kougarService = userService;
    }

    public void configureContextSensitiveSingletonService(ServiceContextProvider serviceContextProvider, AuthorizationInterceptorProvider authorizationInterceptorProvider) {
        this.scp = serviceContextProvider;
    }

    public static void addObserver(UserServiceObserver userServiceObserver) {
        observers.add(userServiceObserver);
    }

    public void notifyObserversOfModifiedUser() {
        observers.forEach(userServiceObserver -> {
            userServiceObserver.modifiedUser();
        });
    }

    public String suggest(String str, int i, SuggestParam[] suggestParamArr, Boolean bool) {
        return this.kougarService.suggest(str, i, suggestParamArr, bool, null);
    }

    public boolean isUsernameAvailable(String str) {
        try {
            return this.kougarService.isUsernameAvailable(str);
        } catch (Exception e) {
            return false;
        }
    }

    public void deactivateUser(String str) throws InvalidUserException, PrivilegeException {
        String uuid = this.kougarService.getUser(str).getUuid();
        ((RemoteUserSyncer) ApplicationContextHolder.getBean(RemoteUserSyncer.class)).onUserDeactivated(new String[]{str});
        this.kougarService.deactivateUser(str);
        HashMap hashMap = new HashMap();
        hashMap.put(LogoutUsers.LOGOUT_USER_UUID_MAP_KEY, uuid);
        hashMap.put("username", str);
        hashMap.put(LogoutUsers.LOGOUT_REASON_MAP_KEY, SessionDeletionReason.USER_DEACTIVATION);
        ((LogoutUsers) ApplicationContextHolder.getBean(LogoutUsers.class)).logoutUsersLocal(Lists.newArrayList(new String[]{uuid}), Lists.newArrayList(new String[]{str}), SessionDeletionReason.USER_DEACTIVATION);
        MessageBroadcaster.put(MessageBroadcaster.TopicType.LOGOUT_USER.getTopicType(), hashMap);
        deleteUserRememberMeToken(str);
        notifyObserversOfModifiedUser();
        getBroadcaster().notify(UserProfileServiceEventType.UPSERT, Sets.newHashSet(new String[]{str}));
        QuickAccessUserCleanupMessenger quickAccessUserCleanupMessenger = getQuickAccessUserCleanupMessenger();
        if (quickAccessUserCleanupMessenger != null) {
            quickAccessUserCleanupMessenger.sendMessageForUserCleanup(uuid);
        }
        UserUpdateLogger.logUserUpdateWrapper(UserUpdateLogger.Action.CHANGE_USER_STATUS, uuid, str, "Active", "Inactive (manual)");
    }

    public void deactivateUsers(String[] strArr) throws InvalidUserException, PrivilegeException {
        List<String> list = (List) Arrays.stream(this.kougarService.getUsers(strArr)).map((v0) -> {
            return v0.getUuid();
        }).collect(Collectors.toList());
        ((RemoteUserSyncer) ApplicationContextHolder.getBean(RemoteUserSyncer.class)).onUserDeactivated(strArr);
        ExtendedProcessExecutionService extendedProcessExecutionService = (ExtendedProcessExecutionService) ServiceLocator.getService(this.scp.get(), ExtendedProcessExecutionService.SERVICE_NAME);
        this.kougarService.deactivateUsers(strArr);
        for (String str : strArr) {
            extendedProcessExecutionService.removeAllGroupTasksFromUser(str);
            deleteUserRememberMeToken(str);
        }
        HashMap hashMap = new HashMap();
        hashMap.put(LogoutUsers.LOGOUT_USER_UUID_MAP_KEY, list);
        ArrayList newArrayList = Lists.newArrayList(strArr);
        hashMap.put("username", newArrayList);
        hashMap.put(LogoutUsers.LOGOUT_REASON_MAP_KEY, SessionDeletionReason.USER_DEACTIVATION);
        ((LogoutUsers) ApplicationContextHolder.getBean(LogoutUsers.class)).logoutUsersLocal(list, newArrayList, SessionDeletionReason.USER_DEACTIVATION);
        MessageBroadcaster.put(MessageBroadcaster.TopicType.LOGOUT_USER.getTopicType(), hashMap);
        notifyObserversOfModifiedUser();
        getBroadcaster().notify(UserProfileServiceEventType.UPSERT, Sets.newHashSet(strArr));
        QuickAccessUserCleanupMessenger quickAccessUserCleanupMessenger = getQuickAccessUserCleanupMessenger();
        if (quickAccessUserCleanupMessenger != null) {
            quickAccessUserCleanupMessenger.sendMessageForUserCleanup(list);
        }
        for (int i = 0; i < strArr.length; i++) {
            UserUpdateLogger.logUserUpdateWrapper(UserUpdateLogger.Action.CHANGE_USER_STATUS, list.get(i), strArr[i], "Active", "Inactive (manual)");
        }
    }

