package fish.focus.uvms.usm.administration.service.policy.impl;

import fish.focus.uvms.usm.administration.domain.ChangePassword;
import fish.focus.uvms.usm.administration.domain.PolicyDefinition;
import fish.focus.uvms.usm.administration.domain.ServiceRequest;
import fish.focus.uvms.usm.administration.service.PasswordDigester;
import fish.focus.uvms.usm.administration.service.policy.DefinitionService;
import fish.focus.uvms.usm.administration.service.policy.PasswordPolicyEnforcer;
import fish.focus.uvms.usm.administration.service.user.impl.ManageUserValidator;
import fish.focus.uvms.usm.administration.service.user.impl.UserJpaDao;
import fish.focus.uvms.usm.information.entity.PasswordHistEntity;
import fish.focus.uvms.usm.information.entity.UserEntity;
import java.util.Calendar;
import java.util.Date;
import java.util.List;
import java.util.Properties;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import javax.ejb.TransactionAttribute;
import javax.ejb.TransactionAttributeType;
import javax.inject.Inject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@TransactionAttribute(TransactionAttributeType.SUPPORTS)
@Stateless
/* loaded from: input_file:fish/focus/uvms/usm/administration/service/policy/impl/PasswordPolicyEnforcerBean.class */
public class PasswordPolicyEnforcerBean implements PasswordPolicyEnforcer {
    private static final Logger LOGGER = LoggerFactory.getLogger(PasswordPolicyEnforcerBean.class);
    private static final String PASSWORD_SUBJECT = "Password";
    private static final String MIN_HISTORY = "password.minHistory";
    private static final String MIN_LENGTH = "password.minLength";
    private static final String MIN_DIGITS = "password.minDigits";
    private static final String MIN_SPECIAL = "password.minSpecial";
    private static final String MIX_UPPER_LOWER_CASE = "password.mixUpperLowerCase";
    private static final String MAX_VALIDITY = "password.maxValidity";
    private static final String MUST_CONTAIN = "Password must contain at least ";
    private static final String USED_RECENTLY = "Password used too recently";

    @EJB
    DefinitionService definitionService;

    @Inject
    private UserJpaDao userDao;

    @Inject
    private PasswordDigester digester;

    @Inject
    private ManageUserValidator validator;

    @Override // fish.focus.uvms.usm.administration.service.policy.PasswordPolicyEnforcer
    public Date assertValid(ServiceRequest<ChangePassword> serviceRequest) throws IllegalArgumentException, RuntimeException {
        LOGGER.debug("assertValid(" + serviceRequest + ") - (ENTER)");
        this.validator.assertValidChangePassword(serviceRequest, null);
        Date date = null;
        PolicyDefinition definition = this.definitionService.getDefinition(PASSWORD_SUBJECT);
        if (definition != null) {
            Properties properties = definition.getProperties();
            String newPassword = serviceRequest.getBody().getNewPassword();
            checkLength(properties, newPassword);
            checkDigits(properties, newPassword);
            checkSpecial(properties, newPassword);
            checkMixUpperLowerCase(properties, newPassword);
            checkHistory(properties, serviceRequest.getBody());
            date = checkValidity(properties);
        }
        LOGGER.debug("assertValid() - (LEAVE): " + date);
        return date;
    }

    private void checkHistory(Properties properties, ChangePassword changePassword) {
        int i = getInt(properties, MIN_HISTORY, 0);
        LOGGER.debug("password.minHistory: " + i);
        if (i != 0) {
            String hashPassword = this.digester.hashPassword(changePassword.getNewPassword());
            UserEntity read = this.userDao.read(changePassword.getUserName());
            if (read != null && hashPassword.equals(read.getPassword())) {
                throw new IllegalArgumentException(USED_RECENTLY);
            }
            int i2 = i - 1;
            List<PasswordHistEntity> passwordHistory = this.userDao.getPasswordHistory(changePassword.getUserName());
            if (passwordHistory == null || passwordHistory.isEmpty()) {
                return;
            }
            for (int i3 = 0; i3 < i2 && i3 < passwordHistory.size(); i3++) {
                if (hashPassword.equals(passwordHistory.get(i3).getPassword())) {
                    throw new IllegalArgumentException(USED_RECENTLY);
                }
            }
        }
    }

