package com.appiancorp.suite.cfg;

import com.appiancorp.common.AppToken;
import com.appiancorp.common.config.ApplicationContextHolder;
import com.appiancorp.features.FeatureToggleClient;
import com.appiancorp.services.ExtendedServiceLocator;
import com.appiancorp.services.ServiceContextFactory;
import com.appiancorp.suite.cfg.adminconsole.AdminConsoleConfiguration;
import com.appiancorp.suite.cfg.adminconsole.AdministeredConfiguration;
import com.appiancorp.suite.cfg.adminconsole.AdministeredConfigurationFactory;
import com.appiancorp.suite.cfg.adminconsole.PropertyType;
import com.appiancorp.suite.cfg.adminconsole.administeredproperty.AdministeredProperty;
import com.appiancorp.suite.cfg.adminconsole.administeredproperty.AdministeredPropertyIxHandler;
import com.appiancorp.suite.cfg.adminconsole.administeredproperty.AppianAuthenticationProperties;
import com.appiancorp.suite.cfg.adminconsole.administeredproperty.AppianAuthenticationPropertiesAccessor;
import com.appiancorp.suite.cfg.adminconsole.administeredproperty.AppianAuthenticationPropertiesIxHandler;
import com.appiancorp.suite.cfg.adminconsole.property.AdministeredConfigurationProperty;
import com.appiancorp.suite.cfg.personalization.PersonalizationConfigService;
import com.appiancorp.suiteapi.security.auth.PasswordStatus;
import com.google.common.collect.Lists;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.function.Function;

/* loaded from: input_file:com/appiancorp/suite/cfg/AdminSecurityConfiguration.class */
public class AdminSecurityConfiguration implements AdminConsoleConfiguration {
    public static final String NAMESPACE = "conf.security";
    private static final String VALIDATION_MIN = ".validation.min";
    private static final String VALIDATION_MIN_LABEL = ".validation.min.label";
    private static final String VALIDATION_MAX = ".validation.max";
    private static final String VALIDATION_MAX_LABEL = ".validation.max.label";
    private static final String VALIDATION_MAX_CHAR_LABEL = ".validation.max.label.char";
    private static final String VALIDATION_MAX_BYTE_LABEL = ".validation.max.label.byte";
    private static final String PASSWORD_AGE_RANGE = "pw.PASSWORD_AGE_RANGE.validation";
    private static final String FORGOTPASSWORD_WARNING_STRING = "forgotpassword.WARNING_STRING";
    private final AdministeredConfiguration config;
    private final FeatureToggleClient featureToggleClient;
    public static final int SESSION_TIMEOUT_MINUTES_BETWEEN_WARNING_AND_LOGOUT = 5;
    public static final String NAMESPACE_QUALIFIED_ADMIN_SECURITY_CONFIGURATIONS = "conf.security." + AppianAuthenticationProperty.AppianAuthentication.getName();

