package com.evolveum.midpoint.web.page.login;

import com.evolveum.midpoint.authentication.api.authorization.PageDescriptor;
import com.evolveum.midpoint.authentication.api.authorization.Url;
import com.evolveum.midpoint.authentication.api.config.MidpointAuthentication;
import com.evolveum.midpoint.authentication.api.config.ModuleAuthentication;
import com.evolveum.midpoint.authentication.api.util.AuthUtil;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.schema.util.SecurityPolicyUtil;
import com.evolveum.midpoint.util.exception.CommonException;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.web.component.form.MidpointForm;
import com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour;
import com.evolveum.midpoint.web.page.admin.configuration.PageSystemConfiguration;
import com.evolveum.midpoint.web.page.forgetpassword.PageForgotPassword;
import com.evolveum.midpoint.web.security.util.SecurityUtils;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AuthenticationSequenceType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.RegistrationsPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SelfRegistrationPolicyType;
import java.lang.invoke.SerializedLambda;
import org.apache.commons.lang3.StringUtils;
import org.apache.wicket.AttributeModifier;
import org.apache.wicket.Component;
import org.apache.wicket.behavior.Behavior;
import org.apache.wicket.markup.html.link.BookmarkablePageLink;
import org.apache.wicket.model.LoadableDetachableModel;
import org.springframework.security.core.context.SecurityContextHolder;

@PageDescriptor(urls = {@Url(mountUrl = "/login", matchUrlForSecurity = "/login")}, permitAll = true, loginPage = true, authModule = "LoginForm")
/* loaded from: input_file:com/evolveum/midpoint/web/page/login/PageLogin.class */
public class PageLogin extends AbstractPageLogin {
    private static final long serialVersionUID = 1;
    private static final String ID_FORGET_PASSWORD = "forgetpassword";
    private static final String ID_SELF_REGISTRATION = "selfRegistration";
    private static final String ID_CSRF_FIELD = "csrfField";
    private static final String ID_FORM = "form";
    private final LoadableDetachableModel<SecurityPolicyType> securityPolicyModel = new LoadableDetachableModel<SecurityPolicyType>() { // from class: com.evolveum.midpoint.web.page.login.PageLogin.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* renamed from: load, reason: merged with bridge method [inline-methods] */
        public SecurityPolicyType m930load() {
            try {
                return PageLogin.this.getModelInteractionService().getSecurityPolicy((PrismObject) null, PageLogin.this.createAnonymousTask(PageLogin.OPERATION_LOAD_RESET_PASSWORD_POLICY), new OperationResult(PageLogin.OPERATION_LOAD_RESET_PASSWORD_POLICY));
            } catch (CommonException e) {
                PageLogin.LOGGER.warn("Cannot read credentials policy: " + e.getMessage(), e);
                return null;
            }
        }
    };
    private static final Trace LOGGER = TraceManager.getTrace(PageLogin.class);
    private static final String DOT_CLASS = PageLogin.class.getName() + ".";
    protected static final String OPERATION_LOAD_RESET_PASSWORD_POLICY = DOT_CLASS + "loadPasswordResetPolicy";
    private static final String OPERATION_LOAD_REGISTRATION_POLICY = DOT_CLASS + "loadRegistrationPolicy";

    private SecurityPolicyType getSecurityPolicy() {
        return (SecurityPolicyType) this.securityPolicyModel.getObject();
    }

    @Override // com.evolveum.midpoint.web.page.login.AbstractPageLogin
    protected void initCustomLayer() {
        SelfRegistrationPolicyType selfRegistrationPolicy;
        AuthenticationSequenceType sequenceByName;
        AuthenticationSequenceType sequenceByName2;
        Component midpointForm = new MidpointForm(ID_FORM);
        midpointForm.add(new Behavior[]{AttributeModifier.replace("action", this::getUrlProcessingLogin)});
        add(new Component[]{midpointForm});
        Component bookmarkablePageLink = new BookmarkablePageLink(ID_FORGET_PASSWORD, PageForgotPassword.class);
        bookmarkablePageLink.add(new Behavior[]{new VisibleEnableBehaviour() { // from class: com.evolveum.midpoint.web.page.login.PageLogin.2
            private static final long serialVersionUID = 1;

            @Override // com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour
            public boolean isVisible() {
                CredentialsPolicyType credentials;
                AuthenticationSequenceType sequenceByName3;
                SecurityPolicyType securityPolicy = PageLogin.this.getSecurityPolicy();
                if (securityPolicy == null) {
                    return false;
                }
                return ((securityPolicy.getCredentialsReset() != null && StringUtils.isNotBlank(securityPolicy.getCredentialsReset().getAuthenticationSequenceName()) && (sequenceByName3 = SecurityUtils.getSequenceByName(securityPolicy.getCredentialsReset().getAuthenticationSequenceName(), securityPolicy.getAuthentication())) != null && (sequenceByName3.getChannel() == null || StringUtils.isBlank(sequenceByName3.getChannel().getUrlSuffix()))) || (credentials = securityPolicy.getCredentials()) == null || ((credentials.getSecurityQuestions() == null || credentials.getSecurityQuestions().getQuestionNumber() == null) && securityPolicy.getCredentialsReset() == null)) ? false : true;
            }
        }});
        SecurityPolicyType securityPolicy = getSecurityPolicy();
        if (securityPolicy != null && securityPolicy.getCredentialsReset() != null && StringUtils.isNotBlank(securityPolicy.getCredentialsReset().getAuthenticationSequenceName()) && (sequenceByName2 = SecurityUtils.getSequenceByName(securityPolicy.getCredentialsReset().getAuthenticationSequenceName(), securityPolicy.getAuthentication())) != null) {
            if (sequenceByName2.getChannel() == null || StringUtils.isBlank(sequenceByName2.getChannel().getUrlSuffix())) {
                String str = "Sequence with name " + securityPolicy.getCredentialsReset().getAuthenticationSequenceName() + " doesn't contain urlSuffix";
                LOGGER.error(str, new IllegalArgumentException(str));
                error(str);
            }
            bookmarkablePageLink.add(new Behavior[]{AttributeModifier.replace("href", () -> {
                return "./auth/" + sequenceByName2.getChannel().getUrlSuffix();
            })});
        }
        midpointForm.add(new Component[]{bookmarkablePageLink});
        Component bookmarkablePageLink2 = new BookmarkablePageLink(ID_SELF_REGISTRATION, PageSelfRegistration.class);
        bookmarkablePageLink2.add(new Behavior[]{new VisibleEnableBehaviour() { // from class: com.evolveum.midpoint.web.page.login.PageLogin.3
            private static final long serialVersionUID = 1;

