package com.sun.identity.password.ui.model;

import com.iplanet.am.sdk.AMException;
import com.iplanet.am.sdk.AMOrganization;
import com.iplanet.am.sdk.AMOrganizationalUnit;
import com.iplanet.am.sdk.AMStoreConnection;
import com.iplanet.am.sdk.AMTemplate;
import com.iplanet.am.sdk.AMUser;
import com.iplanet.am.util.AMSendMail;
import com.iplanet.am.util.Debug;
import com.iplanet.am.util.Locale;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.authentication.internal.AuthPrincipal;
import com.sun.identity.common.Constants;
import com.sun.identity.common.ISLocaleContext;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.security.AdminDNAction;
import com.sun.identity.security.AdminPasswordAction;
import com.sun.identity.sm.AttributeSchema;
import com.sun.identity.sm.SMSException;
import com.sun.identity.sm.SchemaType;
import com.sun.identity.sm.ServiceSchema;
import com.sun.identity.sm.ServiceSchemaManager;
import java.security.AccessController;
import java.text.MessageFormat;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.MissingResourceException;
import java.util.ResourceBundle;
import java.util.Set;
import javax.mail.MessagingException;
import netscape.ldap.util.DN;

/* loaded from: input_file:119465-03/SUNWampwd/reloc/SUNWam/password.war:WEB-INF/lib/am_password.jar:com/sun/identity/password/ui/model/PWResetModelImpl.class */
public class PWResetModelImpl implements PWResetModel {
    private static final String ROOT_SUFFIX = "com.iplanet.am.rootsuffix";
    private static final String PW_RESET_ENABLED_ATTR = "iplanet-am-password-reset-enabled";
    private static final String PW_RESET_FAILURE_LOCKOUT_MODE = "iplanet-am-password-reset-failure-lockout-mode";
    private static final String PW_RESET_LOCKOUT_EMAIL_ADDRESS = "iplanet-am-password-reset-lockout-email-address";
    private static final String PW_RESET_FAILURE_DURATION = "iplanet-am-password-reset-failure-duration";
    private static final String PW_RESET_LOCKOUT_WARN_USER = "iplanet-am-password-reset-lockout-warn-user";
    private static final String PW_RESET_FAILURE_COUNT = "iplanet-am-password-reset-failure-count";
    private static final String PW_RESET_FAILURE_LOCKOUT_DURATION = "iplanet-am-password-reset-lockout-duration";
    private static final String LOCALE_STR = "Locale";
    private static final String PW_RESET_LOCKOUT_ATTR_NAME = "iplanet-am-password-reset-lockout-attribute-name";
    private static final String PW_RESET_LOCKOUT_ATTR_VALUE = "iplanet-am-password-reset-lockout-attribute-value";
    public static final String STRING_TRUE = "true";
    protected SSOToken ssoToken;
    protected AMStoreConnection dpStoreConn = null;
    protected ResourceBundle resBundle = null;
    protected String userDN = null;
    protected String errorMsg = null;
    protected String informationMsg = null;
    protected String passwordResetMsg = null;
    protected PWResetAdminLog logger = null;
    protected ISLocaleContext localeContext = new ISLocaleContext();
    private Map mapSvcSchemaMgrs = new HashMap(10);
    private String rbName = PWResetModel.DEFAULT_RB;
    private boolean pwResetEnable = true;
    private String superAdmin = SystemProperties.get(Constants.AUTHENTICATION_SUPER_USER, "");
    private boolean pwResetFailureLockoutMode = false;
    private long pwResetFailureLockoutDuration = 0;
    private long pwResetFailureLockoutTime = PW_RESET_FAILURE_DURATION_TIME * NUM_OF_MILLISECS_IN_MIN;
    private int pwResetFailureLockoutCnt = PW_RESET_FAILURE_LOCKOUT_COUNT;
    private String pwResetLockoutNotification = null;
    private int pwResetLockoutUserWarningCnt = PW_RESET_LOCKOUT_USER_WARN_COUNT;
    public String pwResetLockoutAttrName = null;
    public String pwResetLockoutAttrValue = null;
    private static final String PASSWORD_DEBUG_FILENAME = "amPasswordReset";
    public static Debug debug = Debug.getInstance(PASSWORD_DEBUG_FILENAME);
    public static final String rootSuffix = SystemProperties.get("com.iplanet.am.rootsuffix");
    private static int NUM_OF_MILLISECS_IN_MIN = IFSConstants.ASSERTION_TIMEOUT_ALLOWED_DIFFERENCE;
    private static int PW_RESET_FAILURE_DURATION_TIME = 300;
    private static int PW_RESET_FAILURE_LOCKOUT_COUNT = 5;
    private static int PW_RESET_LOCKOUT_USER_WARN_COUNT = 4;