    /* loaded from: input_file:com/appiancorp/suite/cfg/AdminSecurityConfiguration$AppianAuthenticationProperty.class */
    public interface AppianAuthenticationProperty {
        public static final AdministeredConfigurationProperty<Integer> MinimumPasswordLength = new AdministeredConfigurationProperty<>("pw.MIN_PASSWORD_LENGTH", 1, 0);
        public static final AdministeredConfigurationProperty<Integer> MinimumAlphabeticCharacters = new AdministeredConfigurationProperty<>("pw.MIN_ALPHABETIC_CHARACTERS", 0, 0);
        public static final AdministeredConfigurationProperty<Integer> MinimumLowercaseCharacters = new AdministeredConfigurationProperty<>("pw.MIN_LOWERCASE_CHARACTERS", 0, 0);
        public static final AdministeredConfigurationProperty<Integer> MinimumUppercaseCharacters = new AdministeredConfigurationProperty<>("pw.MIN_UPPERCASE_CHARACTERS", 0, 0);
        public static final AdministeredConfigurationProperty<Integer> MinimumNumericCharacters = new AdministeredConfigurationProperty<>("pw.MIN_NUMERIC_CHARACTERS", 0, 0);
        public static final AdministeredConfigurationProperty<Integer> MinimumSpecialCharacters = new AdministeredConfigurationProperty<>("pw.MIN_SPECIAL_CHARACTERS", 0, 0);
        public static final AdministeredConfigurationProperty<Integer> NumberPastPasswordsToCheck = new AdministeredConfigurationProperty<>("pw.NUMBER_PAST_PASSWORDS_TO_CHECK", 1, 0);
        public static final AdministeredConfigurationProperty<Integer> MinimumPasswordAge = new AdministeredConfigurationProperty<>("pw.MIN_PASSWORD_AGE", 0, 0);
        public static final AdministeredConfigurationProperty<Integer> MaximumPasswordAge = new AdministeredConfigurationProperty<>("pw.MAX_PASSWORD_AGE", 0, 0);
        public static final AdministeredConfigurationProperty<Integer> NumberFailedAttemptsBeforeLocking = new AdministeredConfigurationProperty<>("pw.NUMBER_FAILED_ATTEMPTS_BEFORE_LOCKING", 6, 0);
        public static final AdministeredConfigurationProperty<Integer> LockoutDuration = new AdministeredConfigurationProperty<>("pw.LOCKOUT_DURATION", 30, 0);
        public static final AdministeredConfigurationProperty<Integer> ResetFailedLoginAttemptsCountAfter = new AdministeredConfigurationProperty<>("pw.RESET_FAILED_LOGIN_ATTEMPTS_COUNT_AFTER", 30, 1);
        public static final AdministeredConfigurationProperty<Integer> WarnPasswordPeriod = new AdministeredConfigurationProperty<>("account.WARN_PASSWORD_PERIOD", 0, 0);
        public static final AdministeredConfigurationProperty<Integer> MaximumTemporaryPasswordAge = new AdministeredConfigurationProperty<>("account.MAX_TEMPORARY_PASSWORD_AGE", 10080, 0);
        public static final AdministeredConfigurationProperty<Integer> DeactivateAfterInactivity = new AdministeredConfigurationProperty<>("account.DEACTIVATE_AFTER_INACTIVITY", 0, 0);
        public static final AdministeredConfigurationProperty<Integer> MaxConcurrentSessions = new AdministeredConfigurationProperty<>("account.MAX_CONCURRENT_SESSIONS", 0, 0);
        public static final AdministeredConfigurationProperty<String> LoginBannerText = new AdministeredConfigurationProperty<>("notification.BANNER_TEXT", "", "");
        public static final AdministeredConfigurationProperty<Integer> RememberMeTokenExpiration = new AdministeredConfigurationProperty<>("rememberme.MAX_AGE", 14, 0);
        public static final AdministeredConfigurationProperty<Integer> SessionTimeout = new AdministeredConfigurationProperty<>("session.TIMEOUT", 65, 65);
        public static final AdministeredConfigurationProperty<Boolean> ForgotPasswordEnabled = new AdministeredConfigurationProperty<>("forgotpassword.ENABLED", true, null);
        public static final AdministeredConfigurationProperty<Integer> ForgotPasswordTokenDurationInMinutes = new AdministeredConfigurationProperty<>("forgotpassword.TOKEN_DURATION", 15, 0);
        public static final AdministeredConfigurationProperty<Boolean> MFAEnabled = new AdministeredConfigurationProperty<>("mfa.ENABLED", false, false);
        public static final AdministeredConfigurationProperty<String> MFAGroupSelection = new AdministeredConfigurationProperty<>("mfa.GROUP_SELECTION", "", "");
        public static final AdministeredConfigurationProperty<Boolean> PasswordCannotContainUsername = new AdministeredConfigurationProperty<>("pw.PASSWORD_CANNOT_CONTAIN_USERNAME", false, false);
        public static final AdministeredConfigurationProperty<String> MaintWindowMessage = new AdministeredConfigurationProperty<>("maintWindow.MESSAGE", "", "");
        public static final AdministeredConfigurationProperty<Boolean> MaintWindowActive = new AdministeredConfigurationProperty<>("maintWindow.ACTIVE", false, false);
        public static final AdministeredConfigurationProperty<AppianAuthenticationProperties> AppianAuthentication = new AdministeredConfigurationProperty<>("APPIAN_AUTHENTICATION", new AppianAuthenticationProperties(), (Object) null, PropertyType.AUTHENTICATION);
    }

