package com.iplanet.services.ldap;

import com.iplanet.am.util.SystemProperties;
import com.iplanet.services.util.XMLException;
import com.iplanet.sso.SSOToken;
import com.iplanet.ums.Guid;
import com.iplanet.ums.PersistentObject;
import com.iplanet.ums.UMSObject;
import com.sun.identity.authentication.internal.AuthContext;
import com.sun.identity.authentication.internal.AuthPrincipal;
import com.sun.identity.authentication.spi.AuthLoginException;
import com.sun.identity.common.ShutdownManager;
import com.sun.identity.common.configuration.ServerConfiguration;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.AMIdentityRepository;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdUtils;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.security.DecodeAction;
import com.sun.identity.security.EncodeAction;
import com.sun.identity.setup.Bootstrap;
import com.sun.identity.setup.ConfiguratorException;
import com.sun.identity.shared.debug.Debug;
import com.sun.identity.shared.xml.XMLUtils;
import com.sun.identity.sm.SMSEntry;
import com.sun.identity.sm.SMSSchema;
import com.sun.identity.sm.ServiceManager;
import com.sun.identity.tools.bundles.VersionCheck;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.security.AccessController;
import java.text.MessageFormat;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Locale;
import java.util.ResourceBundle;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import org.forgerock.openam.sdk.org.forgerock.opendj.ldap.DN;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.1.jar:com/iplanet/services/ldap/ServerConfigMgr.class */
public class ServerConfigMgr {
    private static final String HELP = "--help";
    private static final String S_HELP = "-h";
    private static final String Q_HELP = "?";
    private static final String SQ_HELP = "-?";
    private static final String ADMIN = "--admin";
    private static final String S_ADMIN = "-a";
    private static final String PROXY = "--proxy";
    private static final String S_PROXY = "-p";
    private static final String OLD = "--old";
    private static final String S_OLD = "-o";
    private static final String NEW = "--new";
    private static final String S_NEW = "-n";
    private static final String ENCRYPT = "--encrypt";
    private static final String S_ENCRYPT = "-e";
    private static final String RESOURCE_BUNDLE_NAME = "amSDK";
    private static final int MIN_PASSWORD_LEN = 8;
    private static final String RUN_TIME_CONFIG_PATH = "com.iplanet.coreservices.configpath";
    private static boolean isAMSDKConfigured;
    private static ResourceBundle i18n = ResourceBundle.getBundle("amSDK");
    private static Debug debug;
    private String configFile;
    private Node root;
    private Node defaultServerGroup;
    private String strXMLDeclarationHdr;
    private SSOToken ssoToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());

    public ServerConfigMgr() throws Exception {
        isAMSDKConfigured = ServiceManager.isAMSDKConfigured();
        getServerConfigXMLDoc();
    }

    private void getServerConfigXMLDoc() throws Exception {
        InputStream inputStream = null;
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(ServerConfiguration.getServerConfigXML(this.ssoToken, SystemProperties.getServerInstanceName()).getBytes());
            Document xMLDocument = XMLUtils.getXMLDocument(byteArrayInputStream);
            if (xMLDocument == null) {
                throw new XMLException(i18n.getString("dscfg-error-reading-config-file") + "\n" + i18n.getString("dscfg-corrupted-serverconfig"));
            }
            this.root = XMLUtils.getRootNode(xMLDocument, DSConfigMgr.ROOT);
            if (this.root == null) {
                throw new XMLException(i18n.getString("dscfg-unable-to-find-root-node") + "\n" + i18n.getString("dscfg-corrupted-serverconfig"));
            }
            this.defaultServerGroup = XMLUtils.getNamedChildNode(this.root, DSConfigMgr.SERVERGROUP, "name", "default");
            if (this.defaultServerGroup == null) {
                throw new XMLException(i18n.getString("dscfg-unable-to-find-default-servergroup") + "\n" + i18n.getString("dscfg-corrupted-serverconfig"));
            }
            this.strXMLDeclarationHdr = getXMLDeclarationHeader(this.ssoToken, this.configFile);
            if (byteArrayInputStream != null) {
                byteArrayInputStream.close();
            }
        } catch (Throwable th) {
            if (0 != 0) {
                inputStream.close();
            }
            throw th;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:0x005e, code lost:
    
