package dev.galasa.zossecurity.internal.resources;

import com.google.gson.JsonObject;
import dev.galasa.zos.IZosImage;
import dev.galasa.zossecurity.IZosGroup;
import dev.galasa.zossecurity.IZosUserid;
import dev.galasa.zossecurity.UseridNotFoundException;
import dev.galasa.zossecurity.ZosSecurityManagerException;
import dev.galasa.zossecurity.internal.ZosSecurityImpl;
import dev.galasa.zossecurity.internal.properties.UseridBypassCleanup;
import dev.galasa.zossecurity.internal.properties.UseridBypassPassword;
import dev.galasa.zossecurity.internal.properties.UseridDefaultGroups;
import dev.galasa.zossecurity.internal.properties.UseridDefaultPassword;
import dev.galasa.zossecurity.internal.properties.UseridSysplexGroups;
import dev.galasa.zossecurity.internal.resources.RacfOutputProcessing;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:dev/galasa/zossecurity/internal/resources/ZosUseridImpl.class */
public class ZosUseridImpl implements IZosUserid {
    private static final Log logger = LogFactory.getLog(ZosUseridImpl.class);
    private final ZosSecurityImpl zosSecurity;
    private final String userid;
    private String password;
    private String passphrase;
    private final IZosImage image;
    private final String sysplexId;
    private final String runName;
    private final ArrayList<ZosGroupImpl> groups;
    private final Map<String, String> zosSecurityServerQueryParams;

    public ZosUseridImpl(ZosSecurityImpl zosSecurityImpl, String str, String str2, String str3, IZosImage iZosImage) {
        this.groups = new ArrayList<>();
        this.zosSecurityServerQueryParams = new HashMap();
        this.zosSecurity = zosSecurityImpl;
        this.userid = str;
        this.password = str2;
        this.passphrase = str3;
        this.image = iZosImage;
        this.sysplexId = iZosImage.getSysplexID();
        this.runName = zosSecurityImpl.getRunName();
        this.zosSecurityServerQueryParams.put("runid", zosSecurityImpl.getRunName());
    }

    public ZosUseridImpl(ZosSecurityImpl zosSecurityImpl, String str, String str2, String str3) {
        this.groups = new ArrayList<>();
        this.zosSecurityServerQueryParams = new HashMap();
        this.zosSecurity = zosSecurityImpl;
        this.userid = str;
        this.password = null;
        this.passphrase = null;
        this.image = null;
        this.sysplexId = str2;
        this.runName = str3;
        this.zosSecurityServerQueryParams.put("runid", this.runName);
    }

    @Override // dev.galasa.zossecurity.IZosUserid
    public void free() throws ZosSecurityManagerException {
        this.zosSecurity.dssFree(ZosSecurityImpl.ResourceType.ZOS_USERID.getName(), getUserid());
        logger.debug("zOS userid '" + getUserid() + "' was freed");
    }

    @Override // dev.galasa.zossecurity.IZosUserid
    public String getUserid() {
        return this.userid;
    }

    @Override // dev.galasa.zossecurity.IZosUserid
    public String getPassword() {
        return this.password;
    }

    @Override // dev.galasa.zossecurity.IZosUserid
    public String getPassphrase() {
        return this.passphrase;
    }

    @Override // dev.galasa.zossecurity.IZosUserid
    public IZosImage getZosImage() {
        return this.image;
    }

    @Override // dev.galasa.zossecurity.IZosUserid
    public void setPassword(String str, String str2) throws ZosSecurityManagerException {
        setPassword(str, str2, false);
    }

