package com.sun.identity.console.user.model;

import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.console.base.model.AMAdminUtils;
import com.sun.identity.console.base.model.AMConsoleException;
import com.sun.identity.console.base.model.AMModelBase;
import com.sun.identity.console.base.model.Debugger;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdUtils;
import com.sun.identity.security.DecryptAction;
import com.sun.identity.security.EncryptAction;
import com.sun.identity.sm.OrganizationConfigManager;
import com.sun.identity.sm.SMSException;
import com.sun.identity.sm.SchemaType;
import com.sun.identity.sm.ServiceSchemaManager;
import java.security.AccessController;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.MissingResourceException;
import java.util.ResourceBundle;
import java.util.Set;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:120954-03/SUNWamcon/reloc/SUNWam/console.war:WEB-INF/lib/console.jar:com/sun/identity/console/user/model/UMUserPasswordResetOptionsModelImpl.class */
public class UMUserPasswordResetOptionsModelImpl extends AMModelBase implements UMUserPasswordResetOptionsModel {
    private OrganizationConfigManager orgCfgMgr;
    private static SSOToken adminSSOToken = AMAdminUtils.getSuperAdminSSOToken();

    public UMUserPasswordResetOptionsModelImpl(HttpServletRequest httpServletRequest, Map map) {
        super(httpServletRequest, map);
    }

    private Map getQuestions(String str) {
        String string;
        HashMap hashMap = null;
        Set<String> attributeValues = getAttributeValues(str, UMUserPasswordResetOptionsModel.PW_RESET_QUESTION, "iPlanetAMPasswordResetService");
        if (attributeValues != null && !attributeValues.isEmpty()) {
            hashMap = new HashMap(attributeValues.size() * 2);
            ResourceBundle serviceResourceBundle = getServiceResourceBundle("iPlanetAMPasswordResetService");
            for (String str2 : attributeValues) {
                String str3 = str2;
                if (serviceResourceBundle == null) {
                    string = str2;
                } else {
                    try {
                        string = serviceResourceBundle.getString(str2);
                    } catch (MissingResourceException e) {
                        Debugger.warning(new StringBuffer().append("no i18nKey defined for question ").append(e.getMessage()).toString());
                    }
                }
                str3 = string;
                hashMap.put(str2, str3);
            }
        }
        return hashMap;
    }

    @Override // com.sun.identity.console.user.model.UMUserPasswordResetOptionsModel
    public boolean isUserQuestionEnabled(String str) {
        return ((String) AMAdminUtils.getValue(getAttributeValues(str, UMUserPasswordResetOptionsModel.PW_RESET_PERSONAL_ANSWER, "iPlanetAMPasswordResetService"))).equalsIgnoreCase("true");
    }

    @Override // com.sun.identity.console.user.model.UMUserPasswordResetOptionsModel
    public int getMaxNumQuestions(String str) {
        int i = 1;
        Set attributeValues = getAttributeValues(str, UMUserPasswordResetOptionsModel.PW_RESET_MAX_NUM_OF_QUESTIONS, "iPlanetAMPasswordResetService");
        if (attributeValues != null && !attributeValues.isEmpty()) {
            try {
                i = Integer.parseInt((String) attributeValues.iterator().next());
            } catch (NumberFormatException e) {
                AMModelBase.debug.warning("UMUserPasswordResetOptionsModelImplxNumQuestions.", e);
            }
        }
        return i;
    }

    @Override // com.sun.identity.console.user.model.UMUserPasswordResetOptionsModel
    public void modifyUserOption(List list, String str, boolean z) throws AMConsoleException {
        HashMap hashMap = new HashMap(4);
        if (isLoggedInUser(str)) {
            hashMap.put(UMUserPasswordResetOptionsModel.PW_RESET_QUESTION_ANSWER, formatOptionData(list));
        }
        HashSet hashSet = new HashSet(2);
        hashSet.add(String.valueOf(z));
        hashMap.put(UMUserPasswordResetOptionsModel.PW_RESET_FORCE_RESET, hashSet);
        if (hashMap.isEmpty()) {
            return;
        }
        String[] strArr = {str, UMUserPasswordResetOptionsModel.PW_RESET_QUESTION_ANSWER};
        logEvent("ATTEMPT_MODIFY_IDENTITY_ATTRIBUTE_VALUE", strArr);
        try {
            AMIdentity identity = IdUtils.getIdentity(getUserSSOToken(), str);
            identity.setAttributes(hashMap);
            identity.store();
            logEvent("SUCCEED_MODIFY_IDENTITY_ATTRIBUTE_VALUE", strArr);
        } catch (SSOException e) {
            String errorString = getErrorString(e);
            logEvent("SSO_EXCEPTION_MODIFY_IDENTITY_ATTRIBUTE_VALUE", new String[]{str, UMUserPasswordResetOptionsModel.PW_RESET_QUESTION_ANSWER, errorString});
            throw new AMConsoleException(errorString);
        } catch (IdRepoException e2) {
            String errorString2 = getErrorString(e2);
            logEvent("IDM_EXCEPTION_MODIFY_IDENTITY_ATTRIBUTE_VALUE", new String[]{str, UMUserPasswordResetOptionsModel.PW_RESET_QUESTION_ANSWER, errorString2});
            throw new AMConsoleException(errorString2);
        }
    }

