package org.opends.server.core;

import java.lang.reflect.InvocationTargetException;
import java.util.List;
import org.forgerock.i18n.LocalizableMessage;
import org.forgerock.i18n.slf4j.LocalizedLogger;
import org.forgerock.opendj.config.server.ConfigChangeResult;
import org.forgerock.opendj.config.server.ConfigException;
import org.forgerock.opendj.ldap.ResultCode;
import org.opends.messages.ConfigMessages;
import org.opends.server.admin.server.ConfigurationAddListener;
import org.opends.server.admin.server.ConfigurationDeleteListener;
import org.opends.server.admin.server.ServerManagementContext;
import org.opends.server.admin.std.meta.AuthenticationPolicyCfgDefn;
import org.opends.server.admin.std.server.AuthenticationPolicyCfg;
import org.opends.server.admin.std.server.PasswordPolicyCfg;
import org.opends.server.admin.std.server.RootCfg;
import org.opends.server.api.AuthenticationPolicyFactory;
import org.opends.server.api.SubentryChangeListener;
import org.opends.server.types.DN;
import org.opends.server.types.DirectoryException;
import org.opends.server.types.Entry;
import org.opends.server.types.InitializationException;
import org.opends.server.types.SubEntry;
import org.opends.server.util.StaticUtils;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/opends/server/core/PasswordPolicyConfigManager.class */
public final class PasswordPolicyConfigManager implements SubentryChangeListener, ConfigurationAddListener<AuthenticationPolicyCfg>, ConfigurationDeleteListener<AuthenticationPolicyCfg> {
    private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass();
    private final ServerContext serverContext;

    public PasswordPolicyConfigManager(ServerContext serverContext) {
        this.serverContext = serverContext;
    }

    public void initializeAuthenticationPolicies() throws ConfigException, InitializationException {
        RootCfg rootConfiguration = ServerManagementContext.getInstance().getRootConfiguration();
        rootConfiguration.addPasswordPolicyAddListener(this);
        rootConfiguration.addPasswordPolicyDeleteListener(this);
        String[] listPasswordPolicies = rootConfiguration.listPasswordPolicies();
        if (listPasswordPolicies.length == 0) {
            throw new ConfigException(ConfigMessages.ERR_CONFIG_PWPOLICY_NO_POLICIES.get());
        }
        if (DirectoryServer.getDefaultPasswordPolicyDN() == null) {
            throw new ConfigException(ConfigMessages.ERR_CONFIG_PWPOLICY_NO_DEFAULT_POLICY.get());
        }
        for (String str : listPasswordPolicies) {
            createAuthenticationPolicy(rootConfiguration.getPasswordPolicy(str));
        }
        if (null == DirectoryServer.getDefaultPasswordPolicy()) {
            throw new ConfigException(ConfigMessages.ERR_CONFIG_PWPOLICY_MISSING_DEFAULT_POLICY.get(DirectoryServer.getDefaultPasswordPolicyDN()));
        }
        List<SubEntry> subentries = DirectoryServer.getSubentryManager().getSubentries();
        if (subentries != null && !subentries.isEmpty()) {
            for (SubEntry subEntry : subentries) {
                if (subEntry.getEntry().isPasswordPolicySubentry()) {
                    try {
                        DirectoryServer.registerAuthenticationPolicy(subEntry.getDN(), new SubentryPasswordPolicy(subEntry));
                    } catch (Exception e) {
                        logger.error(ConfigMessages.ERR_CONFIG_PWPOLICY_INVALID_POLICY_CONFIG, subEntry.getDN(), StaticUtils.stackTraceToSingleLineString(e));
                    }
                }
            }
        }
        DirectoryServer.getSubentryManager().registerChangeListener(this);
    }

    public void finalizeAuthenticationPolicies() {
        DirectoryServer.getSubentryManager().deregisterChangeListener(this);
        RootCfg rootConfiguration = ServerManagementContext.getInstance().getRootConfiguration();
        rootConfiguration.removePasswordPolicyAddListener(this);
        rootConfiguration.removePasswordPolicyDeleteListener(this);
    }

    /* renamed from: isConfigurationAddAcceptable, reason: avoid collision after fix types in other method */
    public boolean isConfigurationAddAcceptable2(AuthenticationPolicyCfg authenticationPolicyCfg, List<LocalizableMessage> list) {
        return isAuthenticationPolicyConfigurationAcceptable(authenticationPolicyCfg, list);
    }

