package com.evolveum.midpoint.gui.impl.page.login;

import com.evolveum.midpoint.authentication.api.AuthenticationChannel;
import com.evolveum.midpoint.authentication.api.config.MidpointAuthentication;
import com.evolveum.midpoint.gui.api.page.PageAdminLTE;
import com.evolveum.midpoint.prism.PrismContext;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.PrismPropertyValue;
import com.evolveum.midpoint.prism.impl.query.builder.QueryBuilder;
import com.evolveum.midpoint.prism.path.ItemPath;
import com.evolveum.midpoint.prism.query.ObjectQuery;
import com.evolveum.midpoint.prism.query.builder.S_FilterExit;
import com.evolveum.midpoint.schema.SearchResultList;
import com.evolveum.midpoint.schema.constants.SchemaConstants;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.util.exception.CommonException;
import com.evolveum.midpoint.util.exception.CommunicationException;
import com.evolveum.midpoint.util.exception.ConfigurationException;
import com.evolveum.midpoint.util.exception.ExpressionEvaluationException;
import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.exception.SecurityViolationException;
import com.evolveum.midpoint.util.logging.LoggingUtils;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.web.component.AjaxButton;
import com.evolveum.midpoint.web.component.prism.DynamicFormPanel;
import com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
import java.lang.invoke.SerializedLambda;
import java.util.List;
import org.apache.wicket.RestartResponseException;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.markup.html.WebMarkupContainer;
import org.apache.wicket.markup.html.form.Form;
import org.jetbrains.annotations.NotNull;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:WEB-INF/lib/admin-gui-4.6-SNAPSHOT.jar:com/evolveum/midpoint/gui/impl/page/login/PageAuthenticationBase.class */
public abstract class PageAuthenticationBase extends AbstractPageLogin {
    private static final long serialVersionUID = 1;
    private static final String DOT_CLASS = PageAuthenticationBase.class.getName() + ".";
    private static final String OPERATION_GET_SECURITY_POLICY = DOT_CLASS + "getSecurityPolicy";
    protected static final String OPERATION_LOAD_DYNAMIC_FORM = DOT_CLASS + "loadDynamicForm";
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) PageAuthenticationBase.class);
    protected static final String ID_DYNAMIC_LAYOUT = "dynamicLayout";
    protected static final String ID_DYNAMIC_FORM = "dynamicForm";
    private ObjectReferenceType formRef;

    private void initFormRef() {
        SecurityPolicyType resolveSecurityPolicy = resolveSecurityPolicy();
        if (resolveSecurityPolicy.getCredentialsReset() != null) {
            this.formRef = resolveSecurityPolicy.getCredentialsReset().getFormRef();
        }
    }

    @NotNull
    private SecurityPolicyType resolveSecurityPolicy() {
        SecurityPolicyType resolveSecurityPolicy = resolveSecurityPolicy(null);
        if (resolveSecurityPolicy != null) {
            return resolveSecurityPolicy;
        }
        LOGGER.error("No security policy defined.");
        getSession().error(createStringResource("PageSelfRegistrationOld.securityPolicy.notFound", new Object[0]).getString());
        throw new RestartResponseException(PageLogin.class);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SecurityPolicyType resolveSecurityPolicy(PrismObject<UserType> prismObject) {
        return (SecurityPolicyType) runPrivileged(() -> {
            Task createAnonymousTask = createAnonymousTask(OPERATION_GET_SECURITY_POLICY);
            createAnonymousTask.setChannel(SchemaConstants.CHANNEL_SELF_REGISTRATION_URI);
            try {
                return getModelInteractionService().getSecurityPolicy(prismObject, createAnonymousTask, new OperationResult(OPERATION_GET_SECURITY_POLICY));
            } catch (CommonException e) {
                LOGGER.error("Could not retrieve security policy: {}", e.getMessage(), e);
                return null;
            }
        });
    }

    public ObjectReferenceType getFormRef() {
        if (this.formRef == null) {
            initFormRef();
        }
        return this.formRef;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initDynamicLayout(Form<?> form, PageAdminLTE pageAdminLTE) {
        WebMarkupContainer webMarkupContainer = new WebMarkupContainer(ID_DYNAMIC_LAYOUT);
        webMarkupContainer.setOutputMarkupId(true);
        form.add(webMarkupContainer);
        webMarkupContainer.add(new VisibleEnableBehaviour() { // from class: com.evolveum.midpoint.gui.impl.page.login.PageAuthenticationBase.1
            private static final long serialVersionUID = 1;

