package org.apereo.cas.pm.impl;

import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.InputStreamReader;
import java.io.Serializable;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import lombok.Generated;
import lombok.NonNull;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.configuration.model.support.pm.PasswordManagementProperties;
import org.apereo.cas.pm.PasswordChangeRequest;
import org.apereo.cas.pm.PasswordHistoryService;
import org.apereo.cas.pm.PasswordManagementQuery;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.apereo.cas.util.function.FunctionUtils;
import org.apereo.cas.util.serialization.JacksonObjectMapperFactory;
import org.hjson.JsonValue;
import org.opensaml.soap.wstrust.Renewing;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.io.Resource;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-pm-core-7.0.0-RC8.jar:org/apereo/cas/pm/impl/JsonResourcePasswordManagementService.class */
public class JsonResourcePasswordManagementService extends BasePasswordManagementService {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) JsonResourcePasswordManagementService.class);
    private static final ObjectMapper MAPPER = JacksonObjectMapperFactory.builder().defaultTypingEnabled(false).build().toObjectMapper();
    private final Resource jsonResource;
    private Map<String, JsonBackedAccount> jsonBackedAccounts;

    /* loaded from: input_file:WEB-INF/lib/cas-server-support-pm-core-7.0.0-RC8.jar:org/apereo/cas/pm/impl/JsonResourcePasswordManagementService$JsonBackedAccount.class */
    public static class JsonBackedAccount implements Serializable {
        private static final long serialVersionUID = -8522936598053838986L;
        private String email;
        private String password;
        private String phone;
        private String status;
        private Map<String, String> securityQuestions = new HashMap(0);

        @Generated
        public JsonBackedAccount() {
        }

        @Generated
        public String getEmail() {
            return this.email;
        }

        @Generated
        public String getPassword() {
            return this.password;
        }

        @Generated
        public String getPhone() {
            return this.phone;
        }

        @Generated
        public String getStatus() {
            return this.status;
        }

        @Generated
        public Map<String, String> getSecurityQuestions() {
            return this.securityQuestions;
        }

        @Generated
        public void setEmail(String str) {
            this.email = str;
        }

        @Generated
        public void setPassword(String str) {
            this.password = str;
        }

        @Generated
        public void setPhone(String str) {
            this.phone = str;
        }

        @Generated
        public void setStatus(String str) {
            this.status = str;
        }

        @Generated
        public void setSecurityQuestions(Map<String, String> map) {
            this.securityQuestions = map;
        }

        @Generated
        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof JsonBackedAccount)) {
                return false;
            }
            JsonBackedAccount jsonBackedAccount = (JsonBackedAccount) obj;
            if (!jsonBackedAccount.canEqual(this)) {
                return false;
            }
            String str = this.email;
            String str2 = jsonBackedAccount.email;
            if (str == null) {
                if (str2 != null) {
                    return false;
                }
            } else if (!str.equals(str2)) {
                return false;
            }
            String str3 = this.password;
            String str4 = jsonBackedAccount.password;
            if (str3 == null) {
                if (str4 != null) {
                    return false;
                }
            } else if (!str3.equals(str4)) {
                return false;
            }
            String str5 = this.phone;
            String str6 = jsonBackedAccount.phone;
            if (str5 == null) {
                if (str6 != null) {
                    return false;
                }
            } else if (!str5.equals(str6)) {
                return false;
            }
            String str7 = this.status;
            String str8 = jsonBackedAccount.status;
            if (str7 == null) {
                if (str8 != null) {
                    return false;
                }
            } else if (!str7.equals(str8)) {
                return false;
            }
            Map<String, String> map = this.securityQuestions;
            Map<String, String> map2 = jsonBackedAccount.securityQuestions;
            return map == null ? map2 == null : map.equals(map2);
        }

        @Generated
        protected boolean canEqual(Object obj) {
            return obj instanceof JsonBackedAccount;
        }

        @Generated
        public int hashCode() {
            String str = this.email;
            int hashCode = (1 * 59) + (str == null ? 43 : str.hashCode());
            String str2 = this.password;
            int hashCode2 = (hashCode * 59) + (str2 == null ? 43 : str2.hashCode());
            String str3 = this.phone;
            int hashCode3 = (hashCode2 * 59) + (str3 == null ? 43 : str3.hashCode());
            String str4 = this.status;
            int hashCode4 = (hashCode3 * 59) + (str4 == null ? 43 : str4.hashCode());
            Map<String, String> map = this.securityQuestions;
            return (hashCode4 * 59) + (map == null ? 43 : map.hashCode());
        }

        @Generated
        public String toString() {
            return "JsonResourcePasswordManagementService.JsonBackedAccount(email=" + this.email + ", password=" + this.password + ", phone=" + this.phone + ", status=" + this.status + ", securityQuestions=" + String.valueOf(this.securityQuestions) + ")";
        }
    }

    public JsonResourcePasswordManagementService(CipherExecutor<Serializable, String> cipherExecutor, String str, PasswordManagementProperties passwordManagementProperties, Resource resource, PasswordHistoryService passwordHistoryService) {
        super(passwordManagementProperties, cipherExecutor, str, passwordHistoryService);
        this.jsonResource = resource;
        readAccountsFromJsonResource();
    }

