package org.apereo.cas.pm.jdbc;

import java.io.Serializable;
import java.util.HashMap;
import java.util.Map;
import javax.sql.DataSource;
import lombok.Generated;
import lombok.NonNull;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.validator.routines.EmailValidator;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.configuration.model.support.pm.PasswordManagementProperties;
import org.apereo.cas.pm.PasswordChangeRequest;
import org.apereo.cas.pm.PasswordHistoryService;
import org.apereo.cas.pm.PasswordManagementQuery;
import org.apereo.cas.pm.impl.BasePasswordManagementService;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.dao.EmptyResultDataAccessException;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.transaction.support.TransactionOperations;

/* loaded from: input_file:org/apereo/cas/pm/jdbc/JdbcPasswordManagementService.class */
public class JdbcPasswordManagementService extends BasePasswordManagementService {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(JdbcPasswordManagementService.class);
    private final JdbcTemplate jdbcTemplate;
    private final TransactionOperations transactionTemplate;
    private final PasswordEncoder passwordEncoder;

    public JdbcPasswordManagementService(CipherExecutor<Serializable, String> cipherExecutor, String str, PasswordManagementProperties passwordManagementProperties, @NonNull DataSource dataSource, @NonNull TransactionOperations transactionOperations, PasswordHistoryService passwordHistoryService, PasswordEncoder passwordEncoder) {
        super(passwordManagementProperties, cipherExecutor, str, passwordHistoryService);
        if (dataSource == null) {
            throw new NullPointerException("dataSource is marked non-null but is null");
        }
        if (transactionOperations == null) {
            throw new NullPointerException("transactionTemplate is marked non-null but is null");
        }
        this.jdbcTemplate = new JdbcTemplate(dataSource);
        this.transactionTemplate = transactionOperations;
        this.passwordEncoder = passwordEncoder;
    }

    public boolean changeInternal(Credential credential, PasswordChangeRequest passwordChangeRequest) {
        return BooleanUtils.toBoolean((Boolean) this.transactionTemplate.execute(transactionStatus -> {
            return Boolean.valueOf(this.jdbcTemplate.update(this.properties.getJdbc().getSqlChangePassword(), new Object[]{this.passwordEncoder.encode(passwordChangeRequest.getPassword()), ((UsernamePasswordCredential) credential).getId()}) > 0);
        }));
    }

    public String findEmail(PasswordManagementQuery passwordManagementQuery) {
        String sqlFindEmail = this.properties.getJdbc().getSqlFindEmail();
        if (StringUtils.isBlank(sqlFindEmail)) {
            LOGGER.debug("No SQL query is defined to retrieve email addresses");
            return null;
        }
        try {
            return (String) this.transactionTemplate.execute(transactionStatus -> {
                String str = (String) this.jdbcTemplate.queryForObject(sqlFindEmail, String.class, new Object[]{passwordManagementQuery.getUsername()});
                if (StringUtils.isNotBlank(str) && EmailValidator.getInstance().isValid(str)) {
                    return str;
                }
                LOGGER.debug("Username [{}] not found when searching for email", passwordManagementQuery.getUsername());
                return null;
            });
        } catch (EmptyResultDataAccessException e) {
            LOGGER.debug("Username [{}] not found when searching for email", passwordManagementQuery.getUsername());
            return null;
        }
    }

    public String findPhone(PasswordManagementQuery passwordManagementQuery) {
        String sqlFindPhone = this.properties.getJdbc().getSqlFindPhone();
        if (StringUtils.isBlank(sqlFindPhone)) {
            LOGGER.debug("No SQL query is defined to retrieve phone numbers");
            return null;
        }
        try {
            return (String) this.transactionTemplate.execute(transactionStatus -> {
                String str = (String) this.jdbcTemplate.queryForObject(sqlFindPhone, String.class, new Object[]{passwordManagementQuery.getUsername()});
                if (StringUtils.isNotBlank(str)) {
                    return str;
                }
                LOGGER.debug("Username [{}] not found when searching for phone", passwordManagementQuery.getUsername());
                return null;
            });
        } catch (EmptyResultDataAccessException e) {
            LOGGER.debug("Username [{}] not found when searching for phone", passwordManagementQuery.getUsername());
            return null;
        }
    }

    public String findUsername(PasswordManagementQuery passwordManagementQuery) {
        try {
            return (String) this.transactionTemplate.execute(transactionStatus -> {
                return (String) this.jdbcTemplate.queryForObject(this.properties.getJdbc().getSqlFindUser(), String.class, new Object[]{passwordManagementQuery.getEmail()});
            });
        } catch (EmptyResultDataAccessException e) {
            LOGGER.debug("Email [{}] not found when searching for user", passwordManagementQuery.getEmail());
            return null;
        }
    }

    public Map<String, String> getSecurityQuestions(PasswordManagementQuery passwordManagementQuery) {
        return (Map) this.transactionTemplate.execute(transactionStatus -> {
            String sqlGetSecurityQuestions = this.properties.getJdbc().getSqlGetSecurityQuestions();
            HashMap hashMap = new HashMap();
            this.jdbcTemplate.queryForList(sqlGetSecurityQuestions, new Object[]{passwordManagementQuery.getUsername()}).forEach(map -> {
                if (map.containsKey("question") && map.containsKey("answer")) {
                    hashMap.put(map.get("question").toString(), map.get("answer").toString());
                }
            });
            LOGGER.debug("Found [{}] security questions for [{}]", Integer.valueOf(hashMap.size()), passwordManagementQuery.getUsername());
            return hashMap;
        });
    }

    public void updateSecurityQuestions(PasswordManagementQuery passwordManagementQuery) {
        this.jdbcTemplate.update(this.properties.getJdbc().getSqlDeleteSecurityQuestions(), new Object[]{passwordManagementQuery.getUsername()});
        passwordManagementQuery.getSecurityQuestions().forEach((str, list) -> {
            list.forEach(str -> {
                this.jdbcTemplate.update(this.properties.getJdbc().getSqlUpdateSecurityQuestions(), new Object[]{passwordManagementQuery.getUsername(), str, str});
            });
        });
    }

    @Generated
    public JdbcTemplate getJdbcTemplate() {
        return this.jdbcTemplate;
    }

    @Generated
    public TransactionOperations getTransactionTemplate() {
        return this.transactionTemplate;
    }

    @Generated
    public PasswordEncoder getPasswordEncoder() {
        return this.passwordEncoder;
    }
}
