package com.appiancorp.ag.util;

import com.appiancorp.ag.security.Authenticator;
import com.appiancorp.ag.security.AuthenticatorProvider;
import com.appiancorp.ag.security.PasswordConfig;
import com.appiancorp.ap2.PortalApplicationConfiguration;
import com.appiancorp.ap2.ns.SendEmailService;
import com.appiancorp.common.config.ApplicationContextHolder;
import com.appiancorp.process.rdbms.ActivitySqlFactory;
import com.appiancorp.security.auth.saml.SamlConstants;
import com.appiancorp.security.util.StringSecurityUtils;
import com.appiancorp.services.ServiceContext;
import com.appiancorp.services.ServiceContextFactory;
import com.appiancorp.services.WebServiceContextFactory;
import com.appiancorp.suite.SuiteConfiguration;
import com.appiancorp.suite.cfg.AdminSecurityConfiguration;
import com.appiancorp.suite.cfg.ConfigurationFactory;
import com.appiancorp.suiteapi.common.ServiceLocator;
import com.appiancorp.suiteapi.common.exceptions.PrivilegeException;
import com.appiancorp.suiteapi.personalization.UserProfile;
import com.appiancorp.suiteapi.personalization.UserProfileService;
import com.appiancorp.util.BundleUtils;
import com.google.common.collect.Maps;
import jakarta.mail.internet.AddressException;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Locale;
import java.util.Map;
import java.util.ResourceBundle;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.apache.struts.action.ActionErrors;
import org.apache.struts.action.ActionMessage;

/* loaded from: input_file:com/appiancorp/ag/util/PasswordManager.class */
public final class PasswordManager {
    private static final Logger LOG = Logger.getLogger(PasswordManager.class);
    private static final String TEXT_BUNDLE = "text.java.com.appiancorp.ag.application-i18n";
    private static final String ERROR_PASSWORD_INCORRECT = "error.password.incorrect";
    private static final String ERROR_PASSWORD_MISMATCH = "error.password.mismatch";
    public static final String PASSWORD_COMPLEXITY_BASE = "password.complexity.base";
    public static final String PASSWORD_COMPLEXITY_LENGTH = "password.complexity.length";
    public static final String PASSWORD_COMPLEXITY_HISTORY = "password.complexity.history";
    public static final String PASSWORD_COMPLEXITY_ALPHABETIC = "password.complexity.alphabetic";
    public static final String PASSWORD_COMPLEXITY_UPPERCASE = "password.complexity.uppercase";
    public static final String PASSWORD_COMPLEXITY_LOWERCASE = "password.complexity.lowercase";
    public static final String PASSWORD_COMPLEXITY_NUMERALS = "password.complexity.numerals";
    public static final String PASSWORD_COMPLEXITY_SPECIAL = "password.complexity.special";
    public static final String PASSWORD_COMPLEXITY_USERNAME = "password.complexity.username";
    protected static final String TOKEN_LOGIN_PAGE_LINK = "loginPageLink";
    protected static final String TOKEN_TEMPORARY_PASSWORD = "temporaryPassword";
    protected static final String TOKEN_USER_NAME = "username";
    protected static final String TOKEN_FIRST_NAME = "firstName";
    protected static final String TOKEN_MIDDLE_NAME = "middleName";
    protected static final String TOKEN_LAST_NAME = "lastName";
    protected static final String TOKEN_EMAIL = "email";
    protected static final String TOKEN_ADMIN_USER_NAME = "admin_username";
    protected static final String TOKEN_ADMIN_FIRST_NAME = "admin_firstName";
    protected static final String TOKEN_ADMIN_MIDDLE_NAME = "admin_middleName";
    protected static final String TOKEN_ADMIN_LAST_NAME = "admin_lastName";
    protected static final String TOKEN_ADMIN_EMAIL = "admin_email";
    public static final String SUBJECT_KEY = "Subject";

    public static String getPasswordMismatchValidationMsg(Locale locale) {
        return BundleUtils.getText(BundleUtils.getBundle(TEXT_BUNDLE, locale), ERROR_PASSWORD_MISMATCH);
    }

    public static String getPasswordComplexityValidationMsg(Locale locale) {
        return BundleUtils.getText(BundleUtils.getBundle(TEXT_BUNDLE, locale), PASSWORD_COMPLEXITY_BASE, new Object[]{";" + StringUtils.join(getComplexityMessageParams(locale, (AdminSecurityConfiguration) ApplicationContextHolder.getBean(AdminSecurityConfiguration.class)), ";")});
    }

