package com.evolveum.midpoint.web.page.admin.home;

import com.evolveum.midpoint.gui.api.model.LoadableModel;
import com.evolveum.midpoint.gui.api.page.PageBase;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.crypto.EncryptionException;
import com.evolveum.midpoint.prism.crypto.Protector;
import com.evolveum.midpoint.prism.delta.ObjectDelta;
import com.evolveum.midpoint.prism.path.ItemPath;
import com.evolveum.midpoint.schema.GetOperationOptions;
import com.evolveum.midpoint.schema.RetrieveOption;
import com.evolveum.midpoint.schema.SelectorOptions;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.schema.util.MiscSchemaUtil;
import com.evolveum.midpoint.security.api.AuthorizationConstants;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.exception.SystemException;
import com.evolveum.midpoint.util.logging.LoggingUtils;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.web.application.AuthorizationAction;
import com.evolveum.midpoint.web.application.PageDescriptor;
import com.evolveum.midpoint.web.component.AjaxButton;
import com.evolveum.midpoint.web.component.AjaxSubmitButton;
import com.evolveum.midpoint.web.component.prism.ContainerStatus;
import com.evolveum.midpoint.web.component.prism.ObjectWrapper;
import com.evolveum.midpoint.web.component.prism.ObjectWrapperFactory;
import com.evolveum.midpoint.web.page.admin.home.component.MyPasswordQuestionsPanel;
import com.evolveum.midpoint.web.page.admin.home.dto.PasswordQuestionsDto;
import com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO;
import com.evolveum.midpoint.web.page.self.PageSelf;
import com.evolveum.midpoint.web.security.SecurityUtils;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionDefinitionType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
import com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.wicket.RestartResponseException;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.markup.html.form.Form;
import org.apache.wicket.markup.html.form.TextField;
import org.apache.wicket.markup.html.list.ListItem;
import org.apache.wicket.markup.html.list.ListView;
import org.apache.wicket.model.IModel;

@PageDescriptor(url = {"/PasswordQuestions"}, action = {@AuthorizationAction(actionUri = "http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfAll", label = PageSelf.AUTH_SELF_ALL_LABEL, description = PageSelf.AUTH_SELF_ALL_DESCRIPTION), @AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_UI_SELF_CREDENTIALS_URL, label = "PageSelfCredentials.auth.credentials.label", description = "PageSelfCredentials.auth.credentials.description")})
/* loaded from: input_file:WEB-INF/classes/com/evolveum/midpoint/web/page/admin/home/PageMyPasswordQuestions.class */
public class PageMyPasswordQuestions extends PageAdminHome {
    private static final long serialVersionUID = 1;
    private static final Trace LOGGER = TraceManager.getTrace(PageMyPasswordQuestions.class);
    private static final String DOT_CLASS = PageMyPasswordQuestions.class.getName() + ".";
    private static final String OPERATION_LOAD_USER = DOT_CLASS + "loaduser";
    private static final String OPERATION_LOAD_QUESTION_POLICY = DOT_CLASS + "LOAD Question Policy";
    private String ID_PASSWORD_QUESTIONS_PANEL;
    private static final String OPERATION_SAVE_QUESTIONS = "Save Security Questions";
    private static final String ID_MAIN_FORM = "mainForm";
    private static final String ID_BACK = "back";
    private static final String ID_SAVE = "save";
    private LoadableModel<ObjectWrapper> userModel;
    private List<MyPasswordQuestionsPanel> pqPanels;
    private IModel<PasswordQuestionsDto> model;
    private List<SecurityQuestionDefinitionType> policyQuestionList;
    private MyPasswordQuestionsPanel pwPanel;
    int questionNumber;

    public PageMyPasswordQuestions() {
        this.ID_PASSWORD_QUESTIONS_PANEL = "pwdQuestionsPanel";
        this.model = new LoadableModel<PasswordQuestionsDto>(false) { // from class: com.evolveum.midpoint.web.page.admin.home.PageMyPasswordQuestions.1
            private static final long serialVersionUID = 1;

