package org.xdi.oxauth.auth;

import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.enterprise.context.RequestScoped;
import javax.faces.application.FacesMessage;
import javax.faces.context.ExternalContext;
import javax.faces.context.FacesContext;
import javax.inject.Inject;
import javax.inject.Named;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.codehaus.jettison.json.JSONException;
import org.gluu.jsf2.message.FacesMessages;
import org.gluu.jsf2.service.FacesService;
import org.slf4j.Logger;
import org.xdi.model.AuthenticationScriptUsageType;
import org.xdi.model.custom.script.conf.CustomScriptConfiguration;
import org.xdi.model.security.Credentials;
import org.xdi.oxauth.i18n.LanguageBean;
import org.xdi.oxauth.model.common.SessionId;
import org.xdi.oxauth.model.common.SessionIdState;
import org.xdi.oxauth.model.common.User;
import org.xdi.oxauth.model.config.Constants;
import org.xdi.oxauth.model.configuration.AppConfiguration;
import org.xdi.oxauth.model.registration.Client;
import org.xdi.oxauth.model.util.Util;
import org.xdi.oxauth.security.Identity;
import org.xdi.oxauth.service.AuthenticationService;
import org.xdi.oxauth.service.ClientService;
import org.xdi.oxauth.service.RequestParameterService;
import org.xdi.oxauth.service.SessionIdService;
import org.xdi.oxauth.service.external.ExternalAuthenticationService;
import org.xdi.util.Pair;
import org.xdi.util.StringHelper;

@RequestScoped
@Named
/* loaded from: input_file:org/xdi/oxauth/auth/Authenticator.class */
public class Authenticator {
    private static final String INVALID_SESSION_MESSAGE = "login.errorSessionInvalidMessage";
    private static final String AUTH_EXTERNAL_ATTRIBUTES = "auth_external_attributes";

    @Inject
    private Logger logger;

    @Inject
    private Identity identity;

    @Inject
    private Credentials credentials;

    @Inject
    private ClientService clientService;

    @Inject
    private SessionIdService sessionIdService;

    @Inject
    private AuthenticationService authenticationService;

    @Inject
    private ExternalAuthenticationService externalAuthenticationService;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private FacesContext facesContext;

    @Inject
    private ExternalContext externalContext;

    @Inject
    private FacesService facesService;

    @Inject
    private FacesMessages facesMessages;

    @Inject
    private LanguageBean languageBean;

    @Inject
    private RequestParameterService requestParameterService;
    private String authAcr;
    private Integer authStep;
    private boolean addedErrorMessage;

    public boolean authenticate() {
        if (authenticateImpl((HttpServletRequest) this.facesContext.getExternalContext().getRequest(), true, false)) {
            return true;
        }
        return authenticationFailed();
    }

    public String authenticateWithOutcome() {
        if (authenticateImpl((HttpServletRequest) this.facesContext.getExternalContext().getRequest(), true, false)) {
            return Constants.RESULT_SUCCESS;
        }
        addMessage(FacesMessage.SEVERITY_ERROR, "login.failedToAuthenticate");
        return Constants.RESULT_FAILURE;
    }

    public boolean authenticateWebService(HttpServletRequest httpServletRequest, boolean z) {
        return authenticateImpl(httpServletRequest, false, z);
    }

    public boolean authenticateWebService(HttpServletRequest httpServletRequest) {
        return authenticateImpl(httpServletRequest, false, false);
    }

    public boolean authenticateImpl(HttpServletRequest httpServletRequest, boolean z, boolean z2) {
        boolean z3 = false;
        try {
            this.logger.trace("Authenticating ... (interactive: " + z + ", skipPassword: " + z2 + ", credentials.username: " + this.credentials.getUsername() + ")");
            z3 = (StringHelper.isNotEmpty(this.credentials.getUsername()) && (z2 || StringHelper.isNotEmpty(this.credentials.getPassword())) && httpServletRequest != null && httpServletRequest.getRequestURI().endsWith("/token")) ? clientAuthentication(this.credentials, z, z2) : z ? userAuthenticationInteractive() : userAuthenticationService();
        } catch (Exception e) {
            this.logger.error(e.getMessage(), e);
        }
        if (z3) {
            this.logger.trace("Authentication successfully for '{}'", this.credentials.getUsername());
            return true;
        }
        this.logger.info("Authentication failed for '{}'", this.credentials.getUsername());
        return false;
    }

