package org.syncope.core.persistence.beans.user;

import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
import javax.persistence.Basic;
import javax.persistence.Cacheable;
import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.ElementCollection;
import javax.persistence.Entity;
import javax.persistence.EnumType;
import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Lob;
import javax.persistence.OneToMany;
import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import javax.persistence.Transient;
import javax.validation.Valid;
import javax.validation.constraints.Max;
import javax.validation.constraints.Min;
import javax.validation.constraints.NotNull;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.RandomStringUtils;
import org.hibernate.annotations.Type;
import org.springframework.security.core.codec.Base64;
import org.syncope.core.persistence.beans.AbstractAttr;
import org.syncope.core.persistence.beans.AbstractAttributable;
import org.syncope.core.persistence.beans.AbstractDerAttr;
import org.syncope.core.persistence.beans.AbstractVirAttr;
import org.syncope.core.persistence.beans.ExternalResource;
import org.syncope.core.persistence.beans.membership.Membership;
import org.syncope.core.persistence.beans.role.SyncopeRole;
import org.syncope.core.persistence.validation.entity.SyncopeUserCheck;
import org.syncope.core.workflow.ActivitiUserWorkflowAdapter;
import org.syncope.types.CipherAlgorithm;

@Cacheable
@Entity
@SyncopeUserCheck
/* loaded from: input_file:WEB-INF/classes/org/syncope/core/persistence/beans/user/SyncopeUser.class */
public class SyncopeUser extends AbstractAttributable {
    private static final long serialVersionUID = -3905046855521446823L;
    private static SecretKeySpec keySpec;

    @Id
    private Long id;

    @NotNull
    private String password;

    @Transient
    private String clearPassword;
    private String workflowId;

    @Column(nullable = true)
    private String status;

    @Lob
    @Type(type = "org.hibernate.type.StringClobType")
    private String token;

    @Temporal(TemporalType.TIMESTAMP)
    private Date tokenExpireTime;

    @Column(nullable = true)
    @Enumerated(EnumType.STRING)
    private CipherAlgorithm cipherAlgorithm;

    @NotNull
    @Column(unique = true)
    private String username;

    @Temporal(TemporalType.TIMESTAMP)
    @Column(nullable = true)
    private Date lastLoginDate;

    @Temporal(TemporalType.TIMESTAMP)
    @NotNull
    private Date creationDate;

    @Temporal(TemporalType.TIMESTAMP)
    @Column(nullable = true)
    private Date changePwdDate;

    @Valid
    @OneToMany(cascade = {CascadeType.MERGE}, mappedBy = ActivitiUserWorkflowAdapter.SYNCOPE_USER)
    private List<Membership> memberships = new ArrayList();

    @Valid
    @OneToMany(cascade = {CascadeType.ALL}, mappedBy = "owner")
    private List<UAttr> attributes = new ArrayList();

    @Valid
    @OneToMany(cascade = {CascadeType.ALL}, mappedBy = "owner")
    private List<UDerAttr> derivedAttributes = new ArrayList();

    @Valid
    @OneToMany(cascade = {CascadeType.ALL}, mappedBy = "owner")
    private List<UVirAttr> virtualAttributes = new ArrayList();

    @ElementCollection
    private List<String> passwordHistory = new ArrayList();

    @Column(nullable = true)
    private Integer failedLogins = 0;

    @Max(1)
    @Basic
    @Min(0)
    private Integer suspended = getBooleanAsInteger(Boolean.FALSE);