    /* loaded from: input_file:com/appiancorp/suite/cfg/AdminSecurityConfiguration$SecurityProperty.class */
    public interface SecurityProperty extends AppianAuthenticationProperty {
    }

    public AdminSecurityConfiguration(PersonalizationConfigService personalizationConfigService, com.appiancorp.common.config.persistence.ConfigService configService, AdministeredConfigurationFactory administeredConfigurationFactory, SamlConfiguration samlConfiguration, LdapConfiguration ldapConfiguration, FeatureToggleClient featureToggleClient) {
        this.config = generateConfiguration(personalizationConfigService, configService, administeredConfigurationFactory, samlConfiguration, ldapConfiguration);
        this.featureToggleClient = featureToggleClient;
    }

    @Deprecated
    public AdminSecurityConfiguration(PersonalizationConfigService personalizationConfigService) {
        this(personalizationConfigService, (com.appiancorp.common.config.persistence.ConfigService) ApplicationContextHolder.getBean(com.appiancorp.common.config.persistence.ConfigService.class), (AdministeredConfigurationFactory) ApplicationContextHolder.getBean(AdministeredConfigurationFactory.class), (SamlConfiguration) ApplicationContextHolder.getBean("samlConfig", SamlConfiguration.class), (LdapConfiguration) ApplicationContextHolder.getBean(LdapConfiguration.class), null);
    }

    @Deprecated
    public AdminSecurityConfiguration() {
        this(ExtendedServiceLocator.getPersonalizationConfigService(ServiceContextFactory.getAdministratorServiceContext()));
    }