    public static void validateOldPassword(String str, String str2, String str3, ActionErrors actionErrors, ServiceContext serviceContext) {
        Authenticator authenticator = ((AuthenticatorProvider) ApplicationContextHolder.getBean(AuthenticatorProvider.class)).getAuthenticator(serviceContext);
        if (str2 == null || !authenticator.isPasswordValid(str, str2.toCharArray())) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("User " + str + " entered an invalid password while trying to change his password.");
            }
            actionErrors.add(str3, new ActionMessage(ERROR_PASSWORD_INCORRECT));
        }
    }

    public static void validateConfirmationPassword(String str, String str2, String str3, String str4, ActionErrors actionErrors) {
        if (str2.equals(str3)) {
            return;
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("User " + str + " entered a different confirmation new password");
        }
        actionErrors.add(str4, new ActionMessage(ERROR_PASSWORD_MISMATCH));
    }

    private static String joinHTML(Object[] objArr) {
        return "<br/>&nbsp;&nbsp;&nbsp;&bull;&nbsp;" + StringUtils.join(objArr, "<br/>&nbsp;&nbsp;&nbsp;&bull;&nbsp;");
    }

    public static void validateComplexity(String str, String str2, String str3, ActionErrors actionErrors, ServiceContext serviceContext) {
        try {
            if (!((PasswordConfig) ApplicationContextHolder.getBean(PasswordConfig.class)).createPasswordVerifier(serviceContext).verify(str, str2.toCharArray())) {
                ActionMessage actionMessage = new ActionMessage(PASSWORD_COMPLEXITY_BASE, joinHTML(getComplexityMessageParams(serviceContext.getLocale(), (AdminSecurityConfiguration) ApplicationContextHolder.getBean(AdminSecurityConfiguration.class))));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("User [" + str + "] entered a new password that does not meet thecomplexity requirements");
                }
                actionErrors.add(str3, actionMessage);
            }
        } catch (PrivilegeException e) {
            throw new IllegalStateException("An unexpected error occured. The user [" + serviceContext.getIdentity().getIdentity() + "] does not have sufficient privileges to verify the password for the user [" + str + "].", e);
        }
    }

    public static String numberToWord(Locale locale, Integer num) {
        if (num.intValue() > 9) {
            return num.toString();
        }
        LinkedHashMap newLinkedHashMap = Maps.newLinkedHashMap();
        newLinkedHashMap.put(0, "formatter.numberToWord.zero");
        newLinkedHashMap.put(1, "formatter.numberToWord.one");
        newLinkedHashMap.put(2, "formatter.numberToWord.two");
        newLinkedHashMap.put(3, "formatter.numberToWord.three");
        newLinkedHashMap.put(4, "formatter.numberToWord.four");
        newLinkedHashMap.put(5, "formatter.numberToWord.five");
        newLinkedHashMap.put(6, "formatter.numberToWord.six");
        newLinkedHashMap.put(7, "formatter.numberToWord.seven");
        newLinkedHashMap.put(8, "formatter.numberToWord.eight");
        newLinkedHashMap.put(9, "formatter.numberToWord.nine");
        return BundleUtils.getText(BundleUtils.getBundle(TEXT_BUNDLE, locale), (String) newLinkedHashMap.get(num));
    }