    @Override // dev.galasa.zossecurity.IZosUserid
    public void setPassword(String str, String str2, boolean z) throws ZosSecurityManagerException {
        if (str == null || str.trim().isEmpty()) {
            throw new ZosSecurityManagerException("A password must always be provided");
        }
        String trim = str.trim();
        if (str2 != null) {
            str2 = str2.trim();
            if (str2.isEmpty()) {
                str2 = null;
            }
        }
        this.password = trim;
        this.passphrase = str2;
        StringBuilder sb = new StringBuilder();
        sb.append("PASSWORD(");
        sb.append(trim);
        sb.append(") ");
        if (str2 == null) {
            sb.append("NOPHRASE ");
        } else {
            sb.append("PHRASE('");
            sb.append(str2);
            sb.append("') ");
        }
        if (z) {
            sb.append("EXPIRED ");
        } else {
            sb.append("NOEXPIRED ");
        }
        try {
            JsonObject jsonObject = new JsonObject();
            jsonObject.addProperty("parameters", "PASSWORD(" + trim + ")");
            RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.PUT, "/api/userid/" + this.userid, this.zosSecurityServerQueryParams, jsonObject), RacfOutputProcessing.COMMAND.ALTUSER, getUserid(), this.zosSecurity.isOutputReporting());
            JsonObject jsonObject2 = new JsonObject();
            jsonObject2.addProperty("parameters", sb.toString());
            RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.PUT, "/api/userid/" + this.userid, this.zosSecurityServerQueryParams, jsonObject2), RacfOutputProcessing.COMMAND.ALTUSER, getUserid(), this.zosSecurity.isOutputReporting());
        } catch (ZosSecurityManagerException e) {
            throw new ZosSecurityManagerException("ALTUSER of " + this.userid + " failed", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setKerbname(String str) throws ZosSecurityManagerException {
        if (str != null && str.trim().isEmpty()) {
            str = null;
        }
        if (str != null) {
            str = str.trim();
        }
        StringBuilder sb = new StringBuilder();
        if (str == null || !str.equals("NOKERB")) {
            sb.append("KERB(");
            if (str != null) {
                sb.append("KERBNAME('");
                sb.append(str);
                sb.append("')");
            } else {
                sb.append("NOKERBNAME");
            }
            sb.append(") PASSWORD(");
            sb.append(this.password);
            sb.append(") NOEXPIRE");
        } else {
            sb.append(str);
        }
        try {
            JsonObject jsonObject = new JsonObject();
            jsonObject.addProperty("parameters", sb.toString());
            RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.PUT, "/api/userid/" + this.userid, this.zosSecurityServerQueryParams, jsonObject), RacfOutputProcessing.COMMAND.ALTUSER, getUserid(), this.zosSecurity.isOutputReporting());
            if (this.zosSecurity.isResourceReporting()) {
                String listUser = listUser();
                if (!this.zosSecurity.isOutputReporting()) {
                    logger.debug("Updated LISTUSER of '" + this.userid + "' \n" + listUser);
                }
            }
        } catch (ZosSecurityManagerException e) {
            throw new ZosSecurityManagerException("ALTUSER of " + this.userid + " failed", e);
        }
    }

    @Override // dev.galasa.zossecurity.IZosUserid
    public void revoke() throws ZosSecurityManagerException {
        try {
            JsonObject jsonObject = new JsonObject();
            jsonObject.addProperty("parameters", "REVOKE");
            RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.PUT, "/api/userid/" + this.userid, this.zosSecurityServerQueryParams, jsonObject), RacfOutputProcessing.COMMAND.ALTUSER, getUserid(), this.zosSecurity.isOutputReporting());
            if (this.zosSecurity.isResourceReporting()) {
                String listUser = listUser();
                if (!this.zosSecurity.isOutputReporting()) {
                    logger.debug("Updated LISTUSER of '" + this.userid + "' \n" + listUser);
                }
            }
        } catch (ZosSecurityManagerException e) {
            throw new ZosSecurityManagerException("ALTUSER of " + this.userid + " failed", e);
        }
    }

    @Override // dev.galasa.zossecurity.IZosUserid
    public void resume() throws ZosSecurityManagerException {
        try {
            JsonObject jsonObject = new JsonObject();
            jsonObject.addProperty("parameters", "RESUME");
            RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.PUT, "/api/userid/" + this.userid, this.zosSecurityServerQueryParams, jsonObject), RacfOutputProcessing.COMMAND.ALTUSER, getUserid(), this.zosSecurity.isOutputReporting());
            if (this.zosSecurity.isResourceReporting()) {
                String listUser = listUser();
                if (!this.zosSecurity.isOutputReporting()) {
                    logger.debug("Updated LISTUSER of '" + this.userid + "' \n" + listUser);
                }
            }
        } catch (ZosSecurityManagerException e) {
            throw new ZosSecurityManagerException("ALTUSER of " + this.userid + " failed", e);
        }
    }