    @Override // com.sun.identity.console.user.model.UMUserPasswordResetOptionsModel
    public boolean isForceReset(String str) {
        boolean z = false;
        try {
            String[] strArr = {str, UMUserPasswordResetOptionsModel.PW_RESET_FORCE_RESET};
            logEvent("ATTEMPT_READ_IDENTITY_ATTRIBUTE_VALUE", strArr);
            Set attribute = IdUtils.getIdentity(getUserSSOToken(), str).getAttribute(UMUserPasswordResetOptionsModel.PW_RESET_FORCE_RESET);
            logEvent("SUCCEED_READ_IDENTITY_ATTRIBUTE_VALUE", strArr);
            if (attribute != null && !attribute.isEmpty()) {
                z = ((String) AMAdminUtils.getValue(attribute)).equalsIgnoreCase("true");
            }
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_READ_IDENTITY_ATTRIBUTE_VALUE", new String[]{str, UMUserPasswordResetOptionsModel.PW_RESET_FORCE_RESET, getErrorString(e)});
            AMModelBase.debug.warning("UMUserPasswordResetOptionsModelImpl.isForceReset", e);
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_READ_IDENTITY_ATTRIBUTE_VALUE", new String[]{str, UMUserPasswordResetOptionsModel.PW_RESET_FORCE_RESET, getErrorString(e2)});
            AMModelBase.debug.warning("UMUserPasswordResetOptionsModelImpl.isForceReset", e2);
        }
        return z;
    }

    private Set formatOptionData(List list) throws AMConsoleException {
        HashSet hashSet;
        if (list == null || list.isEmpty()) {
            hashSet = new HashSet(2);
            hashSet.add("");
        } else {
            hashSet = new HashSet(list.size() * 2);
            Iterator it = list.iterator();
            while (it.hasNext()) {
                UMUserPasswordResetOptionsData uMUserPasswordResetOptionsData = (UMUserPasswordResetOptionsData) it.next();
                uMUserPasswordResetOptionsData.validate();
                if (uMUserPasswordResetOptionsData != null) {
                    hashSet.add((String) AccessController.doPrivileged(new EncryptAction(new StringBuffer().append(uMUserPasswordResetOptionsData.getQuestion()).append("\t").append(uMUserPasswordResetOptionsData.getAnswer()).append("\t").append(uMUserPasswordResetOptionsData.getDataStatus()).toString())));
                }
            }
        }
        return hashSet;
    }

    @Override // com.sun.identity.console.user.model.UMUserPasswordResetOptionsModel
    public List getUserAnswers(String str) throws AMConsoleException {
        try {
            String[] strArr = {str, UMUserPasswordResetOptionsModel.PW_RESET_QUESTION_ANSWER};
            logEvent("ATTEMPT_READ_IDENTITY_ATTRIBUTE_VALUE", strArr);
            AMIdentity identity = IdUtils.getIdentity(getUserSSOToken(), str);
            Set attribute = identity.getAttribute(UMUserPasswordResetOptionsModel.PW_RESET_QUESTION_ANSWER);
            logEvent("SUCCEED_READ_IDENTITY_ATTRIBUTE_VALUE", strArr);
            return getUserPasswordResetAnswers(identity, attribute);
        } catch (SSOException e) {
            String errorString = getErrorString(e);
            logEvent("SSO_EXCEPTION_READ_IDENTITY_ATTRIBUTE_VALUE", new String[]{str, UMUserPasswordResetOptionsModel.PW_RESET_QUESTION_ANSWER, errorString});
            throw new AMConsoleException(errorString);
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_READ_IDENTITY_ATTRIBUTE_VALUE", new String[]{str, UMUserPasswordResetOptionsModel.PW_RESET_QUESTION_ANSWER, getErrorString(e2)});
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    private List getUserPasswordResetAnswers(AMIdentity aMIdentity, Set set) {
        ArrayList arrayList = new ArrayList();
        String realm = aMIdentity.getRealm();
        boolean isUserQuestionEnabled = isUserQuestionEnabled(realm);
        UMUserPasswordResetOptionsData uMUserPasswordResetOptionsData = null;
        Map questions = getQuestions(realm);
        HashSet hashSet = new HashSet(questions.size() * 2);
        Map parseUserQuestionAnswers = parseUserQuestionAnswers(set, isUserQuestionEnabled, questions);
        for (String str : questions.keySet()) {
            UMUserPasswordResetOptionsData uMUserPasswordResetOptionsData2 = (UMUserPasswordResetOptionsData) parseUserQuestionAnswers.get(str);
            if (uMUserPasswordResetOptionsData2 == null) {
                arrayList.add(new UMUserPasswordResetOptionsData(str, (String) questions.get(str), "", 0));
            } else if (uMUserPasswordResetOptionsData2.isPersonalQuestion()) {
                uMUserPasswordResetOptionsData = uMUserPasswordResetOptionsData2;
            } else {
                arrayList.add(uMUserPasswordResetOptionsData2);
                hashSet.add(str);
            }
        }
        if (isUserQuestionEnabled) {
            if (uMUserPasswordResetOptionsData == null) {
                uMUserPasswordResetOptionsData = new UMUserPasswordResetOptionsData("", "", "", 2);
            }
            arrayList.add(uMUserPasswordResetOptionsData);
        }
        return arrayList;
    }

