package org.gluu.oxtrust.action;

import java.io.IOException;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import org.codehaus.jackson.JsonGenerationException;
import org.codehaus.jackson.JsonParseException;
import org.codehaus.jackson.map.JsonMappingException;
import org.codehaus.jackson.map.ObjectMapper;
import org.gluu.oxtrust.config.OxTrustConfiguration;
import org.gluu.oxtrust.ldap.service.ApplianceService;
import org.gluu.oxtrust.ldap.service.ImageService;
import org.gluu.oxtrust.ldap.service.OrganizationService;
import org.gluu.oxtrust.model.GluuAppliance;
import org.gluu.oxtrust.model.LdapConfigurationModel;
import org.gluu.oxtrust.model.OxIDPAuthConf;
import org.gluu.oxtrust.model.SimplePropertiesListModel;
import org.gluu.oxtrust.util.OxTrustConstants;
import org.gluu.site.ldap.LDAPConnectionProvider;
import org.gluu.site.ldap.persistence.exception.LdapMappingException;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Logger;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.security.Restrict;
import org.jboss.seam.faces.FacesMessages;
import org.jboss.seam.international.StatusMessage;
import org.jboss.seam.international.StatusMessages;
import org.jboss.seam.log.Log;
import org.xdi.config.oxtrust.ApplicationConfiguration;
import org.xdi.model.SimpleProperty;
import org.xdi.model.custom.script.CustomScriptType;
import org.xdi.model.custom.script.model.CustomScript;
import org.xdi.model.ldap.GluuLdapConfiguration;
import org.xdi.service.custom.script.AbstractCustomScriptService;
import org.xdi.util.StringHelper;
import org.xdi.util.properties.FileConfiguration;
import org.xdi.util.security.PropertiesDecrypter;
import org.xdi.util.security.StringEncrypter;

@Name("managePersonAuthenticationAction")
@Restrict("#{identity.loggedIn}")
@Scope(ScopeType.CONVERSATION)
/* loaded from: input_file:org/gluu/oxtrust/action/ManagePersonAuthenticationAction.class */
public class ManagePersonAuthenticationAction implements SimplePropertiesListModel, LdapConfigurationModel, Serializable {
    private static final long serialVersionUID = -4470460481895022468L;

    @Logger
    private Log log;

    @In
    private StatusMessages statusMessages;

    @In
    private ImageService imageService;

    @In
    private OrganizationService organizationService;

    @In
    private ApplianceService applianceService;

    @In("customScriptService")
    private AbstractCustomScriptService customScriptService;

    @In
    private FacesMessages facesMessages;
    private GluuLdapConfiguration ldapConfig;
    private boolean existLdapConfigIdpAuthConf;
    private List<CustomScript> customScripts;
    private String authenticationMode;
    private String oxTrustAuthenticationMode;
    private List<String> customAuthenticationConfigNames;
    private boolean initialized;

    @In("#{oxTrustConfiguration.applicationConfiguration}")
    private ApplicationConfiguration applicationConfiguration;

    @In("#{oxTrustConfiguration.cryptoConfigurationSalt}")
    private String cryptoConfigurationSalt;