    private AdministeredConfiguration generateConfiguration(PersonalizationConfigService personalizationConfigService, com.appiancorp.common.config.persistence.ConfigService configService, final AdministeredConfigurationFactory administeredConfigurationFactory, SamlConfiguration samlConfiguration, LdapConfiguration ldapConfiguration) {
        AdministeredConfiguration addProperty = administeredConfigurationFactory.buildRdbmsConfig("conf.security").disableListDelimiter().addHeader("title").addHeader("format.title").addHeader("expiration.title").addHeader("forgotpassword.title").addHeader("mfa.title").addHeader("account.title").addHeader("notification.title").addHeader("button.resetChanges.label").addHeader("button.saveChanges.label").addHeader("instructions").addHeader("saveMessage").addHeader(SecurityProperty.MinimumPasswordLength.name + VALIDATION_MIN).addHeader(SecurityProperty.MinimumPasswordLength.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.MinimumPasswordLength).addHeader(SecurityProperty.MinimumAlphabeticCharacters.name + VALIDATION_MIN).addHeader(SecurityProperty.MinimumAlphabeticCharacters.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.MinimumAlphabeticCharacters).addHeader(SecurityProperty.MinimumLowercaseCharacters.name + VALIDATION_MIN).addHeader(SecurityProperty.MinimumLowercaseCharacters.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.MinimumLowercaseCharacters).addHeader(SecurityProperty.MinimumUppercaseCharacters.name + VALIDATION_MIN).addHeader(SecurityProperty.MinimumUppercaseCharacters.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.MinimumUppercaseCharacters).addHeader(SecurityProperty.MinimumNumericCharacters.name + VALIDATION_MIN).addHeader(SecurityProperty.MinimumNumericCharacters.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.MinimumNumericCharacters).addHeader(SecurityProperty.MinimumSpecialCharacters.name + VALIDATION_MIN).addHeader(SecurityProperty.MinimumSpecialCharacters.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.MinimumSpecialCharacters).addHeader(SecurityProperty.NumberPastPasswordsToCheck.name + VALIDATION_MIN).addHeader(SecurityProperty.NumberPastPasswordsToCheck.name + VALIDATION_MIN_LABEL).addHeader(SecurityProperty.NumberPastPasswordsToCheck.name + VALIDATION_MAX).addHeader(SecurityProperty.NumberPastPasswordsToCheck.name + VALIDATION_MAX_LABEL).addProperty(SecurityProperty.NumberPastPasswordsToCheck, personalizationConfigService, configService).addHeader(SecurityProperty.MinimumPasswordAge.name + VALIDATION_MIN).addHeader(SecurityProperty.MinimumPasswordAge.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.MinimumPasswordAge).addHeader(SecurityProperty.MaximumPasswordAge.name + VALIDATION_MIN).addHeader(SecurityProperty.MaximumPasswordAge.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.MaximumPasswordAge).addHeader(PASSWORD_AGE_RANGE).addHeader(SecurityProperty.NumberFailedAttemptsBeforeLocking.name + VALIDATION_MIN).addHeader(SecurityProperty.NumberFailedAttemptsBeforeLocking.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.NumberFailedAttemptsBeforeLocking, personalizationConfigService, configService).addHeader(SecurityProperty.LockoutDuration.name + VALIDATION_MIN).addHeader(SecurityProperty.LockoutDuration.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.LockoutDuration, personalizationConfigService, configService).addHeader(SecurityProperty.ResetFailedLoginAttemptsCountAfter.name + VALIDATION_MIN).addHeader(SecurityProperty.ResetFailedLoginAttemptsCountAfter.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.ResetFailedLoginAttemptsCountAfter, personalizationConfigService, configService).addHeader(SecurityProperty.WarnPasswordPeriod.name + VALIDATION_MIN).addHeader(SecurityProperty.WarnPasswordPeriod.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.WarnPasswordPeriod).addHeader(SecurityProperty.MaximumTemporaryPasswordAge.name + VALIDATION_MIN).addHeader(SecurityProperty.MaximumTemporaryPasswordAge.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.MaximumTemporaryPasswordAge).addHeader(SecurityProperty.DeactivateAfterInactivity.name + VALIDATION_MIN).addHeader(SecurityProperty.DeactivateAfterInactivity.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.DeactivateAfterInactivity, personalizationConfigService, configService).addHeader(SecurityProperty.MaxConcurrentSessions.name + VALIDATION_MIN).addHeader(SecurityProperty.MaxConcurrentSessions.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.MaxConcurrentSessions).addHeader(SecurityProperty.LoginBannerText.name + VALIDATION_MAX).addHeader(SecurityProperty.LoginBannerText.name + VALIDATION_MAX_CHAR_LABEL).addHeader(SecurityProperty.LoginBannerText.name + VALIDATION_MAX_BYTE_LABEL).addStringPropertyWithRememberMeClear(SecurityProperty.LoginBannerText.name, SecurityProperty.LoginBannerText.getDefaultValue(), SecurityProperty.LoginBannerText.getDisabledValue()).addProperty(SecurityProperty.MaintWindowMessage).addProperty(SecurityProperty.MaintWindowActive).addProperty(SecurityProperty.RememberMeTokenExpiration).addProperty(SecurityProperty.SessionTimeout).addProperty(SecurityProperty.ForgotPasswordEnabled, samlConfiguration, ldapConfiguration).addHeader(SecurityProperty.ForgotPasswordTokenDurationInMinutes.name + VALIDATION_MAX).addHeader(SecurityProperty.ForgotPasswordTokenDurationInMinutes.name + VALIDATION_MAX_LABEL).addHeader(SecurityProperty.ForgotPasswordTokenDurationInMinutes.name + VALIDATION_MIN).addHeader(SecurityProperty.ForgotPasswordTokenDurationInMinutes.name + VALIDATION_MIN_LABEL).addProperty(SecurityProperty.ForgotPasswordTokenDurationInMinutes, samlConfiguration, ldapConfiguration).addHeader("forgotpassword.WARNING_STRING.alluserswarning").addHeader("forgotpassword.WARNING_STRING.groupwarning").addProperty(SecurityProperty.MFAEnabled).addProperty(SecurityProperty.MFAGroupSelection).addProperty(SecurityProperty.PasswordCannotContainUsername);
        addProperty.addProperty(AppianAuthenticationProperty.AppianAuthentication, getAppianAuthenticationAccessor(addProperty), new Function<AdministeredProperty, AdministeredPropertyIxHandler>() { // from class: com.appiancorp.suite.cfg.AdminSecurityConfiguration.1
            @Override // java.util.function.Function
            public AdministeredPropertyIxHandler apply(AdministeredProperty administeredProperty) {
                return new AppianAuthenticationPropertiesIxHandler(administeredProperty);
            }
        });
        addProperty.setLogFunction(new AdministeredConfiguration.AdminConsoleLogFunction() { // from class: com.appiancorp.suite.cfg.AdminSecurityConfiguration.2
            @Override // com.appiancorp.suite.cfg.adminconsole.AdministeredConfiguration.AdminConsoleLogFunction
            public void log(String str, Object obj, Object obj2) {
                if (AppianAuthenticationProperty.AppianAuthentication.getName().equals(str)) {
                    return;
                }
                administeredConfigurationFactory.getAuditLogger().log("conf.security", str, obj, obj2);
            }
        });
        return addProperty;
    }