        r14 = r0 - 1;
     */
    /* JADX WARN: Code restructure failed: missing block: B:12:0x0063, code lost:
    
        if (r14 <= 0) goto L13;
     */
    /* JADX WARN: Code restructure failed: missing block: B:13:0x0066, code lost:
    
        r0.append(r13.substring(0, r14)).append("\n");
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.lang.String getXMLDeclarationHeader(com.iplanet.sso.SSOToken r7, java.lang.String r8) throws java.lang.Exception {
        /*
            r6 = this;
            java.lang.StringBuilder r0 = new java.lang.StringBuilder
            r1 = r0
            r1.<init>()
            r9 = r0
            r0 = 0
            r10 = r0
            r0 = r7
            java.lang.String r1 = com.iplanet.am.util.SystemProperties.getServerInstanceName()     // Catch: java.lang.Throwable -> L8d
            java.lang.String r0 = com.sun.identity.common.configuration.ServerConfiguration.getServerConfigXML(r0, r1)     // Catch: java.lang.Throwable -> L8d
            r11 = r0
            java.io.ByteArrayInputStream r0 = new java.io.ByteArrayInputStream     // Catch: java.lang.Throwable -> L8d
            r1 = r0
            r2 = r11
            byte[] r2 = r2.getBytes()     // Catch: java.lang.Throwable -> L8d
            r1.<init>(r2)     // Catch: java.lang.Throwable -> L8d
            r10 = r0
            java.io.BufferedReader r0 = new java.io.BufferedReader     // Catch: java.lang.Throwable -> L8d
            r1 = r0
            java.io.InputStreamReader r2 = new java.io.InputStreamReader     // Catch: java.lang.Throwable -> L8d
            r3 = r2
            r4 = r10
            r3.<init>(r4)     // Catch: java.lang.Throwable -> L8d
            r1.<init>(r2)     // Catch: java.lang.Throwable -> L8d
            r12 = r0
            r0 = r12
            java.lang.String r0 = r0.readLine()     // Catch: java.lang.Throwable -> L8d
            r13 = r0
        L3b:
            r0 = r13
            if (r0 == 0) goto L85
            r0 = r13
            java.lang.String r1 = "iPlanetDataAccessLayer"
            int r0 = r0.indexOf(r1)     // Catch: java.lang.Throwable -> L8d
            r14 = r0
            r0 = r14
            r1 = -1
            if (r0 != r1) goto L5e
            r0 = r9
            r1 = r13
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.lang.Throwable -> L8d
            java.lang.String r1 = "\n"
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.lang.Throwable -> L8d
            goto L7b
        L5e:
            int r14 = r14 + (-1)
            r0 = r14
            if (r0 <= 0) goto L85
            r0 = r9
            r1 = r13
            r2 = 0
            r3 = r14
            java.lang.String r1 = r1.substring(r2, r3)     // Catch: java.lang.Throwable -> L8d
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.lang.Throwable -> L8d
            java.lang.String r1 = "\n"
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.lang.Throwable -> L8d
            goto L85
        L7b:
            r0 = r12
            java.lang.String r0 = r0.readLine()     // Catch: java.lang.Throwable -> L8d
            r13 = r0
            goto L3b
        L85:
            r0 = r10
            r0.close()
            goto L97
        L8d:
            r15 = move-exception
            r0 = r10
            r0.close()
            r0 = r15
            throw r0
        L97:
            r0 = r9
            java.lang.String r0 = r0.toString()
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.iplanet.services.ldap.ServerConfigMgr.getXMLDeclarationHeader(com.iplanet.sso.SSOToken, java.lang.String):java.lang.String");
    }

    private static String getServiceConfigXMLFileLocation() throws Exception {
        String str = SystemProperties.get(SystemProperties.CONFIG_PATH);
        if (str == null) {
            str = System.getProperty(RUN_TIME_CONFIG_PATH);
        }
        String str2 = str + System.getProperty("file.separator") + SystemProperties.CONFIG_FILE_NAME;
        File file = new File(str2);
        if (file.exists() && file.canRead() && file.canWrite()) {
            return str2;
        }
        throw new Exception(MessageFormat.format(i18n.getString("dscfg-no-file-permission"), str2));
    }

