package org.gluu.oxtrust.action;

import java.io.IOException;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import javax.enterprise.context.ConversationScoped;
import javax.faces.application.FacesMessage;
import javax.inject.Inject;
import javax.inject.Named;
import org.gluu.config.oxtrust.AppConfiguration;
import org.gluu.jsf2.message.FacesMessages;
import org.gluu.jsf2.service.ConversationService;
import org.gluu.model.SimpleCustomProperty;
import org.gluu.model.SimpleExtendedCustomProperty;
import org.gluu.model.SimpleProperty;
import org.gluu.model.custom.script.CustomScriptType;
import org.gluu.model.custom.script.model.CustomScript;
import org.gluu.model.ldap.GluuLdapConfiguration;
import org.gluu.model.passport.PassportConfiguration;
import org.gluu.oxtrust.model.GluuConfiguration;
import org.gluu.oxtrust.model.LdapConfigurationModel;
import org.gluu.oxtrust.model.OxIDPAuthConf;
import org.gluu.oxtrust.model.SimpleCustomPropertiesListModel;
import org.gluu.oxtrust.model.SimplePropertiesListModel;
import org.gluu.oxtrust.service.ConfigurationService;
import org.gluu.oxtrust.service.EncryptionService;
import org.gluu.oxtrust.service.JsonConfigurationService;
import org.gluu.oxtrust.service.config.ConfigurationFactory;
import org.gluu.oxtrust.util.OxTrustApiConstants;
import org.gluu.persist.exception.BasePersistenceException;
import org.gluu.persist.ldap.operation.impl.LdapConnectionProvider;
import org.gluu.service.custom.script.AbstractCustomScriptService;
import org.gluu.service.security.Secure;
import org.gluu.util.StringHelper;
import org.gluu.util.security.PropertiesDecrypter;
import org.gluu.util.security.StringEncrypter;
import org.slf4j.Logger;

@ConversationScoped
@Secure("#{permissionService.hasPermission('configuration', 'access')}")
@Named("managePersonAuthenticationAction")
/* loaded from: input_file:org/gluu/oxtrust/action/ManagePersonAuthenticationAction.class */
public class ManagePersonAuthenticationAction implements SimplePropertiesListModel, SimpleCustomPropertiesListModel, LdapConfigurationModel, Serializable {
    private static final String SIMPLE_PASSWORD_AUTH = "simple_password_auth";
    private static final long serialVersionUID = -4470460481895022468L;

    @Inject
    private Logger log;

    @Inject
    private FacesMessages facesMessages;

    @Inject
    private ConversationService conversationService;

    @Inject
    private ConfigurationService configurationService;

    @Inject
    private AbstractCustomScriptService customScriptService;

    @Inject
    private ConfigurationFactory configurationFactory;

    @Inject
    private EncryptionService encryptionService;
    private boolean existLdapConfigIdpAuthConf;
    private List<CustomScript> customScripts;
    private List<GluuLdapConfiguration> sourceConfigs;
    private GluuLdapConfiguration activeLdapConfig;
    private String oxTrustAuthenticationMode;
    private String recaptchaSiteKey;
    private String recaptchaSecretKey;
    private List<String> customAuthenticationConfigNames;
    private boolean initialized;

    @Inject
    private JsonConfigurationService jsonConfigurationService;
    private AppConfiguration oxTrustappConfiguration;
    private String authenticationMode = "auth_ldap_server";
    private Boolean passportEnable = Boolean.FALSE;
    private boolean authenticationRecaptchaEnabled = false;

    public boolean isAuthenticationRecaptchaEnabled() {
        return this.authenticationRecaptchaEnabled;
    }

    public void setAuthenticationRecaptchaEnabled(boolean z) {
        this.authenticationRecaptchaEnabled = z;
    }

    public String modify() {
        String modifyImpl = modifyImpl();
        if ("failure".equals(modifyImpl)) {
            this.facesMessages.add(FacesMessage.SEVERITY_ERROR, this.facesMessages.evalResourceAsString("#{msg['configuration.manageAuthentication.failToPrepareUpdate']}"));
            this.conversationService.endConversation();
        }
        return modifyImpl;
    }