    private AppianAuthenticationPropertiesAccessor getAppianAuthenticationAccessor(AdministeredConfiguration administeredConfiguration) {
        return AppianAuthenticationPropertiesAccessor.builder(AppianAuthenticationProperty.AppianAuthentication).minimumPasswordLength(administeredConfiguration.get(SecurityProperty.MinimumPasswordLength)).minimumAlphabeticCharacters(administeredConfiguration.get(SecurityProperty.MinimumAlphabeticCharacters)).minimumLowercaseCharacters(administeredConfiguration.get(SecurityProperty.MinimumLowercaseCharacters)).minimumUppercaseCharacters(administeredConfiguration.get(SecurityProperty.MinimumUppercaseCharacters)).minimumNumericCharacters(administeredConfiguration.get(SecurityProperty.MinimumNumericCharacters)).minimumSpecialCharacters(administeredConfiguration.get(SecurityProperty.MinimumSpecialCharacters)).numberPastPasswordsToCheck(administeredConfiguration.get(SecurityProperty.NumberPastPasswordsToCheck)).minimumPasswordAge(administeredConfiguration.get(SecurityProperty.MinimumPasswordAge)).maximumPasswordAge(administeredConfiguration.get(SecurityProperty.MaximumPasswordAge)).numberFailedAttemptsBeforeLocking(administeredConfiguration.get(SecurityProperty.NumberFailedAttemptsBeforeLocking)).lockoutDuration(administeredConfiguration.get(SecurityProperty.LockoutDuration)).resetFailedLoginAttemptsCountAfter(administeredConfiguration.get(SecurityProperty.ResetFailedLoginAttemptsCountAfter)).warnPasswordPeriod(administeredConfiguration.get(SecurityProperty.WarnPasswordPeriod)).maximumTemporaryPasswordAge(administeredConfiguration.get(SecurityProperty.MaximumTemporaryPasswordAge)).deactivateAfterInactivity(administeredConfiguration.get(SecurityProperty.DeactivateAfterInactivity)).maxConcurrentSessions(administeredConfiguration.get(SecurityProperty.MaxConcurrentSessions)).termsOfServiceText(administeredConfiguration.get(SecurityProperty.LoginBannerText)).rememberMeTokenExpiration(administeredConfiguration.get(SecurityProperty.RememberMeTokenExpiration)).sessionTimeout(administeredConfiguration.get(SecurityProperty.SessionTimeout)).forgotPasswordEnabled(administeredConfiguration.get(SecurityProperty.ForgotPasswordEnabled)).forgotPasswordTokenDurationInMinutes(administeredConfiguration.get(SecurityProperty.ForgotPasswordTokenDurationInMinutes)).passwordCannotContainUsername(administeredConfiguration.get(SecurityProperty.PasswordCannotContainUsername)).mfaEnabled(administeredConfiguration.get(SecurityProperty.MFAEnabled)).mfaGroup(administeredConfiguration.get(SecurityProperty.MFAGroupSelection)).build();
    }