    public boolean isPasswordValid(String str, String str2) throws InvalidUserException, PrivilegeException {
        byte[] bytes;
        if (str2 == null) {
            bytes = null;
        } else {
            try {
                bytes = str2.getBytes("UTF-8");
            } catch (UnsupportedEncodingException e) {
                throw new IllegalStateException("An unexpected error occured while trying validate the user [" + str + "]'s password. The password specified could not be encoded to byte[] with UTF-8 character-set", e);
            }
        }
        return this.kougarService.isUserPasswordValid(str, bytes);
    }

    public boolean changePassword(String str, String str2) throws InvalidUserException {
        byte[] bytes;
        if (str2 == null) {
            bytes = null;
        } else {
            try {
                bytes = str2.getBytes("UTF-8");
            } catch (UnsupportedEncodingException e) {
                throw new IllegalStateException("An unexpected error occured while trying to set the user[" + str + "]'s password. The password specified could not be encoded to byte[] with UTF-8 character-set", e);
            }
        }
        try {
            changeUserPassword(str, bytes, false);
            return true;
        } catch (PrivilegeException e2) {
            return false;
        }
    }

    public void changeUserPassword(String str, byte[] bArr, boolean z) throws InvalidUserException, PrivilegeException {
        validateMinimumPasswordAge(str, z);
        this.kougarService.changeUserPassword(str, bArr, z);
        deleteUserRememberMeToken(str);
        UserUpdateLogger.logUserUpdateWrapper(UserUpdateLogger.Action.CHANGE_PASSWORD, ((ExtendedUserService) ServiceLocator.getService(ExtendedUserService.SERVICE_NAME)).getUuidByUsername(str), str, "--", "--");
    }

    private void validateMinimumPasswordAge(String str, boolean z) throws PrivilegeException {
        AdminSecurityConfiguration adminSecurityConfiguration = (AdminSecurityConfiguration) ApplicationContextHolder.getBean(AdminSecurityConfiguration.class);
        UserProfile user = ServiceLocator.getUserProfileService(this.scp.get()).getUser(str);
        if (adminSecurityConfiguration.isPasswordMinimumAge(user.isTemporaryPassword() || z, user.getPasswordModified())) {
        } else {
            throw new PrivilegeException(ErrorCode.PASSWORD_MINIMUM_AGE_ERROR.getMessage(new LocaleFormatter(user.getLocale()), new Object[]{Integer.valueOf(adminSecurityConfiguration.getMinPasswordAge())}));
        }
    }

    private void deleteUserRememberMeToken(String str) {
        ((PersistentTokenRepository) ApplicationContextHolder.getBean(PersistentTokenRepository.class)).removeUserTokens(str);
    }

    public String createUser(User user) throws DuplicateNameException, InvalidNameException, InvalidSupervisorException, PrivilegeException, InvalidUserException {
        ensureUserPassword(user);
        DistributedUsers createDistributedUsers = ((ExtendedUserService) ServiceLocator.getService(this.scp.get(), ExtendedUserService.SERVICE_NAME)).createDistributedUsers(new User[]{user});
        createDistributedUsers.process();
        String[] usernames = createDistributedUsers.getUsernames();
        getBroadcaster().notify(UserProfileServiceEventType.UPSERT, Sets.newHashSet(usernames));
        return usernames[0];
    }

    public String[] createUsers(User[] userArr) throws DuplicateNameException, InvalidNameException, InvalidSupervisorException, PrivilegeException, InvalidUserException {
        ensureUserPassword(userArr);
        DistributedUsers createDistributedUsers = ((ExtendedUserService) ServiceLocator.getService(this.scp.get(), ExtendedUserService.SERVICE_NAME)).createDistributedUsers(userArr);
        createDistributedUsers.process();
        getBroadcaster().notify(UserProfileServiceEventType.UPSERT, Sets.newHashSet(createDistributedUsers.getUsernames()));
        return createDistributedUsers.getUsernames();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void ensureUserPassword(User user) {
        byte[] userPassword = user.getUserPassword();
        if (userPassword == null || userPassword.length == 0) {
            String password = user.getPassword();
            if (!StringUtils.isBlank(password)) {
                user.setUserPassword(password.getBytes(Charsets.UTF_8));
            }
        }
        user.setPassword(null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void ensureUserPassword(User[] userArr) {
        for (User user : userArr) {
            ensureUserPassword(user);
        }
    }