    private Map parseUserQuestionAnswers(Set set, boolean z, Map map) {
        UMUserPasswordResetOptionsData pwdResetOptionData;
        HashMap hashMap = new HashMap();
        if (set != null && !set.isEmpty()) {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                StringTokenizer stringTokenizer = new StringTokenizer((String) AccessController.doPrivileged(new DecryptAction((String) it.next())), "\t");
                if (stringTokenizer.countTokens() == 3 && (pwdResetOptionData = getPwdResetOptionData(stringTokenizer, map, z)) != null) {
                    hashMap.put(pwdResetOptionData.getQuestion(), pwdResetOptionData);
                }
            }
        }
        return hashMap;
    }

    private UMUserPasswordResetOptionsData getPwdResetOptionData(StringTokenizer stringTokenizer, Map map, boolean z) {
        UMUserPasswordResetOptionsData uMUserPasswordResetOptionsData = null;
        String nextToken = stringTokenizer.nextToken();
        String nextToken2 = stringTokenizer.nextToken();
        String nextToken3 = stringTokenizer.nextToken();
        try {
            int parseInt = Integer.parseInt(nextToken3);
            String str = null;
            switch (parseInt) {
                case 0:
                case 1:
                    str = (String) map.get(nextToken);
                    break;
            }
            if (str == null && z) {
                str = nextToken;
            }
            if (str != null) {
                uMUserPasswordResetOptionsData = new UMUserPasswordResetOptionsData(nextToken, str, nextToken2, parseInt);
            }
        } catch (NumberFormatException e) {
            if (AMModelBase.debug.warningEnabled()) {
                AMModelBase.debug.warning(new StringBuffer().append("UMUserPasswordResetOptionsModelImpl.getUserPasswordResetAnswers: ").append(nextToken3).toString(), e);
            }
        }
        return uMUserPasswordResetOptionsData;
    }

    private Set getAttributeValues(String str, String str2, String str3) {
        Set globalAttributeValues;
        try {
            String[] strArr = {str, str3, str2};
            logEvent("ATTEMPT_GET_ATTR_VALUE_OF_SERVICE_UNDER_REALM", strArr);
            globalAttributeValues = (Set) getOrganizationConfigManager(str).getServiceAttributes(str3).get(str2);
            logEvent("SUCCEED_GET_ATTR_VALUE_OF_SERVICE_UNDER_REALM", strArr);
        } catch (SMSException e) {
            logEvent("SMS_EXCEPTION_GET_ATTR_VALUE_OF_SERVICE_UNDER_REALM", new String[]{str, str3, str2, getErrorString(e)});
            globalAttributeValues = getGlobalAttributeValues(str2, str3);
        }
        return globalAttributeValues == null ? Collections.EMPTY_SET : globalAttributeValues;
    }

    private Set getGlobalAttributeValues(String str, String str2) {
        Set set = null;
        try {
            String[] strArr = {str2, SchemaType.GLOBAL.getType(), str};
            logEvent("ATTEMPT_GET_ATTR_VALUE_SCHEMA_TYPE", strArr);
            set = AMAdminUtils.getAttribute(new ServiceSchemaManager(str2, getUserSSOToken()), SchemaType.GLOBAL, str);
            logEvent("SUCCEED_GET_ATTR_VALUE_SCHEMA_TYPE", strArr);
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_GET_ATTR_VALUE_SCHEMA_TYPE", new String[]{str2, SchemaType.GLOBAL.getType(), str, getErrorString(e)});
            AMModelBase.debug.error("UMUserPasswordResetOptionsModelImpl.getGlobalAttributeValues", e);
        } catch (SMSException e2) {
            logEvent("SMS_EXCEPTION_GET_ATTR_VALUE_SCHEMA_TYPE", new String[]{str2, SchemaType.GLOBAL.getType(), str, getErrorString(e2)});
            AMModelBase.debug.error("UMUserPasswordResetOptionsModelImpl.getGlobalAttributeValues", e2);
        }
        return set == null ? Collections.EMPTY_SET : set;
    }

    private OrganizationConfigManager getOrganizationConfigManager(String str) {
        if (this.orgCfgMgr == null) {
            try {
                this.orgCfgMgr = new OrganizationConfigManager(adminSSOToken, str);
            } catch (SMSException e) {
                AMModelBase.debug.error("UMUserPasswordResetOptionsModelImpl.getOrganizationConfigManager", e);
            }
        }
        return this.orgCfgMgr;
    }

    @Override // com.sun.identity.console.user.model.UMUserPasswordResetOptionsModel
    public boolean isLoggedInUser(String str) {
        return str.equals(getUserName());
    }
}
