package se.vgregion.accountmanagement.passwordchange.service;

import com.liferay.portal.kernel.messaging.Message;
import com.liferay.portal.kernel.messaging.MessageBusException;
import com.liferay.portal.kernel.messaging.MessageBusUtil;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Timer;
import java.util.TimerTask;
import javax.naming.NamingException;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.ModificationItem;
import javax.xml.bind.DatatypeConverter;
import javax.xml.bind.JAXBException;
import net.sf.ehcache.Ehcache;
import net.sf.ehcache.Element;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import se.vgregion.accountmanagement.domain.DominoResponse;
import se.vgregion.accountmanagement.passwordchange.PasswordChangeException;
import se.vgregion.http.HttpRequest;
import se.vgregion.ldapservice.SimpleLdapServiceImpl;
import se.vgregion.ldapservice.SimpleLdapUser;
import se.vgregion.portal.cs.domain.UserSiteCredential;
import se.vgregion.portal.cs.service.CredentialService;
import se.vgregion.util.JaxbUtil;

@Service
/* loaded from: input_file:se/vgregion/accountmanagement/passwordchange/service/PasswordChangeService.class */
public class PasswordChangeService {
    private static final Logger LOGGER = LoggerFactory.getLogger(PasswordChangeService.class);

    @Autowired
    private Ehcache ehcache;

    @Autowired
    private CredentialService credentialService;

    @Autowired
    private SimpleLdapServiceImpl simpleLdapService;

    @Value("${changepassword.messagebus.destination}")
    private String changePasswordMessagebusDestination;

    @Value("${verifypassword.messagebus.destination}")
    private String verifyPasswordMessagebusDestination;

    @Value("${admin_authentication.username}")
    private String adminUsername;

    @Value("${admin_authentication.password}")
    private String adminPassword;

    @Value("${BASE}")
    private String base;
    private final int defaultLimit = 900;
    private int limit = 900;
    private final int defaultDelay = 10000;
    private int delay = 10000;

    public PasswordChangeService(SimpleLdapServiceImpl simpleLdapServiceImpl) {
        this.simpleLdapService = simpleLdapServiceImpl;
    }

    public PasswordChangeService() {
    }

    public void setLimit(int i) {
        this.limit = i;
    }

    public void setDelay(int i) {
        this.delay = i;
    }

    public Long lookupSecondsElapsed(String str) {
        Element element = this.ehcache.get(str);
        Long l = null;
        if (element != null) {
            l = Long.valueOf((System.currentTimeMillis() - element.getLatestOfCreationAndUpdateTime()) / 1000);
        }
        return l;
    }

    void notifyPasswordChange(String str, String str2) {
        this.ehcache.put(new Element(str, str2));
    }

    public void updateDominoLdapAndInotes(String str, String str2) throws PasswordChangeException {
        try {
            setDominoAndLdapPassword(str2, str);
            verifyPasswordWasModifiedInLdap(str, str2);
            notifyPasswordChange(str, str2);
            monitorPasswordUpdateAndUpdateInotes(str, str2);
        } catch (PasswordChangeException e) {
            throw new PasswordChangeException("Anropet misslyckades.", e);
        } catch (MessageBusException e2) {
            throw new PasswordChangeException("Tekniskt fel. Försök igen senare.", e2);
        }
    }

    protected void monitorPasswordUpdateAndUpdateInotes(final String str, final String str2) {
        final Timer timer = new Timer();
        timer.scheduleAtFixedRate(new TimerTask() { // from class: se.vgregion.accountmanagement.passwordchange.service.PasswordChangeService.1
            @Override // java.util.TimerTask, java.lang.Runnable
            public void run() {
                if (PasswordChangeService.this.verifyUserPassword(str, str2)) {
                    PasswordChangeService.LOGGER.info("Password has been updated in Domino, so update CSIframe iNotes password.");
                    PasswordChangeService.this.updateCredentialStoreInotes(str, str2);
                    timer.cancel();
                    PasswordChangeService.this.ehcache.remove(str);
                    return;
                }
                PasswordChangeService.LOGGER.debug("Password is not yet updated in Domino. Will check again.");
                if (((float) (System.currentTimeMillis() - PasswordChangeService.this.ehcache.get(str).getLatestOfCreationAndUpdateTime())) / 1000.0f > PasswordChangeService.this.limit) {
                    PasswordChangeService.LOGGER.info("Domino password has not been updated for " + PasswordChangeService.this.limit + " seconds. Giving up.");
                    PasswordChangeService.this.ehcache.remove(str);
                    timer.cancel();
                }
            }
        }, this.delay, this.delay);
    }

