package ovise.handling.security;

import org.apache.log4j.spi.LocationInfo;
import ovise.contract.Contract;
import ovise.handling.security.DefaultPasswordPolicy;
import ovise.handling.security.UserMaintenanceService;
import ovise.technology.environment.SystemCore;

/* loaded from: input_file:ovise/handling/security/SecurityDomain.class */
public class SecurityDomain {
    public static final String MAX_LOGIN_FAILURES = "maxLoginFailures";
    public static final String PASSWORD_ENCRYPTION_ALGORITHM = "passwordEncryptionAlgorithm";
    public static final String PASSWORD_ENCRYPTION_SALT_PATTERN = "passwordEncryptionSaltPattern";
    private LoginHandler loginHandler;
    private byte maxLoginFailures;
    private Class<? extends UserMaintenanceService> userMaintenanceServiceClass;
    private PasswordPolicy passwordPolicy;
    private String passwordEncryptionAlgorithm;
    private byte[] passwordEncryptionSalt;
    private final String ENCODING = "UTF-8";
    public static final String LOGIN_HANDLER = LoginHandler.class.getName();
    public static final String USER_MAINTENANCE_SERVICE = UserMaintenanceService.class.getName();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ovise/handling/security/SecurityDomain$BasicUserMaintenanceService.class */
    public static class BasicUserMaintenanceService extends UserMaintenanceService {
        private BasicUserMaintenanceService() {
        }

        /* synthetic */ BasicUserMaintenanceService(BasicUserMaintenanceService basicUserMaintenanceService) {
            this();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ovise/handling/security/SecurityDomain$Instance.class */
    public static final class Instance {
        static SecurityDomain instance = new SecurityDomain(null);

        private Instance() {
        }
    }

    private SecurityDomain() {
        String sb;
        this.ENCODING = "UTF-8";
        SystemCore instance = SystemCore.instance();
        if (instance.hasProperty(PASSWORD_ENCRYPTION_ALGORITHM)) {
            Object property = instance.getProperty(PASSWORD_ENCRYPTION_ALGORITHM);
            this.passwordEncryptionAlgorithm = property instanceof String ? (String) property : null;
        }
        if (this.passwordEncryptionAlgorithm != null) {
            if (!Encryption.isAlgorithmSupported(this.passwordEncryptionAlgorithm)) {
                Contract.ensure(false, (Object) ("Verschluesselungs-Algorithmus '" + this.passwordEncryptionAlgorithm + "' wird nicht unterstuetzt."));
            }
            if (instance.hasProperty(PASSWORD_ENCRYPTION_SALT_PATTERN)) {
                Object property2 = instance.getProperty(PASSWORD_ENCRYPTION_SALT_PATTERN);
                sb = property2 instanceof String ? (String) property2 : "";
            } else {
                StringBuilder reverse = new StringBuilder(getClass().getName()).reverse();
                int indexOf = reverse.indexOf(".");
                StringBuilder replace = reverse.replace(indexOf, indexOf + 1, LocationInfo.NA);
                int lastIndexOf = replace.lastIndexOf(".");
                StringBuilder replace2 = replace.replace(lastIndexOf, lastIndexOf + 1, "$");
                int indexOf2 = replace2.indexOf(".");
                sb = replace2.replace(indexOf2, indexOf2 + 1, "=").toString();
            }
            if (sb.length() == 0) {
                Contract.ensure(false, (Object) "Salt-Pattern ist erforderlich.");
            }
            this.passwordEncryptionSalt = Encryption.encryptUnsalted(getBytes(sb), "SHA-1");
        }
    }

    public static SecurityDomain instance() {
        return Instance.instance;
    }

    public LoginHandler getLoginHandler() {
        if (this.loginHandler == null) {
            SystemCore instance = SystemCore.instance();
            if (instance.hasProperty(LOGIN_HANDLER)) {
                Object property = instance.getProperty(LOGIN_HANDLER);
                if (property instanceof LoginHandler) {
                    this.loginHandler = (LoginHandler) property;
                } else {
                    try {
                        this.loginHandler = (LoginHandler) (property instanceof Class ? (Class) property : Class.forName((String) property)).newInstance();
                    } catch (Exception e) {
                        Contract.notify(e, "Systemeigenschaft '" + LOGIN_HANDLER + "' definiert keinen gueltigen Login-Handler.");
                    }
                }
            } else {
                this.loginHandler = new DefaultLoginHandler();
            }
        }
        return this.loginHandler;
    }