    public String modifyImpl() {
        if (this.initialized) {
            return "success";
        }
        try {
            GluuConfiguration configuration = this.configurationService.getConfiguration();
            if (configuration == null) {
                return "failure";
            }
            this.passportEnable = Boolean.valueOf(configuration.isPassportEnabled());
            this.customScripts = this.customScriptService.findCustomScripts(Arrays.asList(CustomScriptType.PERSON_AUTHENTICATION), new String[]{OxTrustApiConstants.DISPLAY_NAME, "oxLevel", "oxEnabled"});
            List<OxIDPAuthConf> iDPAuthConfOrNull = getIDPAuthConfOrNull(configuration);
            this.sourceConfigs = new ArrayList();
            if (iDPAuthConfOrNull != null) {
                Iterator<OxIDPAuthConf> it = iDPAuthConfOrNull.iterator();
                while (it.hasNext()) {
                    this.sourceConfigs.add(it.next().getConfig());
                }
            }
            getAuthenticationRecaptcha();
            this.authenticationMode = configuration.getAuthenticationMode();
            this.oxTrustAuthenticationMode = configuration.getOxTrustAuthenticationMode();
            this.initialized = true;
            return "success";
        } catch (Exception e) {
            this.log.error("Failed to load configuration configuration", e);
            return "failure";
        }
    }

    public String save() throws IOException {
        try {
            GluuConfiguration configuration = this.configurationService.getConfiguration();
            boolean z = false;
            boolean z2 = false;
            String firstConfigName = getFirstConfigName(configuration.getOxIDPAuthentication());
            if (firstConfigName != null) {
                if (firstConfigName.equals(this.authenticationMode)) {
                    z = true;
                }
                if (firstConfigName.equals(this.oxTrustAuthenticationMode)) {
                    z2 = true;
                }
            }
            updateAuthConf(configuration);
            String firstConfigName2 = getFirstConfigName(configuration.getOxIDPAuthentication());
            String str = z ? firstConfigName2 : this.authenticationMode;
            String str2 = z2 ? firstConfigName2 : this.oxTrustAuthenticationMode;
            configuration.setAuthenticationMode(str);
            configuration.setOxTrustAuthenticationMode(str2);
            setAuthenticationRecaptcha();
            configuration.setPassportEnabled(this.passportEnable.booleanValue());
            this.configurationService.updateConfiguration(configuration);
            reset();
            this.facesMessages.add(FacesMessage.SEVERITY_INFO, this.facesMessages.evalResourceAsString("#{msg['configuration.manageAuthentication.updateSucceed']}"));
            this.conversationService.endConversation();
            return "success";
        } catch (BasePersistenceException e) {
            this.log.error("Failed to update configuration configuration", e);
            this.facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to update configuration");
            return "failure";
        }
    }

    private String getFirstConfigName(List<OxIDPAuthConf> list) {
        if (list == null || list.isEmpty()) {
            return null;
        }
        return list.get(0).getName();
    }

    private void reset() {
        this.customAuthenticationConfigNames = null;
    }

    public String cancel() {
        this.facesMessages.add(FacesMessage.SEVERITY_INFO, this.facesMessages.evalResourceAsString("#{msg['configuration.manageAuthentication.updateFailed']}"));
        this.conversationService.endConversation();
        return "success";
    }

    public boolean updateAuthConf(GluuConfiguration gluuConfiguration) {
        try {
            ArrayList arrayList = new ArrayList();
            for (GluuLdapConfiguration gluuLdapConfiguration : this.sourceConfigs) {
                if (gluuLdapConfiguration.isUseAnonymousBind()) {
                    gluuLdapConfiguration.setBindDN((String) null);
                }
                OxIDPAuthConf oxIDPAuthConf = new OxIDPAuthConf();
                gluuLdapConfiguration.updateStringsLists();
                oxIDPAuthConf.setType("auth");
                oxIDPAuthConf.setVersion(oxIDPAuthConf.getVersion() + 1);
                oxIDPAuthConf.setName(gluuLdapConfiguration.getConfigId());
                oxIDPAuthConf.setEnabled(gluuLdapConfiguration.isEnabled());
                oxIDPAuthConf.setConfig(gluuLdapConfiguration);
                arrayList.add(oxIDPAuthConf);
            }
            gluuConfiguration.setOxIDPAuthentication(arrayList);
            return true;
        } catch (Exception e) {
            this.log.error("An Error occured ", e);
            return false;
        }
    }