            @Override // com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour
            public boolean isVisible() {
                return PageAuthenticationBase.this.isDynamicForm();
            }
        });
        DynamicFormPanel dynamicFormPanel = (DynamicFormPanel) runPrivileged(() -> {
            ObjectReferenceType formRef = getFormRef();
            if (formRef == null) {
                return null;
            }
            return new DynamicFormPanel(ID_DYNAMIC_FORM, UserType.COMPLEX_TYPE, formRef.getOid(), (Form<?>) form, createAnonymousTask(OPERATION_LOAD_DYNAMIC_FORM), pageAdminLTE, true);
        });
        if (dynamicFormPanel != null) {
            webMarkupContainer.add(dynamicFormPanel);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isDynamicForm() {
        AuthenticationChannel authenticationChannel;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return (!(authentication instanceof MidpointAuthentication) || (authenticationChannel = ((MidpointAuthentication) authentication).getAuthenticationChannel()) == null || SchemaConstants.CHANNEL_RESET_PASSWORD_URI.equals(authenticationChannel.getChannelId())) && getFormRef() != null;
    }

    protected void cancelPerformed() {
        setResponsePage(getMidpointApplication().getHomePage());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AjaxButton createBackButton(String str) {
        return new AjaxButton(str) { // from class: com.evolveum.midpoint.gui.impl.page.login.PageAuthenticationBase.2
            @Override // org.apache.wicket.ajax.markup.html.AjaxLink, org.apache.wicket.ajax.markup.html.IAjaxLink
            public void onClick(AjaxRequestTarget ajaxRequestTarget) {
                PageAuthenticationBase.this.cancelPerformed();
            }
        };
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public UserType searchUser() {
        ObjectQuery createDynamicFormQuery = isDynamicForm() ? createDynamicFormQuery() : createStaticFormQuery();
        if (LOGGER.isTraceEnabled()) {
            LOGGER.trace("Searching for user with query:\n{}", createDynamicFormQuery.debugDump(1));
        }
        return searchUserPrivileged(createDynamicFormQuery);
    }

    protected abstract ObjectQuery createStaticFormQuery();

    protected UserType searchUserPrivileged(ObjectQuery objectQuery) {
        return (UserType) runPrivileged(() -> {
            try {
                SearchResultList searchObjects = getModelService().searchObjects(UserType.class, objectQuery, null, createAnonymousTask("load user"), new OperationResult("search user"));
                if (searchObjects == null || searchObjects.isEmpty()) {
                    LOGGER.trace("Empty user list in ForgetPassword");
                    return null;
                }
                if (searchObjects.size() > 1) {
                    LOGGER.trace("Problem while seeking for user");
                    return null;
                }
                UserType userType = (UserType) ((PrismObject) searchObjects.iterator().next()).asObjectable();
                LOGGER.trace("User found for ForgetPassword: {}", userType);
                return userType;
            } catch (CommunicationException | ConfigurationException | ExpressionEvaluationException | ObjectNotFoundException | SchemaException | SecurityViolationException e) {
                LoggingUtils.logException(LOGGER, "failed to search user", e, new Object[0]);
                return null;
            }
        });
    }

    protected ObjectQuery createDynamicFormQuery() {
        DynamicFormPanel<UserType> dynamicForm = getDynamicForm();
        List<ItemPath> changedItems = dynamicForm.getChangedItems();
        try {
            PrismObject<UserType> object = dynamicForm.getObject();
            S_FilterExit all = QueryBuilder.queryFor(UserType.class, PrismContext.get()).all();
            for (ItemPath itemPath : changedItems) {
                all = all.and().item(itemPath).eq(((PrismPropertyValue) object.findProperty(itemPath).getAnyValue()).mo1094clone());
            }
            return all.build();
        } catch (SchemaException e) {
            getSession().error(getString("pageForgetPassword.message.usernotfound"));
            throw new RestartResponseException(getClass());
        }
    }

    protected abstract DynamicFormPanel<UserType> getDynamicForm();

