package com.liferay.portal.security.pwd;

import com.liferay.petra.string.StringBundler;
import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.exception.UserPasswordException;
import com.liferay.portal.kernel.model.PasswordPolicy;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.security.RandomUtil;
import com.liferay.portal.kernel.security.SecureRandom;
import com.liferay.portal.kernel.security.pwd.BasicToolkit;
import com.liferay.portal.kernel.service.PasswordTrackerLocalServiceUtil;
import com.liferay.portal.kernel.service.UserLocalServiceUtil;
import com.liferay.portal.kernel.util.ArrayUtil;
import com.liferay.portal.kernel.util.PwdGenerator;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.kernel.words.WordsUtil;
import com.liferay.portal.util.PropsValues;
import java.util.Arrays;
import java.util.Date;

/* loaded from: input_file:com/liferay/portal/security/pwd/PasswordPolicyToolkit.class */
public class PasswordPolicyToolkit extends BasicToolkit {
    private final String _generatorCompleteCharset;
    private final char[] _generatorSymbolsCharsetArray;
    private final char[] _validatorAlphanumericCharsetArray;
    private final char[] _validatorLowerCaseCharsetArray;
    private final char[] _validatorNumbersCharsetArray;
    private final char[] _validatorSymbolsCharsetArray;
    private final char[] _validatorUpperCaseCharsetArray;
    private final char[] _generatorLowerCaseCharsetArray = getSortedCharArray(PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_GENERATOR_CHARSET_LOWERCASE);
    private final char[] _generatorUpperCaseCharsetArray = getSortedCharArray(PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_GENERATOR_CHARSET_UPPERCASE);
    private final char[] _generatorNumbersCharsetArray = getSortedCharArray(PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_GENERATOR_CHARSET_NUMBERS);
    private final char[] _generatorAlphanumericCharsetArray = ArrayUtil.append((char[][]) new char[]{this._generatorLowerCaseCharsetArray, this._generatorUpperCaseCharsetArray, this._generatorNumbersCharsetArray});

    /* JADX WARN: Type inference failed for: r1v21, types: [char[], char[][]] */
    /* JADX WARN: Type inference failed for: r1v7, types: [char[], char[][]] */
    public PasswordPolicyToolkit() {
        Arrays.sort(this._generatorAlphanumericCharsetArray);
        this._generatorSymbolsCharsetArray = getSortedCharArray(PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_GENERATOR_CHARSET_SYMBOLS);
        this._generatorCompleteCharset = StringBundler.concat(new String[]{PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_GENERATOR_CHARSET_LOWERCASE, PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_GENERATOR_CHARSET_NUMBERS, PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_GENERATOR_CHARSET_SYMBOLS, PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_GENERATOR_CHARSET_UPPERCASE});
        this._validatorLowerCaseCharsetArray = getSortedCharArray(PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_VALIDATOR_CHARSET_LOWERCASE);
        this._validatorUpperCaseCharsetArray = getSortedCharArray(PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_VALIDATOR_CHARSET_UPPERCASE);
        this._validatorNumbersCharsetArray = getSortedCharArray(PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_VALIDATOR_CHARSET_NUMBERS);
        this._validatorAlphanumericCharsetArray = ArrayUtil.append((char[][]) new char[]{this._validatorLowerCaseCharsetArray, this._validatorUpperCaseCharsetArray, this._validatorNumbersCharsetArray});
        Arrays.sort(this._validatorAlphanumericCharsetArray);
        this._validatorSymbolsCharsetArray = getSortedCharArray(PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_VALIDATOR_CHARSET_SYMBOLS);
    }

    public String generate(PasswordPolicy passwordPolicy) {
        return PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_GENERATOR.equals("static") ? generateStatic(passwordPolicy) : generateDynamic(passwordPolicy);
    }