    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public Long getId() {
        return this.id;
    }

    public boolean addMembership(Membership membership) {
        return this.memberships.contains(membership) || this.memberships.add(membership);
    }

    public boolean removeMembership(Membership membership) {
        return this.memberships.remove(membership);
    }

    public Membership getMembership(Long l) {
        Membership membership = null;
        Iterator<Membership> it = getMemberships().iterator();
        while (membership == null && it.hasNext()) {
            Membership next = it.next();
            if (next.getSyncopeRole() != null && l.equals(next.getSyncopeRole().getId())) {
                membership = next;
            }
        }
        return membership;
    }

    public List<Membership> getMemberships() {
        return this.memberships;
    }

    public void setMemberships(List<Membership> list) {
        this.memberships.clear();
        if (list == null || list.isEmpty()) {
            return;
        }
        this.memberships.addAll(list);
    }

    public Set<SyncopeRole> getRoles() {
        HashSet hashSet = new HashSet();
        for (Membership membership : this.memberships) {
            if (membership.getSyncopeRole() != null) {
                hashSet.add(membership.getSyncopeRole());
            }
        }
        return hashSet;
    }

    public Set<Long> getRoleIds() {
        Set<SyncopeRole> roles = getRoles();
        HashSet hashSet = new HashSet(roles.size());
        Iterator<SyncopeRole> it = roles.iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getId());
        }
        return hashSet;
    }

    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public Set<ExternalResource> getExternalResources() {
        HashSet hashSet = new HashSet();
        hashSet.addAll(super.getExternalResources());
        Iterator<SyncopeRole> it = getRoles().iterator();
        while (it.hasNext()) {
            hashSet.addAll(it.next().getExternalResources());
        }
        return hashSet;
    }

    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public Set<String> getExternalResourceNames() {
        Set<ExternalResource> externalResources = getExternalResources();
        HashSet hashSet = new HashSet(externalResources.size());
        Iterator<ExternalResource> it = externalResources.iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getName());
        }
        return hashSet;
    }

    public String getPassword() {
        return this.password;
    }

    public String getClearPassword() {
        return this.clearPassword;
    }

    public void removeClearPassword() {
        this.clearPassword = null;
    }

    public void setPassword(String str, CipherAlgorithm cipherAlgorithm, int i) {
        this.clearPassword = str;
        try {
            this.password = encodePassword(str, cipherAlgorithm);
            this.cipherAlgorithm = cipherAlgorithm;
        } catch (Throwable th) {
            LOG.error("Could not encode password", th);
            this.password = null;
        }
    }

    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public <T extends AbstractAttr> boolean addAttribute(T t) {
        return this.attributes.add((UAttr) t);
    }

    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public <T extends AbstractAttr> boolean removeAttribute(T t) {
        return this.attributes.remove((UAttr) t);
    }

    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public List<? extends AbstractAttr> getAttributes() {
        return this.attributes;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public void setAttributes(List<? extends AbstractAttr> list) {
        this.attributes = list;
    }

    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public <T extends AbstractDerAttr> boolean addDerivedAttribute(T t) {
        return this.derivedAttributes.add((UDerAttr) t);
    }

    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public <T extends AbstractDerAttr> boolean removeDerivedAttribute(T t) {
        return this.derivedAttributes.remove((UDerAttr) t);
    }

    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public List<? extends AbstractDerAttr> getDerivedAttributes() {
        return this.derivedAttributes;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public void setDerivedAttributes(List<? extends AbstractDerAttr> list) {
        this.derivedAttributes = list;
    }

    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public <T extends AbstractVirAttr> boolean addVirtualAttribute(T t) {
        return this.virtualAttributes.add((UVirAttr) t);
    }

    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public <T extends AbstractVirAttr> boolean removeVirtualAttribute(T t) {
        return this.virtualAttributes.remove((UVirAttr) t);
    }

    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public List<? extends AbstractVirAttr> getVirtualAttributes() {
        return this.virtualAttributes;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.syncope.core.persistence.beans.AbstractAttributable
    public void setVirtualAttributes(List<? extends AbstractVirAttr> list) {
        this.virtualAttributes = list;
    }

    public String getWorkflowId() {
        return this.workflowId;
    }

    public void setWorkflowId(String str) {
        this.workflowId = str;
    }

    public String getStatus() {
        return this.status;
    }

    public void setStatus(String str) {
        this.status = str;
    }

    public void generateToken(int i, int i2) {
        this.token = RandomStringUtils.randomAlphanumeric(i);
        Calendar calendar = Calendar.getInstance();
        calendar.add(12, i2);
        this.tokenExpireTime = calendar.getTime();
    }