            /* JADX INFO: Access modifiers changed from: protected */
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.evolveum.midpoint.gui.api.model.LoadableModel
            /* renamed from: load */
            public PasswordQuestionsDto load2() {
                return PageMyPasswordQuestions.this.loadPageModel();
            }
        };
        initLayout();
    }

    public PageMyPasswordQuestions(IModel<PasswordQuestionsDto> iModel) {
        this.ID_PASSWORD_QUESTIONS_PANEL = "pwdQuestionsPanel";
        this.model = iModel;
        initLayout();
    }

    public PageMyPasswordQuestions(final PrismObject<UserType> prismObject) {
        this.ID_PASSWORD_QUESTIONS_PANEL = "pwdQuestionsPanel";
        this.userModel = new LoadableModel<ObjectWrapper>(false) { // from class: com.evolveum.midpoint.web.page.admin.home.PageMyPasswordQuestions.2
            /* JADX INFO: Access modifiers changed from: protected */
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.evolveum.midpoint.gui.api.model.LoadableModel
            /* renamed from: load */
            public ObjectWrapper load2() {
                return PageMyPasswordQuestions.this.loadUserWrapper(prismObject);
            }
        };
        initLayout();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public PasswordQuestionsDto loadPageModel() {
        LOGGER.debug("Loading user for Security Question Page.");
        PasswordQuestionsDto passwordQuestionsDto = new PasswordQuestionsDto();
        OperationResult operationResult = new OperationResult(OPERATION_LOAD_USER);
        try {
            try {
                String oid = SecurityUtils.getPrincipalUser().getOid();
                Task createSimpleTask = createSimpleTask(OPERATION_LOAD_USER);
                OperationResult createSubresult = operationResult.createSubresult(OPERATION_LOAD_USER);
                passwordQuestionsDto.setSecurityAnswers(createUsersSecurityQuestionsList(getModelService().getObject(UserType.class, oid, null, createSimpleTask, createSubresult)));
                createSubresult.recordSuccessIfUnknown();
                operationResult.recomputeStatus();
            } catch (Exception e) {
                LoggingUtils.logExceptionOnDebugLevel(LOGGER, "Couldn't get user Questions, Probably not set yet", e, new Object[0]);
                operationResult.recomputeStatus();
            }
            return passwordQuestionsDto;
        } catch (Throwable th) {
            operationResult.recomputeStatus();
            throw th;
        }
    }

    public List<SecurityQuestionAnswerDTO> createUsersSecurityQuestionsList(PrismObject<UserType> prismObject) {
        List<SecurityQuestionAnswerType> questionAnswer;
        LOGGER.debug("Security Questions Loading for user: " + prismObject.getOid());
        if (prismObject.asObjectable().getCredentials() == null || prismObject.asObjectable().getCredentials().getSecurityQuestions() == null || (questionAnswer = prismObject.asObjectable().getCredentials().getSecurityQuestions().getQuestionAnswer()) == null) {
            return null;
        }
        LOGGER.debug("User SecurityQuestion ANswer List is Not null");
        ArrayList arrayList = new ArrayList();
        for (SecurityQuestionAnswerType securityQuestionAnswerType : questionAnswer) {
            Protector defaultProtector = getPrismContext().getDefaultProtector();
            String str = "";
            if (securityQuestionAnswerType.getQuestionAnswer().getEncryptedDataType() != null) {
                try {
                    str = defaultProtector.decryptString(securityQuestionAnswerType.getQuestionAnswer());
                } catch (EncryptionException e) {
                    LoggingUtils.logUnexpectedException(LOGGER, "Couldn't decrypt user answer", e, new Object[0]);
                }
            }
            arrayList.add(new SecurityQuestionAnswerDTO(securityQuestionAnswerType.getQuestionIdentifier(), str));
        }
        return arrayList;
    }