    public PWResetModelImpl() {
        initialize();
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public String getLocalizedString(String str) {
        String str2 = str;
        try {
            str2 = PWResetResBundleCacher.getBundle(PWResetModel.DEFAULT_RB, this.localeContext.getLocale()).getString(str);
        } catch (MissingResourceException e) {
            if (debug.warningEnabled()) {
                debug.warning(new StringBuffer().append("no ResourceBundle found for ").append(str).toString(), e);
            }
        }
        return str2;
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public ISLocaleContext getUserLocaleContext() {
        return this.localeContext;
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public void debugError(String str) {
        debug.error(str);
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public void debugError(String str, Exception exc) {
        debug.error(str, exc);
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public boolean warningEnabled() {
        return debug.warningEnabled();
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public void debugWarning(String str) {
        debug.warning(str);
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public void debugWarning(String str, Exception exc) {
        debug.warning(str, exc);
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public boolean messageEnabled() {
        return debug.messageEnabled();
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public void debugMessage(String str) {
        debug.message(str);
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public void debugMessage(String str, Exception exc) {
        debug.message(str, exc);
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public String getHTMLPageTitle() {
        return getLocalizedString("pwConsole.title");
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public boolean isPasswordResetEnabled() {
        return this.pwResetEnable;
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public String getUserDN() {
        return this.userDN;
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public void setUserDN(String str) {
        this.userDN = str;
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public String getErrorTitle() {
        return getLocalizedString("error.title");
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public String getErrorMessage() {
        return this.errorMsg;
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public boolean isError() {
        return this.errorMsg != null && this.errorMsg.length() > 0;
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public String getCopyRightText() {
        return getLocalizedString("copyright.text");
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public String getPasswordResetMessage() {
        return this.passwordResetMsg;
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public String getErrorString(Exception exc) {
        String message;
        ResourceBundle bundle = PWResetResBundleCacher.getBundle("amProfile", this.localeContext.getLocale());
        if (exc instanceof AMException) {
            AMException aMException = (AMException) exc;
            message = Locale.getString(bundle, aMException.getErrorCode(), debug);
            Object[] messageArgs = aMException.getMessageArgs();
            if (messageArgs != null && messageArgs.length > 0) {
                message = MessageFormat.format(message, messageArgs);
            }
        } else {
            message = exc instanceof SSOException ? ((SSOException) exc).getMessage() : exc.getMessage();
        }
        return message;
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public String getRootSuffix() {
        return rootSuffix;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ServiceSchema getPWResetServiceSchema() {
        ServiceSchema serviceSchema = null;
        try {
            serviceSchema = getServiceSchemaManager("iPlanetAMPasswordResetService").getSchema(SchemaType.ORGANIZATION);
        } catch (Exception e) {
            debug.error("Could not get the password service schema", e);
        }
        return serviceSchema;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SSOToken getSSOToken() throws SSOException {
        if (this.ssoToken == null) {
            SSOTokenManager sSOTokenManager = SSOTokenManager.getInstance();
            String str = (String) AccessController.doPrivileged(new AdminDNAction());
            try {
                this.ssoToken = sSOTokenManager.createSSOToken(new AuthPrincipal(str), (String) AccessController.doPrivileged(new AdminPasswordAction()));
            } catch (SSOException e) {
                debug.error(new StringBuffer().append("Could not sso token for ").append(str).toString(), e);
            }
        }
        return this.ssoToken;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ServiceSchemaManager getServiceSchemaManager(String str) throws SSOException, SMSException {
        ServiceSchemaManager serviceSchemaManager = (ServiceSchemaManager) this.mapSvcSchemaMgrs.get(str);
        if (serviceSchemaManager == null) {
            serviceSchemaManager = new ServiceSchemaManager(str, this.ssoToken);
            this.mapSvcSchemaMgrs.put(str, serviceSchemaManager);
        }
        return serviceSchemaManager;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getL10NAttributeName(ServiceSchemaManager serviceSchemaManager, String str) {
        String str2 = str;
        try {
            String i18NFileName = serviceSchemaManager.getI18NFileName();
            if (i18NFileName != null) {
                str2 = Locale.getString(PWResetResBundleCacher.getBundle(i18NFileName, this.localeContext.getLocale()), str, debug);
            }
        } catch (MissingResourceException e) {
            if (debug.warningEnabled()) {
                debug.warning(new StringBuffer().append("Could not localized str for ").append(str).toString(), e);
            }
        }
        return str2;
    }

