package io.gravitee.am.service.impl;

import io.gravitee.am.model.Domain;
import io.gravitee.am.model.PasswordSettings;
import io.gravitee.am.model.User;
import io.gravitee.am.model.oidc.Client;
import io.gravitee.am.password.dictionary.PasswordDictionary;
import io.gravitee.am.service.PasswordService;
import io.gravitee.am.service.validators.password.PasswordSettingsStatus;
import io.gravitee.am.service.validators.password.PasswordValidator;
import io.gravitee.am.service.validators.password.impl.ConsecutiveCharacterPasswordValidator;
import io.gravitee.am.service.validators.password.impl.DictionaryPasswordValidator;
import io.gravitee.am.service.validators.password.impl.IncludeNumbersPasswordValidator;
import io.gravitee.am.service.validators.password.impl.IncludeSpecialCharactersPasswordValidator;
import io.gravitee.am.service.validators.password.impl.MaxLengthPasswordValidator;
import io.gravitee.am.service.validators.password.impl.MinLengthPasswordValidator;
import io.gravitee.am.service.validators.password.impl.MixedCasePasswordValidator;
import io.gravitee.am.service.validators.password.impl.UserProfilePasswordValidator;
import java.util.Calendar;
import java.util.Optional;
import java.util.function.Predicate;
import java.util.stream.Stream;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:io/gravitee/am/service/impl/PasswordServiceImpl.class */
public class PasswordServiceImpl implements PasswordService {
    private final PasswordValidator defaultPasswordValidator;
    private final PasswordDictionary passwordDictionary;

    @Autowired
    public PasswordServiceImpl(@Qualifier("defaultPasswordValidator") PasswordValidator passwordValidator, PasswordDictionary passwordDictionary) {
        this.defaultPasswordValidator = passwordValidator;
        this.passwordDictionary = passwordDictionary;
    }

    @Override // io.gravitee.am.service.PasswordService
    public void validate(String str, PasswordSettings passwordSettings, User user) {
        if (passwordSettings != null) {
            Stream.of((Object[]) new PasswordValidator[]{new MaxLengthPasswordValidator(passwordSettings.getMaxLength()), new MinLengthPasswordValidator(passwordSettings.getMinLength()), new IncludeNumbersPasswordValidator(passwordSettings.isIncludeNumbers()), new IncludeSpecialCharactersPasswordValidator(passwordSettings.isIncludeSpecialCharacters()), new MixedCasePasswordValidator(passwordSettings.getLettersInMixedCase()), new ConsecutiveCharacterPasswordValidator(passwordSettings.getMaxConsecutiveLetters()), new DictionaryPasswordValidator(passwordSettings.isExcludePasswordsInDictionary(), this.passwordDictionary), new UserProfilePasswordValidator(passwordSettings.isExcludeUserProfileInfoInPassword(), user)}).filter(Predicate.not(passwordValidator -> {
                return passwordValidator.validate(str).booleanValue();
            })).findFirst().ifPresent(passwordValidator2 -> {
                throw passwordValidator2.getCause();
            });
        } else if (Boolean.FALSE.equals(this.defaultPasswordValidator.validate(str))) {
            throw this.defaultPasswordValidator.getCause();
        }
    }

    @Override // io.gravitee.am.service.PasswordService
    public PasswordSettingsStatus evaluate(String str, PasswordSettings passwordSettings, User user) {
        PasswordSettingsStatus passwordSettingsStatus = new PasswordSettingsStatus();
        if (str != null && passwordSettings != null) {
            passwordSettingsStatus.setMinLength(new MinLengthPasswordValidator(passwordSettings.getMinLength()).validate(str));
            if (Boolean.TRUE.equals(passwordSettings.isExcludePasswordsInDictionary())) {
                passwordSettingsStatus.setExcludePasswordsInDictionary(new DictionaryPasswordValidator(passwordSettings.isExcludePasswordsInDictionary(), this.passwordDictionary).validate(str));
            }
            if (Boolean.TRUE.equals(passwordSettings.isIncludeNumbers())) {
                passwordSettingsStatus.setIncludeNumbers(new IncludeNumbersPasswordValidator(passwordSettings.isIncludeNumbers()).validate(str));
            }
            if (Boolean.TRUE.equals(passwordSettings.isIncludeSpecialCharacters())) {
                passwordSettingsStatus.setIncludeSpecialCharacters(new IncludeSpecialCharactersPasswordValidator(passwordSettings.isIncludeSpecialCharacters()).validate(str));
            }
            if (Boolean.TRUE.equals(passwordSettings.getLettersInMixedCase())) {
                passwordSettingsStatus.setLettersInMixedCase(new MixedCasePasswordValidator(passwordSettings.getLettersInMixedCase()).validate(str));
            }
            if (passwordSettings.getMaxConsecutiveLetters() != null) {
                passwordSettingsStatus.setMaxConsecutiveLetters(new ConsecutiveCharacterPasswordValidator(passwordSettings.getMaxConsecutiveLetters()).validate(str));
            }
            if (Boolean.TRUE.equals(passwordSettings.isExcludeUserProfileInfoInPassword())) {
                passwordSettingsStatus.setExcludeUserProfileInfoInPassword(new UserProfilePasswordValidator(passwordSettings.isExcludeUserProfileInfoInPassword(), user).validate(str));
            }
        }
        return passwordSettingsStatus;
    }

    @Override // io.gravitee.am.service.PasswordService
    public boolean checkAccountPasswordExpiry(User user, Client client, Domain domain) {
        Optional passwordSettings = PasswordSettings.getInstance(client, domain);
        if (passwordSettings.isEmpty() || ((PasswordSettings) passwordSettings.get()).getExpiryDuration() == null || ((PasswordSettings) passwordSettings.get()).getExpiryDuration().intValue() <= 0) {
            return false;
        }
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(user.getLastPasswordReset());
        calendar.add(5, ((PasswordSettings) passwordSettings.get()).getExpiryDuration().intValue());
        return calendar.compareTo(Calendar.getInstance()) < 0;
    }
}