    public List<AdministeredProperty<?>> getAllSupportedProperties() {
        ArrayList newArrayList = Lists.newArrayList();
        Iterator<AdministeredProperty> it = this.config.iterator();
        while (it.hasNext()) {
            newArrayList.add(it.next());
        }
        return newArrayList;
    }

    public Integer getMinPasswordLength() {
        return (Integer) this.config.getValue(SecurityProperty.MinimumPasswordLength);
    }

    public Integer getMinAlphabeticCharacters() {
        return (Integer) this.config.getValue(SecurityProperty.MinimumAlphabeticCharacters);
    }

    public Integer getMinSpecialCharacters() {
        return (Integer) this.config.getValue(SecurityProperty.MinimumSpecialCharacters);
    }

    public Integer getMinNumericCharacters() {
        return (Integer) this.config.getValue(SecurityProperty.MinimumNumericCharacters);
    }

    public Integer getMinLowercaseCharacters() {
        return (Integer) this.config.getValue(SecurityProperty.MinimumLowercaseCharacters);
    }

    public Integer getMinUppercaseCharacters() {
        return (Integer) this.config.getValue(SecurityProperty.MinimumUppercaseCharacters);
    }

    public Integer getWarnPasswordPeriod() {
        return (Integer) this.config.getValue(SecurityProperty.WarnPasswordPeriod);
    }

    public Integer getMaxPasswordAge() {
        return (Integer) this.config.getValue(SecurityProperty.MaximumPasswordAge);
    }

    public Integer getMaxTempPasswordAge() {
        return (Integer) this.config.getValue(SecurityProperty.MaximumTemporaryPasswordAge);
    }

    public Integer getMaxConcurrentSessions() {
        return (Integer) this.config.getValue(SecurityProperty.MaxConcurrentSessions);
    }

    public long getMaxPasswordAgeInMillis() {
        return getMaxPasswordAge().intValue() * AppToken.MILLISECONDS_PER_DAY;
    }

    public long getWarnPasswordPeriodInMillis() {
        return getWarnPasswordPeriod().intValue() * AppToken.MILLISECONDS_PER_DAY;
    }

    public long getMaxTempPasswordAgeInMillis() {
        return getMaxTempPasswordAge().intValue() * 60000;
    }

    public int getMinPasswordAge() {
        return ((Integer) this.config.getValue(SecurityProperty.MinimumPasswordAge)).intValue();
    }

    public long getMinPasswordAgeInMillis() {
        return getMinPasswordAge() * 60000;
    }

    public int getNumberPastPasswordsToCheck() {
        return ((Integer) this.config.getValue(SecurityProperty.NumberPastPasswordsToCheck)).intValue();
    }

    public int getNumberFailedAttemptsBeforeLocking() {
        return ((Integer) this.config.getValue(SecurityProperty.NumberFailedAttemptsBeforeLocking)).intValue();
    }

    public int getLockoutDuration() {
        return ((Integer) this.config.getValue(SecurityProperty.LockoutDuration)).intValue();
    }

    public int getResetFailedLoginAttemptsCountAfter() {
        return ((Integer) this.config.getValue(SecurityProperty.ResetFailedLoginAttemptsCountAfter)).intValue();
    }

    public int getDeactivateAfterInactivity() {
        return ((Integer) this.config.getValue(SecurityProperty.DeactivateAfterInactivity)).intValue();
    }

    public String getLoginBannerText() {
        return (String) this.config.getValue(SecurityProperty.LoginBannerText);
    }

    public Boolean isMaintWindowActive() {
        return (Boolean) this.config.getValue(SecurityProperty.MaintWindowActive);
    }

    public String getMaintWindowMessage() {
        return (String) this.config.getValue(SecurityProperty.MaintWindowMessage);
    }