    public List<String> getPersonAuthenticationConfigurationNames() {
        if (this.customAuthenticationConfigNames == null) {
            this.customAuthenticationConfigNames = new ArrayList();
            for (CustomScript customScript : this.customScripts) {
                if (customScript.isEnabled() && !StringHelper.isEmpty(customScript.getName())) {
                    this.customAuthenticationConfigNames.add(customScript.getName());
                }
            }
            boolean z = true;
            for (GluuLdapConfiguration gluuLdapConfiguration : this.sourceConfigs) {
                if (gluuLdapConfiguration != null && StringHelper.isNotEmpty(gluuLdapConfiguration.getConfigId()) && gluuLdapConfiguration.isEnabled()) {
                    this.customAuthenticationConfigNames.add(gluuLdapConfiguration.getConfigId());
                    z = false;
                }
            }
            if (z) {
                this.customAuthenticationConfigNames.add(SIMPLE_PASSWORD_AUTH);
            }
            if (shouldEnableSimplePasswordAuth() && !this.customAuthenticationConfigNames.contains(SIMPLE_PASSWORD_AUTH)) {
                this.customAuthenticationConfigNames.add(SIMPLE_PASSWORD_AUTH);
            }
        }
        return this.customAuthenticationConfigNames;
    }

    public String testLdapConnection(GluuLdapConfiguration gluuLdapConfiguration) {
        LdapConnectionProvider ldapConnectionProvider;
        try {
            Properties properties = new Properties();
            properties.setProperty("bindDN", gluuLdapConfiguration.getBindDN());
            properties.setProperty("bindPassword", gluuLdapConfiguration.getBindPassword());
            properties.setProperty("servers", buildServersString(gluuLdapConfiguration.getServers()));
            properties.setProperty("useSSL", Boolean.toString(gluuLdapConfiguration.isUseSSL()));
            Properties decryptProperties = PropertiesDecrypter.decryptProperties(properties, this.configurationFactory.getCryptoConfigurationSalt());
            this.log.trace("Attempting to create LDAP connection with properties: {}", decryptProperties);
            ldapConnectionProvider = new LdapConnectionProvider(decryptProperties);
        } catch (Exception e) {
            this.log.error("Could not connect to LDAP", e);
        }
        if (ldapConnectionProvider.isConnected()) {
            ldapConnectionProvider.closeConnectionPool();
            this.facesMessages.add(FacesMessage.SEVERITY_INFO, this.facesMessages.evalResourceAsString("#{msg['configuration.manageAuthentication.ldap.testSucceed']}"));
            return "success";
        }
        if (ldapConnectionProvider.getConnectionPool() != null) {
            ldapConnectionProvider.closeConnectionPool();
        }
        this.facesMessages.add(FacesMessage.SEVERITY_ERROR, this.facesMessages.evalResourceAsString("#{msg['configuration.manageAuthentication.ldap.testFailed']}"));
        return "failure";
    }

    private String buildServersString(List<SimpleProperty> list) {
        StringBuilder sb = new StringBuilder();
        if (list == null) {
            return sb.toString();
        }
        boolean z = true;
        for (SimpleProperty simpleProperty : list) {
            if (z) {
                z = false;
            } else {
                sb.append(",");
            }
            sb.append(simpleProperty.getValue());
        }
        return sb.toString();
    }

    public void updateLdapBindPassword(GluuLdapConfiguration gluuLdapConfiguration) {
        this.log.info("hello setting passoword" + gluuLdapConfiguration.getPrimaryKey());
    }

    public String updateLdapBindPassword(String str) {
        try {
            return this.encryptionService.encrypt(str);
        } catch (StringEncrypter.EncryptionException e) {
            this.log.error("Failed to encrypt LDAP bind password", e);
            return null;
        }
    }

    public boolean isExistLdapConfigIdpAuthConf() {
        return this.existLdapConfigIdpAuthConf;
    }

    public void addItemToSimpleProperties(List<SimpleProperty> list) {
        if (list != null) {
            list.add(new SimpleProperty(""));
        }
    }

    public void removeItemFromSimpleProperties(List<SimpleProperty> list, SimpleProperty simpleProperty) {
        if (list != null) {
            list.remove(simpleProperty);
        }
    }

    public String getAuthenticationMode() {
        return this.authenticationMode;
    }

    public void setAuthenticationMode(String str) {
        this.authenticationMode = str;
    }

    public String getOxTrustAuthenticationMode() {
        return this.oxTrustAuthenticationMode;
    }

    public void setOxTrustAuthenticationMode(String str) {
        this.oxTrustAuthenticationMode = str;
    }

    public boolean isInitialized() {
        return this.initialized;
    }

    public String getId(Object obj) {
        return "c" + System.identityHashCode(obj) + "Id";
    }

    public void addStrategy() {
    }

    public void addField(PassportConfiguration passportConfiguration) {
    }

    public Boolean getPassportEnable() {
        return this.passportEnable;
    }

    public void setPassportEnable(Boolean bool) {
        this.passportEnable = bool;
    }