    public void setLoginHandler(LoginHandler loginHandler) {
        Contract.checkNotNull(loginHandler, "Login-Verarbeiter ist erforderlich.");
        this.loginHandler = loginHandler;
    }

    public byte getMaxLoginFailures() {
        if (this.maxLoginFailures == 0) {
            byte b = 126;
            SystemCore instance = SystemCore.instance();
            if (instance.hasProperty(MAX_LOGIN_FAILURES)) {
                Object property = instance.getProperty(MAX_LOGIN_FAILURES);
                if (property instanceof Number) {
                    b = ((Number) property).byteValue();
                } else {
                    try {
                        b = Byte.parseByte((String) property);
                    } catch (Exception e) {
                        Contract.notify(e, "Systemeigenschaft 'maxLoginFailures' definiert keine gueltige maximal moegliche Anzahl von Login-Fehlversuchen.");
                    }
                }
                Contract.ensure(b > 0, "Systemeigenschaft 'maxLoginFailures' muss maximal moegliche Anzahl von Login-Fehlversuchen >0 definieren.");
            }
            setMaxLoginFailures(b);
        }
        return this.maxLoginFailures;
    }

    public void setMaxLoginFailures(byte b) {
        Contract.check(b > 0, "Anzahl muss >0 sein.");
        this.maxLoginFailures = b < Byte.MAX_VALUE ? b : (byte) (b - 1);
    }

    public UserMaintenanceService getUserMaintenanceService() {
        if (this.userMaintenanceServiceClass == null) {
            SystemCore instance = SystemCore.instance();
            if (instance.hasProperty(USER_MAINTENANCE_SERVICE)) {
                Object property = instance.getProperty(USER_MAINTENANCE_SERVICE);
                if (property instanceof UserMaintenanceService) {
                    this.userMaintenanceServiceClass = ((UserMaintenanceService) property).getClass();
                } else {
                    try {
                        this.userMaintenanceServiceClass = ((UserMaintenanceService) (property instanceof Class ? (Class) property : Class.forName((String) property)).newInstance()).getClass();
                    } catch (Exception e) {
                        Contract.notify(e, "Systemeigenschaft '" + USER_MAINTENANCE_SERVICE + "' definiert keinen gueltigen Benutzer-Pflegedienst.");
                    }
                }
            } else {
                this.userMaintenanceServiceClass = BasicUserMaintenanceService.class;
            }
        }
        if (this.userMaintenanceServiceClass == BasicUserMaintenanceService.class) {
            return new BasicUserMaintenanceService(null);
        }
        try {
            return this.userMaintenanceServiceClass.newInstance();
        } catch (Exception e2) {
            Contract.notify(e2, "Benutzer-Pflegedienst kann nicht erzeugt werden.");
            return null;
        }
    }

    public void setUserMaintenanceService(UserMaintenanceService userMaintenanceService) {
        Contract.checkNotNull(userMaintenanceService, "Benutzer-Pflegedienst ist erforderlich.");
        this.userMaintenanceServiceClass = userMaintenanceService.getClass();
    }

    public PasswordPolicy getPasswordPolicy() {
        Object property;
        if (this.passwordPolicy == null) {
            DefaultPasswordPolicy defaultPasswordPolicy = new DefaultPasswordPolicy();
            SystemCore instance = SystemCore.instance();
            if (instance.hasProperty("passwordPolicyAgreement") && (property = instance.getProperty("passwordPolicyAgreement")) != null) {
                String obj = property.toString();
                if (obj.equals("simple") || obj.equals("i agree to knowingly ignore common standards of password usage") || obj.equals("i am a mollycoddle who wants easy access")) {
                    DefaultPasswordPolicy.Params params = defaultPasswordPolicy.getParams();
                    params.changePasswordTimeout(1537920000000L);
                    params.changeLength(1, 10);
                    params.changeMinDigits(0);
                    params.changeMinLowerLetters(1);
                    params.changeMinUpperLetters(0);
                    params.changeMinSpecials(0);
                    params.changeMinScore(0);
                }
            }
            this.passwordPolicy = defaultPasswordPolicy;
        }
        return this.passwordPolicy;
    }

    public void setPasswordPolicy(PasswordPolicy passwordPolicy) {
        Contract.checkNotNull(passwordPolicy, "Passwort-Richtlinie ist erforderlich.");
        this.passwordPolicy = passwordPolicy;
    }

    public String getPasswordEncryptionAlgorithm() {
        return this.passwordEncryptionAlgorithm;
    }

    public void setPasswordEncryptionAlgorithm(String str) {
        this.passwordEncryptionAlgorithm = str;
    }

