package com.sun.identity.authentication.service;

import com.iplanet.am.util.Locale;
import com.sun.identity.common.AccountLockoutInfo;
import com.sun.identity.common.ISAccountLockout;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.IdType;
import com.sun.identity.idm.IdUtils;
import java.util.Date;
import netscape.ldap.util.DN;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:120954-02/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/authentication/service/AMAccountLockout.class */
public class AMAccountLockout {
    LoginState loginState;
    public boolean loginFailureLockoutMode;
    public boolean loginFailureLockoutStoreInDS;
    private long loginFailureLockoutTime;
    private int loginFailureLockoutCount;
    private String loginLockoutNotification;
    private int loginLockoutUserWarning;
    private long loginFailureLockoutDuration;
    public String loginLockoutAttrValue;
    public String loginLockoutAttrName;
    private ISAccountLockout isAccountLockout;
    private static final String USER_ACTIVE = "active";
    private static final String FALSE_VALUE = "false";
    private static final String INETUSERSTATUS_ATTR = "inetuserstatus";
    private static final String LOGIN_STATUS_ATTR = "iplanet-am-user-login-status";
    private static final String NSACCOUNTLOCK_ATTR = "nsaccountlock";
    private static AuthD ad = AuthD.getAuth();
    static String bundleName = "amAuth";
    static AuthUtils au = new AuthUtils();
    private int userWarningCount = 0;
    private int warnUser = -1;
    private AccountLockoutInfo acInfo = null;
    String token = null;
    private boolean accountLocked = false;

    public AMAccountLockout(LoginState loginState) {
        this.loginState = null;
        this.loginFailureLockoutMode = false;
        this.loginFailureLockoutStoreInDS = true;
        this.loginFailureLockoutTime = 300L;
        this.loginFailureLockoutCount = 5;
        this.loginLockoutNotification = null;
        this.loginLockoutUserWarning = 3;
        this.loginFailureLockoutDuration = 0L;
        this.loginLockoutAttrValue = null;
        this.loginLockoutAttrName = null;
        this.loginState = loginState;
        this.loginFailureLockoutTime = loginState.getLoginFailureLockoutTime();
        this.loginFailureLockoutCount = loginState.getLoginFailureLockoutCount();
        this.loginLockoutNotification = loginState.getLoginLockoutNotification();
        this.loginLockoutUserWarning = loginState.getLoginLockoutUserWarning();
        this.loginLockoutAttrName = loginState.getLoginLockoutAttrName();
        this.loginLockoutAttrValue = loginState.getLoginLockoutAttrValue();
        this.loginFailureLockoutDuration = loginState.getLoginFailureLockoutDuration();
        this.loginFailureLockoutMode = loginState.getLoginFailureLockoutMode();
        this.loginFailureLockoutStoreInDS = loginState.getLoginFailureLockoutStoreInDS();
        this.isAccountLockout = new ISAccountLockout(this.loginFailureLockoutMode, this.loginFailureLockoutTime, this.loginFailureLockoutCount, this.loginLockoutNotification, this.loginLockoutUserWarning, this.loginLockoutAttrName, this.loginLockoutAttrValue, this.loginFailureLockoutDuration, bundleName);
        this.isAccountLockout.setStoreInvalidAttemptsInDS(this.loginFailureLockoutStoreInDS);
    }

    public void invalidPasswd(String str) {
        String normalizeDN;
        try {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("AMAccountLockout::invalidPasswd : ").append(str).toString());
            }
            this.token = str;
            if (this.isAccountLockout.isLockoutEnabled()) {
                AMIdentity aMIdentity = null;
                if (this.isAccountLockout.getStoreInvalidAttemptsInDS() || !this.isAccountLockout.isMemoryLocking()) {
                    aMIdentity = AuthD.getAuth().getIdentity(IdType.USER, str, this.loginState.getOrgDN());
                    normalizeDN = normalizeDN(IdUtils.getDN(aMIdentity));
                } else {
                    normalizeDN = str;
                }
                if (this.acInfo == null) {
                    this.acInfo = this.isAccountLockout.getAcInfo(normalizeDN, aMIdentity);
                }
                this.warnUser = this.isAccountLockout.invalidPasswd(normalizeDN, str, aMIdentity, this.acInfo);
            } else {
                AuthD authD3 = ad;
                AuthD.debug.message("Failure lockout mode disabled");
            }
        } catch (Exception e) {
            AuthD authD4 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD5 = ad;
                AuthD.debug.message(new StringBuffer().append("invalidPasswd:Error : ").append(e.toString()).toString());
            }
        }
    }

    public boolean isAccountExpired() {
        AuthD authD = ad;
        AuthD.debug.message("in AMAccountLockout::isAccountExpired");
        String accountLife = this.loginState.getAccountLife();
        if (accountLife == null) {
            AuthD authD2 = ad;
            if (!AuthD.debug.messageEnabled()) {
                return false;
            }
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("EXIT accountLife is null :").append(accountLife).toString());
            return false;
        }
        Date parseNormalizedDateString = Locale.parseNormalizedDateString(accountLife);
        AuthD authD4 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD5 = ad;
            AuthD.debug.message(new StringBuffer().append("exprDate = ").append(parseNormalizedDateString).toString());
        }
        if (parseNormalizedDateString != null) {
            return parseNormalizedDateString.before(new Date());
        }
        return false;
    }