    public void removeToken() {
        this.token = null;
        this.tokenExpireTime = null;
    }

    public String getToken() {
        return this.token;
    }

    public Date getTokenExpireTime() {
        if (this.tokenExpireTime == null) {
            return null;
        }
        return new Date(this.tokenExpireTime.getTime());
    }

    public boolean checkToken(String str) {
        return this.token == null || (this.token.equals(str) && this.tokenExpireTime.after(new Date()));
    }

    public CipherAlgorithm getCipherAlgoritm() {
        return this.cipherAlgorithm;
    }

    public void setCipherAlgoritm(CipherAlgorithm cipherAlgorithm) {
        this.cipherAlgorithm = cipherAlgorithm;
    }

    public List<String> getPasswordHistory() {
        return this.passwordHistory;
    }

    public Date getChangePwdDate() {
        if (this.changePwdDate == null) {
            return null;
        }
        return new Date(this.changePwdDate.getTime());
    }

    public void setChangePwdDate(Date date) {
        this.changePwdDate = date == null ? null : new Date(date.getTime());
    }

    public Date getCreationDate() {
        if (this.creationDate == null) {
            return null;
        }
        return new Date(this.creationDate.getTime());
    }

    public void setCreationDate(Date date) {
        this.creationDate = date == null ? null : new Date(date.getTime());
    }

    public Integer getFailedLogins() {
        return Integer.valueOf(this.failedLogins != null ? this.failedLogins.intValue() : 0);
    }

    public void setFailedLogins(Integer num) {
        this.failedLogins = num;
    }

    public Date getLastLoginDate() {
        if (this.lastLoginDate == null) {
            return null;
        }
        return new Date(this.lastLoginDate.getTime());
    }

    public void setLastLoginDate(Date date) {
        this.lastLoginDate = date == null ? null : new Date(date.getTime());
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public void setSuspended(Boolean bool) {
        this.suspended = getBooleanAsInteger(bool);
    }

    public Boolean getSuspended() {
        return isBooleanAsInteger(this.suspended);
    }

    private String encodePassword(String str, CipherAlgorithm cipherAlgorithm) throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        String str2 = null;
        if (str != null) {
            if (cipherAlgorithm == null || cipherAlgorithm == CipherAlgorithm.AES) {
                byte[] bytes = str.getBytes("UTF8");
                Cipher cipher = Cipher.getInstance(CipherAlgorithm.AES.getAlgorithm());
                cipher.init(1, keySpec);
                str2 = new String(Base64.encode(cipher.doFinal(bytes)));
            } else {
                MessageDigest messageDigest = MessageDigest.getInstance(cipherAlgorithm.getAlgorithm());
                messageDigest.reset();
                messageDigest.update(str.getBytes());
                byte[] digest = messageDigest.digest();
                StringBuilder sb = new StringBuilder();
                for (byte b : digest) {
                    String hexString = Integer.toHexString(255 & b);
                    if (hexString.length() == 1) {
                        sb.append('0');
                    }
                    sb.append(hexString);
                }
                str2 = sb.toString();
            }
        }
        return str2;
    }

    public boolean verifyPasswordHistory(String str, int i) {
        boolean z = false;
        if (i > 0) {
            try {
                z = this.passwordHistory.subList(i >= this.passwordHistory.size() ? 0 : this.passwordHistory.size() - i, this.passwordHistory.size()).contains(this.cipherAlgorithm != null ? encodePassword(str, this.cipherAlgorithm) : str);
            } catch (Throwable th) {
                LOG.error("Error evaluating password history", th);
            }
        }
        return z;
    }

    static {
        try {
            keySpec = new SecretKeySpec(ArrayUtils.subarray("1abcdefghilmnopqrstuvz2!".getBytes("UTF8"), 0, 16), "AES");
        } catch (Exception e) {
            LOG.error("Error during key specification", (Throwable) e);
        }
    }
}