    @Override // org.apereo.cas.pm.impl.BasePasswordManagementService
    public boolean changeInternal(@NonNull PasswordChangeRequest passwordChangeRequest) {
        if (passwordChangeRequest == null) {
            throw new NullPointerException("bean is marked non-null but is null");
        }
        if (StringUtils.isBlank(passwordChangeRequest.toPassword())) {
            LOGGER.error("Password cannot be blank");
            return false;
        }
        if (!StringUtils.equals(passwordChangeRequest.toPassword(), passwordChangeRequest.toConfirmedPassword())) {
            LOGGER.error("Password does not match and cannot be confirmed");
            return false;
        }
        JsonBackedAccount orDefault = this.jsonBackedAccounts.getOrDefault(passwordChangeRequest.getUsername(), null);
        if (orDefault == null) {
            LOGGER.error("User account [{}] cannot be found", passwordChangeRequest.getUsername());
            return false;
        }
        orDefault.setPassword(passwordChangeRequest.toPassword());
        this.jsonBackedAccounts.put(passwordChangeRequest.getUsername(), orDefault);
        return writeAccountToJsonResource();
    }

    @Override // org.apereo.cas.pm.PasswordManagementService
    public String findEmail(PasswordManagementQuery passwordManagementQuery) {
        return (String) Optional.ofNullable(this.jsonBackedAccounts.getOrDefault(passwordManagementQuery.getUsername(), null)).map((v0) -> {
            return v0.getEmail();
        }).orElse(null);
    }

    @Override // org.apereo.cas.pm.PasswordManagementService
    public String findPhone(PasswordManagementQuery passwordManagementQuery) {
        return (String) Optional.ofNullable(this.jsonBackedAccounts.getOrDefault(passwordManagementQuery.getUsername(), null)).map((v0) -> {
            return v0.getPhone();
        }).orElse(null);
    }

    @Override // org.apereo.cas.pm.PasswordManagementService
    public String findUsername(PasswordManagementQuery passwordManagementQuery) {
        return (String) this.jsonBackedAccounts.entrySet().stream().filter(entry -> {
            return ((JsonBackedAccount) entry.getValue()).getEmail().equalsIgnoreCase(passwordManagementQuery.getEmail());
        }).findFirst().map((v0) -> {
            return v0.getKey();
        }).orElse(null);
    }

    @Override // org.apereo.cas.pm.PasswordManagementService
    public Map<String, String> getSecurityQuestions(PasswordManagementQuery passwordManagementQuery) {
        JsonBackedAccount orDefault = this.jsonBackedAccounts.getOrDefault(passwordManagementQuery.getUsername(), null);
        return orDefault != null ? orDefault.getSecurityQuestions() : new HashMap(0);
    }

    @Override // org.apereo.cas.pm.PasswordManagementService
    public void updateSecurityQuestions(PasswordManagementQuery passwordManagementQuery) {
        JsonBackedAccount orDefault = this.jsonBackedAccounts.getOrDefault(passwordManagementQuery.getUsername(), null);
        if (orDefault != null) {
            orDefault.setSecurityQuestions(passwordManagementQuery.getSecurityQuestions().toSingleValueMap());
            writeAccountToJsonResource();
        }
    }

    @Override // org.apereo.cas.pm.PasswordManagementService
    public boolean unlockAccount(Credential credential) {
        JsonBackedAccount orDefault = this.jsonBackedAccounts.getOrDefault(credential.getId(), null);
        if (orDefault == null || !"locked".equalsIgnoreCase(orDefault.getStatus())) {
            return true;
        }
        orDefault.setStatus(Renewing.OK_ATTRIB_NAME);
        writeAccountToJsonResource();
        return true;
    }

    private boolean writeAccountToJsonResource() {
        return ((Boolean) FunctionUtils.doUnchecked(() -> {
            MAPPER.writerWithDefaultPrettyPrinter().writeValue(this.jsonResource.getFile(), this.jsonBackedAccounts);
            readAccountsFromJsonResource();
            return true;
        })).booleanValue();
    }

    private void readAccountsFromJsonResource() {
        FunctionUtils.doUnchecked(obj -> {
            InputStreamReader inputStreamReader = new InputStreamReader(this.jsonResource.getInputStream(), StandardCharsets.UTF_8);
            try {
                this.jsonBackedAccounts = (Map) MAPPER.readValue(JsonValue.readHjson(inputStreamReader).toString(), new TypeReference<Map<String, JsonBackedAccount>>(this) { // from class: org.apereo.cas.pm.impl.JsonResourcePasswordManagementService.1
                });
                inputStreamReader.close();
            } catch (Throwable th) {
                try {
                    inputStreamReader.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        }, new Object[0]);
    }
}