    public void initLayout() {
        Form form = new com.evolveum.midpoint.web.component.form.Form("mainForm");
        this.pqPanels = new ArrayList();
        OperationResult operationResult = new OperationResult(OPERATION_LOAD_QUESTION_POLICY);
        try {
            getPageBase().createSimpleTask(OPERATION_LOAD_QUESTION_POLICY);
            operationResult.createSubresult(OPERATION_LOAD_QUESTION_POLICY);
            try {
                CredentialsPolicyType credentialsPolicy = getModelInteractionService().getCredentialsPolicy(null, null, operationResult);
                if (credentialsPolicy == null || credentialsPolicy.getSecurityQuestions() == null) {
                    this.questionNumber = 0;
                    this.policyQuestionList = new ArrayList();
                } else {
                    this.questionNumber = credentialsPolicy.getSecurityQuestions().getQuestionNumber().intValue();
                    this.policyQuestionList = credentialsPolicy.getSecurityQuestions().getQuestion();
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
            List<SecurityQuestionAnswerDTO> securityAnswers = this.model.getObject().getSecurityAnswers();
            if (securityAnswers == null || this.questionNumber > securityAnswers.size()) {
                if (securityAnswers == null) {
                    executeAddingQuestions(this.questionNumber, 0, this.policyQuestionList);
                } else {
                    executePasswordQuestionsAndAnswers(securityAnswers, this.policyQuestionList, securityAnswers.size());
                    executeAddingQuestions(this.questionNumber - securityAnswers.size(), securityAnswers.size(), this.policyQuestionList);
                }
            } else if (this.questionNumber == securityAnswers.size()) {
                executePasswordQuestionsAndAnswers(securityAnswers, this.policyQuestionList, 0);
            } else if (this.questionNumber < securityAnswers.size()) {
                executePasswordQuestionsAndAnswers(securityAnswers, this.policyQuestionList, 0);
            }
        } catch (Exception e2) {
            operationResult.recordFatalError("Couldn't load system configuration.", e2);
        }
        add(form);
        form.add(getPanels(this.pqPanels));
        initButtons(form);
    }

    public void executeAddingQuestions(int i, int i2, List<SecurityQuestionDefinitionType> list) {
        LOGGER.debug("executeAddingQuestions");
        for (int i3 = 0; i3 < i; i3++) {
            this.pqPanels.add(new MyPasswordQuestionsPanel(this.ID_PASSWORD_QUESTIONS_PANEL + i2, new SecurityQuestionAnswerDTO(list.get(i2).getIdentifier(), "", list.get(i2).getQuestionText())));
            i2++;
        }
    }

    public void executePasswordQuestionsAndAnswers(List<SecurityQuestionAnswerDTO> list, List<SecurityQuestionDefinitionType> list2, int i) {
        int i2 = 0;
        LOGGER.debug("executePasswordQuestionsAndAnswers");
        for (SecurityQuestionDefinitionType securityQuestionDefinitionType : list2) {
            int i3 = i2;
            while (true) {
                if (i3 >= list.size()) {
                    break;
                }
                if (list.get(i3).getPwdQuestion().trim().compareTo(securityQuestionDefinitionType.getIdentifier().trim()) == 0) {
                    this.pqPanels.add(new MyPasswordQuestionsPanel(this.ID_PASSWORD_QUESTIONS_PANEL + i, checkIfQuestionisValidSingle(new SecurityQuestionAnswerDTO(list.get(i3).getPwdQuestion(), list.get(i3).getPwdAnswer(), list.get(i3).getQuestionItself()), securityQuestionDefinitionType)));
                    i++;
                    i2++;
                    break;
                }
                if (list.get(i3).getPwdQuestion().trim().compareTo(securityQuestionDefinitionType.getIdentifier().trim()) != 0) {
                    SecurityQuestionAnswerDTO securityQuestionAnswerDTO = new SecurityQuestionAnswerDTO(list2.get(i).getIdentifier(), "", list2.get(i).getQuestionText());
                    securityQuestionAnswerDTO.setQuestionItself(securityQuestionDefinitionType.getQuestionText());
                    list.get(i3).setPwdQuestion(securityQuestionDefinitionType.getIdentifier().trim());
                    this.pqPanels.add(new MyPasswordQuestionsPanel(this.ID_PASSWORD_QUESTIONS_PANEL + i, securityQuestionAnswerDTO));
                    i++;
                    i2++;
                    break;
                }
                i3++;
            }
        }
    }