    public void validate(long j, String str, String str2, PasswordPolicy passwordPolicy) throws PortalException {
        if (passwordPolicy.isCheckSyntax()) {
            if (!passwordPolicy.isAllowDictionaryWords() && WordsUtil.isDictionaryWord(str)) {
                throw new UserPasswordException.MustNotContainDictionaryWords(j, WordsUtil.getDictionaryList());
            }
            if (str.length() < passwordPolicy.getMinLength()) {
                throw new UserPasswordException.MustBeLonger(j, passwordPolicy.getMinLength());
            }
            if (getUsageCount(str, this._validatorAlphanumericCharsetArray) < passwordPolicy.getMinAlphanumeric()) {
                throw new UserPasswordException.MustHaveMoreAlphanumeric(passwordPolicy.getMinAlphanumeric());
            }
            if (getUsageCount(str, this._validatorLowerCaseCharsetArray) < passwordPolicy.getMinLowerCase()) {
                throw new UserPasswordException.MustHaveMoreLowercase(passwordPolicy.getMinLowerCase());
            }
            if (getUsageCount(str, this._validatorNumbersCharsetArray) < passwordPolicy.getMinNumbers()) {
                throw new UserPasswordException.MustHaveMoreNumbers(passwordPolicy.getMinNumbers());
            }
            if (getUsageCount(str, this._validatorSymbolsCharsetArray) < passwordPolicy.getMinSymbols()) {
                throw new UserPasswordException.MustHaveMoreSymbols(passwordPolicy.getMinSymbols());
            }
            if (getUsageCount(str, this._validatorUpperCaseCharsetArray) < passwordPolicy.getMinUpperCase()) {
                throw new UserPasswordException.MustHaveMoreUppercase(passwordPolicy.getMinUpperCase());
            }
            String regex = passwordPolicy.getRegex();
            if (Validator.isNotNull(regex) && !str.matches(regex)) {
                throw new UserPasswordException.MustComplyWithRegex(j, regex);
            }
        }
        if (!passwordPolicy.isChangeable() && j != 0) {
            throw new UserPasswordException.MustNotBeChanged(j);
        }
        if (j == 0) {
            return;
        }
        User userById = UserLocalServiceUtil.getUserById(j);
        Date passwordModifiedDate = userById.getPasswordModifiedDate();
        if (passwordModifiedDate != null) {
            long time = new Date().getTime() - passwordModifiedDate.getTime();
            long minAge = passwordPolicy.getMinAge() * 1000;
            if (time < minAge && !userById.isPasswordReset()) {
                throw new UserPasswordException.MustNotBeChangedYet(userById, new Date(passwordModifiedDate.getTime() + minAge));
            }
        }
        if (PasswordTrackerLocalServiceUtil.isSameAsCurrentPassword(j, str)) {
            throw new UserPasswordException.MustNotBeEqualToCurrent(j);
        }
        if (!PasswordTrackerLocalServiceUtil.isValidPassword(j, str)) {
            throw new UserPasswordException.MustNotBeRecentlyUsed(j);
        }
    }

    protected String generateDynamic(PasswordPolicy passwordPolicy) {
        int minLowerCase = passwordPolicy.getMinLowerCase() + passwordPolicy.getMinNumbers() + passwordPolicy.getMinUpperCase();
        int max = Math.max(passwordPolicy.getMinAlphanumeric(), minLowerCase);
        int max2 = Math.max(passwordPolicy.getMinLength(), max + passwordPolicy.getMinSymbols());
        StringBundler stringBundler = new StringBundler(6);
        if (passwordPolicy.getMinLowerCase() > 0) {
            stringBundler.append(getRandomString(passwordPolicy.getMinLowerCase(), this._generatorLowerCaseCharsetArray));
        }
        if (passwordPolicy.getMinNumbers() > 0) {
            stringBundler.append(getRandomString(passwordPolicy.getMinNumbers(), this._generatorNumbersCharsetArray));
        }
        if (passwordPolicy.getMinSymbols() > 0) {
            stringBundler.append(getRandomString(passwordPolicy.getMinSymbols(), this._generatorSymbolsCharsetArray));
        }
        if (passwordPolicy.getMinUpperCase() > 0) {
            stringBundler.append(getRandomString(passwordPolicy.getMinUpperCase(), this._generatorUpperCaseCharsetArray));
        }
        if (max > minLowerCase) {
            stringBundler.append(getRandomString(max - minLowerCase, this._generatorAlphanumericCharsetArray));
        }
        if (max2 > max + passwordPolicy.getMinSymbols()) {
            stringBundler.append(PwdGenerator.getPassword(this._generatorCompleteCharset, max2 - (max + passwordPolicy.getMinSymbols())));
        }
        if (stringBundler.index() == 0) {
            stringBundler.append(PwdGenerator.getPassword(this._generatorCompleteCharset, PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH));
        }
        return RandomUtil.shuffle(new SecureRandom(), stringBundler.toString());
    }

    protected String generateStatic(PasswordPolicy passwordPolicy) {
        return PropsValues.PASSWORDS_PASSWORDPOLICYTOOLKIT_STATIC;
    }

    protected String getRandomString(int i, char[] cArr) {
        SecureRandom secureRandom = new SecureRandom();
        StringBundler stringBundler = new StringBundler(i);
        for (int i2 = 0; i2 < i; i2++) {
            stringBundler.append(cArr[secureRandom.nextInt(cArr.length)]);
        }
        return stringBundler.toString();
    }

    protected char[] getSortedCharArray(String str) {
        char[] charArray = str.toCharArray();
        Arrays.sort(charArray);
        return charArray;
    }

    protected int getUsageCount(String str, char[] cArr) {
        int i = 0;
        for (int i2 = 0; i2 < str.length(); i2++) {
            if (Arrays.binarySearch(cArr, str.charAt(i2)) >= 0) {
                i++;
            }
        }
        return i;
    }
}
