package com.evolveum.midpoint.web.component.menu;

import com.evolveum.midpoint.gui.api.component.BasePanel;
import com.evolveum.midpoint.gui.api.model.LoadableModel;
import com.evolveum.midpoint.gui.api.page.PageBase;
import com.evolveum.midpoint.gui.api.util.WebComponentUtil;
import com.evolveum.midpoint.gui.api.util.WebModelServiceUtils;
import com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal;
import com.evolveum.midpoint.model.api.authentication.ModuleAuthentication;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.crypto.EncryptionException;
import com.evolveum.midpoint.prism.crypto.Protector;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.security.api.AuthorizationConstants;
import com.evolveum.midpoint.security.api.MidPointPrincipal;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.util.logging.LoggingUtils;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.web.component.AjaxButton;
import com.evolveum.midpoint.web.component.form.Form;
import com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour;
import com.evolveum.midpoint.web.page.admin.home.PageMyPasswordQuestions;
import com.evolveum.midpoint.web.page.admin.home.dto.PasswordQuestionsDto;
import com.evolveum.midpoint.web.page.admin.home.dto.SecurityQuestionAnswerDTO;
import com.evolveum.midpoint.web.security.util.SecurityUtils;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionDefinitionType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
import java.util.ArrayList;
import java.util.List;
import org.apache.wicket.AttributeModifier;
import org.apache.wicket.Component;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.markup.html.WebMarkupContainer;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.markup.html.image.ContextImage;
import org.apache.wicket.markup.html.image.NonCachingImage;
import org.apache.wicket.model.IModel;
import org.apache.wicket.model.Model;
import org.apache.wicket.request.resource.AbstractResource;
import org.apache.wicket.request.resource.ByteArrayResource;
import org.aspectj.weaver.Dump;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.saml.util.StringUtils;

/* loaded from: input_file:WEB-INF/classes/com/evolveum/midpoint/web/component/menu/UserMenuPanel.class */
public class UserMenuPanel extends BasePanel {
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) UserMenuPanel.class);
    private static final String DOT_CLASS = UserMenuPanel.class.getName() + ".";
    private static final String OPERATION_LOAD_USER = DOT_CLASS + "loaduser";
    private static final String OPERATION_LOAD_QUESTION_POLICY = DOT_CLASS + "LOAD Question Policy";
    private static final String DEFAULT_LOGOUT_PATH = "/logout";
    private static final String ID_USERNAME_LINK = "usernameLink";
    private static final String ID_LOGOUT_FORM = "logoutForm";
    private static final String ID_CSRF_FIELD = "csrfField";
    private static final String ID_USERNAME = "username";
    private static final String ID_FOCUS_TYPE = "focusType";
    private static final String ID_EDIT_PROFILE = "editProfile";
    private static final String ID_PASSWORD_QUESTIONS = "passwordQuestions";
    private static final String ID_ICON_BOX = "menuIconBox";
    private static final String ID_PHOTO = "menuPhoto";
    private static final String ID_ICON = "menuIcon";
    private static final String ID_PANEL_ICON_BOX = "menuPanelIconBox";
    private static final String ID_PANEL_PHOTO = "menuPanelPhoto";
    private static final String ID_PANEL_ICON = "menuPanelIcon";
    private IModel<PasswordQuestionsDto> passwordQuestionsDtoIModel;
    private IModel<List<SecurityQuestionDefinitionType>> securityPolicyQuestionsModel;
    private Model<PrismObject<UserType>> userModel;
    private boolean isUserModelLoaded;
    private boolean isPasswordModelLoaded;
    private byte[] jpegPhoto;
    private List<SecurityQuestionDefinitionType> securityPolicyQuestions;
    private PageBase pageBase;

    public UserMenuPanel(String str, PageBase pageBase) {
        super(str);
        this.userModel = new Model<>();
        this.isUserModelLoaded = false;
        this.isPasswordModelLoaded = false;
        this.jpegPhoto = null;
        this.securityPolicyQuestions = new ArrayList();
        this.pageBase = pageBase;
        initLayout();
        if (!this.isPasswordModelLoaded) {
            this.passwordQuestionsDtoIModel = new LoadableModel<PasswordQuestionsDto>(false) { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.1
                private static final long serialVersionUID = 1;

