package com.evolveum.midpoint.authentication.impl.evaluator;

import com.evolveum.midpoint.authentication.api.evaluator.context.AttributeVerificationAuthenticationContext;
import com.evolveum.midpoint.prism.Item;
import com.evolveum.midpoint.prism.path.ItemPath;
import com.evolveum.midpoint.security.api.ConnectionEnvironment;
import com.evolveum.midpoint.security.api.MidPointPrincipal;
import com.evolveum.midpoint.security.api.SecurityUtil;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AttributeVerificationCredentialsPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AttributeVerificationCredentialsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import org.jetbrains.annotations.NotNull;
import org.springframework.stereotype.Component;

@Component("attributeVerificationEvaluator")
/* loaded from: input_file:BOOT-INF/lib/authentication-impl-4.8.9-SNAPSHOT.jar:com/evolveum/midpoint/authentication/impl/evaluator/AttributeVerificationEvaluatorImpl.class */
public class AttributeVerificationEvaluatorImpl extends CredentialsAuthenticationEvaluatorImpl<AttributeVerificationCredentialsType, AttributeVerificationAuthenticationContext> {
    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.authentication.impl.evaluator.CredentialsAuthenticationEvaluatorImpl
    public void checkEnteredCredentials(ConnectionEnvironment connectionEnvironment, AttributeVerificationAuthenticationContext attributeVerificationAuthenticationContext) {
    }

    @Override // com.evolveum.midpoint.authentication.impl.evaluator.CredentialsAuthenticationEvaluatorImpl
    protected boolean supportsAuthzCheck() {
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.evolveum.midpoint.authentication.impl.evaluator.CredentialsAuthenticationEvaluatorImpl
    public AttributeVerificationCredentialsType getCredential(CredentialsType credentialsType) {
        if (credentialsType.getAttributeVerification() == null) {
            credentialsType.setAttributeVerification(new AttributeVerificationCredentialsType());
        }
        return credentialsType.getAttributeVerification();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.authentication.impl.evaluator.CredentialsAuthenticationEvaluatorImpl
    public void validateCredentialNotNull(ConnectionEnvironment connectionEnvironment, @NotNull MidPointPrincipal midPointPrincipal, AttributeVerificationCredentialsType attributeVerificationCredentialsType) {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.authentication.impl.evaluator.CredentialsAuthenticationEvaluatorImpl
    public boolean passwordMatches(ConnectionEnvironment connectionEnvironment, @NotNull MidPointPrincipal midPointPrincipal, AttributeVerificationCredentialsType attributeVerificationCredentialsType, AttributeVerificationAuthenticationContext attributeVerificationAuthenticationContext) {
        Map<ItemPath, String> attributeValuesMap = attributeVerificationAuthenticationContext.getAttributeValuesMap();
        if (attributeValuesMap == null || attributeValuesMap.isEmpty()) {
            return false;
        }
        Iterator<Map.Entry<ItemPath, String>> it = attributeValuesMap.entrySet().iterator();
        while (it.hasNext()) {
            if (!attributeValueMatches(midPointPrincipal.getFocus(), it.next())) {
                return false;
            }
        }
        return true;
    }

    private boolean attributeValueMatches(FocusType focusType, Map.Entry<ItemPath, String> entry) {
        Item findProperty = focusType.asPrismObject().findProperty(entry.getKey());
        if (findProperty == null) {
            return false;
        }
        return entry.getValue().equals(Objects.requireNonNullElse(findProperty.getRealValue(), "").toString());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.authentication.impl.evaluator.CredentialsAuthenticationEvaluatorImpl
    public AttributeVerificationCredentialsPolicyType getEffectiveCredentialPolicy(SecurityPolicyType securityPolicyType, AttributeVerificationAuthenticationContext attributeVerificationAuthenticationContext) {
        AttributeVerificationCredentialsPolicyType policy = attributeVerificationAuthenticationContext.getPolicy();
        if (policy == null) {
            policy = SecurityUtil.getEffectiveAttributeVerificationCredentialsPolicy(securityPolicyType);
        }
        attributeVerificationAuthenticationContext.setPolicy(policy);
        return policy;
    }

    @Override // com.evolveum.midpoint.authentication.impl.evaluator.CredentialsAuthenticationEvaluatorImpl
    protected boolean supportsActivation() {
        return true;
    }
}