    public int getWarnUserCount() {
        return this.warnUser;
    }

    public void sendLockOutNotice(String str) {
        this.isAccountLockout.sendLockOutNotice(str);
    }

    public void resetPasswdLockout(String str) {
        String str2 = null;
        if (str != null) {
            try {
                AMIdentity aMIdentity = null;
                if (this.isAccountLockout.getStoreInvalidAttemptsInDS()) {
                    aMIdentity = AuthD.getAuth().getIdentity(IdType.USER, str, this.loginState.getOrgDN());
                    str2 = normalizeDN(IdUtils.getDN(aMIdentity));
                } else {
                    str2 = str;
                }
                if (this.acInfo == null) {
                    this.acInfo = this.isAccountLockout.getAcInfo(str2, aMIdentity);
                }
                this.isAccountLockout.resetLockoutAttempts(str2, aMIdentity, this.acInfo);
                this.warnUser = 0;
            } catch (Exception e) {
                AuthD authD = ad;
                AuthD.debug.message("Exception in resetPasswordLockout");
                return;
            }
        }
        AuthD authD2 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("resetPasswordFailCount: token=").append(str).append("  userDN=").append(str2).toString());
        }
    }

    public boolean isLockoutEnabled() {
        return this.isAccountLockout.isLockoutEnabled();
    }

    public boolean isLockedOut() {
        return isLockedOut(this.loginState.getUserDN());
    }

    public boolean isLockedOut(String str) {
        boolean z = false;
        try {
            z = this.isAccountLockout.isMemoryLocking() ? isMemoryLockout(str) : isAccountLocked(str);
        } catch (Exception e) {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message("isLockedOut:Exception : ", e);
            }
        }
        return z;
    }

    private boolean isMemoryLockout(String str) {
        String str2;
        boolean z = false;
        try {
            AMIdentity aMIdentity = null;
            if (this.isAccountLockout.getStoreInvalidAttemptsInDS()) {
                aMIdentity = AuthD.getAuth().getIdentity(IdType.USER, str, this.loginState.getOrgDN());
                str2 = normalizeDN(IdUtils.getDN(aMIdentity));
            } else {
                str2 = str;
            }
            if (this.acInfo == null) {
                this.acInfo = this.isAccountLockout.getAcInfo(str2, aMIdentity);
            }
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("isLockedOut:userDN=").append(str2).toString());
                AuthD authD3 = ad;
                AuthD.debug.message(new StringBuffer().append("isLockedOut:acInfo=").append(this.acInfo).toString());
            }
            if (this.acInfo != null) {
                z = this.isAccountLockout.isLockedOut(this.acInfo);
                if (!z && this.acInfo.isLockout()) {
                    resetPasswdLockout(str);
                }
            }
            AuthD authD4 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD5 = ad;
                AuthD.debug.message(new StringBuffer().append("isLockedOut :").append(z).toString());
            }
        } catch (Exception e) {
            AuthD authD6 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD7 = ad;
                AuthD.debug.message("isLockedOut:Exception : ", e);
            }
        }
        return z;
    }

    public boolean isAccountLocked(String str) {
        boolean z = false;
        try {
            AMIdentity identity = AuthD.getAuth().getIdentity(IdType.USER, str, this.loginState.getOrgDN());
            String normalizeDN = normalizeDN(IdUtils.getDN(identity));
            if (this.acInfo == null) {
                this.acInfo = this.isAccountLockout.getAcInfo(normalizeDN, identity);
            }
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("userDN=").append(normalizeDN).toString());
                AuthD authD3 = ad;
                AuthD.debug.message(new StringBuffer().append("acInfo=").append(this.acInfo).toString());
            }
            if (this.isAccountLockout.isMemoryLocking() && this.acInfo != null) {
                z = this.acInfo.isLockout();
            } else if (isAccountValid(identity)) {
                z = this.isAccountLockout.isAccountLocked(identity);
                if (z) {
                    resetPasswdLockout(str);
                }
            } else {
                z = true;
                resetPasswdLockout(str);
            }
            AuthD authD4 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD5 = ad;
                AuthD.debug.message(new StringBuffer().append("isLockedOut :").append(z).toString());
            }
        } catch (Exception e) {
            AuthD authD6 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD7 = ad;
                AuthD.debug.message("isAccountLocked:Exception : ", e);
            }
        }
        return z;
    }

    /* JADX WARN: Removed duplicated region for block: B:40:0x019c  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    boolean isAccountValid(com.sun.identity.idm.AMIdentity r5) {
        /*
            Method dump skipped, instructions count: 443
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.authentication.service.AMAccountLockout.isAccountValid(com.sun.identity.idm.AMIdentity):boolean");
    }

    private String normalizeDN(String str) {
        String str2 = str;
        if (str != null && DN.isDN(str)) {
            str2 = AuthUtils.getNormalizedDN(str);
        }
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("Original DN is:").append(str).toString());
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("Normalized DN is:").append(str2).toString());
        }
        return str2;
    }
}