    public String getL10NAttributeName(String str, String str2) {
        String str3 = str2;
        try {
            String i18NPropertiesFileName = this.dpStoreConn.getI18NPropertiesFileName(str);
            if (i18NPropertiesFileName != null) {
                str3 = Locale.getString(PWResetResBundleCacher.getBundle(i18NPropertiesFileName, this.localeContext.getLocale()), str2, debug);
            }
        } catch (AMException e) {
            if (debug.warningEnabled()) {
                debug.warning(new StringBuffer().append("Could not localized str for ").append(str2).append("in service ").append(str).toString(), e);
            }
        } catch (MissingResourceException e2) {
            if (debug.warningEnabled()) {
                debug.warning(new StringBuffer().append("Could not localized str for ").append(str2).append("in service ").append(str).toString(), e2);
            }
        }
        return str3;
    }

    protected int getObjectType(String str) throws AMException, SSOException {
        AMStoreConnection aMStoreConnection = this.dpStoreConn;
        if (DN.isDN(str)) {
            return aMStoreConnection.getAMObjectType(str);
        }
        throw new AMException("PWResetModelImpl.Invalid object type", "0");
    }

    protected AMTemplate getOrgTemplate(String str) {
        AMTemplate aMTemplate = null;
        try {
            switch (getObjectType(str)) {
                case 2:
                    AMOrganization organization = this.dpStoreConn.getOrganization(str);
                    if (organization != null && organization.orgTemplateExists("iPlanetAMPasswordResetService")) {
                        aMTemplate = organization.getTemplate("iPlanetAMPasswordResetService", AMTemplate.ORGANIZATION_TEMPLATE);
                        break;
                    }
                    break;
                case 3:
                    AMOrganizationalUnit aMOrganizationalUnit = (AMOrganizationalUnit) this.dpStoreConn.getOrganization(str);
                    if (aMOrganizationalUnit != null && aMOrganizationalUnit.orgTemplateExists("iPlanetAMPasswordResetService")) {
                        aMTemplate = aMOrganizationalUnit.getTemplate("iPlanetAMPasswordResetService", AMTemplate.ORGANIZATION_TEMPLATE);
                        break;
                    }
                    break;
            }
        } catch (AMException e) {
            debug.error(new StringBuffer().append("couldn't get password service template for ").append(str).toString(), e);
        } catch (SSOException e2) {
            debug.error(new StringBuffer().append("couldn't get password service template for ").append(str).toString(), e2);
        }
        return aMTemplate;
    }

    private void initialize() {
        try {
            this.ssoToken = getSSOToken();
            if (this.dpStoreConn == null) {
                this.dpStoreConn = new AMStoreConnection(this.ssoToken);
            }
            this.logger = new PWResetAdminLog(this.ssoToken);
            this.resBundle = PWResetResBundleCacher.getBundle(this.rbName, this.localeContext.getLocale());
        } catch (SSOException e) {
            debug.error("PWResetModelImpl.initialize", e);
        }
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public void readPWResetProfile(String str) {
        String attributeValue = getAttributeValue(str, PW_RESET_ENABLED_ATTR);
        if (attributeValue == null || !attributeValue.equals("true")) {
            this.pwResetEnable = false;
            this.informationMsg = getLocalizedString("pwResetDisabled.message");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isAttributeSet(String str, String str2) {
        String attributeValue = getAttributeValue(str, str2);
        return attributeValue != null && attributeValue.equals("true");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Set getDefaultAttrValues(ServiceSchema serviceSchema, String str) {
        AttributeSchema attributeSchema;
        Set set = Collections.EMPTY_SET;
        if (serviceSchema != null && (attributeSchema = serviceSchema.getAttributeSchema(str)) != null) {
            set = attributeSchema.getDefaultValues();
        }
        return set;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getAttributeValue(String str, String str2) {
        return getFirstElement(getAttributeValues(str, str2));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getOrgAttributeValue(String str, String str2) {
        String str3 = null;
        try {
            AMTemplate orgTemplate = getOrgTemplate(str);
            if (orgTemplate != null && orgTemplate.isExists()) {
                str3 = getFirstElement(orgTemplate.getAttribute(str2));
            }
        } catch (AMException e) {
            debug.error(new StringBuffer().append("couldn't get attribute ").append(str2).append("for ").append(str).toString(), e);
        } catch (SSOException e2) {
            debug.error(new StringBuffer().append("couldn't get attribute ").append(str2).append("for ").append(str).toString(), e2);
        }
        return str3;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Set getAttributeValues(String str, String str2) {
        Set set = Collections.EMPTY_SET;
        try {
            AMTemplate orgTemplate = getOrgTemplate(str);
            set = (orgTemplate == null || !orgTemplate.isExists()) ? getDefaultAttrValues(getPWResetServiceSchema(), str2) : orgTemplate.getAttribute(str2);
        } catch (AMException e) {
            debug.error(new StringBuffer().append("couldn't get attribute ").append(str2).append("for ").append(str).toString(), e);
        } catch (SSOException e2) {
            debug.error(new StringBuffer().append("couldn't get attribute ").append(str2).append("for ").append(str).toString(), e2);
        }
        return set;
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public String getInformationMessage() {
        return this.informationMsg;
    }

