package com.evolveum.midpoint.web.page.self.component;

import com.evolveum.midpoint.authentication.api.util.AuthUtil;
import com.evolveum.midpoint.gui.api.component.BasePanel;
import com.evolveum.midpoint.gui.api.page.PageBase;
import com.evolveum.midpoint.gui.api.util.WebComponentUtil;
import com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.crypto.EncryptionException;
import com.evolveum.midpoint.prism.crypto.Protector;
import com.evolveum.midpoint.prism.delta.ObjectDelta;
import com.evolveum.midpoint.prism.path.ItemPath;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.schema.util.MiscSchemaUtil;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.util.logging.LoggingUtils;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.web.component.AjaxSubmitButton;
import com.evolveum.midpoint.web.page.admin.home.component.MyPasswordQuestionsPanel;
import com.evolveum.midpoint.web.page.admin.home.dto.PasswordQuestionsDto;
import com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionDefinitionType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
import com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.markup.html.list.ListItem;
import org.apache.wicket.markup.html.list.ListView;
import org.apache.wicket.model.IModel;
import org.apache.wicket.model.Model;

/* loaded from: input_file:BOOT-INF/lib/admin-gui-4.9.3.jar:com/evolveum/midpoint/web/page/self/component/SecurityQuestionsPanel.class */
public class SecurityQuestionsPanel extends BasePanel<PasswordQuestionsDto> {
    private static final long serialVersionUID = 1;
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) SecurityQuestionsPanel.class);
    private static final String DOT_CLASS = SecurityQuestionsPanel.class.getName() + ".";
    private static final String OPERATION_LOAD_USER = DOT_CLASS + "loaduser";
    private static final String OPERATION_LOAD_QUESTION_POLICY = DOT_CLASS + "LOAD Question Policy";
    private static final String OPERATION_SAVE_QUESTIONS = DOT_CLASS + "saveSecurityQuestions";
    private static final String ID_SECURITY_QUESTIONS_PANEL = "pwdQuestionsPanel";
    private static final String ID_QUESTION_ANSWER_PANEL = "questionAnswerPanel";
    private static final String ID_SAVE_ANSWERS = "saveAnswers";

    public SecurityQuestionsPanel(String str, IModel<PasswordQuestionsDto> iModel) {
        super(str, iModel);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.wicket.MarkupContainer, org.apache.wicket.Component
    public void onInitialize() {
        super.onInitialize();
        initSecurityQuestionsModel();
        initLayout();
    }

    private void initSecurityQuestionsModel() {
        if (getModelObject() == null) {
            getModel().setObject(loadPageModel());
        }
    }

    private PasswordQuestionsDto loadPageModel() {
        LOGGER.debug("Loading user for Security Question Page.");
        GuiProfiledPrincipal principalUser = AuthUtil.getPrincipalUser();
        PasswordQuestionsDto passwordQuestionsDto = new PasswordQuestionsDto(principalUser.getOid());
        OperationResult operationResult = new OperationResult(OPERATION_LOAD_USER);
        try {
            try {
                Task createSimpleTask = getPageBase().createSimpleTask(OPERATION_LOAD_USER);
                OperationResult createSubresult = operationResult.createSubresult(OPERATION_LOAD_USER);
                passwordQuestionsDto.setUserQuestionAnswers(createUsersSecurityQuestionsList(getPageBase().getModelService().getObject(UserType.class, principalUser.getOid(), null, createSimpleTask, createSubresult)));
                createSubresult.recordSuccessIfUnknown();
                operationResult.recomputeStatus();
            } catch (Exception e) {
                LoggingUtils.logExceptionOnDebugLevel(LOGGER, "Couldn't get user Questions, Probably not set yet", e, new Object[0]);
                operationResult.recomputeStatus();
            }
            CredentialsPolicyType credentials = principalUser.getApplicableSecurityPolicy().getCredentials();
            List<SecurityQuestionDefinitionType> arrayList = new ArrayList();
            if (credentials == null || credentials.getSecurityQuestions() == null) {
                LOGGER.debug("Couldn't load credentials for security questions");
            } else {
                arrayList = getEnabledSecurityQuestions(credentials);
            }
            OperationResult operationResult2 = new OperationResult(OPERATION_LOAD_QUESTION_POLICY);
            try {
                List<SecurityQuestionAnswerDTO> userQuestionAnswers = passwordQuestionsDto.getUserQuestionAnswers();
                int size = arrayList.size();
                if (userQuestionAnswers == null) {
                    passwordQuestionsDto.getActualQuestionAnswers().addAll(executeAddingQuestions(size, 0, arrayList));
                } else if (size > userQuestionAnswers.size()) {
                    passwordQuestionsDto.getActualQuestionAnswers().addAll(executePasswordQuestionsAndAnswers(userQuestionAnswers, arrayList, userQuestionAnswers.size()));
                    passwordQuestionsDto.getActualQuestionAnswers().addAll(executeAddingQuestions(size - userQuestionAnswers.size(), userQuestionAnswers.size(), arrayList));
                } else {
                    passwordQuestionsDto.getActualQuestionAnswers().addAll(executePasswordQuestionsAndAnswers(userQuestionAnswers, arrayList, 0));
                }
            } catch (Exception e2) {
                operationResult2.recordFatalError(getString("PageMyPasswordQuestions.message.couldNotLoadSysConfig"), e2);
            }
            return passwordQuestionsDto;
        } catch (Throwable th) {
            operationResult.recomputeStatus();
            throw th;
        }
    }