    private static void validateArguments(String[] strArr) {
        if (strArr.length == 0) {
            System.err.println(i18n.getString("dscfg-usage"));
            System.exit(1);
            return;
        }
        String str = strArr[0];
        if (!str.equals(HELP) && !str.equals(S_HELP) && !str.equals("?") && !str.equals(SQ_HELP) && !str.equals(ADMIN) && !str.equals(S_ADMIN) && !str.equals(PROXY) && !str.equals(S_PROXY) && !str.equals(ENCRYPT) && !str.equals(S_ENCRYPT)) {
            System.err.println(MessageFormat.format(i18n.getString("dscfg-invalid-option"), str));
            System.err.println(i18n.getString("dscfg-usage"));
            System.exit(1);
        }
        if (str.equals(ADMIN) || str.equals(S_ADMIN) || str.equals(PROXY) || str.equals(S_PROXY)) {
            if (strArr.length != 5) {
                System.err.println(i18n.getString("dscfg-illegal-args"));
                System.err.println(i18n.getString("dscfg-usage"));
                System.exit(1);
                return;
            }
            return;
        }
        if (str.equals(ENCRYPT) || str.equals(S_ENCRYPT)) {
            if (strArr.length != 2) {
                System.err.println(i18n.getString("dscfg-illegal-args"));
                System.err.println(i18n.getString("dscfg-usage"));
                System.exit(1);
                return;
            }
            return;
        }
        if (strArr.length != 1) {
            System.err.println(i18n.getString("dscfg-illegal-args"));
            System.err.println(i18n.getString("dscfg-usage"));
            System.exit(1);
        }
    }

    private static boolean printHelpMessage(String[] strArr) {
        boolean z = false;
        if (strArr[0].equals(HELP) || strArr[0].equals(S_HELP) || strArr[0].equals("?") || strArr[0].equals(SQ_HELP)) {
            z = true;
            System.out.println(i18n.getString("dscfg-usage"));
        }
        return z;
    }

    private static boolean encryptPassword(String[] strArr) {
        boolean z = false;
        if (strArr[0].equals(S_ENCRYPT) || strArr[0].equals(ENCRYPT)) {
            z = true;
            if (strArr.length > 1) {
                try {
                    String readOneLinerFromFile = readOneLinerFromFile(strArr[1]);
                    if (readOneLinerFromFile == null || readOneLinerFromFile.length() == 0) {
                        System.err.println(MessageFormat.format(i18n.getString("dscfg-null-password"), strArr[1]));
                        System.err.println(i18n.getString("dscfg-usage"));
                        System.exit(1);
                    }
                    System.out.println((String) AccessController.doPrivileged(new EncodeAction(readOneLinerFromFile)));
                } catch (FileNotFoundException e) {
                    System.err.println(MessageFormat.format(i18n.getString("dscfg-passwd-file-not-found"), strArr[1]));
                    System.exit(1);
                } catch (IOException e2) {
                    System.err.println(MessageFormat.format(i18n.getString("dscfg-passwd-file-not-found"), strArr[1]));
                    System.exit(1);
                }
            } else {
                System.err.println(MessageFormat.format(i18n.getString("dscfg-incorrect-usage"), strArr[0]));
                System.err.println(i18n.getString("dscfg-usage"));
                System.exit(1);
            }
        }
        return z;
    }