    public static String getFirstElement(Set set) {
        return (set == null || set.isEmpty()) ? "" : (String) set.iterator().next();
    }

    public void writeLog(String str, String str2) {
        this.logger.doLog(MessageFormat.format(getLocalizedString(str), str2));
    }

    public boolean isPasswordResetFailureLockoutEnabled() {
        return this.pwResetFailureLockoutMode;
    }

    public long getPasswordResetFailureLockoutDuration() {
        return this.pwResetFailureLockoutDuration;
    }

    public long getPasswordResetFailureLockoutTime() {
        return this.pwResetFailureLockoutTime;
    }

    public int getPasswordResetFailureLockoutCount() {
        return this.pwResetFailureLockoutCnt;
    }

    public String getPasswordResetLockoutNotification() {
        return this.pwResetLockoutNotification;
    }

    public int getPasswordResetLockoutUserWarningCount() {
        return this.pwResetLockoutUserWarningCnt;
    }

    public void populateLockoutValues(String str) {
        String attributeValue = getAttributeValue(str, PW_RESET_FAILURE_LOCKOUT_MODE);
        if (attributeValue != null && attributeValue.equals("true")) {
            this.pwResetFailureLockoutMode = true;
        }
        String attributeValue2 = getAttributeValue(str, PW_RESET_FAILURE_DURATION);
        if (attributeValue2 != null && attributeValue2.length() > 0) {
            this.pwResetFailureLockoutTime = Long.parseLong(attributeValue2);
            this.pwResetFailureLockoutTime *= NUM_OF_MILLISECS_IN_MIN;
        }
        this.pwResetLockoutNotification = getAttributeValue(str, PW_RESET_LOCKOUT_EMAIL_ADDRESS);
        String attributeValue3 = getAttributeValue(str, PW_RESET_LOCKOUT_WARN_USER);
        if (attributeValue3 != null && attributeValue3.length() > 0) {
            this.pwResetLockoutUserWarningCnt = Integer.parseInt(attributeValue3);
        }
        String attributeValue4 = getAttributeValue(str, PW_RESET_FAILURE_LOCKOUT_DURATION);
        if (attributeValue4 != null && attributeValue4.length() > 0) {
            this.pwResetFailureLockoutDuration = Long.parseLong(attributeValue4);
            this.pwResetFailureLockoutDuration *= NUM_OF_MILLISECS_IN_MIN;
        }
        String attributeValue5 = getAttributeValue(str, PW_RESET_FAILURE_COUNT);
        if (attributeValue5 != null && attributeValue5.length() > 0) {
            this.pwResetFailureLockoutCnt = Integer.parseInt(attributeValue5);
        }
        String attributeValue6 = getAttributeValue(str, PW_RESET_LOCKOUT_ATTR_NAME);
        if (attributeValue6 != null && attributeValue6.trim().length() > 0) {
            this.pwResetLockoutAttrName = attributeValue6;
        }
        String attributeValue7 = getAttributeValue(str, PW_RESET_LOCKOUT_ATTR_VALUE);
        if (attributeValue7 == null || attributeValue7.trim().length() <= 0) {
            return;
        }
        this.pwResetLockoutAttrValue = attributeValue7;
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public boolean isUserLockout(String str, String str2) {
        populateLockoutValues(str2);
        return new PWResetAccountLockout(this).isLockout(str);
    }

    public AMUser getUser(String str) throws AMException, SSOException {
        return this.dpStoreConn.getUser(str);
    }

    public boolean isSuperAdmin(String str) {
        return str.equalsIgnoreCase(this.superAdmin);
    }

    public void sendEmailToUser(String str, String[] strArr, String str2, String str3, String str4) {
        try {
            new AMSendMail().postMail(strArr, str2, str3, str, str4);
        } catch (MessagingException e) {
            debug.error(new StringBuffer().append("Could not send email to user ").append(strArr).toString(), e);
        }
    }

    public String getPasswordResetLockoutAttributeName() {
        return this.pwResetLockoutAttrName;
    }

    public String getPasswordResetLockoutAttributeValue() {
        return this.pwResetLockoutAttrValue;
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public String getSunLogoLabel() {
        return getLocalizedString("sunLogo.label");
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public String getProductLabel() {
        return getLocalizedString("product.label");
    }

    @Override // com.sun.identity.password.ui.model.PWResetModel
    public String getJavaLogoLabel() {
        return getLocalizedString("javaLogo.label");
    }
}