    public static Object[] getComplexityMessageParams(Locale locale, AdminSecurityConfiguration adminSecurityConfiguration) {
        ArrayList arrayList = new ArrayList();
        ResourceBundle bundle = BundleUtils.getBundle(TEXT_BUNDLE, locale);
        arrayList.add(getSpecifiedComplexityMessage(PASSWORD_COMPLEXITY_LENGTH, adminSecurityConfiguration.getMinPasswordLength(), bundle, locale));
        if (adminSecurityConfiguration.getNumberPastPasswordsToCheck() > 0) {
            arrayList.add(getSpecifiedComplexityMessage(PASSWORD_COMPLEXITY_HISTORY, Integer.valueOf(adminSecurityConfiguration.getNumberPastPasswordsToCheck()), bundle, locale));
        }
        arrayList.add(getSpecifiedComplexityMessage(PASSWORD_COMPLEXITY_ALPHABETIC, adminSecurityConfiguration.getMinAlphabeticCharacters(), bundle, locale));
        arrayList.add(getSpecifiedComplexityMessage(PASSWORD_COMPLEXITY_NUMERALS, adminSecurityConfiguration.getMinNumericCharacters(), bundle, locale));
        arrayList.add(getSpecifiedComplexityMessage(PASSWORD_COMPLEXITY_SPECIAL, adminSecurityConfiguration.getMinSpecialCharacters(), bundle, locale));
        arrayList.add(getSpecifiedComplexityMessage(PASSWORD_COMPLEXITY_UPPERCASE, adminSecurityConfiguration.getMinUppercaseCharacters(), bundle, locale));
        arrayList.add(getSpecifiedComplexityMessage(PASSWORD_COMPLEXITY_LOWERCASE, adminSecurityConfiguration.getMinLowercaseCharacters(), bundle, locale));
        if (adminSecurityConfiguration.passwordCannotContainUsername().booleanValue()) {
            arrayList.add(BundleUtils.getText(bundle, PASSWORD_COMPLEXITY_USERNAME));
        }
        arrayList.removeAll(Collections.singleton(null));
        return arrayList.toArray();
    }

    private static String getSpecifiedComplexityMessage(String str, Integer num, ResourceBundle resourceBundle, Locale locale) {
        if (num.intValue() == 0 || num == null) {
            return null;
        }
        return BundleUtils.getText(resourceBundle, num.intValue() > 1 ? str + ".plural" : str + ".singular", new Object[]{numberToWord(locale, num)});
    }

    public static void sendEmail(String str, char[] cArr, String str2, ServiceContext serviceContext) throws URISyntaxException, AddressException {
        UserProfile user = ServiceLocator.getUserProfileService(serviceContext).getUser(str);
        ((SendEmailService) ServiceLocator.getService(serviceContext, SendEmailService.SERVICE_NAME)).sendEmailToUser(user, BundleUtils.getText(BundleUtils.getJspBundle(str2, ServiceContextFactory.populateServiceContextI18nSettings(WebServiceContextFactory.getServiceContext(user)).getLocale()), "Subject", new Object[]{((PortalApplicationConfiguration) ConfigurationFactory.getConfiguration(PortalApplicationConfiguration.class)).getAppname()}), str2, getPasswordEmailTokensMap(user, cArr, (SuiteConfiguration) ConfigurationFactory.getConfiguration(SuiteConfiguration.class), serviceContext));
    }

    protected static Map<String, String> getPasswordEmailTokensMap(UserProfile userProfile, char[] cArr, SuiteConfiguration suiteConfiguration, ServiceContext serviceContext) throws URISyntaxException {
        UserProfileService userProfileService = ServiceLocator.getUserProfileService(serviceContext);
        String username = userProfile.getUsername();
        String str = suiteConfiguration.getPublicSchemeLinkRoot().toString() + ActivitySqlFactory.AC_SUBSTITUTE_CONST + SamlConstants.AUTH_PROVIDER_QUERY_PARAM + "=" + SamlConstants.AUTH_PROVIDER_NATIVE;
        HashMap hashMap = new HashMap();
        UserProfile user = userProfileService.getUser(serviceContext.getName());
        UserProfile user2 = userProfileService.getUser(username);
        hashMap.put(TOKEN_LOGIN_PAGE_LINK, str);
        hashMap.put("username", username);
        hashMap.put("firstName", StringSecurityUtils.stripHtml(user2.getFirstName(), true));
        hashMap.put("middleName", StringSecurityUtils.stripHtml(user2.getMiddleName(), true));
        hashMap.put("lastName", StringSecurityUtils.stripHtml(user2.getLastName(), true));
        hashMap.put("email", user2.getEmail());
        hashMap.put(TOKEN_ADMIN_USER_NAME, user.getUsername());
        hashMap.put(TOKEN_ADMIN_FIRST_NAME, user.getFirstName());
        hashMap.put(TOKEN_ADMIN_MIDDLE_NAME, user.getMiddleName());
        hashMap.put(TOKEN_ADMIN_LAST_NAME, user.getLastName());
        hashMap.put(TOKEN_ADMIN_EMAIL, user.getEmail());
        hashMap.put(TOKEN_TEMPORARY_PASSWORD, String.valueOf(cArr));
        return hashMap;
    }
}