    @Override // org.opends.server.admin.server.ConfigurationAddListener
    public ConfigChangeResult applyConfigurationAdd(AuthenticationPolicyCfg authenticationPolicyCfg) {
        ConfigChangeResult configChangeResult = new ConfigChangeResult();
        try {
            createAuthenticationPolicy(authenticationPolicyCfg);
        } catch (InitializationException e) {
            configChangeResult.addMessage(ConfigMessages.ERR_CONFIG_PWPOLICY_INVALID_POLICY_CONFIG.get(authenticationPolicyCfg.dn(), e.getMessage()));
            configChangeResult.setResultCode(DirectoryServer.getServerErrorResultCode());
        } catch (Exception e2) {
            configChangeResult.addMessage(ConfigMessages.ERR_CONFIG_PWPOLICY_INVALID_POLICY_CONFIG.get(authenticationPolicyCfg.dn(), StaticUtils.stackTraceToSingleLineString(e2)));
            configChangeResult.setResultCode(DirectoryServer.getServerErrorResultCode());
        } catch (ConfigException e3) {
            configChangeResult.setResultCode(ResultCode.CONSTRAINT_VIOLATION);
            configChangeResult.addMessage(ConfigMessages.ERR_CONFIG_PWPOLICY_INVALID_POLICY_CONFIG.get(authenticationPolicyCfg.dn(), e3.getMessage()));
        }
        return configChangeResult;
    }

    /* renamed from: isConfigurationDeleteAcceptable, reason: avoid collision after fix types in other method */
    public boolean isConfigurationDeleteAcceptable2(AuthenticationPolicyCfg authenticationPolicyCfg, List<LocalizableMessage> list) {
        DN defaultPasswordPolicyDN = DirectoryServer.getDefaultPasswordPolicyDN();
        if (defaultPasswordPolicyDN == null || !defaultPasswordPolicyDN.equals(authenticationPolicyCfg.dn())) {
            return true;
        }
        list.add(ConfigMessages.WARN_CONFIG_PWPOLICY_CANNOT_DELETE_DEFAULT_POLICY.get(defaultPasswordPolicyDN));
        return false;
    }

    @Override // org.opends.server.admin.server.ConfigurationDeleteListener
    public ConfigChangeResult applyConfigurationDelete(AuthenticationPolicyCfg authenticationPolicyCfg) {
        ConfigChangeResult configChangeResult = new ConfigChangeResult();
        DN dn = authenticationPolicyCfg.dn();
        DN defaultPasswordPolicyDN = DirectoryServer.getDefaultPasswordPolicyDN();
        if (defaultPasswordPolicyDN == null || !defaultPasswordPolicyDN.equals(dn)) {
            DirectoryServer.deregisterAuthenticationPolicy(dn);
            configChangeResult.addMessage(ConfigMessages.INFO_CONFIG_PWPOLICY_REMOVED_POLICY.get(dn));
            return configChangeResult;
        }
        configChangeResult.setResultCode(ResultCode.CONSTRAINT_VIOLATION);
        configChangeResult.addMessage(ConfigMessages.WARN_CONFIG_PWPOLICY_CANNOT_DELETE_DEFAULT_POLICY.get(defaultPasswordPolicyDN));
        return configChangeResult;
    }

    @Override // org.opends.server.api.SubentryChangeListener
    public void checkSubentryAddAcceptable(Entry entry) throws DirectoryException {
        if (entry.isPasswordPolicySubentry()) {
            new SubentryPasswordPolicy(new SubEntry(entry));
        }
    }

    @Override // org.opends.server.api.SubentryChangeListener
    public void checkSubentryDeleteAcceptable(Entry entry) throws DirectoryException {
    }

    @Override // org.opends.server.api.SubentryChangeListener
    public void checkSubentryModifyAcceptable(Entry entry, Entry entry2) throws DirectoryException {
        if (entry2.isPasswordPolicySubentry()) {
            new SubentryPasswordPolicy(new SubEntry(entry2));
        }
    }

    @Override // org.opends.server.api.SubentryChangeListener
    public void checkSubentryModifyDNAcceptable(Entry entry, Entry entry2) throws DirectoryException {
    }

    @Override // org.opends.server.api.SubentryChangeListener
    public void handleSubentryAdd(Entry entry) {
        if (entry.isPasswordPolicySubentry()) {
            try {
                DirectoryServer.registerAuthenticationPolicy(entry.getName(), new SubentryPasswordPolicy(new SubEntry(entry)));
            } catch (Exception e) {
                logger.traceException(e, "Could not create password policy subentry DN %s", entry.getName());
            }
        }
    }

    @Override // org.opends.server.api.SubentryChangeListener
    public void handleSubentryDelete(Entry entry) {
        if (entry.isPasswordPolicySubentry()) {
            DirectoryServer.deregisterAuthenticationPolicy(entry.getName());
        }
    }