    public boolean clientAuthentication(Credentials credentials, boolean z, boolean z2) {
        if (!z && this.externalAuthenticationService.isEnabled(AuthenticationScriptUsageType.SERVICE)) {
            CustomScriptConfiguration determineCustomScriptConfiguration = this.externalAuthenticationService.determineCustomScriptConfiguration(AuthenticationScriptUsageType.SERVICE, 1, this.authAcr);
            if (determineCustomScriptConfiguration == null) {
                this.logger.error("Failed to get CustomScriptConfiguration. acr: '{}'", this.authAcr);
            } else {
                this.authAcr = determineCustomScriptConfiguration.getCustomScript().getName();
                boolean executeExternalAuthenticate = this.externalAuthenticationService.executeExternalAuthenticate(determineCustomScriptConfiguration, null, 1);
                this.logger.info("Authentication result for user '{}', result: '{}'", credentials.getUsername(), Boolean.valueOf(executeExternalAuthenticate));
                if (executeExternalAuthenticate) {
                    showClientAuthenticationLog(this.authenticationService.configureSessionClient());
                    return true;
                }
            }
        }
        boolean z3 = z2;
        if (!z3) {
            z3 = this.clientService.authenticate(credentials.getUsername(), credentials.getPassword());
        }
        if (!z3) {
            return false;
        }
        showClientAuthenticationLog(this.authenticationService.configureSessionClient());
        return true;
    }

    private void showClientAuthenticationLog(Client client) {
        StringBuilder sb = new StringBuilder("Authentication success for Client");
        if (StringHelper.toBoolean(this.appConfiguration.getLogClientIdOnClientAuthentication(), false) || StringHelper.toBoolean(this.appConfiguration.getLogClientNameOnClientAuthentication(), false)) {
            sb.append(":");
            if (this.appConfiguration.getLogClientIdOnClientAuthentication().booleanValue()) {
                sb.append(" ").append("'").append(client.getClientId()).append("'");
            }
            if (this.appConfiguration.getLogClientNameOnClientAuthentication().booleanValue()) {
                sb.append(" ").append("('").append(client.getClientName()).append("')");
            }
        }
        this.logger.info(sb.toString());
    }