    @Override // dev.galasa.zossecurity.IZosUserid
    public void connectToGroup(String str) throws ZosSecurityManagerException {
        try {
            RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.PUT, "/api/userid/" + this.userid + "/group/" + str, this.zosSecurityServerQueryParams, new JsonObject()), RacfOutputProcessing.COMMAND.CONNECT, getUserid(), this.zosSecurity.isOutputReporting());
            if (this.zosSecurity.isResourceReporting()) {
                String listUser = listUser();
                if (!this.zosSecurity.isOutputReporting()) {
                    logger.debug("Updated LISTUSER of '" + this.userid + "' \n" + listUser);
                }
            }
            boolean z = false;
            Iterator<ZosGroupImpl> it = this.groups.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                } else if (it.next().getGroupid().equalsIgnoreCase(str)) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                this.groups.add(new ZosGroupImpl(str));
                Collections.sort(this.groups);
            }
        } catch (ZosSecurityManagerException e) {
            throw new ZosSecurityManagerException("CONNECT of " + this.userid + " failed", e);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:14:0x00ae, code lost:
    
        r7.groups.remove(r0);
     */
    @Override // dev.galasa.zossecurity.IZosUserid
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void removeFromGroup(java.lang.String r8) throws dev.galasa.zossecurity.ZosSecurityManagerException {
        /*
            Method dump skipped, instructions count: 234
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: dev.galasa.zossecurity.internal.resources.ZosUseridImpl.removeFromGroup(java.lang.String):void");
    }

    @Override // dev.galasa.zossecurity.IZosUserid
    public IZosGroup[] getConnectedGroups() {
        return (IZosGroup[]) this.groups.toArray(new IZosGroup[this.groups.size()]);
    }

    @Override // dev.galasa.zossecurity.IZosUserid
    public void setWhen(String str, String str2) throws ZosSecurityManagerException {
        if (str != null) {
            str = str.trim();
        }
        if (str2 != null) {
            str2 = str2.trim();
        }
        StringBuilder sb = new StringBuilder();
        sb.append("WHEN(");
        if (str != null) {
            sb.append(" DAYS(");
            sb.append(str);
            sb.append(")");
        }
        if (str2 != null) {
            sb.append(" TIME(");
            sb.append(str2);
            sb.append(")");
        }
        sb.append(")");
        try {
            JsonObject jsonObject = new JsonObject();
            jsonObject.addProperty("parameters", sb.toString());
            RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.PUT, "/api/userid/" + this.userid, this.zosSecurityServerQueryParams, jsonObject), RacfOutputProcessing.COMMAND.ALTUSER, getUserid(), this.zosSecurity.isOutputReporting());
            if (this.zosSecurity.isResourceReporting()) {
                String listUser = listUser();
                if (!this.zosSecurity.isOutputReporting()) {
                    logger.debug("Updated LISTUSER of '" + this.userid + "' \n" + listUser);
                }
            }
        } catch (ZosSecurityManagerException e) {
            throw new ZosSecurityManagerException("ALTUSER of " + this.userid + " failed", e);
        }
    }

    public String listUser() throws ZosSecurityManagerException {
        try {
            HashMap hashMap = new HashMap(this.zosSecurityServerQueryParams);
            hashMap.put("omvs", "true");
            hashMap.put("kerb", "true");
            return RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.GET, "/api/userid/" + this.userid, hashMap, null), RacfOutputProcessing.COMMAND.LISTUSER, getUserid(), this.zosSecurity.isOutputReporting()).get("output").getAsString();
        } catch (ZosSecurityManagerException e) {
            throw e;
        } catch (Exception e2) {
            throw new ZosSecurityManagerException("LISTUSER of " + this.userid + " failed", e2);
        }
    }

    private List<String> parseConnectedGroups(String str) {
        Matcher matcher = Pattern.compile("[^-]GROUP=(\\S*)").matcher(str);
        ArrayList arrayList = new ArrayList();
        while (matcher.find()) {
            arrayList.add(matcher.group(1));
        }
        return arrayList;
    }

    public String toString() {
        return "[zOS Security Userid] " + this.userid;
    }