    private Date checkValidity(Properties properties) {
        int i = getInt(properties, MAX_VALIDITY, 0);
        LOGGER.debug("password.maxValidity: " + i);
        Date date = null;
        if (i != 0) {
            Calendar calendar = Calendar.getInstance();
            calendar.add(6, i);
            date = calendar.getTime();
        }
        return date;
    }

    private void checkLength(Properties properties, String str) {
        int i = getInt(properties, MIN_LENGTH, 0);
        LOGGER.debug("password.minLength: " + i);
        if (i != 0 && str.length() < i) {
            throw new IllegalArgumentException("Password must contain at least " + i + " characters");
        }
    }

    private void checkDigits(Properties properties, String str) {
        int i = getInt(properties, MIN_DIGITS, 0);
        LOGGER.debug("password.minDigits: " + i);
        if (i != 0) {
            int i2 = 0;
            for (int i3 = 0; i3 < str.length(); i3++) {
                if (Character.isDigit(str.charAt(i3))) {
                    i2++;
                }
            }
            if (i2 < i) {
                throw new IllegalArgumentException("Password must contain at least " + i + " digits");
            }
        }
    }

    private void checkSpecial(Properties properties, String str) {
        int i = getInt(properties, MIN_SPECIAL, 0);
        LOGGER.debug("password.minSpecial: " + i);
        if (i != 0) {
            int i2 = 0;
            for (int i3 = 0; i3 < str.length(); i3++) {
                if (!Character.isLetterOrDigit(str.charAt(i3))) {
                    i2++;
                }
            }
            if (i2 < i) {
                throw new IllegalArgumentException("Password must contain at least " + i + " special characters");
            }
        }
    }

    private void checkMixUpperLowerCase(Properties properties, String str) {
        boolean z = getBoolean(properties, MIX_UPPER_LOWER_CASE, false);
        LOGGER.debug("password.mixUpperLowerCase: " + z);
        if (z) {
            int i = 0;
            int i2 = 0;
            for (int i3 = 0; i3 < str.length(); i3++) {
                char charAt = str.charAt(i3);
                if (Character.isLetter(charAt)) {
                    if (Character.isUpperCase(charAt)) {
                        i++;
                    } else {
                        i2++;
                    }
                }
            }
            if (i < 1 || i2 < 1) {
                throw new IllegalArgumentException("Password must contain at least one uppercase and one lowercase characters");
            }
        }
    }

    private int getInt(Properties properties, String str, int i) {
        String property;
        int i2 = i;
        if (properties != null && (property = properties.getProperty(str)) != null) {
            try {
                i2 = Integer.parseInt(property);
            } catch (Exception e) {
                LOGGER.warn("Property value for '" + str + "' is not an integer number. Using default value: " + i);
            }
        }
        return i2;
    }

    private boolean getBoolean(Properties properties, String str, boolean z) {
        String property;
        boolean z2 = z;
        if (properties != null && (property = properties.getProperty(str)) != null) {
            try {
                z2 = Boolean.parseBoolean(property);
            } catch (Exception e) {
                LOGGER.warn("Property value for '" + str + "' is not boolean. Using default value: " + z);
            }
        }
        return z2;
    }

    @Override // fish.focus.uvms.usm.administration.service.policy.PasswordPolicyEnforcer
    public String getPasswordPolicy() {
        StringBuilder sb = new StringBuilder();
        PolicyDefinition definition = this.definitionService.getDefinition(PASSWORD_SUBJECT);
        sb.append(MUST_CONTAIN).append(getInt(definition.getProperties(), MIN_LENGTH, 0)).append(" characters").append(", ").append(getInt(definition.getProperties(), MIN_DIGITS, 0)).append(" digits").append(", ").append(getInt(definition.getProperties(), MIN_SPECIAL, 0)).append(" special characters");
        if (getBoolean(definition.getProperties(), MIX_UPPER_LOWER_CASE, false)) {
            sb.append(", ").append("1 upper and 1 lower case characters");
        }
        return sb.toString();
    }
}