    @Restrict("#{s:hasPermission('configuration', 'access')}")
    public String modify() {
        if (this.initialized) {
            return OxTrustConstants.RESULT_SUCCESS;
        }
        try {
            GluuAppliance appliance = this.applianceService.getAppliance();
            if (appliance == null) {
                return OxTrustConstants.RESULT_FAILURE;
            }
            this.customScripts = this.customScriptService.findCustomScripts(Arrays.asList(CustomScriptType.PERSON_AUTHENTICATION), new String[]{OxTrustConstants.displayName, "oxLevel", OxTrustConstants.gluuStatus});
            List<OxIDPAuthConf> oxIDPAuthentication = appliance.getOxIDPAuthentication();
            if (oxIDPAuthentication != null) {
                Iterator<OxIDPAuthConf> it = oxIDPAuthentication.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    OxIDPAuthConf next = it.next();
                    if (next.getType().equalsIgnoreCase("auth")) {
                        this.ldapConfig = mapLdapConfig(next.getConfig());
                        break;
                    }
                }
            }
            this.existLdapConfigIdpAuthConf = this.ldapConfig != null;
            if (this.ldapConfig == null) {
                this.ldapConfig = new GluuLdapConfiguration();
            }
            this.authenticationMode = appliance.getAuthenticationMode();
            this.oxTrustAuthenticationMode = appliance.getOxTrustAuthenticationMode();
            this.initialized = true;
            return OxTrustConstants.RESULT_SUCCESS;
        } catch (Exception e) {
            this.log.error("Failed to load appliance configuration", e, new Object[0]);
            return OxTrustConstants.RESULT_FAILURE;
        }
    }

    @Restrict("#{s:hasPermission('configuration', 'access')}")
    public String save() {
        try {
            GluuAppliance appliance = this.applianceService.getAppliance();
            this.ldapConfig.updateStringsLists();
            updateAuthConf(appliance);
            appliance.setAuthenticationMode(this.authenticationMode);
            appliance.setOxTrustAuthenticationMode(this.oxTrustAuthenticationMode);
            this.applianceService.updateAppliance(appliance);
            reset();
            return modify();
        } catch (LdapMappingException e) {
            this.log.error("Failed to update appliance configuration", e, new Object[0]);
            this.facesMessages.add(StatusMessage.Severity.ERROR, "Failed to update appliance", new Object[0]);
            return OxTrustConstants.RESULT_FAILURE;
        }
    }

    private void reset() {
        this.customAuthenticationConfigNames = null;
    }

    private GluuLdapConfiguration mapLdapConfig(String str) throws JsonParseException, JsonMappingException, IOException {
        return (GluuLdapConfiguration) jsonToObject(str, GluuLdapConfiguration.class);
    }

    @Restrict("#{s:hasPermission('configuration', 'access')}")
    public void cancel() throws Exception {
    }

    private Object jsonToObject(String str, Class<?> cls) throws JsonParseException, JsonMappingException, IOException {
        return new ObjectMapper().readValue(str, cls);
    }

    private String objectToJson(Object obj) throws JsonGenerationException, JsonMappingException, IOException {
        return new ObjectMapper().writeValueAsString(obj);
    }

    public boolean updateAuthConf(GluuAppliance gluuAppliance) {
        try {
            ArrayList arrayList = new ArrayList();
            if (this.existLdapConfigIdpAuthConf) {
                if (this.ldapConfig.isUseAnonymousBind()) {
                    this.ldapConfig.setBindDN((String) null);
                }
                OxIDPAuthConf oxIDPAuthConf = new OxIDPAuthConf();
                oxIDPAuthConf.setType("auth");
                oxIDPAuthConf.setVersion(oxIDPAuthConf.getVersion() + 1);
                oxIDPAuthConf.setName(this.ldapConfig.getConfigId());
                oxIDPAuthConf.setEnabled(this.ldapConfig.isEnabled());
                oxIDPAuthConf.setConfig(objectToJson(this.ldapConfig));
                arrayList.add(oxIDPAuthConf);
            }
            gluuAppliance.setOxIDPAuthentication(arrayList);
            return true;
        } catch (Exception e) {
            this.log.error("An Error occured ", e, new Object[0]);
            return false;
        }
    }

    public List<String> getPersonAuthenticationConfigurationNames() {
        if (this.customAuthenticationConfigNames == null) {
            this.customAuthenticationConfigNames = new ArrayList();
            for (CustomScript customScript : this.customScripts) {
                if (customScript.isEnabled() && !StringHelper.isEmpty(customScript.getName())) {
                    this.customAuthenticationConfigNames.add(customScript.getName());
                }
            }
            this.customAuthenticationConfigNames.add("internal");
        }
        return this.customAuthenticationConfigNames;
    }