            @Override // com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour
            public boolean isVisible() {
                RegistrationsPolicyType registrationsPolicyType = null;
                try {
                    registrationsPolicyType = PageLogin.this.getModelInteractionService().getFlowPolicy((PrismObject) null, PageLogin.this.createAnonymousTask(PageLogin.OPERATION_LOAD_REGISTRATION_POLICY), new OperationResult(PageLogin.OPERATION_LOAD_REGISTRATION_POLICY));
                } catch (CommonException e) {
                    PageLogin.LOGGER.warn("Cannot read credentials policy: " + e.getMessage(), e);
                }
                return (registrationsPolicyType == null || registrationsPolicyType.getSelfRegistration() == null) ? false : true;
            }
        }});
        if (securityPolicy != null && (selfRegistrationPolicy = SecurityPolicyUtil.getSelfRegistrationPolicy(securityPolicy)) != null) {
            String additionalAuthenticationName = selfRegistrationPolicy.getAdditionalAuthenticationSequence() == null ? selfRegistrationPolicy.getAdditionalAuthenticationName() : selfRegistrationPolicy.getAdditionalAuthenticationSequence();
            if (StringUtils.isNotBlank(additionalAuthenticationName) && (sequenceByName = SecurityUtils.getSequenceByName(additionalAuthenticationName, securityPolicy.getAuthentication())) != null) {
                bookmarkablePageLink2.add(new Behavior[]{AttributeModifier.replace("href", () -> {
                    return "./auth/" + sequenceByName.getChannel().getUrlSuffix();
                })});
            }
        }
        midpointForm.add(new Component[]{bookmarkablePageLink2});
        midpointForm.add(new Component[]{SecurityUtils.createHiddenInputForCsrf(ID_CSRF_FIELD)});
    }

    private String getUrlProcessingLogin() {
        ModuleAuthentication processingModuleAuthentication;
        MidpointAuthentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return (!(authentication instanceof MidpointAuthentication) || (processingModuleAuthentication = authentication.getProcessingModuleAuthentication()) == null) ? "./spring_security_login" : ("LoginForm".equals(processingModuleAuthentication.getNameOfModuleType()) || "LDAP".equals(processingModuleAuthentication.getNameOfModuleType())) ? AuthUtil.stripSlashes(processingModuleAuthentication.getPrefix()) + "/spring_security_login" : "./spring_security_login";
    }

    protected void onDetach() {
        this.securityPolicyModel.detach();
        super.onDetach();
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -1622666157:
                if (implMethodName.equals("lambda$initCustomLayer$2ae31eae$1")) {
                    z = true;
                    break;
                }
                break;
            case -1622666156:
                if (implMethodName.equals("lambda$initCustomLayer$2ae31eae$2")) {
                    z = 2;
                    break;
                }
                break;
            case 762588317:
                if (implMethodName.equals("getUrlProcessingLogin")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case PageSystemConfiguration.CONFIGURATION_TAB_BASIC /* 0 */:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("org/apache/wicket/model/IModel") && serializedLambda.getFunctionalInterfaceMethodName().equals("getObject") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/evolveum/midpoint/web/page/login/PageLogin") && serializedLambda.getImplMethodSignature().equals("()Ljava/lang/String;")) {
                    PageLogin pageLogin = (PageLogin) serializedLambda.getCapturedArg(0);
                    return pageLogin::getUrlProcessingLogin;
                }
                break;
            case PageSystemConfiguration.CONFIGURATION_TAB_OBJECT_POLICY /* 1 */:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/apache/wicket/model/IModel") && serializedLambda.getFunctionalInterfaceMethodName().equals("getObject") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/evolveum/midpoint/web/page/login/PageLogin") && serializedLambda.getImplMethodSignature().equals("(Lcom/evolveum/midpoint/xml/ns/_public/common/common_3/AuthenticationSequenceType;)Ljava/lang/String;")) {
                    AuthenticationSequenceType authenticationSequenceType = (AuthenticationSequenceType) serializedLambda.getCapturedArg(0);
                    return () -> {
                        return "./auth/" + authenticationSequenceType.getChannel().getUrlSuffix();
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/apache/wicket/model/IModel") && serializedLambda.getFunctionalInterfaceMethodName().equals("getObject") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/evolveum/midpoint/web/page/login/PageLogin") && serializedLambda.getImplMethodSignature().equals("(Lcom/evolveum/midpoint/xml/ns/_public/common/common_3/AuthenticationSequenceType;)Ljava/lang/Object;")) {
                    AuthenticationSequenceType authenticationSequenceType2 = (AuthenticationSequenceType) serializedLambda.getCapturedArg(0);
                    return () -> {
                        return "./auth/" + authenticationSequenceType2.getChannel().getUrlSuffix();
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