    public List<SecurityQuestionAnswerDTO> createUsersSecurityQuestionsList(PrismObject<UserType> prismObject) {
        List<SecurityQuestionAnswerType> questionAnswer;
        LOGGER.debug("Security Questions Loading for user: " + prismObject.getOid());
        if (prismObject.asObjectable().getCredentials() == null || prismObject.asObjectable().getCredentials().getSecurityQuestions() == null || (questionAnswer = prismObject.asObjectable().getCredentials().getSecurityQuestions().getQuestionAnswer()) == null) {
            return null;
        }
        LOGGER.debug("User SecurityQuestion ANswer List is Not null");
        ArrayList arrayList = new ArrayList();
        for (SecurityQuestionAnswerType securityQuestionAnswerType : questionAnswer) {
            Protector defaultProtector = getPrismContext().getDefaultProtector();
            String str = "";
            if (securityQuestionAnswerType.getQuestionAnswer().getEncryptedDataType() != null) {
                try {
                    str = defaultProtector.decryptString(securityQuestionAnswerType.getQuestionAnswer());
                } catch (EncryptionException e) {
                    LoggingUtils.logUnexpectedException(LOGGER, "Couldn't decrypt user answer", e, new Object[0]);
                }
            }
            arrayList.add(new SecurityQuestionAnswerDTO(securityQuestionAnswerType.getQuestionIdentifier(), str));
        }
        return arrayList;
    }

    public void initLayout() {
        add(new ListView<SecurityQuestionAnswerDTO>(ID_SECURITY_QUESTIONS_PANEL, getModelObject().getActualQuestionAnswers()) { // from class: com.evolveum.midpoint.web.page.self.component.SecurityQuestionsPanel.1
            private static final long serialVersionUID = 1;

            @Override // org.apache.wicket.markup.html.list.ListView
            protected void populateItem(ListItem<SecurityQuestionAnswerDTO> listItem) {
                listItem.add(new MyPasswordQuestionsPanel(SecurityQuestionsPanel.ID_QUESTION_ANSWER_PANEL, Model.of(listItem.getModelObject())));
            }
        });
        AjaxSubmitButton ajaxSubmitButton = new AjaxSubmitButton(ID_SAVE_ANSWERS, createStringResource("SecurityQuestionsPanel.saveAnswers", new Object[0])) { // from class: com.evolveum.midpoint.web.page.self.component.SecurityQuestionsPanel.2
            private static final long serialVersionUID = 1;

            @Override // org.apache.wicket.ajax.markup.html.form.AjaxSubmitLink
            public void onSubmit(AjaxRequestTarget ajaxRequestTarget) {
                SecurityQuestionsPanel.this.onSavePerformed(ajaxRequestTarget);
            }
        };
        ajaxSubmitButton.setOutputMarkupId(true);
        add(ajaxSubmitButton);
    }

    private List<SecurityQuestionDefinitionType> getEnabledSecurityQuestions(CredentialsPolicyType credentialsPolicyType) {
        List<SecurityQuestionDefinitionType> question = credentialsPolicyType.getSecurityQuestions().getQuestion();
        ArrayList arrayList = new ArrayList();
        for (SecurityQuestionDefinitionType securityQuestionDefinitionType : question) {
            if (!Boolean.FALSE.equals(securityQuestionDefinitionType.isEnabled())) {
                arrayList.add(securityQuestionDefinitionType);
            }
        }
        return arrayList;
    }

    public List<SecurityQuestionAnswerDTO> executeAddingQuestions(int i, int i2, List<SecurityQuestionDefinitionType> list) {
        LOGGER.debug("executeAddingQuestions");
        ArrayList arrayList = new ArrayList();
        for (int i3 = 0; i3 < i; i3++) {
            SecurityQuestionDefinitionType securityQuestionDefinitionType = list.get(i2);
            arrayList.add(new SecurityQuestionAnswerDTO(securityQuestionDefinitionType.getIdentifier(), "", securityQuestionDefinitionType.getQuestionText()));
            i2++;
        }
        return arrayList;
    }