    boolean verifyUserPassword(String str, String str2) {
        Message message = new Message();
        String format = String.format("Openagent&username=%s&password=%s", str, str2);
        HttpRequest httpRequest = new HttpRequest();
        httpRequest.setQueryByString(format);
        message.setPayload(httpRequest);
        try {
            Object sendSynchronousMessage = MessageBusUtil.sendSynchronousMessage(this.verifyPasswordMessagebusDestination, message, 15000L);
            if (sendSynchronousMessage == null) {
                throw new MessageBusException("No reply was given. Is destination [" + this.verifyPasswordMessagebusDestination + "] really configured?");
            }
            if (!(sendSynchronousMessage instanceof String)) {
                if (sendSynchronousMessage instanceof Throwable) {
                    throw new MessageBusException((Throwable) sendSynchronousMessage);
                }
                return false;
            }
            try {
                return ((DominoResponse) new JaxbUtil(new Class[]{DominoResponse.class}).unmarshal((String) sendSynchronousMessage)).getStatusmessage().equals("1");
            } catch (JAXBException e) {
                LOGGER.error("Failed to parse reply: " + System.getProperty("line.separator") + sendSynchronousMessage, e);
                return false;
            }
        } catch (MessageBusException e2) {
            e2.printStackTrace();
            return false;
        }
    }

    protected void setDominoAndLdapPassword(String str, String str2) throws PasswordChangeException, MessageBusException {
        Message message = new Message();
        String format = String.format("Openagent&username=%s&password=%s&adminUserName=%s&adminPassword=%s", str2, str, this.adminUsername, this.adminPassword);
        HttpRequest httpRequest = new HttpRequest();
        httpRequest.setQueryByString(format);
        message.setPayload(httpRequest);
        Object sendSynchronousMessage = MessageBusUtil.sendSynchronousMessage(this.changePasswordMessagebusDestination, message, 15000L);
        if (sendSynchronousMessage == null) {
            throw new MessageBusException("No reply was given. Is destination [" + this.changePasswordMessagebusDestination + "] really configured?");
        }
        if (!(sendSynchronousMessage instanceof String)) {
            if (sendSynchronousMessage instanceof Throwable) {
                throw new MessageBusException((Throwable) sendSynchronousMessage);
            }
            return;
        }
        try {
            DominoResponse dominoResponse = (DominoResponse) new JaxbUtil(new Class[]{DominoResponse.class}).unmarshal((String) sendSynchronousMessage);
            if (dominoResponse.getStatuscode().intValue() != 1) {
                throw new PasswordChangeException("Misslyckades att sätta lösenord i Domino. " + dominoResponse.getStatusmessage());
            }
        } catch (JAXBException e) {
            throw new PasswordChangeException((Throwable) e);
        }
    }

    void updateCredentialStoreInotes(String str, String str2) {
        UserSiteCredential userSiteCredential = this.credentialService.getUserSiteCredential(str, "iNotes");
        if (userSiteCredential == null) {
            userSiteCredential = new UserSiteCredential(str, "iNotes");
        }
        userSiteCredential.setSitePassword(str2);
        userSiteCredential.setSiteUser(str);
        this.credentialService.save(userSiteCredential);
    }

    public void setPasswordInLdap(String str, String str2) throws PasswordChangeException {
        SimpleLdapUser ldapUserByUid = this.simpleLdapService.getLdapUserByUid(this.base, str);
        if (ldapUserByUid == null) {
            throw new PasswordChangeException("Din användare kunde inte hittas i katalogservern.");
        }
        this.simpleLdapService.getLdapTemplate().getLdapOperations().modifyAttributes(ldapUserByUid.getDn(), new ModificationItem[]{new ModificationItem(2, new BasicAttribute("userPassword", encryptWithSha(str2)))});
    }

    String encryptWithSha(String str) {
        String str2 = null;
        try {
            str2 = "{SHA}" + DatatypeConverter.printBase64Binary(MessageDigest.getInstance("SHA").digest(str.getBytes("UTF-8")));
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
        }
        return str2;
    }

    public void verifyPasswordWasModifiedInLdap(String str, String str2) throws PasswordChangeException {
        try {
            if (encryptWithSha(str2).equals(new String((byte[]) this.simpleLdapService.getLdapUserByUid(this.base, str).getAttributes(new String[]{"userPassword"}).get("userPassword").get(), "UTF-8"))) {
            } else {
                throw new PasswordChangeException("Lyckades inte byta lösenord i KIV.");
            }
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        } catch (NamingException e2) {
            throw new PasswordChangeException((Throwable) e2);
        }
    }

    public boolean isPasswordUpdateInProgress(String str) {
        return this.ehcache.get(str) != null;
    }
}
