package org.sentilo.web.catalog.validator;

import java.util.ArrayList;
import org.passay.CharacterCharacteristicsRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.WhitespaceRule;
import org.sentilo.web.catalog.dto.ChangeUserPasswordDTO;
import org.sentilo.web.catalog.security.CatalogUserDetails;
import org.sentilo.web.catalog.utils.Constants;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.MessageSource;
import org.springframework.context.i18n.LocaleContextHolder;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.util.StringUtils;
import org.springframework.validation.Errors;
import org.springframework.validation.Validator;

@SentiloValidator
/* loaded from: input_file:WEB-INF/classes/org/sentilo/web/catalog/validator/UserPasswordValidator.class */
public class UserPasswordValidator implements Validator {

    @Autowired
    private MessageSource messageSource;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Override // org.springframework.validation.Validator
    public boolean supports(Class<?> cls) {
        return ChangeUserPasswordDTO.class.isAssignableFrom(cls);
    }

    @Override // org.springframework.validation.Validator
    public void validate(Object obj, Errors errors) {
        ChangeUserPasswordDTO changeUserPasswordDTO = (ChangeUserPasswordDTO) obj;
        CatalogUserDetails catalogUserDetails = (CatalogUserDetails) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        String password = catalogUserDetails.getPassword();
        if (!catalogUserDetails.isAdminUser() && !catalogUserDetails.isSuperAdminUser() && (!StringUtils.hasText(changeUserPasswordDTO.getCurrentPassword()) || !this.passwordEncoder.matches(changeUserPasswordDTO.getCurrentPassword(), password))) {
            errors.rejectValue("currentPassword", this.messageSource.getMessage("user.password.incorrect", new Object[0], LocaleContextHolder.getLocale()));
        }
        if (!StringUtils.hasText(changeUserPasswordDTO.getNewPassword())) {
            errors.rejectValue("newPassword", Constants.NOT_BLANK_ERROR);
        } else if (!changeUserPasswordDTO.getNewPassword().equals(changeUserPasswordDTO.getPasswordRepeat())) {
            errors.rejectValue("passwordRepeat", this.messageSource.getMessage("user.password.notmatch", new Object[0], LocaleContextHolder.getLocale()));
        }
        if (errors.hasErrors() || checkPasswordStrength(changeUserPasswordDTO)) {
            return;
        }
        errors.rejectValue("newPassword", this.messageSource.getMessage("user.password.strength", new Object[0], LocaleContextHolder.getLocale()));
    }

    private boolean checkPasswordStrength(ChangeUserPasswordDTO changeUserPasswordDTO) {
        ArrayList arrayList = new ArrayList();
        CharacterCharacteristicsRule characterCharacteristicsRule = new CharacterCharacteristicsRule(4, new CharacterRule(EnglishCharacterData.Digit, 1), new CharacterRule(EnglishCharacterData.Special, 1), new CharacterRule(EnglishCharacterData.UpperCase, 1), new CharacterRule(EnglishCharacterData.LowerCase, 1));
        WhitespaceRule whitespaceRule = new WhitespaceRule();
        LengthRule lengthRule = new LengthRule(8, 16);
        arrayList.add(characterCharacteristicsRule);
        arrayList.add(whitespaceRule);
        arrayList.add(lengthRule);
        return new PasswordValidator(arrayList).validate(new PasswordData(changeUserPasswordDTO.getNewPassword())).isValid();
    }
}