    public List<SecurityQuestionAnswerDTO> executePasswordQuestionsAndAnswers(List<SecurityQuestionAnswerDTO> list, List<SecurityQuestionDefinitionType> list2, int i) {
        int i2 = 0;
        LOGGER.debug("executePasswordQuestionsAndAnswers");
        ArrayList arrayList = new ArrayList();
        for (SecurityQuestionDefinitionType securityQuestionDefinitionType : list2) {
            int i3 = i2;
            while (true) {
                if (i3 < list.size()) {
                    SecurityQuestionAnswerDTO securityQuestionAnswerDTO = list.get(i3);
                    if (securityQuestionAnswerDTO.getPwdQuestionIdentifier().trim().compareTo(securityQuestionDefinitionType.getIdentifier().trim()) == 0) {
                        arrayList.add(checkIfQuestionIsValidSingle(new SecurityQuestionAnswerDTO(securityQuestionAnswerDTO.getPwdQuestionIdentifier(), securityQuestionAnswerDTO.getPwdAnswer(), securityQuestionAnswerDTO.getPwdQuestion()), securityQuestionDefinitionType));
                        i++;
                        i2++;
                        break;
                    }
                    if (securityQuestionAnswerDTO.getPwdQuestionIdentifier().trim().compareTo(securityQuestionDefinitionType.getIdentifier().trim()) != 0) {
                        SecurityQuestionDefinitionType securityQuestionDefinitionType2 = list2.get(i);
                        SecurityQuestionAnswerDTO securityQuestionAnswerDTO2 = new SecurityQuestionAnswerDTO(securityQuestionDefinitionType2.getIdentifier(), "", securityQuestionDefinitionType2.getQuestionText());
                        securityQuestionAnswerDTO2.setPwdQuestion(securityQuestionDefinitionType.getQuestionText());
                        arrayList.add(securityQuestionAnswerDTO2);
                        securityQuestionAnswerDTO.setPwdQuestionIdentifier(securityQuestionDefinitionType.getIdentifier().trim());
                        i++;
                        i2++;
                        break;
                    }
                    i3++;
                }
            }
        }
        return arrayList;
    }

    private SecurityQuestionAnswerDTO checkIfQuestionIsValidSingle(SecurityQuestionAnswerDTO securityQuestionAnswerDTO, SecurityQuestionDefinitionType securityQuestionDefinitionType) {
        if (securityQuestionDefinitionType.getIdentifier().trim().compareTo(securityQuestionAnswerDTO.getPwdQuestionIdentifier().trim()) != 0) {
            return null;
        }
        securityQuestionAnswerDTO.setPwdQuestion(securityQuestionDefinitionType.getQuestionText());
        return securityQuestionAnswerDTO;
    }

    public void onSavePerformed(AjaxRequestTarget ajaxRequestTarget) {
        Task createSimpleTask = getPageBase().createSimpleTask(OPERATION_SAVE_QUESTIONS);
        OperationResult operationResult = new OperationResult(OPERATION_SAVE_QUESTIONS);
        ArrayList arrayList = new ArrayList();
        try {
            for (SecurityQuestionAnswerDTO securityQuestionAnswerDTO : getModelObject().getActualQuestionAnswers()) {
                SecurityQuestionAnswerType securityQuestionAnswerType = new SecurityQuestionAnswerType();
                ProtectedStringType protectedStringType = new ProtectedStringType();
                if (!StringUtils.isEmpty(securityQuestionAnswerDTO.getPwdAnswer())) {
                    protectedStringType.setClearValue(securityQuestionAnswerDTO.getPwdAnswer());
                    if (!protectedStringType.isEncrypted()) {
                        WebComponentUtil.encryptProtectedString(protectedStringType, true, getPageBase().getMidpointApplication());
                    }
                    securityQuestionAnswerType.setQuestionAnswer(protectedStringType);
                    securityQuestionAnswerType.setQuestionIdentifier(securityQuestionAnswerDTO.getPwdQuestionIdentifier());
                    arrayList.add(securityQuestionAnswerType);
                }
            }
            getPageBase().getModelService().executeChanges(MiscSchemaUtil.createCollection((ObjectDelta<?>[]) new ObjectDelta[]{getPrismContext().deltaFactory().object().createModificationReplaceContainer(UserType.class, getModelObject().getFocusOid(), ItemPath.create(UserType.F_CREDENTIALS, CredentialsType.F_SECURITY_QUESTIONS, SecurityQuestionsCredentialsType.F_QUESTION_ANSWER), (SecurityQuestionAnswerType[]) arrayList.toArray(new SecurityQuestionAnswerType[arrayList.size()]))}), null, createSimpleTask, operationResult);
            success(getString("message.success"));
            ajaxRequestTarget.add(getPageBase().getFeedbackPanel());
        } catch (Exception e) {
            error(getString("message.error"));
            ajaxRequestTarget.add(getPageBase().getFeedbackPanel());
            e.printStackTrace();
        }
    }

    @Override // com.evolveum.midpoint.gui.api.component.BasePanel
    public PageBase getPageBase() {
        return (PageBase) getPage();
    }
}