                /* JADX INFO: Access modifiers changed from: protected */
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // com.evolveum.midpoint.gui.api.model.LoadableModel
                /* renamed from: load */
                public PasswordQuestionsDto load2() {
                    return UserMenuPanel.this.loadModel(null);
                }
            };
            this.isPasswordModelLoaded = true;
        }
        this.securityPolicyQuestionsModel = new LoadableModel<List<SecurityQuestionDefinitionType>>(false) { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.2
            private static final long serialVersionUID = 1;

            /* JADX INFO: Access modifiers changed from: protected */
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.evolveum.midpoint.gui.api.model.LoadableModel
            /* renamed from: load */
            public List<SecurityQuestionDefinitionType> load2() {
                return UserMenuPanel.this.loadSecurityPolicyQuestionsModel();
            }
        };
    }

    @Override // com.evolveum.midpoint.gui.api.component.BasePanel
    public PageBase getPageBase() {
        return this.pageBase;
    }

    private void initLayout() {
        WebMarkupContainer webMarkupContainer = new WebMarkupContainer(ID_ICON_BOX);
        add(webMarkupContainer);
        NonCachingImage nonCachingImage = new NonCachingImage(ID_PHOTO, new IModel<AbstractResource>() { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.apache.wicket.model.IModel
            /* renamed from: getObject */
            public AbstractResource getObject2() {
                if (UserMenuPanel.this.jpegPhoto == null) {
                    return null;
                }
                return new ByteArrayResource("image/jpeg", UserMenuPanel.this.jpegPhoto);
            }
        });
        nonCachingImage.add(new VisibleEnableBehaviour() { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.4
            @Override // com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour
            public boolean isVisible() {
                if (UserMenuPanel.this.userModel != null && UserMenuPanel.this.userModel.getObject2() == null) {
                    UserMenuPanel.this.loadModel(null);
                }
                return UserMenuPanel.this.jpegPhoto != null;
            }
        });
        webMarkupContainer.add(nonCachingImage);
        ContextImage contextImage = new ContextImage(ID_ICON, "img/placeholder.png");
        contextImage.add(new VisibleEnableBehaviour() { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.5
            @Override // com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour
            public boolean isVisible() {
                if (UserMenuPanel.this.userModel != null && UserMenuPanel.this.userModel.getObject2() == null) {
                    UserMenuPanel.this.loadModel(null);
                }
                return UserMenuPanel.this.jpegPhoto == null;
            }
        });
        webMarkupContainer.add(contextImage);
        add(new Label(ID_USERNAME_LINK, (IModel<?>) new IModel<String>() { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.6
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.apache.wicket.model.IModel
            /* renamed from: getObject */
            public String getObject2() {
                return UserMenuPanel.this.getShortUserName();
            }
        }));
        WebMarkupContainer webMarkupContainer2 = new WebMarkupContainer(ID_PANEL_ICON_BOX);
        add(webMarkupContainer2);
        NonCachingImage nonCachingImage2 = new NonCachingImage(ID_PANEL_PHOTO, new IModel<AbstractResource>() { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.7
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.apache.wicket.model.IModel
            /* renamed from: getObject */
            public AbstractResource getObject2() {
                if (UserMenuPanel.this.jpegPhoto == null) {
                    return null;
                }
                return new ByteArrayResource("image/jpeg", UserMenuPanel.this.jpegPhoto);
            }
        });
        nonCachingImage2.add(new VisibleEnableBehaviour() { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.8
            @Override // com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour
            public boolean isVisible() {
                if (UserMenuPanel.this.userModel != null && UserMenuPanel.this.userModel.getObject2() == null) {
                    UserMenuPanel.this.loadModel(null);
                }
                return UserMenuPanel.this.jpegPhoto != null;
            }
        });
        webMarkupContainer2.add(nonCachingImage2);
        ContextImage contextImage2 = new ContextImage(ID_PANEL_ICON, "img/placeholder.png");
        contextImage2.add(new VisibleEnableBehaviour() { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.9
            @Override // com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour
            public boolean isVisible() {
                if (UserMenuPanel.this.userModel != null && UserMenuPanel.this.userModel.getObject2() == null) {
                    UserMenuPanel.this.loadModel(null);
                }
                return UserMenuPanel.this.jpegPhoto == null;
            }
        });
        webMarkupContainer2.add(contextImage2);
        Component label = new Label("username", (IModel<?>) new IModel<String>() { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.10
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.apache.wicket.model.IModel
            /* renamed from: getObject */
            public String getObject2() {
                return UserMenuPanel.this.getShortUserName();
            }
        });
        label.setRenderBodyOnly(true);
        add(label);
        add(new Label("focusType", (IModel<?>) getPageBase().createStringResource("PageTemplate." + getFocusType(), new Object[0])));
        Form form = new Form(ID_LOGOUT_FORM);
        form.add(AttributeModifier.replace("action", (IModel<?>) new IModel<String>() { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.11
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.apache.wicket.model.IModel
            /* renamed from: getObject */
            public String getObject2() {
                return SecurityUtils.getPathForLogoutWithContextPath(UserMenuPanel.this.getRequest().getContextPath(), UserMenuPanel.this.getAuthenticatedModule());
            }
        }));
        add(form);
        form.add(SecurityUtils.createHiddenInputForCsrf(ID_CSRF_FIELD));
        Component component = new AjaxButton(ID_PASSWORD_QUESTIONS, createStringResource("UserMenuPanel.editPasswordQuestions", new Object[0])) { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.12
            @Override // org.apache.wicket.ajax.markup.html.AjaxLink, org.apache.wicket.ajax.markup.html.IAjaxLink
            public void onClick(AjaxRequestTarget ajaxRequestTarget) {
                setResponsePage(new PageMyPasswordQuestions(UserMenuPanel.this.passwordQuestionsDtoIModel));
            }
        };
        add(component);
        if (!this.isPasswordModelLoaded) {
            this.passwordQuestionsDtoIModel = new LoadableModel<PasswordQuestionsDto>(false) { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.13
                private static final long serialVersionUID = 1;