    private boolean userAuthenticationInteractive() {
        SessionId sessionId = this.sessionIdService.getSessionId();
        Map<String, String> sessionAttributes = this.sessionIdService.getSessionAttributes(sessionId);
        if (sessionAttributes == null) {
            this.logger.error("Failed to get session attributes");
            authenticationFailedSessionInvalid();
            return false;
        }
        this.identity.setSessionId(sessionId);
        initCustomAuthenticatorVariables(sessionAttributes);
        if (!this.externalAuthenticationService.isEnabled(AuthenticationScriptUsageType.INTERACTIVE) || StringHelper.isEmpty(this.authAcr)) {
            if (!StringHelper.isNotEmpty(this.credentials.getUsername())) {
                return false;
            }
            if (this.authenticationService.authenticate(this.credentials.getUsername(), this.credentials.getPassword())) {
                SessionId configureSessionUser = this.authenticationService.configureSessionUser(sessionId, sessionAttributes);
                this.logger.debug("Sending event to trigger user redirection: '{}'", this.credentials.getUsername());
                this.authenticationService.onSuccessfulLogin(configureSessionUser);
            } else {
                this.sessionIdService.updateSessionId(sessionId);
            }
            this.logger.info("Authentication success for User: '{}'", this.credentials.getUsername());
            return true;
        }
        initCustomAuthenticatorVariables(sessionAttributes);
        if (this.authStep == null || StringHelper.isEmpty(this.authAcr)) {
            this.logger.error("Failed to determine authentication mode");
            authenticationFailedSessionInvalid();
            return false;
        }
        CustomScriptConfiguration customScriptConfiguration = this.externalAuthenticationService.getCustomScriptConfiguration(AuthenticationScriptUsageType.INTERACTIVE, this.authAcr);
        if (customScriptConfiguration == null) {
            this.logger.error("Failed to get CustomScriptConfiguration for acr: '{}', auth_step: '{}'", this.authAcr, this.authStep);
            return false;
        }
        if (!isPassedPreviousAuthSteps(sessionAttributes, this.authStep)) {
            this.logger.error("There are authentication steps not marked as passed. acr: '{}', auth_step: '{}'", this.authAcr, this.authStep);
            return false;
        }
        setIdentityWorkingParameters(sessionAttributes);
        boolean executeExternalAuthenticate = this.externalAuthenticationService.executeExternalAuthenticate(customScriptConfiguration, this.externalContext.getRequestParameterValuesMap(), this.authStep.intValue());
        this.logger.debug("Authentication result for user '{}'. auth_step: '{}', result: '{}', credentials: '{}'", new Object[]{this.credentials.getUsername(), this.authStep, Boolean.valueOf(executeExternalAuthenticate), Integer.valueOf(System.identityHashCode(this.credentials))});
        int i = -1;
        if (this.externalAuthenticationService.executeExternalGetApiVersion(customScriptConfiguration) > 1) {
            this.logger.trace("According to API version script supports steps overriding");
            i = this.externalAuthenticationService.getNextStep(customScriptConfiguration, this.externalContext.getRequestParameterValuesMap(), this.authStep.intValue());
            this.logger.debug("Get next step from script: '{}'", Integer.valueOf(i));
        }
        if (!executeExternalAuthenticate && i == -1) {
            this.sessionIdService.updateSessionId(sessionId);
            return false;
        }
        boolean z = false;
        if (i > -1) {
            z = true;
            this.sessionIdService.resetToStep(this.sessionIdService.getSessionId(), i);
            this.authStep = Integer.valueOf(i);
            this.logger.info("Authentication reset to step : '{}'", this.authStep);
        }
        updateExtraParameters(customScriptConfiguration, this.authStep.intValue() + 1, sessionAttributes);
        int executeExternalGetCountAuthenticationSteps = this.externalAuthenticationService.executeExternalGetCountAuthenticationSteps(customScriptConfiguration);
        SessionId sessionId2 = this.sessionIdService.getSessionId();
        Map<String, String> sessionAttributes2 = this.sessionIdService.getSessionAttributes(sessionId2);
        if (this.authStep.intValue() >= executeExternalGetCountAuthenticationSteps && !z) {
            if (this.authStep.intValue() != executeExternalGetCountAuthenticationSteps) {
                return false;
            }
            SessionId configureSessionUser2 = this.authenticationService.configureSessionUser(sessionId2, sessionAttributes2);
            this.authenticationService.quietLogin(this.credentials.getUsername());
            this.logger.debug("Sending event to trigger user redirection: '{}'", this.credentials.getUsername());
            this.authenticationService.onSuccessfulLogin(configureSessionUser2);
            this.logger.info("Authentication success for User: '{}'", this.credentials.getUsername());
            return true;
        }
        int intValue = z ? i : this.authStep.intValue() + 1;
        String executeExternalGetPageForStep = this.externalAuthenticationService.executeExternalGetPageForStep(customScriptConfiguration, intValue);
        if (StringHelper.isEmpty(executeExternalGetPageForStep) || executeExternalGetPageForStep == null) {
            executeExternalGetPageForStep = "/error.xhtml";
        }
        updateExtraParameters(customScriptConfiguration, intValue, sessionAttributes2);
        if (!z) {
            sessionAttributes2.put("auth_step", Integer.toString(intValue));
            markAuthStepAsPassed(sessionAttributes2, this.authStep);
        }
        if (sessionId2 != null && !updateSession(sessionId2, sessionAttributes2)) {
            return false;
        }
        this.logger.trace("Redirect to page: '{}'", executeExternalGetPageForStep);
        this.facesService.redirectWithExternal(executeExternalGetPageForStep, (Map) null);
        return true;
    }

    private boolean updateSession(SessionId sessionId, Map<String, String> map) {
        sessionId.setSessionAttributes(map);
        if (this.sessionIdService.updateSessionId(sessionId, true, true, true)) {
            return true;
        }
        this.logger.debug("Failed to update session entry: '{}'", sessionId.getId());
        return false;
    }