    public String encryptPasswordSTU(String str) {
        Contract.check(str != null && str.length() > 0, "Passwort ist erforderlich.");
        return this.passwordEncryptionAlgorithm == null ? str : Encryption.encodeBase64(Encryption.encryptSalted(getBytes(str), this.passwordEncryptionAlgorithm, this.passwordEncryptionSalt));
    }

    public String encryptPasswordLTU(String str) {
        Contract.check(str != null && str.length() > 0, "Passwort ist erforderlich.");
        return this.passwordEncryptionAlgorithm == null ? str : Encryption.encodeBase64(Encryption.encryptRandomSalted(Encryption.encryptSalted(getBytes(str), this.passwordEncryptionAlgorithm, this.passwordEncryptionSalt), this.passwordEncryptionAlgorithm, 20));
    }

    public boolean isSTUEqualLTU(String str, String str2) {
        Contract.check(str != null && str.length() > 0, "Passwort STU ist erforderlich.");
        Contract.check(str2 != null && str2.length() > 0, "Passwort LTU ist erforderlich.");
        return this.passwordEncryptionAlgorithm == null ? str.equals(str2) : Encryption.isNotEncryptedEqualSalted(Encryption.decodeBase64(str), Encryption.decodeBase64(str2), this.passwordEncryptionAlgorithm, 20);
    }

    public boolean getPasswordExpired(String str) throws UserMaintenanceException {
        Contract.checkNotNull(str, "Loginname ist erforderlich.");
        return System.currentTimeMillis() >= getUserMaintenanceService().execute(new UserMaintenanceService.InternalRequest(str, 0)).getUserObject().getPasswordExpirationDate().longValue();
    }

    public void changePassword(String str, String str2, long j) throws UserMaintenanceException {
        Contract.checkNotNull(str, "Loginname ist erforderlich.");
        Contract.check(str2 != null && str2.length() > 0, "Neues Passwort ist erforderlich.");
        UserMaintenanceService userMaintenanceService = getUserMaintenanceService();
        userMaintenanceService.addChangePasswordRequest(str, str2, j, false);
        userMaintenanceService.execute();
    }

    public boolean getUserLocked(String str) throws UserMaintenanceException {
        Contract.checkNotNull(str, "Loginname ist erforderlich.");
        return getUserMaintenanceService().execute(new UserMaintenanceService.InternalRequest(str, 0)).getUserObject().getIsLocked();
    }

    public boolean compliesWithLockCriteria(byte b, byte b2) {
        return b != 0 || b2 > getMaxLoginFailures();
    }

    public UserPrincipal createUserPrincipal(String str, String str2) {
        Contract.checkNotNull(str, "Loginname ist erforderlich.");
        return str2 == null ? new UserPrincipal(str) : new UserPrincipal(str, encryptPasswordSTU(str2).toCharArray());
    }

    public String createPEA() {
        String passwordEncryptionAlgorithm = getPasswordEncryptionAlgorithm();
        if (passwordEncryptionAlgorithm != null) {
            passwordEncryptionAlgorithm = Encryption.encodeBase64(Encryption.encryptRandomSalted(getBytes(passwordEncryptionAlgorithm), "MD5", 2));
        }
        return passwordEncryptionAlgorithm;
    }

    public UserSettings getUserSettings(String str) throws UserMaintenanceException {
        Contract.checkNotNull(str, "Loginname ist erforderlich.");
        UserMaintenanceService.InternalRequest internalRequest = (UserMaintenanceService.InternalRequest) getUserMaintenanceService().execute(new UserMaintenanceService.InternalRequest(str, 8));
        UserSettings userSettings = new UserSettings(str);
        userSettings.fromByteArray(internalRequest.getPrivateSettings());
        return userSettings;
    }

    public void changeUserSettings(UserSettings userSettings) throws UserMaintenanceException {
        Contract.checkNotNull(userSettings, "Einstellungen sind erforderlich.");
        UserMaintenanceService userMaintenanceService = getUserMaintenanceService();
        UserMaintenanceService.InternalRequest internalRequest = new UserMaintenanceService.InternalRequest(userSettings.getLoginName(), 9);
        internalRequest.setPrivateSettings(userSettings.toByteArray());
        userMaintenanceService.execute(internalRequest);
    }

    private byte[] getBytes(String str) {
        try {
            return str.getBytes("UTF-8");
        } catch (Exception e) {
            Contract.check(false, (Object) "Charset 'UTF-8' muss existieren.");
            return null;
        }
    }

    /* synthetic */ SecurityDomain(SecurityDomain securityDomain) {
        this();
    }
}