    private static boolean changePassword(String[] strArr) throws Exception {
        boolean z = false;
        boolean z2 = false;
        if (strArr[0].equals(S_ADMIN) || strArr[0].equals(ADMIN)) {
            z = true;
        } else {
            z2 = true;
        }
        isAMSDKConfigured = ServiceManager.isAMSDKConfigured();
        if (z2 && !isAMSDKConfigured) {
            System.err.println(i18n.getString("dscfg-proxy-no-suppport"));
            System.exit(1);
        }
        String str = null;
        String str2 = null;
        int i = 1;
        while (i < strArr.length) {
            if (strArr[i].equals(OLD) || strArr[i].equals(S_OLD)) {
                i++;
                str = readOneLinerFromFile(strArr[i]);
            } else if (strArr[i].equals(NEW) || strArr[i].equals(S_NEW)) {
                i++;
                str2 = readOneLinerFromFile(strArr[i]);
            } else {
                System.err.println(MessageFormat.format(i18n.getString("dscfg-invalid-option"), strArr[i]));
                System.err.println(i18n.getString("dscfg-usage"));
                System.exit(1);
            }
            i++;
        }
        validatePasswords(str, str2);
        if (!z || isAMSDKConfigured) {
            ServerConfigMgr serverConfigMgr = new ServerConfigMgr();
            if (DN.valueOf(serverConfigMgr.getUserDN(DSConfigMgr.VAL_AUTH_ADMIN)).equals(DN.valueOf(serverConfigMgr.getUserDN(DSConfigMgr.VAL_AUTH_PROXY)))) {
                z = true;
                z2 = true;
            }
            if (z) {
                serverConfigMgr.setAdminUserPassword(str, str2);
            }
            if (z2) {
                serverConfigMgr.setProxyUserPassword(str, str2);
            }
            serverConfigMgr.save();
        } else {
            SSOToken sSOToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
            if (!authenticateDsameUser(sSOToken, str, str2)) {
                throw new Exception(i18n.getString("dscfg-invalid-password"));
            }
            AMIdentity identity = IdUtils.getIdentity(sSOToken, "cn=dsameuser,ou=DSAME Users," + SMSEntry.getRootSuffix());
            HashSet hashSet = new HashSet(2);
            hashSet.add(str2);
            HashMap hashMap = new HashMap(2);
            hashMap.put("userpassword", hashSet);
            identity.setAttributes(hashMap);
            identity.store();
        }
        System.out.println(i18n.getString("dscfg-passwd-success"));
        return true;
    }

    private static boolean authenticateDsameUser(SSOToken sSOToken, String str, String str2) {
        Callback nameCallback = new NameCallback("dummy");
        nameCallback.setName("dsameuser");
        PasswordCallback passwordCallback = new PasswordCallback("dummy", false);
        passwordCallback.setPassword(str.toCharArray());
        Callback[] callbackArr = {nameCallback, passwordCallback};
        try {
            AMIdentityRepository aMIdentityRepository = new AMIdentityRepository("/", sSOToken);
            if (aMIdentityRepository.authenticate(callbackArr)) {
                return true;
            }
            passwordCallback.setPassword(str2.toCharArray());
            return aMIdentityRepository.authenticate(callbackArr);
        } catch (AuthLoginException e) {
            return false;
        } catch (IdRepoException e2) {
            return false;
        }
    }

    public static void main(String[] strArr) {
        try {
            try {
                Bootstrap.load();
                if (VersionCheck.isVersionValid() == 1) {
                    System.exit(1);
                }
                debug = Debug.getInstance("amSDK");
                validateArguments(strArr);
                boolean z = printHelpMessage(strArr) || encryptPassword(strArr) || changePassword(strArr);
                ShutdownManager.getInstance().shutdown();
            } catch (ConfiguratorException e) {
                System.err.println(e.getL10NMessage(Locale.getDefault()));
                System.exit(1);
                ShutdownManager.getInstance().shutdown();
            } catch (Exception e2) {
                System.err.println(e2.getMessage());
                System.exit(1);
                ShutdownManager.getInstance().shutdown();
            }
        } catch (Throwable th) {
            ShutdownManager.getInstance().shutdown();
            throw th;
        }
    }

    public void setAdminUserPassword(String str, String str2) throws Exception {
        changePassword(DSConfigMgr.VAL_AUTH_ADMIN, str, str2);
        Bootstrap.modifyDSAMEUserPassword(str2);
    }

    protected void setProxyUserPassword(String str, String str2) throws Exception {
        changePassword(DSConfigMgr.VAL_AUTH_PROXY, str, str2);
    }

    public void save() throws Exception {
        ServerConfiguration.setServerConfigXML(this.ssoToken, SystemProperties.getServerInstanceName(), this.strXMLDeclarationHdr + SMSSchema.nodeToString(this.root));
    }