    private boolean userAuthenticationService() {
        if (this.externalAuthenticationService.isEnabled(AuthenticationScriptUsageType.SERVICE)) {
            CustomScriptConfiguration determineCustomScriptConfiguration = this.externalAuthenticationService.determineCustomScriptConfiguration(AuthenticationScriptUsageType.SERVICE, 1, this.authAcr);
            if (determineCustomScriptConfiguration == null) {
                this.logger.error("Failed to get CustomScriptConfiguration. auth_step: '{}', acr: '{}'", this.authStep, this.authAcr);
            } else {
                this.authAcr = determineCustomScriptConfiguration.getName();
                boolean executeExternalAuthenticate = this.externalAuthenticationService.executeExternalAuthenticate(determineCustomScriptConfiguration, null, 1);
                this.logger.info("Authentication result for '{}'. auth_step: '{}', result: '{}'", new Object[]{this.credentials.getUsername(), this.authStep, Boolean.valueOf(executeExternalAuthenticate)});
                if (executeExternalAuthenticate) {
                    this.authenticationService.configureEventUser();
                    this.logger.info("Authentication success for User: '{}'", this.credentials.getUsername());
                    return true;
                }
                this.logger.info("Authentication failed for User: '{}'", this.credentials.getUsername());
            }
        }
        if (!StringHelper.isNotEmpty(this.credentials.getUsername())) {
            return false;
        }
        if (!this.authenticationService.authenticate(this.credentials.getUsername(), this.credentials.getPassword())) {
            this.logger.info("Authentication failed for User: '{}'", this.credentials.getUsername());
            return false;
        }
        this.authenticationService.configureEventUser();
        this.logger.info("Authentication success for User: '{}'", this.credentials.getUsername());
        return true;
    }

    private void updateExtraParameters(CustomScriptConfiguration customScriptConfiguration, int i, Map<String, String> map) {
        List<String> executeExternalGetExtraParametersForStep = this.externalAuthenticationService.executeExternalGetExtraParametersForStep(customScriptConfiguration, i);
        Map<String, String> externalScriptExtraParameters = getExternalScriptExtraParameters(map);
        if (executeExternalGetExtraParametersForStep != null) {
            for (String str : executeExternalGetExtraParametersForStep) {
                if (this.authenticationService.isParameterExists(str)) {
                    Pair<String, String> parameterValueWithType = this.requestParameterService.getParameterValueWithType(str);
                    String str2 = (String) parameterValueWithType.getFirst();
                    String str3 = (String) parameterValueWithType.getSecond();
                    map.put(str, str2);
                    externalScriptExtraParameters.put(str, str3);
                }
            }
        }
        setExternalScriptExtraParameters(map, externalScriptExtraParameters);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v8, types: [java.util.Map] */
    private Map<String, String> getExternalScriptExtraParameters(Map<String, String> map) {
        String str = map.get(AUTH_EXTERNAL_ATTRIBUTES);
        HashMap hashMap = new HashMap();
        try {
            hashMap = Util.jsonObjectArrayStringAsMap(str);
        } catch (JSONException e) {
            this.logger.error("Failed to convert JSON array of auth_external_attributes to Map<String, String>");
        }
        return hashMap;
    }

    private void setExternalScriptExtraParameters(Map<String, String> map, Map<String, String> map2) {
        String str = null;
        try {
            str = Util.mapAsString(map2);
        } catch (JSONException e) {
            this.logger.error("Failed to convert Map<String, String> of auth_external_attributes to JSON array");
        }
        map.put(AUTH_EXTERNAL_ATTRIBUTES, str);
    }

    private void clearExternalScriptExtraParameters(Map<String, String> map) {
        Iterator<String> it = getExternalScriptExtraParameters(map).keySet().iterator();
        while (it.hasNext()) {
            map.remove(it.next());
        }
        map.remove(AUTH_EXTERNAL_ATTRIBUTES);
    }

    private void setIdentityWorkingParameters(Map<String, String> map) {
        Map<String, String> externalScriptExtraParameters = getExternalScriptExtraParameters(map);
        HashMap workingParameters = this.identity.getWorkingParameters();
        for (Map.Entry<String, String> entry : externalScriptExtraParameters.entrySet()) {
            String key = entry.getKey();
            String value = entry.getValue();
            if (map.containsKey(key)) {
                workingParameters.put(key, this.requestParameterService.getTypedValue(map.get(key), value));
            }
        }
    }

