package io.gravitee.am.service.validators;

import io.gravitee.am.model.PasswordSettings;
import io.gravitee.am.service.exception.InvalidPasswordException;
import java.util.regex.Pattern;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:io/gravitee/am/service/validators/PasswordValidator.class */
public class PasswordValidator {
    public static final int PASSWORD_MAX_LENGTH = 64;
    private static final Pattern SPECIAL_CHARACTER_PATTERN = Pattern.compile("[^a-zA-Z0-9]");
    private static final Pattern NUMBER_PATTERN = Pattern.compile("[0-9]");
    private final Pattern defaultPasswordPattern;

    @Autowired
    public PasswordValidator(@Value("${user.password.policy.pattern:^(?:(?=.*\\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))(?!.*(.)\\1{2,})[A-Za-z0-9!~<>,;:_\\-=?*+#.\"'&§`£€%°()\\\\\\|\\[\\]\\-\\$\\^\\@\\/]{8,32}$}") String str) {
        this.defaultPasswordPattern = Pattern.compile(str);
    }

    public void validate(String str, PasswordSettings passwordSettings) {
        if (passwordSettings == null) {
            validate(str);
            return;
        }
        if (str.length() > 64) {
            throw InvalidPasswordException.of("invalid password maximum length", "invalid_password_value");
        }
        if (passwordSettings.getMinLength() != null && str.length() < passwordSettings.getMinLength().intValue()) {
            throw InvalidPasswordException.of("invalid password minimum length", "invalid_password_value");
        }
        if (Boolean.TRUE.equals(passwordSettings.isIncludeNumbers()) && !NUMBER_PATTERN.matcher(str).find()) {
            throw InvalidPasswordException.of("password must contains numbers", "invalid_password_value");
        }
        if (Boolean.TRUE.equals(passwordSettings.isIncludeSpecialCharacters()) && !SPECIAL_CHARACTER_PATTERN.matcher(str).find()) {
            throw InvalidPasswordException.of("password must contains special characters", "invalid_password_value");
        }
        if (Boolean.TRUE.equals(passwordSettings.getLettersInMixedCase()) && (str.chars().noneMatch(Character::isUpperCase) || str.chars().noneMatch(Character::isLowerCase))) {
            throw InvalidPasswordException.of("password must contains letters in mixed case", "invalid_password_value");
        }
        Integer maxConsecutiveLetters = passwordSettings.getMaxConsecutiveLetters();
        if (maxConsecutiveLetters != null && maxConsecutiveLetters.intValue() > 0 && isOverMaxConsecutiveLetters(str, maxConsecutiveLetters.intValue())) {
            throw InvalidPasswordException.of("invalid max consecutive letters", "invalid_password_value");
        }
    }

    public boolean isValid(String str, PasswordSettings passwordSettings) {
        if (passwordSettings == null) {
            return isValid(str);
        }
        try {
            validate(str, passwordSettings);
            return true;
        } catch (InvalidPasswordException e) {
            return false;
        }
    }

    public boolean isValid(String str) {
        return str.length() <= 64 && this.defaultPasswordPattern.matcher(str).matches();
    }

    public void validate(String str) {
        if (!isValid(str)) {
            throw InvalidPasswordException.of("Field [password] is invalid", "invalid_password_value");
        }
    }

    private static boolean isOverMaxConsecutiveLetters(String str, int i) {
        int length = str.length();
        for (int i2 = 0; i2 < length; i2++) {
            int i3 = 1;
            for (int i4 = i2 + 1; i4 < length && str.charAt(i2) == str.charAt(i4); i4++) {
                i3++;
            }
            if (i3 > i) {
                return true;
            }
        }
        return false;
    }
}