    public static ZosUseridImpl allocateUserId(ZosSecurityImpl zosSecurityImpl) throws ZosSecurityManagerException {
        String useridFromPool = zosSecurityImpl.getUseridFromPool(zosSecurityImpl.createUserid());
        String str = UseridDefaultPassword.get();
        boolean z = UseridBypassPassword.get();
        ZosUseridImpl zosUseridImpl = new ZosUseridImpl(zosSecurityImpl, useridFromPool, str, null, zosSecurityImpl.getZosImage());
        logger.debug("zOS Userid '" + zosUseridImpl.getUserid() + "' was allocated to this run");
        if (zosSecurityImpl.createUserid()) {
            zosUseridImpl.createUseridInRACF(true);
            Iterator<String> it = zosSecurityImpl.getUseridGroups().iterator();
            while (it.hasNext()) {
                zosUseridImpl.connectToGroup(it.next());
            }
        }
        if (!z) {
            zosUseridImpl.setPassword(str, null, false);
        }
        String listUser = zosUseridImpl.listUser();
        Iterator<String> it2 = zosUseridImpl.parseConnectedGroups(listUser).iterator();
        while (it2.hasNext()) {
            zosUseridImpl.groups.add(new ZosGroupImpl(it2.next()));
        }
        Collections.sort(zosUseridImpl.groups);
        if (zosSecurityImpl.isResourceReporting() && !zosSecurityImpl.isOutputReporting()) {
            logger.debug("LISTUSER of '" + zosUseridImpl.getUserid() + "' \n" + listUser);
        }
        return zosUseridImpl;
    }

    protected void createUseridInRACF(boolean z) throws ZosSecurityManagerException {
        try {
            JsonObject jsonObject = new JsonObject();
            jsonObject.addProperty("parameters", "PASSWORD(P" + RandomStringUtils.random(14, true, true) + ") DFLTGRP(" + this.zosSecurity.getUseridDefaultGroup() + ") ");
            RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.POST, "/api/userid/" + getUserid(), this.zosSecurityServerQueryParams, jsonObject), RacfOutputProcessing.COMMAND.ADDUSER, getUserid(), this.zosSecurity.isOutputReporting());
            if (z && this.zosSecurity.isResourceReporting()) {
                String listUser = listUser();
                if (!this.zosSecurity.isOutputReporting()) {
                    logger.debug("Updated LISTUSER of " + getUserid() + "' \n" + listUser);
                }
            }
        } catch (ZosSecurityManagerException e) {
            throw new ZosSecurityManagerException("ADDUSER of " + getUserid() + " failed", e);
        }
    }

    @Override // dev.galasa.zossecurity.IZosUserid
    public void delete() throws ZosSecurityManagerException {
        if (this.zosSecurity.createUserid()) {
            try {
                new JsonObject().addProperty("parameters", "");
                try {
                    RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.DELETE, "/api/userid/" + getUserid(), this.zosSecurityServerQueryParams, null), RacfOutputProcessing.COMMAND.DELUSER, getUserid(), this.zosSecurity.isOutputReporting());
                } catch (UseridNotFoundException e) {
                }
            } catch (Exception e2) {
                throw new ZosSecurityManagerException("DELUSER of " + getUserid() + " failed", e2);
            }
        } else {
            cleanup();
        }
        this.zosSecurity.dssUnregister(ZosSecurityImpl.ResourceType.ZOS_USERID.getName(), getUserid(), this.sysplexId, this.runName);
    }

