package com.evolveum.midpoint.gui.impl.page.login;

import com.evolveum.midpoint.authentication.api.authorization.AuthorizationAction;
import com.evolveum.midpoint.authentication.api.authorization.PageDescriptor;
import com.evolveum.midpoint.authentication.api.authorization.Url;
import com.evolveum.midpoint.prism.PrismContainerValue;
import com.evolveum.midpoint.prism.delta.ObjectDelta;
import com.evolveum.midpoint.schema.constants.SchemaConstants;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.schema.util.SecurityPolicyUtil;
import com.evolveum.midpoint.security.api.SecurityUtil;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.util.exception.CommunicationException;
import com.evolveum.midpoint.util.exception.ConfigurationException;
import com.evolveum.midpoint.util.exception.ExpressionEvaluationException;
import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.exception.SecurityViolationException;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AuthenticationSequenceModuleType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AuthenticationSequenceType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.MailNonceAuthenticationModuleType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.NonceCredentialsPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
import com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType;

@PageDescriptor(urls = {@Url(mountUrl = "/invitation", matchUrlForSecurity = "/invitation")}, action = {@AuthorizationAction(actionUri = "http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#invitation")}, authModule = "MailNonce")
/* loaded from: input_file:com/evolveum/midpoint/gui/impl/page/login/PageInvitation.class */
public class PageInvitation extends PageSelfRegistration {
    private static final long serialVersionUID = 1;
    private static final Trace LOGGER = TraceManager.getTrace(PageInvitation.class);
    private static final String DOT_CLASS = PageInvitation.class.getName() + ".";

    @Override // com.evolveum.midpoint.gui.impl.page.login.PageSelfRegistration
    protected UserType instantiateUser() {
        return getPrincipalFocus();
    }

    @Override // com.evolveum.midpoint.gui.impl.page.login.PageSelfRegistration
    protected ObjectDelta<UserType> prepareUserDelta(Task task, OperationResult operationResult) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException {
        ObjectDelta<UserType> objectDelta;
        LOGGER.trace("Preparing user MODIFY delta (preregistered user registration)");
        if (isCustomFormDefined()) {
            objectDelta = getDynamicFormPanel().getObjectDelta();
        } else {
            objectDelta = getPrismContext().deltaFactory().object().createEmptyModifyDelta(UserType.class, ((UserType) this.userModel.getObject()).getOid());
            if (getSelfRegistrationConfiguration().getInitialLifecycleState() != null) {
                objectDelta.addModificationReplaceProperty(UserType.F_LIFECYCLE_STATE, new String[]{getSelfRegistrationConfiguration().getInitialLifecycleState()});
            }
            objectDelta.addModificationReplaceProperty(SchemaConstants.PATH_PASSWORD_VALUE, new ProtectedStringType[]{createPassword().getValue()});
        }
        objectDelta.addModificationReplaceContainer(SchemaConstants.PATH_NONCE, new PrismContainerValue[]{createNonce(getNonceCredentialsPolicy(), task, operationResult).asPrismContainerValue()});
        LOGGER.trace("Going to register user with modifications {}", objectDelta);
        return objectDelta;
    }

    private NonceCredentialsPolicyType getNonceCredentialsPolicy() {
        AuthenticationSequenceType findSequenceByName;
        String name;
        MailNonceAuthenticationModuleType mailNonceAuthenticationModuleType;
        String credentialName;
        SecurityPolicyType resolveSecurityPolicy = resolveSecurityPolicy();
        if (resolveSecurityPolicy == null || (findSequenceByName = SecurityPolicyUtil.findSequenceByName(resolveSecurityPolicy, SecurityUtil.getInvitationSequenceName(resolveSecurityPolicy))) == null || findSequenceByName.getModule().isEmpty() || (name = ((AuthenticationSequenceModuleType) findSequenceByName.getModule().get(0)).getName()) == null || (mailNonceAuthenticationModuleType = (MailNonceAuthenticationModuleType) resolveSecurityPolicy.getAuthentication().getModules().getMailNonce().stream().filter(mailNonceAuthenticationModuleType2 -> {
            return name.equals(mailNonceAuthenticationModuleType2.getName());
        }).findFirst().orElse(null)) == null || (credentialName = mailNonceAuthenticationModuleType.getCredentialName()) == null) {
            return null;
        }
        return (NonceCredentialsPolicyType) resolveSecurityPolicy.getCredentials().getNonce().stream().filter(nonceCredentialsPolicyType -> {
            return credentialName.equals(nonceCredentialsPolicyType.getName());
        }).findFirst().orElse(null);
    }
}