    public String prepareAuthenticationForStep() {
        String prepareAuthenticationForStepImpl = prepareAuthenticationForStepImpl();
        if (!Constants.RESULT_SUCCESS.equals(prepareAuthenticationForStepImpl)) {
            if (Constants.RESULT_FAILURE.equals(prepareAuthenticationForStepImpl)) {
                addMessage(FacesMessage.SEVERITY_ERROR, "login.failedToAuthenticate");
            } else if (Constants.RESULT_NO_PERMISSIONS.equals(prepareAuthenticationForStepImpl)) {
                addMessage(FacesMessage.SEVERITY_ERROR, "login.youDontHavePermission");
            } else if (Constants.RESULT_EXPIRED.equals(prepareAuthenticationForStepImpl)) {
                addMessage(FacesMessage.SEVERITY_ERROR, INVALID_SESSION_MESSAGE);
            }
        }
        return prepareAuthenticationForStepImpl;
    }

    private String prepareAuthenticationForStepImpl() {
        SessionId sessionId = this.sessionIdService.getSessionId();
        Map<String, String> sessionAttributes = this.sessionIdService.getSessionAttributes(sessionId);
        if (sessionAttributes == null) {
            this.logger.error("Failed to get attributes from session");
            return Constants.RESULT_EXPIRED;
        }
        this.identity.setSessionId(sessionId);
        if (!this.externalAuthenticationService.isEnabled(AuthenticationScriptUsageType.INTERACTIVE)) {
            return Constants.RESULT_SUCCESS;
        }
        initCustomAuthenticatorVariables(sessionAttributes);
        if (StringHelper.isEmpty(this.authAcr)) {
            return Constants.RESULT_SUCCESS;
        }
        if (this.authStep == null || this.authStep.intValue() < 1) {
            return Constants.RESULT_NO_PERMISSIONS;
        }
        CustomScriptConfiguration customScriptConfiguration = this.externalAuthenticationService.getCustomScriptConfiguration(AuthenticationScriptUsageType.INTERACTIVE, this.authAcr);
        if (customScriptConfiguration == null) {
            this.logger.error("Failed to get CustomScriptConfiguration. auth_step: '{}', acr: '{}'", this.authStep, this.authAcr);
            return Constants.RESULT_FAILURE;
        }
        String name = customScriptConfiguration.getName();
        CustomScriptConfiguration determineExternalAuthenticatorForWorkflow = this.externalAuthenticationService.determineExternalAuthenticatorForWorkflow(AuthenticationScriptUsageType.INTERACTIVE, customScriptConfiguration);
        if (determineExternalAuthenticatorForWorkflow == null) {
            return Constants.RESULT_FAILURE;
        }
        String name2 = determineExternalAuthenticatorForWorkflow.getName();
        if (StringHelper.equalsIgnoreCase(name, name2)) {
            if (!isPassedPreviousAuthSteps(sessionAttributes, this.authStep)) {
                this.logger.error("There are authentication steps not marked as passed. acr: '{}', auth_step: '{}'", this.authAcr, this.authStep);
                return Constants.RESULT_FAILURE;
            }
            setIdentityWorkingParameters(sessionAttributes);
            Boolean valueOf = Boolean.valueOf(this.externalAuthenticationService.executeExternalPrepareForStep(determineExternalAuthenticatorForWorkflow, this.externalContext.getRequestParameterValuesMap(), this.authStep.intValue()));
            if (valueOf == null || !valueOf.booleanValue()) {
                return Constants.RESULT_FAILURE;
            }
            updateExtraParameters(determineExternalAuthenticatorForWorkflow, this.authStep.intValue(), sessionAttributes);
            return (sessionId == null || updateSession(sessionId, sessionAttributes)) ? Constants.RESULT_SUCCESS : Constants.RESULT_FAILURE;
        }
        String executeExternalGetPageForStep = this.externalAuthenticationService.executeExternalGetPageForStep(determineExternalAuthenticatorForWorkflow, this.authStep.intValue());
        if (StringHelper.isEmpty(executeExternalGetPageForStep)) {
            executeExternalGetPageForStep = "/login.xhtml";
        }
        CustomScriptConfiguration customScriptConfiguration2 = this.externalAuthenticationService.getCustomScriptConfiguration(AuthenticationScriptUsageType.INTERACTIVE, name2);
        if (customScriptConfiguration2 == null) {
            this.logger.error("Failed to get determined CustomScriptConfiguration. auth_step: '{}', acr: '{}'", this.authStep, this.authAcr);
            return Constants.RESULT_FAILURE;
        }
        this.logger.debug("Redirect to page: '{}'. Force to use acr: '{}'", executeExternalGetPageForStep, name2);
        String name3 = customScriptConfiguration2.getName();
        String num = Integer.toString(customScriptConfiguration2.getLevel());
        sessionAttributes.put("acr", name3);
        sessionAttributes.put("auth_level", num);
        sessionAttributes.put("auth_step", Integer.toString(1));
        clearExternalScriptExtraParameters(sessionAttributes);
        if (sessionId != null && !updateSession(sessionId, sessionAttributes)) {
            return Constants.RESULT_EXPIRED;
        }
        this.facesService.redirectWithExternal(executeExternalGetPageForStep, (Map) null);
        return Constants.RESULT_SUCCESS;
    }