    private List<OxIDPAuthConf> getIDPAuthConfOrNull(GluuConfiguration gluuConfiguration) {
        List<OxIDPAuthConf> oxIDPAuthentication = gluuConfiguration.getOxIDPAuthentication();
        ArrayList arrayList = new ArrayList();
        if (oxIDPAuthentication != null) {
            for (OxIDPAuthConf oxIDPAuthConf : oxIDPAuthentication) {
                if (oxIDPAuthConf.getType().equalsIgnoreCase("auth")) {
                    arrayList.add(oxIDPAuthConf);
                }
            }
        }
        return arrayList;
    }

    public List<GluuLdapConfiguration> getSourceConfigs() {
        return this.sourceConfigs;
    }

    public void setSourceConfigs(List<GluuLdapConfiguration> list) {
        this.sourceConfigs = list;
    }

    public void addSourceConfig() {
        addLdapConfig(getSourceConfigs());
    }

    public void addLdapConfig(List<GluuLdapConfiguration> list) {
        GluuLdapConfiguration gluuLdapConfiguration = new GluuLdapConfiguration();
        gluuLdapConfiguration.setBindPassword("");
        list.add(gluuLdapConfiguration);
    }

    public void removeLdapConfig(List<GluuLdapConfiguration> list, GluuLdapConfiguration gluuLdapConfiguration) {
        Iterator<GluuLdapConfiguration> it = list.iterator();
        while (it.hasNext()) {
            if (System.identityHashCode(gluuLdapConfiguration) == System.identityHashCode(it.next())) {
                it.remove();
                return;
            }
        }
    }

    public GluuLdapConfiguration getActiveLdapConfig() {
        return this.activeLdapConfig;
    }

    public void updateBindPassword() {
        if (this.activeLdapConfig == null) {
            return;
        }
        try {
            this.activeLdapConfig.setBindPassword(this.encryptionService.encrypt(this.activeLdapConfig.getBindPassword()));
        } catch (StringEncrypter.EncryptionException e) {
            this.log.error("Failed to encrypt password", e);
        }
    }

    public void setActiveLdapConfig(GluuLdapConfiguration gluuLdapConfiguration) {
        this.activeLdapConfig = gluuLdapConfiguration;
    }

    public void addItemToSimpleCustomProperties(List<SimpleCustomProperty> list) {
        list.add(new SimpleExtendedCustomProperty("", ""));
    }

    public void removeItemFromSimpleCustomProperties(List<SimpleCustomProperty> list, SimpleCustomProperty simpleCustomProperty) {
        if (list != null) {
            list.remove(simpleCustomProperty);
        }
    }

    public void removeStrategy(PassportConfiguration passportConfiguration) {
    }

    public String getRecaptchaSiteKey() {
        return this.recaptchaSiteKey;
    }

    public void setRecaptchaSiteKey(String str) {
        this.recaptchaSiteKey = str;
    }

    public String getRecaptchaSecretKey() {
        return this.recaptchaSecretKey;
    }

    public void setRecaptchaSecretKey(String str) {
        this.recaptchaSecretKey = str;
    }

    private void setAuthenticationRecaptcha() {
        this.oxTrustappConfiguration = this.jsonConfigurationService.getOxTrustappConfiguration();
        this.oxTrustappConfiguration.setRecaptchaSecretKey(this.recaptchaSecretKey);
        this.oxTrustappConfiguration.setRecaptchaSiteKey(this.recaptchaSiteKey);
        this.oxTrustappConfiguration.setAuthenticationRecaptchaEnabled(!this.authenticationRecaptchaEnabled);
        this.jsonConfigurationService.saveOxTrustappConfiguration(this.oxTrustappConfiguration);
    }

    private void getAuthenticationRecaptcha() {
        this.oxTrustappConfiguration = this.jsonConfigurationService.getOxTrustappConfiguration();
        this.recaptchaSecretKey = this.oxTrustappConfiguration.getRecaptchaSecretKey();
        this.recaptchaSiteKey = this.oxTrustappConfiguration.getRecaptchaSiteKey();
        this.authenticationRecaptchaEnabled = !this.oxTrustappConfiguration.isAuthenticationRecaptchaEnabled();
    }

    private boolean shouldEnableSimplePasswordAuth() {
        return !this.sourceConfigs.stream().anyMatch(gluuLdapConfiguration -> {
            return gluuLdapConfiguration.isEnabled();
        });
    }

    public AppConfiguration getOxTrustappConfiguration() {
        return this.oxTrustappConfiguration;
    }

    public void setOxTrustappConfiguration(AppConfiguration appConfiguration) {
        this.oxTrustappConfiguration = appConfiguration;
    }
}