    @Restrict("#{s:hasPermission('configuration', 'access')}")
    public String testLdapConnection() {
        try {
            Properties properties = new FileConfiguration(OxTrustConfiguration.LDAP_PROPERTIES_FILE).getProperties();
            properties.setProperty("bindDN", this.ldapConfig.getBindDN());
            properties.setProperty("bindPassword", this.ldapConfig.getBindPassword());
            properties.setProperty("servers", buildServersString(this.ldapConfig.getServers()));
            properties.setProperty("useSSL", Boolean.toString(this.ldapConfig.isUseSSL()));
            LDAPConnectionProvider lDAPConnectionProvider = new LDAPConnectionProvider(PropertiesDecrypter.decryptProperties(properties, this.cryptoConfigurationSalt));
            if (lDAPConnectionProvider.isConnected()) {
                lDAPConnectionProvider.closeConnectionPool();
                return OxTrustConstants.RESULT_SUCCESS;
            }
            lDAPConnectionProvider.closeConnectionPool();
            return OxTrustConstants.RESULT_FAILURE;
        } catch (Exception e) {
            this.log.error("Could not connect to LDAP", e, new Object[0]);
            return OxTrustConstants.RESULT_FAILURE;
        }
    }

    private String buildServersString(List<SimpleProperty> list) {
        StringBuilder sb = new StringBuilder();
        if (list == null) {
            return sb.toString();
        }
        boolean z = true;
        for (SimpleProperty simpleProperty : list) {
            if (z) {
                z = false;
            } else {
                sb.append(",");
            }
            sb.append(simpleProperty.getValue());
        }
        return sb.toString();
    }

    public void updateLdapBindPassword() {
        String str = null;
        try {
            str = StringEncrypter.defaultInstance().encrypt(this.ldapConfig.getBindPassword(), this.cryptoConfigurationSalt);
        } catch (StringEncrypter.EncryptionException e) {
            this.log.error("Failed to encrypt LDAP bind password", e, new Object[0]);
        }
        this.ldapConfig.setBindPassword(str);
    }

    public boolean isExistLdapConfigIdpAuthConf() {
        return this.existLdapConfigIdpAuthConf;
    }

    public void setExistLdapConfigIdpAuthConf(boolean z) {
        this.existLdapConfigIdpAuthConf = z;
        this.ldapConfig.setEnabled(true);
    }

    public GluuLdapConfiguration getLdapConfig() {
        return this.ldapConfig;
    }

    @Override // org.gluu.oxtrust.model.LdapConfigurationModel
    public void setActiveLdapConfig(GluuLdapConfiguration gluuLdapConfiguration) {
    }

    @Override // org.gluu.oxtrust.model.LdapConfigurationModel
    public void addLdapConfig(List<GluuLdapConfiguration> list) {
    }

    @Override // org.gluu.oxtrust.model.LdapConfigurationModel
    public void removeLdapConfig(List<GluuLdapConfiguration> list, GluuLdapConfiguration gluuLdapConfiguration) {
    }

    @Override // org.gluu.oxtrust.model.SimplePropertiesListModel
    public void addItemToSimpleProperties(List<SimpleProperty> list) {
        if (list != null) {
            list.add(new SimpleProperty(""));
        }
    }

    @Override // org.gluu.oxtrust.model.SimplePropertiesListModel
    public void removeItemFromSimpleProperties(List<SimpleProperty> list, SimpleProperty simpleProperty) {
        if (list != null) {
            list.remove(simpleProperty);
        }
    }

    public String getAuthenticationMode() {
        return this.authenticationMode;
    }

    public void setAuthenticationMode(String str) {
        this.authenticationMode = str;
    }

    public String getOxTrustAuthenticationMode() {
        return this.oxTrustAuthenticationMode;
    }

    public void setOxTrustAuthenticationMode(String str) {
        this.oxTrustAuthenticationMode = str;
    }

    public boolean isInitialized() {
        return this.initialized;
    }
}