                /* JADX INFO: Access modifiers changed from: protected */
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // com.evolveum.midpoint.gui.api.model.LoadableModel
                /* renamed from: load */
                public PasswordQuestionsDto load2() {
                    return UserMenuPanel.this.loadModel(null);
                }
            };
            this.isPasswordModelLoaded = true;
        }
        this.securityPolicyQuestionsModel = new LoadableModel<List<SecurityQuestionDefinitionType>>(false) { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.14
            /* JADX INFO: Access modifiers changed from: protected */
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.evolveum.midpoint.gui.api.model.LoadableModel
            /* renamed from: load */
            public List<SecurityQuestionDefinitionType> load2() {
                return UserMenuPanel.this.loadSecurityPolicyQuestionsModel();
            }
        };
        component.add(new VisibleEnableBehaviour() { // from class: com.evolveum.midpoint.web.component.menu.UserMenuPanel.15
            @Override // com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour
            public boolean isVisible() {
                if (UserMenuPanel.this.securityPolicyQuestionsModel == null || UserMenuPanel.this.securityPolicyQuestionsModel.getObject2() == null) {
                    UserMenuPanel.this.loadSecurityPolicyQuestionsModel();
                }
                return UserMenuPanel.this.hasQuestions() || (UserMenuPanel.this.securityPolicyQuestionsModel.getObject2() != null && UserMenuPanel.this.securityPolicyQuestionsModel.getObject2().size() > 0);
            }
        });
    }

    private String getUrlForLogout() {
        return "/" + StringUtils.stripSlashes(getRequest().getContextPath()) + "/" + StringUtils.stripSlashes(getAuthenticatedModule().getPrefix()) + "/logout";
    }

    private ModuleAuthentication getAuthenticatedModule() {
        ModuleAuthentication authenticatedModule = SecurityUtils.getAuthenticatedModule();
        if (authenticatedModule == null) {
            throw new IllegalArgumentException("Unauthenticated request");
        }
        return authenticatedModule;
    }

    private String getShortUserName() {
        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        return principal == null ? Dump.UNKNOWN_FILENAME : principal instanceof MidPointPrincipal ? WebComponentUtil.getOrigStringFromPoly(((MidPointPrincipal) principal).getName()) : principal.toString();
    }

    private String getFocusType() {
        Object principal;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return (authentication == null || (principal = authentication.getPrincipal()) == null || principal.equals(AuthorizationConstants.ANONYMOUS_USER_PRINCIPAL)) ? Dump.UNKNOWN_FILENAME : WebComponentUtil.classToQName(getPageBase().getPrismContext(), WebModelServiceUtils.getLoggedInFocus().getClass()).getLocalPart();
    }