    @Deprecated
    public boolean loginAttempt(boolean z) {
        return loginAttempt(this.scp.get().getIdentity().getIdentity(), z);
    }

    public boolean loginAttempt(String str, boolean z) {
        int numberFailedAttemptsBeforeLocking = getConfig().getNumberFailedAttemptsBeforeLocking();
        int deactivateAfterInactivity = getConfig().getDeactivateAfterInactivity();
        if (numberFailedAttemptsBeforeLocking > 0 || deactivateAfterInactivity > 0) {
            return this.kougarService.loginAttempt(str, z);
        }
        return true;
    }

    private AdminSecurityConfiguration getConfig() {
        if (this.config == null) {
            this.config = (AdminSecurityConfiguration) ApplicationContextHolder.getBean(AdminSecurityConfiguration.class);
        }
        return this.config;
    }

    public void updateUser(User user) throws InvalidUserException, InvalidSupervisorException, PrivilegeException {
        updateUsers(new User[]{user});
    }

    public void updateUsers(User[] userArr) throws InvalidUserException, InvalidSupervisorException, PrivilegeException {
        for (User user : userArr) {
            if (user instanceof UserProfile) {
                UserProfileServiceJavaImpl.preventChangesToAdministratorType((UserProfile) user);
            }
        }
        this.kougarService.updateUsers(userArr);
        ServiceContext serviceContext = this.scp.get();
        UserProfileService userProfileService = ServiceLocator.getUserProfileService(serviceContext);
        for (User user2 : userArr) {
            Utilities.activateUserSessionsInProcessServers(serviceContext, userProfileService.getUser(user2.getUsername()));
        }
    }

    public void renameUsersByUuid(@ConvertWith(UuidParameterConverter[].class) String[] strArr, String[] strArr2) throws AppianRuntimeException {
        try {
            ((ExtendedUserService) ServiceLocator.getService(this.scp.get(), ExtendedUserService.SERVICE_NAME)).renameUsernames(strArr, strArr2, false);
        } catch (InvalidUserException | DuplicateNameException | InvalidNameException | PrivilegeException | SelfRenameException e) {
            throw RenameUserExceptionMapper.mapException(e, strArr, strArr2);
        }
    }

    public void reactivateUsers(String[] strArr) throws InvalidUserException, PrivilegeException {
        this.kougarService.reactivateUsers(strArr);
        ExtendedUserService extendedUserService = (ExtendedUserService) ServiceLocator.getService(ExtendedUserService.SERVICE_NAME);
        for (String str : strArr) {
            UserUpdateLogger.logUserUpdateWrapper(UserUpdateLogger.Action.CHANGE_USER_STATUS, extendedUserService.getUuidByUsername(str), str, "Inactive", "Active");
        }
        ((RemoteUserSyncer) ApplicationContextHolder.getBean(RemoteUserSyncer.class)).onUserReactivated(strArr);
        notifyObserversOfModifiedUser();
        getBroadcaster().notify(UserProfileServiceEventType.UPSERT, Sets.newHashSet(strArr));
    }

    void setEventBroadcaster(EventBroadcaster eventBroadcaster) {
        this.eventBroadcaster = eventBroadcaster;
    }

    private EventBroadcaster getBroadcaster() {
        if (this.eventBroadcaster == null) {
            if (ApplicationContextHolder.get() == null) {
                return new NoopEventBroadcaster();
            }
            this.eventBroadcaster = (EventBroadcaster) ApplicationContextHolder.getBean(UserProfileServiceEventBroadcaster.class);
        }
        return this.eventBroadcaster;
    }

    private QuickAccessUserCleanupMessenger getQuickAccessUserCleanupMessenger() {
        if (this.quickAccessUserCleanupMessenger == null) {
            if (ApplicationContextHolder.get() == null) {
                return null;
            }
            try {
                this.quickAccessUserCleanupMessenger = (QuickAccessUserCleanupMessenger) ApplicationContextHolder.getBean(QuickAccessUserCleanupMessenger.class);
            } catch (NoSuchBeanDefinitionException e) {
                return null;
            }
        }
        return this.quickAccessUserCleanupMessenger;
    }
}