    public Boolean isMfaEnabled() {
        return Boolean.valueOf(this.featureToggleClient.isFeatureEnabled("ae.iam.multi-factor-auth-email") && ((Boolean) this.config.getValue(SecurityProperty.MFAEnabled)).booleanValue());
    }

    public String getMfaGroupSelection() {
        return (String) this.config.getValue(SecurityProperty.MFAGroupSelection);
    }

    public boolean isPasswordExpired(Timestamp timestamp) {
        if (timestamp == null) {
            return true;
        }
        long currentTimeMillis = System.currentTimeMillis() - timestamp.getTime();
        long maxPasswordAgeInMillis = getMaxPasswordAgeInMillis();
        return maxPasswordAgeInMillis != 0 && currentTimeMillis >= maxPasswordAgeInMillis;
    }

    public boolean isPasswordWithinWarnPeriod(Timestamp timestamp) {
        if (timestamp == null) {
            return false;
        }
        long currentTimeMillis = System.currentTimeMillis() - timestamp.getTime();
        long maxPasswordAgeInMillis = getMaxPasswordAgeInMillis();
        long warnPasswordPeriodInMillis = getWarnPasswordPeriodInMillis();
        return warnPasswordPeriodInMillis != 0 && maxPasswordAgeInMillis != 0 && currentTimeMillis >= maxPasswordAgeInMillis - warnPasswordPeriodInMillis && currentTimeMillis < maxPasswordAgeInMillis;
    }

    public int getTimeRemainingUntilPasswordExpiration(Timestamp timestamp) {
        if (timestamp == null) {
            return 0;
        }
        return (int) Math.ceil(((float) (getMaxPasswordAgeInMillis() - (System.currentTimeMillis() - timestamp.getTime()))) / 8.64E7f);
    }

    public boolean isTempPasswordExpired(Timestamp timestamp) {
        if (timestamp == null) {
            return false;
        }
        long currentTimeMillis = System.currentTimeMillis() - timestamp.getTime();
        long maxTempPasswordAgeInMillis = getMaxTempPasswordAgeInMillis();
        return maxTempPasswordAgeInMillis != 0 && currentTimeMillis >= maxTempPasswordAgeInMillis;
    }

    public PasswordStatus getPasswordStatus(boolean z, Timestamp timestamp) {
        return z ? PasswordStatus.TEMPORARY : isPasswordExpired(timestamp) ? PasswordStatus.EXPIRED : isPasswordWithinWarnPeriod(timestamp) ? PasswordStatus.EXPIRATION_WARNING : PasswordStatus.NORMAL;
    }

    public boolean isPasswordMinimumAge(boolean z, Timestamp timestamp) {
        if (z || isPasswordExpired(timestamp) || getMinPasswordAge() == 0) {
            return true;
        }
        return System.currentTimeMillis() - timestamp.getTime() >= getMinPasswordAgeInMillis();
    }

    public Integer getRememberMeTokenExpiration() {
        return (Integer) this.config.getValue(SecurityProperty.RememberMeTokenExpiration);
    }

    public Integer getSessionTimeoutInMinutes() {
        return (Integer) this.config.getValue(SecurityProperty.SessionTimeout);
    }

    public Integer getSessionTimeoutWarnInMinutes() {
        return Integer.valueOf(getSessionTimeoutInMinutes().intValue() - 5);
    }

    public Boolean isForgotPasswordEnabled() {
        return (Boolean) this.config.getValue(SecurityProperty.ForgotPasswordEnabled);
    }

    public Integer getForgotPasswordTokenDurationInMinutes() {
        return (Integer) this.config.getValue(SecurityProperty.ForgotPasswordTokenDurationInMinutes);
    }

    public Boolean passwordCannotContainUsername() {
        return (Boolean) this.config.getValue(SecurityProperty.PasswordCannotContainUsername);
    }

    @Override // com.appiancorp.suite.cfg.adminconsole.AdminConsoleConfiguration
    public AdministeredConfiguration getAdministeredConfiguration() {
        return this.config;
    }
}