    private PasswordQuestionsDto loadModel(PageBase pageBase) {
        GuiProfiledPrincipal principalUser;
        LOGGER.trace("Loading user for Security Question Page.");
        PasswordQuestionsDto passwordQuestionsDto = new PasswordQuestionsDto();
        OperationResult operationResult = new OperationResult(OPERATION_LOAD_USER);
        if (pageBase == null) {
            pageBase = (PageBase) getPage();
        }
        try {
            try {
                principalUser = SecurityUtils.getPrincipalUser();
            } catch (Exception e) {
                LoggingUtils.logExceptionOnDebugLevel(LOGGER, "Couldn't get user Questions, Probably not set yet", e, new Object[0]);
                operationResult.recomputeStatus();
                this.isUserModelLoaded = true;
            }
            if (principalUser == null) {
                operationResult.recordNotApplicableIfUnknown();
                operationResult.recomputeStatus();
                this.isUserModelLoaded = true;
                return null;
            }
            String oid = principalUser.getOid();
            Task createSimpleTask = pageBase.createSimpleTask(OPERATION_LOAD_USER);
            OperationResult createSubresult = operationResult.createSubresult(OPERATION_LOAD_USER);
            PrismObject<UserType> object = pageBase.getModelService().getObject(UserType.class, oid, getSchemaHelper().getOperationOptionsBuilder().item(UserType.F_JPEG_PHOTO).retrieve().build(), createSimpleTask, createSubresult);
            this.userModel.setObject((Model<PrismObject<UserType>>) object);
            this.jpegPhoto = object == null ? null : object.asObjectable() == null ? null : object.asObjectable().getJpegPhoto();
            passwordQuestionsDto.setSecurityAnswers(createUsersSecurityQuestionsList(object));
            createSubresult.recordSuccessIfUnknown();
            operationResult.recomputeStatus();
            this.isUserModelLoaded = true;
            return passwordQuestionsDto;
        } catch (Throwable th) {
            operationResult.recomputeStatus();
            this.isUserModelLoaded = true;
            throw th;
        }
    }

    public List<SecurityQuestionAnswerDTO> createUsersSecurityQuestionsList(PrismObject<UserType> prismObject) {
        List<SecurityQuestionAnswerType> questionAnswer;
        SecurityQuestionsCredentialsType securityQuestions = prismObject.asObjectable().getCredentials().getSecurityQuestions();
        if (securityQuestions == null || (questionAnswer = securityQuestions.getQuestionAnswer()) == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        for (SecurityQuestionAnswerType securityQuestionAnswerType : questionAnswer) {
            Protector defaultProtector = ((PageBase) getPage()).getPrismContext().getDefaultProtector();
            if (securityQuestionAnswerType.getQuestionAnswer() != null && securityQuestionAnswerType.getQuestionAnswer().getEncryptedDataType() != null) {
                try {
                    arrayList.add(new SecurityQuestionAnswerDTO(securityQuestionAnswerType.getQuestionIdentifier(), defaultProtector.decryptString(securityQuestionAnswerType.getQuestionAnswer())));
                } catch (EncryptionException e) {
                    LOGGER.error("Could not get security questions. Error: " + e.getMessage(), (Throwable) e);
                }
            }
        }
        return arrayList;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private List<SecurityQuestionDefinitionType> loadSecurityPolicyQuestionsModel() {
        List arrayList = new ArrayList();
        OperationResult operationResult = new OperationResult(OPERATION_LOAD_QUESTION_POLICY);
        try {
            try {
                CredentialsPolicyType credentialsPolicy = ((PageBase) getPage()).getModelInteractionService().getCredentialsPolicy(null, ((PageBase) getPage()).createSimpleTask(OPERATION_LOAD_QUESTION_POLICY), operationResult);
                if (credentialsPolicy != null && credentialsPolicy.getSecurityQuestions() != null) {
                    arrayList = credentialsPolicy.getSecurityQuestions().getQuestion();
                }
                operationResult.computeStatus();
            } catch (Exception e) {
                operationResult.recordFatalError(createStringResource("UserMenuPanel.message.loadSecurityPolicyQuestionsModel.fatalError", e.getMessage()).getString(), e);
                LoggingUtils.logUnexpectedException(LOGGER, "Couldn't load system security policy", e, new Object[0]);
                operationResult.computeStatus();
            }
            return arrayList;
        } catch (Throwable th) {
            operationResult.computeStatus();
            throw th;
        }
    }

    private boolean hasQuestions() {
        return (this.passwordQuestionsDtoIModel == null || this.passwordQuestionsDtoIModel.getObject2() == null || this.passwordQuestionsDtoIModel.getObject2().getPwdQuestion() == null || this.passwordQuestionsDtoIModel.getObject2().getPwdQuestion().trim().equals("")) ? false : true;
    }
}