    public ListView<MyPasswordQuestionsPanel> getPanels(List<MyPasswordQuestionsPanel> list) {
        return new ListView(this.ID_PASSWORD_QUESTIONS_PANEL, list) { // from class: com.evolveum.midpoint.web.page.admin.home.PageMyPasswordQuestions.3
            @Override // org.apache.wicket.markup.html.list.ListView
            protected void populateItem(ListItem listItem) {
                listItem.add((MyPasswordQuestionsPanel) listItem.getModelObject());
            }
        };
    }

    public void initButtons(Form form) {
        form.add(new AjaxSubmitButton(ID_SAVE, createStringResource("PageBase.button.save", new Object[0])) { // from class: com.evolveum.midpoint.web.page.admin.home.PageMyPasswordQuestions.4
            private static final long serialVersionUID = 1;

            /* JADX INFO: Access modifiers changed from: protected */
            @Override // org.apache.wicket.ajax.markup.html.form.AjaxSubmitLink
            public void onSubmit(AjaxRequestTarget ajaxRequestTarget, Form<?> form2) {
                PageMyPasswordQuestions.this.savePerformed(ajaxRequestTarget);
            }
        });
        form.add(new AjaxButton("back", createStringResource("PageBase.button.back", new Object[0])) { // from class: com.evolveum.midpoint.web.page.admin.home.PageMyPasswordQuestions.5
            private static final long serialVersionUID = 1;

            @Override // org.apache.wicket.ajax.markup.html.AjaxLink, org.apache.wicket.ajax.markup.html.IAjaxLink
            public void onClick(AjaxRequestTarget ajaxRequestTarget) {
                PageMyPasswordQuestions.this.cancelPerformed(ajaxRequestTarget);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void savePerformed(AjaxRequestTarget ajaxRequestTarget) {
        updateQuestions(SecurityUtils.getPrincipalUser().getOid(), ajaxRequestTarget);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void cancelPerformed(AjaxRequestTarget ajaxRequestTarget) {
        setResponsePage(getMidpointApplication().getHomePage());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ObjectWrapper loadUserWrapper(PrismObject<UserType> prismObject) {
        ObjectWrapper createObjectWrapper;
        OperationResult operationResult = new OperationResult(OPERATION_LOAD_USER);
        PrismObject prismObject2 = null;
        Task createSimpleTask = createSimpleTask(OPERATION_LOAD_USER);
        try {
            prismObject2 = getModelService().getObject(UserType.class, SecurityUtils.getPrincipalUser().getOid(), SelectorOptions.createCollection(UserType.F_CREDENTIALS, GetOperationOptions.createRetrieve(RetrieveOption.INCLUDE)), createSimpleTask, operationResult);
            operationResult.recordSuccess();
        } catch (Exception e) {
            operationResult.recordFatalError("Couldn't get user.", e);
            LoggingUtils.logUnexpectedException(LOGGER, "Couldn't load user PageMyQuestions", e, new Object[0]);
        }
        showResult(operationResult, false);
        if (prismObject2 == null) {
            throw new RestartResponseException(PageDashboard.class);
        }
        ContainerStatus containerStatus = ContainerStatus.MODIFYING;
        ObjectWrapperFactory objectWrapperFactory = new ObjectWrapperFactory(this);
        try {
            createObjectWrapper = objectWrapperFactory.createObjectWrapper("pageMyPasswordQuestions.userDetails", null, prismObject2, containerStatus, createSimpleTask);
        } catch (Exception e2) {
            operationResult.recordFatalError("Couldn't get user.", e2);
            LoggingUtils.logUnexpectedException(LOGGER, "Couldn't load user", e2, new Object[0]);
            try {
                createObjectWrapper = objectWrapperFactory.createObjectWrapper("pageMyPasswordQuestions.userDetails", null, prismObject2, null, null, containerStatus, createSimpleTask);
            } catch (SchemaException e3) {
                throw new SystemException(e3.getMessage(), e3);
            }
        }
        showResult(createObjectWrapper.getResult(), false);
        return createObjectWrapper;
    }