    public boolean authenticateBySessionId(String str) {
        if (!StringUtils.isNotBlank(str) || !this.appConfiguration.getSessionIdEnabled().booleanValue()) {
            return false;
        }
        try {
            return authenticateBySessionId(this.sessionIdService.getSessionId(str));
        } catch (Exception e) {
            this.logger.trace(e.getMessage(), e);
            return false;
        }
    }

    public boolean authenticateBySessionId(SessionId sessionId) {
        User userOrRemoveSession;
        if (sessionId == null) {
            return false;
        }
        this.logger.trace("authenticateBySessionId, sessionId = '{}', session = '{}', state= '{}'", new Object[]{sessionId.getId(), sessionId, sessionId.getState()});
        if (SessionIdState.AUTHENTICATED != sessionId.getState() || (userOrRemoveSession = this.authenticationService.getUserOrRemoveSession(sessionId)) == null) {
            return false;
        }
        try {
            this.authenticationService.quietLogin(userOrRemoveSession.getUserId());
            this.authenticationService.configureEventUser(sessionId);
            return true;
        } catch (Exception e) {
            this.logger.trace(e.getMessage(), e);
            return true;
        }
    }

    private void initCustomAuthenticatorVariables(Map<String, String> map) {
        if (map == null) {
            this.logger.error("Failed to restore attributes from session attributes");
        } else {
            this.authStep = StringHelper.toInteger(map.get("auth_step"), (Integer) null);
            this.authAcr = map.get("acr");
        }
    }

    private boolean authenticationFailed() {
        if (this.addedErrorMessage) {
            return false;
        }
        addMessage(FacesMessage.SEVERITY_ERROR, "login.errorMessage");
        return false;
    }

    private void authenticationFailedSessionInvalid() {
        this.addedErrorMessage = true;
        addMessage(FacesMessage.SEVERITY_ERROR, INVALID_SESSION_MESSAGE);
        this.facesService.redirect("/error.xhtml");
    }

    private void markAuthStepAsPassed(Map<String, String> map, Integer num) {
        map.put(String.format("auth_step_passed_%d", num), Boolean.TRUE.toString());
    }

    private boolean isAuthStepPassed(Map<String, String> map, Integer num) {
        String format = String.format("auth_step_passed_%d", num);
        return map.containsKey(format) && Boolean.parseBoolean(map.get(format));
    }

    private boolean isPassedPreviousAuthSteps(Map<String, String> map, Integer num) {
        for (int i = 1; i < num.intValue(); i++) {
            if (!isAuthStepPassed(map, Integer.valueOf(i))) {
                return false;
            }
        }
        return true;
    }

    public void configureSessionClient(Client client) {
        this.authenticationService.configureSessionClient(client);
    }

    public void addMessage(FacesMessage.Severity severity, String str) {
        this.facesMessages.add(severity, this.languageBean.getMessage(str));
    }

    public String getMaskMobilenumber(String str) {
        String replaceAll = str.replaceAll("\\D", "");
        int length = replaceAll.length() - 4;
        return StringUtils.overlay(replaceAll, StringUtils.repeat("*", length - 0), 0, length);
    }
}