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case 220337003:
                if (implMethodName.equals("lambda$searchUserPrivileged$8a8e3417$1")) {
                    z = 2;
                    break;
                }
                break;
            case 1128233535:
                if (implMethodName.equals("lambda$resolveSecurityPolicy$a5482f47$1")) {
                    z = false;
                    break;
                }
                break;
            case 2018243490:
                if (implMethodName.equals("lambda$initDynamicLayout$5ef737b$1")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("com/evolveum/midpoint/util/Producer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/evolveum/midpoint/gui/impl/page/login/PageAuthenticationBase") && serializedLambda.getImplMethodSignature().equals("(Lcom/evolveum/midpoint/prism/PrismObject;)Lcom/evolveum/midpoint/xml/ns/_public/common/common_3/SecurityPolicyType;")) {
                    PageAuthenticationBase pageAuthenticationBase = (PageAuthenticationBase) serializedLambda.getCapturedArg(0);
                    PrismObject prismObject = (PrismObject) serializedLambda.getCapturedArg(1);
                    return () -> {
                        Task createAnonymousTask = createAnonymousTask(OPERATION_GET_SECURITY_POLICY);
                        createAnonymousTask.setChannel(SchemaConstants.CHANNEL_SELF_REGISTRATION_URI);
                        try {
                            return getModelInteractionService().getSecurityPolicy(prismObject, createAnonymousTask, new OperationResult(OPERATION_GET_SECURITY_POLICY));
                        } catch (CommonException e) {
                            LOGGER.error("Could not retrieve security policy: {}", e.getMessage(), e);
                            return null;
                        }
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("com/evolveum/midpoint/util/Producer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/evolveum/midpoint/gui/impl/page/login/PageAuthenticationBase") && serializedLambda.getImplMethodSignature().equals("(Lorg/apache/wicket/markup/html/form/Form;Lcom/evolveum/midpoint/gui/api/page/PageAdminLTE;)Lcom/evolveum/midpoint/web/component/prism/DynamicFormPanel;")) {
                    PageAuthenticationBase pageAuthenticationBase2 = (PageAuthenticationBase) serializedLambda.getCapturedArg(0);
                    Form form = (Form) serializedLambda.getCapturedArg(1);
                    PageAdminLTE pageAdminLTE = (PageAdminLTE) serializedLambda.getCapturedArg(2);
                    return () -> {
                        ObjectReferenceType formRef = getFormRef();
                        if (formRef == null) {
                            return null;
                        }
                        return new DynamicFormPanel(ID_DYNAMIC_FORM, UserType.COMPLEX_TYPE, formRef.getOid(), (Form<?>) form, createAnonymousTask(OPERATION_LOAD_DYNAMIC_FORM), pageAdminLTE, true);
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("com/evolveum/midpoint/util/Producer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/evolveum/midpoint/gui/impl/page/login/PageAuthenticationBase") && serializedLambda.getImplMethodSignature().equals("(Lcom/evolveum/midpoint/prism/query/ObjectQuery;)Lcom/evolveum/midpoint/xml/ns/_public/common/common_3/UserType;")) {
                    PageAuthenticationBase pageAuthenticationBase3 = (PageAuthenticationBase) serializedLambda.getCapturedArg(0);
                    ObjectQuery objectQuery = (ObjectQuery) serializedLambda.getCapturedArg(1);
                    return () -> {
                        try {
                            SearchResultList searchObjects = getModelService().searchObjects(UserType.class, objectQuery, null, createAnonymousTask("load user"), new OperationResult("search user"));
                            if (searchObjects == null || searchObjects.isEmpty()) {
                                LOGGER.trace("Empty user list in ForgetPassword");
                                return null;
                            }
                            if (searchObjects.size() > 1) {
                                LOGGER.trace("Problem while seeking for user");
                                return null;
                            }
                            UserType userType = (UserType) ((PrismObject) searchObjects.iterator().next()).asObjectable();
                            LOGGER.trace("User found for ForgetPassword: {}", userType);
                            return userType;
                        } catch (CommunicationException | ConfigurationException | ExpressionEvaluationException | ObjectNotFoundException | SchemaException | SecurityViolationException e) {
                            LoggingUtils.logException(LOGGER, "failed to search user", e, new Object[0]);
                            return null;
                        }
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