    @Override // org.opends.server.api.SubentryChangeListener
    public void handleSubentryModify(Entry entry, Entry entry2) {
        if (entry.isPasswordPolicySubentry()) {
            DirectoryServer.deregisterAuthenticationPolicy(entry.getName());
        }
        if (entry2.isPasswordPolicySubentry()) {
            try {
                DirectoryServer.registerAuthenticationPolicy(entry2.getName(), new SubentryPasswordPolicy(new SubEntry(entry2)));
            } catch (Exception e) {
                logger.traceException(e, "Could not create password policy subentry DN %s", entry2.getName());
            }
        }
    }

    @Override // org.opends.server.api.SubentryChangeListener
    public void handleSubentryModifyDN(Entry entry, Entry entry2) {
        if (entry.isPasswordPolicySubentry()) {
            DirectoryServer.deregisterAuthenticationPolicy(entry.getName());
        }
        if (entry2.isPasswordPolicySubentry()) {
            try {
                DirectoryServer.registerAuthenticationPolicy(entry2.getName(), new SubentryPasswordPolicy(new SubEntry(entry2)));
            } catch (Exception e) {
                logger.traceException(e, "Could not create password policy subentry DN %s", entry2.getName());
            }
        }
    }

    private <T extends AuthenticationPolicyCfg> void createAuthenticationPolicy(T t) throws ConfigException, InitializationException {
        if (t.dn().equals(DirectoryServer.getDefaultPasswordPolicyDN()) && !(t instanceof PasswordPolicyCfg)) {
            throw new ConfigException(ConfigMessages.ERR_CONFIG_PWPOLICY_DEFAULT_POLICY_IS_WRONG_TYPE.get(t.dn()));
        }
        try {
            AuthenticationPolicyFactory authenticationPolicyFactory = (AuthenticationPolicyFactory) AuthenticationPolicyCfgDefn.getInstance().getJavaClassPropertyDefinition().loadClass(t.getJavaClass(), AuthenticationPolicyFactory.class).newInstance();
            authenticationPolicyFactory.setServerContext(this.serverContext);
            DirectoryServer.registerAuthenticationPolicy(t.dn(), authenticationPolicyFactory.createAuthenticationPolicy(t));
        } catch (Exception e) {
            if (e instanceof InvocationTargetException) {
                ConfigException cause = e.getCause();
                if (cause instanceof InitializationException) {
                    throw ((InitializationException) cause);
                }
                if (cause instanceof ConfigException) {
                    throw cause;
                }
            }
            logger.traceException(e);
            throw new InitializationException(ConfigMessages.ERR_CONFIG_PWPOLICY_INVALID_POLICY_CONFIG.get(t.dn(), StaticUtils.stackTraceToSingleLineString(e)), e);
        }
    }

    private <T extends AuthenticationPolicyCfg> boolean isAuthenticationPolicyConfigurationAcceptable(T t, List<LocalizableMessage> list) {
        if (t.dn().equals(DirectoryServer.getDefaultPasswordPolicyDN()) && !(t instanceof PasswordPolicyCfg)) {
            list.add(ConfigMessages.ERR_CONFIG_PWPOLICY_DEFAULT_POLICY_IS_WRONG_TYPE.get(t.dn()));
            return false;
        }
        try {
            AuthenticationPolicyFactory authenticationPolicyFactory = (AuthenticationPolicyFactory) AuthenticationPolicyCfgDefn.getInstance().getJavaClassPropertyDefinition().loadClass(t.getJavaClass(), AuthenticationPolicyFactory.class).newInstance();
            authenticationPolicyFactory.setServerContext(this.serverContext);
            return authenticationPolicyFactory.isConfigurationAcceptable(t, list);
        } catch (Exception e) {
            logger.traceException(e);
            list.add(ConfigMessages.ERR_CONFIG_PWPOLICY_INVALID_POLICY_CONFIG.get(t.dn(), StaticUtils.stackTraceToSingleLineString(e)));
            return false;
        }
    }

    @Override // org.opends.server.admin.server.ConfigurationAddListener
    public /* bridge */ /* synthetic */ boolean isConfigurationAddAcceptable(AuthenticationPolicyCfg authenticationPolicyCfg, List list) {
        return isConfigurationAddAcceptable2(authenticationPolicyCfg, (List<LocalizableMessage>) list);
    }

    @Override // org.opends.server.admin.server.ConfigurationDeleteListener
    public /* bridge */ /* synthetic */ boolean isConfigurationDeleteAcceptable(AuthenticationPolicyCfg authenticationPolicyCfg, List list) {
        return isConfigurationDeleteAcceptable2(authenticationPolicyCfg, (List<LocalizableMessage>) list);
    }
}