    protected void cleanup() {
        try {
            if (!UseridBypassCleanup.get()) {
                String str = UseridDefaultPassword.get();
                List<String> list = UseridDefaultGroups.get();
                list.addAll(UseridSysplexGroups.get(this.sysplexId));
                String listUser = listUser();
                ArrayList<String> parseUseridGroups = parseUseridGroups(listUser);
                for (String str2 : list) {
                    if (!parseUseridGroups.remove(str2)) {
                        removeFromGroup(str2);
                    }
                }
                Iterator<String> it = parseUseridGroups.iterator();
                while (it.hasNext()) {
                    removeFromGroup(it.next());
                }
                if (listUser.contains("REVOKED")) {
                    resume();
                }
                setPassword(str, null);
                setWhen("ANYDAY", "ANYTIME");
                setKerbname("NOKERB");
                Iterator<String> it2 = parseCertificates(listCertificates()).iterator();
                while (it2.hasNext()) {
                    new ZosCertificateImpl(this.zosSecurity, "NONE", getUserid(), it2.next(), this.sysplexId, null).delete();
                }
                Iterator<String> it3 = parseKeyrings(listKeyrings()).iterator();
                while (it3.hasNext()) {
                    new ZosKeyringImpl(this.zosSecurity, getUserid(), it3.next(), this.sysplexId, null).delete();
                }
                Iterator<String> it4 = parseIdMaps(listIdMaps()).iterator();
                while (it4.hasNext()) {
                    new ZosIdMapImpl(this.zosSecurity, getUserid(), it4.next(), this.sysplexId, null).delete();
                }
            }
            logger.info("zOS Security Userid '" + getUserid() + "' has been cleaned");
        } catch (Exception e) {
            if (e.getMessage() == null || !e.getMessage().contains("Connection refused")) {
                logger.error("Failed to clean " + getUserid(), e);
            } else {
                logger.error("RACF Server is down on sysplex " + this.sysplexId + " could not cleanup " + getUserid());
            }
        }
    }

    private String listCertificates() throws ZosSecurityManagerException {
        try {
            return RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.GET, "/api/userid/" + getUserid() + "/certificates", this.zosSecurityServerQueryParams, null), RacfOutputProcessing.COMMAND.RACDCERT_LIST, getUserid(), this.zosSecurity.isOutputReporting()).get("output").getAsString();
        } catch (ZosSecurityManagerException e) {
            throw new ZosSecurityManagerException("RACDCERT LIST of " + getUserid() + " failed", e);
        }
    }

    private String listKeyrings() throws ZosSecurityManagerException {
        try {
            return RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.GET, "/api/userid/" + getUserid() + "/keyrings", this.zosSecurityServerQueryParams, null), RacfOutputProcessing.COMMAND.RACDCERT_LIST, getUserid(), this.zosSecurity.isOutputReporting()).get("output").getAsString();
        } catch (ZosSecurityManagerException e) {
            throw new ZosSecurityManagerException("RACDCERT LISTRING of " + getUserid() + " failed", e);
        }
    }

    private String listIdMaps() throws ZosSecurityManagerException {
        try {
            return RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.GET, "/api/userid/" + getUserid() + "/idmaps", this.zosSecurityServerQueryParams, null), RacfOutputProcessing.COMMAND.RACDCERT_LIST, getUserid(), this.zosSecurity.isOutputReporting()).get("output").getAsString();
        } catch (ZosSecurityManagerException e) {
            throw new ZosSecurityManagerException("RACMAP LISTMAP of " + getUserid() + " failed", e);
        }
    }

    private ArrayList<String> parseUseridGroups(String str) {
        Matcher matcher = Pattern.compile("[^-]GROUP=(\\S*)").matcher(str);
        ArrayList<String> arrayList = new ArrayList<>();
        while (matcher.find()) {
            arrayList.add(matcher.group(1));
        }
        return arrayList;
    }

    private ArrayList<String> parseCertificates(String str) {
        Matcher matcher = Pattern.compile("Label:\\s*([\\w\\-\\s]+)$", 8).matcher(str);
        ArrayList<String> arrayList = new ArrayList<>();
        while (matcher.find()) {
            arrayList.add(matcher.group(1).trim());
        }
        return arrayList;
    }

    private ArrayList<String> parseKeyrings(String str) {
        Matcher matcher = Pattern.compile("Ring:\\s*[\\r]?\\n\\s*>(\\S+\\*?)<").matcher(str);
        ArrayList<String> arrayList = new ArrayList<>();
        while (matcher.find()) {
            arrayList.add(matcher.group(1).trim());
        }
        return arrayList;
    }

    private ArrayList<String> parseIdMaps(String str) {
        Matcher matcher = Pattern.compile("Label:\\s*([\\w\\s]+)$", 8).matcher(str);
        ArrayList<String> arrayList = new ArrayList<>();
        while (matcher.find()) {
            arrayList.add(matcher.group(1).trim());
        }
        return arrayList;
    }
}