    private void changePassword(String str, String str2, String str3) throws Exception {
        String userPassword = getUserPassword(str);
        String userDN = getUserDN(str);
        if (userPassword == null || userPassword.length() == 0 || userDN == null || userDN.length() == 0) {
            debug.error("Null password or user DN for user type: " + str + " from file: " + this.configFile);
            throw new XMLException(i18n.getString("dscfg-corrupted-serverconfig"));
        }
        if (!str2.equals(AccessController.doPrivileged(new DecodeAction(userPassword)))) {
            throw new Exception(i18n.getString("dscfg-old-passwd-donot-match"));
        }
        if (isAMSDKConfigured) {
            try {
                new AuthContext(new AuthPrincipal(userDN), str3.toCharArray());
                if (debug.messageEnabled()) {
                    debug.message("DN: " + userDN + " new password is already updated in the directory");
                }
            } catch (LoginException e) {
                try {
                    PersistentObject object = UMSObject.getObject(new AuthContext(new AuthPrincipal(userDN), str2.toCharArray()).getSSOToken(), new Guid(userDN));
                    if (debug.messageEnabled()) {
                        debug.message("For DN: " + userDN + " changing password in directory");
                    }
                    object.setAttribute(new Attr("userPassword", str3));
                    object.save();
                } catch (LoginException e2) {
                    if (debug.warningEnabled()) {
                        debug.warning("For DN: " + userDN + " new and old passwords donot match with directory");
                    }
                    throw new Exception(i18n.getString("dscfg-invalid-password") + "\n" + e2.getMessage());
                }
            }
        }
        setUserPassword(str, str3);
    }

    private String getUserDN(String str) throws Exception {
        Node childNode = XMLUtils.getChildNode(getUserNode(str), DSConfigMgr.AUTH_ID);
        if (childNode == null) {
            throw new XMLException(i18n.getString("dscfg-corrupted-serverconfig"));
        }
        return XMLUtils.getValueOfValueNode(childNode);
    }

    private String getUserPassword(String str) throws Exception {
        Node childNode = XMLUtils.getChildNode(getUserNode(str), DSConfigMgr.AUTH_PASSWD);
        if (childNode == null) {
            throw new XMLException(i18n.getString("dscfg-corrupted-serverconfig"));
        }
        return XMLUtils.getValueOfValueNode(childNode);
    }

    private void setUserPassword(String str, String str2) throws Exception {
        Node childNode = XMLUtils.getChildNode(getUserNode(str), DSConfigMgr.AUTH_PASSWD);
        if (childNode == null) {
            throw new XMLException(i18n.getString("dscfg-corrupted-serverconfig"));
        }
        String str3 = (String) AccessController.doPrivileged(new EncodeAction(str2));
        NodeList childNodes = childNode.getChildNodes();
        childNodes.item(0).setNodeValue(str3);
        for (int i = 1; i < childNodes.getLength(); i++) {
            childNode.removeChild(childNodes.item(i));
        }
    }

    private Node getUserNode(String str) throws Exception {
        Node namedChildNode = XMLUtils.getNamedChildNode(this.defaultServerGroup, "User", "type", str);
        if (namedChildNode != null) {
            return namedChildNode;
        }
        debug.error("Unable to get user type: " + str + " node from file: " + this.configFile);
        throw new XMLException(i18n.getString("dscfg-corrupted-serverconfig"));
    }

    private static void validatePasswords(String str, String str2) {
        if (str == null || str.length() == 0) {
            System.err.println(i18n.getString("dscfg-null-old-password"));
            System.err.println(i18n.getString("dscfg-usage"));
            System.exit(1);
        }
        if (str2 == null || str2.length() == 0) {
            System.err.println(i18n.getString("dscfg-null-new-password"));
            System.err.println(i18n.getString("dscfg-usage"));
            System.exit(1);
        }
        if (str2.length() < 8) {
            System.err.println(MessageFormat.format(i18n.getString("dscfg-password-lenght-not-met"), Integer.toString(8)));
            System.exit(1);
        } else if (str2.equals(str)) {
            System.err.println(i18n.getString("dscfg-passwords-are-same"));
            System.exit(1);
        }
    }

    private static String readOneLinerFromFile(String str) throws FileNotFoundException, IOException {
        BufferedReader bufferedReader = null;
        try {
            bufferedReader = new BufferedReader(new FileReader(str));
            String readLine = bufferedReader.readLine();
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException e) {
                }
            }
            return readLine;
        } catch (Throwable th) {
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException e2) {
                }
            }
            throw th;
        }
    }
}