    private SecurityQuestionAnswerDTO checkIfQuestionisValid(SecurityQuestionAnswerDTO securityQuestionAnswerDTO, List<SecurityQuestionDefinitionType> list) {
        Iterator<SecurityQuestionDefinitionType> it = list.iterator();
        if (!it.hasNext()) {
            return null;
        }
        SecurityQuestionDefinitionType next = it.next();
        LOGGER.debug("List For" + next.getIdentifier().trim());
        if (!next.getIdentifier().trim().equalsIgnoreCase(securityQuestionAnswerDTO.getPwdQuestion().trim())) {
            return null;
        }
        securityQuestionAnswerDTO.setQuestionItself(next.getQuestionText());
        LOGGER.info(": TRUE QUESTION");
        return securityQuestionAnswerDTO;
    }

    private SecurityQuestionAnswerDTO checkIfQuestionisValidSingle(SecurityQuestionAnswerDTO securityQuestionAnswerDTO, SecurityQuestionDefinitionType securityQuestionDefinitionType) {
        if (securityQuestionDefinitionType.getIdentifier().trim().compareTo(securityQuestionAnswerDTO.getPwdQuestion().trim()) != 0) {
            return null;
        }
        securityQuestionAnswerDTO.setQuestionItself(securityQuestionDefinitionType.getQuestionText());
        return securityQuestionAnswerDTO;
    }

    private void updateQuestions(String str, AjaxRequestTarget ajaxRequestTarget) {
        Task createSimpleTask = createSimpleTask(OPERATION_SAVE_QUESTIONS);
        OperationResult operationResult = new OperationResult(OPERATION_SAVE_QUESTIONS);
        getPrismContext().getSchemaRegistry();
        SecurityQuestionAnswerType[] securityQuestionAnswerTypeArr = new SecurityQuestionAnswerType[this.questionNumber];
        try {
            int i = 0;
            for (MyPasswordQuestionsPanel myPasswordQuestionsPanel : this.pqPanels) {
                SecurityQuestionAnswerType securityQuestionAnswerType = new SecurityQuestionAnswerType();
                ProtectedStringType protectedStringType = new ProtectedStringType();
                protectedStringType.setClearValue(((TextField) myPasswordQuestionsPanel.get(MyPasswordQuestionsPanel.F_ANSWER)).getModelObject());
                securityQuestionAnswerType.setQuestionAnswer(protectedStringType);
                securityQuestionAnswerType.setQuestionIdentifier(getQuestionIdentifierFromQuestion(StringEscapeUtils.unescapeHtml(myPasswordQuestionsPanel.get(MyPasswordQuestionsPanel.F_QUESTION).getDefaultModelObjectAsString())));
                securityQuestionAnswerTypeArr[i] = securityQuestionAnswerType;
                i++;
            }
            getModelService().executeChanges(MiscSchemaUtil.createCollection((ObjectDelta<?>[]) new ObjectDelta[]{ObjectDelta.createModificationReplaceContainer(UserType.class, str, new ItemPath(UserType.F_CREDENTIALS, CredentialsType.F_SECURITY_QUESTIONS, SecurityQuestionsCredentialsType.F_QUESTION_ANSWER), getPrismContext(), securityQuestionAnswerTypeArr)}), null, createSimpleTask, operationResult);
            success(getString("message.success"));
            ajaxRequestTarget.add(getFeedbackPanel());
        } catch (Exception e) {
            error(getString("message.error"));
            ajaxRequestTarget.add(getFeedbackPanel());
            e.printStackTrace();
        }
    }

    private String getQuestionIdentifierFromQuestion(String str) {
        for (SecurityQuestionDefinitionType securityQuestionDefinitionType : this.policyQuestionList) {
            if (str.equalsIgnoreCase(securityQuestionDefinitionType.getQuestionText())) {
                return securityQuestionDefinitionType.getIdentifier();
            }
        }
        return null;
    }

    public PageBase getPageBase() {
        return (PageBase) getPage();
    }
}
