package com.openexchange.passwordchange;

import com.openexchange.authentication.AuthenticationService;
import com.openexchange.authentication.LoginInfo;
import com.openexchange.authentication.service.Authentication;
import com.openexchange.caching.Cache;
import com.openexchange.caching.CacheKey;
import com.openexchange.caching.CacheService;
import com.openexchange.config.ConfigurationService;
import com.openexchange.exception.OXException;
import com.openexchange.groupware.contexts.Context;
import com.openexchange.groupware.ldap.UserExceptionCode;
import com.openexchange.groupware.ldap.UserStorage;
import com.openexchange.groupware.userconfiguration.UserConfigurationStorage;
import com.openexchange.log.LogFactory;
import com.openexchange.mail.api.MailAccess;
import com.openexchange.server.ServiceExceptionCode;
import com.openexchange.server.services.ServerServiceRegistry;
import com.openexchange.session.Session;
import com.openexchange.sessiond.SessiondService;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.regex.Pattern;
import org.apache.commons.logging.Log;
import org.osgi.service.event.Event;
import org.osgi.service.event.EventAdmin;

/* loaded from: input_file:com/openexchange/passwordchange/PasswordChangeService.class */
public abstract class PasswordChangeService {
    private static final Log LOG = com.openexchange.log.Log.valueOf(LogFactory.getLog(PasswordChangeService.class));
    private static final Pattern PATTERN_ALLOWED_CHARS = Pattern.compile("[ $@%\\.+a-zA-Z0-9_-]+");

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:com/openexchange/passwordchange/PasswordChangeService$_LoginInfo.class */
    public static final class _LoginInfo implements LoginInfo {
        private final String pw;
        private final String loginInfo;

        public _LoginInfo(String str, String str2) {
            this.loginInfo = str;
            this.pw = str2;
        }

        public String getPassword() {
            return this.pw;
        }

        public String getUsername() {
            return this.loginInfo;
        }

        public Map<String, Object> getProperties() {
            return Collections.emptyMap();
        }
    }

    protected PasswordChangeService() {
    }

    public final void perform(PasswordChangeEvent passwordChangeEvent) throws OXException {
        allow(passwordChangeEvent);
        check(passwordChangeEvent);
        update(passwordChangeEvent);
        propagate(passwordChangeEvent);
    }

    protected void allow(PasswordChangeEvent passwordChangeEvent) throws OXException {
        Context context = passwordChangeEvent.getContext();
        if (!UserConfigurationStorage.getInstance().getUserConfiguration(passwordChangeEvent.getSession().getUserId(), context).isEditPassword()) {
            throw UserExceptionCode.PERMISSION.create(Integer.valueOf(context.getContextId()));
        }
    }

    protected void check(PasswordChangeEvent passwordChangeEvent) throws OXException {
        AuthenticationService service = Authentication.getService();
        if (service == null) {
            throw ServiceExceptionCode.SERVICE_UNAVAILABLE.create(new Object[]{AuthenticationService.class.getName()});
        }
        try {
            Session session = passwordChangeEvent.getSession();
            UserStorage.getStorageUser(session);
            service.handleLoginInfo(new _LoginInfo(session.getLogin(), passwordChangeEvent.getOldPassword()));
            int length = passwordChangeEvent.getNewPassword().length();
            ConfigurationService configurationService = (ConfigurationService) ServerServiceRegistry.getInstance().getService(ConfigurationService.class);
            int intProperty = configurationService.getIntProperty("com.openexchange.passwordchange.minLength", 4);
            if (intProperty > 0 && length < intProperty) {
                throw UserExceptionCode.INVALID_MIN_LENGTH.create(Integer.valueOf(intProperty));
            }
            int intProperty2 = configurationService.getIntProperty("com.openexchange.passwordchange.maxLength", 0);
            if (intProperty2 > 0 && length > intProperty2) {
                throw UserExceptionCode.INVALID_MAX_LENGTH.create(Integer.valueOf(intProperty2));
            }
        } catch (OXException e) {
            throw e;
        }
    }

    protected abstract void update(PasswordChangeEvent passwordChangeEvent) throws OXException;

    protected void propagate(PasswordChangeEvent passwordChangeEvent) throws OXException {
        Session session = passwordChangeEvent.getSession();
        MailAccess.getMailAccessCache().removeMailAccess(session, 0);
        int userId = session.getUserId();
        UserStorage.getInstance().invalidateUser(passwordChangeEvent.getContext(), userId);
        ServerServiceRegistry serverServiceRegistry = ServerServiceRegistry.getInstance();
        SessiondService sessiondService = (SessiondService) serverServiceRegistry.getService(SessiondService.class);
        if (sessiondService == null) {
            throw ServiceExceptionCode.SERVICE_UNAVAILABLE.create(new Object[]{SessiondService.class.getName()});
        }
        try {
            sessiondService.changeSessionPassword(session.getSessionID(), passwordChangeEvent.getNewPassword());
            EventAdmin eventAdmin = (EventAdmin) serverServiceRegistry.getService(EventAdmin.class);
            int contextId = session.getContextId();
            if (null != eventAdmin) {
                HashMap hashMap = new HashMap(5);
                hashMap.put("com.openexchange.passwordchange.contextId", Integer.valueOf(contextId));
                hashMap.put("com.openexchange.passwordchange.userId", Integer.valueOf(userId));
                hashMap.put("com.openexchange.passwordchange.session", session);
                hashMap.put("com.openexchange.passwordchange.oldPassword", passwordChangeEvent.getOldPassword());
                hashMap.put("com.openexchange.passwordchange.newPassword", passwordChangeEvent.getNewPassword());
                eventAdmin.postEvent(new Event("com/openexchange/passwordchange", hashMap));
            }
            CacheService cacheService = (CacheService) serverServiceRegistry.getService(CacheService.class);
            if (null != cacheService) {
                try {
                    CacheKey newCacheKey = cacheService.newCacheKey(contextId, userId);
                    cacheService.getCache("User").remove(newCacheKey);
                    cacheService.getCache("UserPermissionBits").remove(newCacheKey);
                    cacheService.getCache("UserConfiguration").remove(newCacheKey);
                    cacheService.getCache("UserSettingMail").remove(newCacheKey);
                    Cache cache = cacheService.getCache("MailAccount");
                    cache.remove(cacheService.newCacheKey(contextId, new Serializable[]{0, Integer.valueOf(userId)}));
                    cache.invalidateGroup(Integer.toString(contextId));
                } catch (OXException e) {
                }
            }
        } catch (OXException e2) {
            LOG.error("Updating password in user session failed", e2);
            throw e2;
        }
    }

    protected static final String getEncodedPassword(String str, String str2) throws OXException {
        try {
            String encodedPassword = PasswordMechanism.getEncodedPassword(str, str2);
            if (null != encodedPassword) {
                return encodedPassword;
            }
            UserExceptionCode userExceptionCode = UserExceptionCode.MISSING_PASSWORD_MECH;
            Object[] objArr = new Object[1];
            objArr[0] = str == null ? "" : str;
            throw userExceptionCode.create(objArr);
        } catch (UnsupportedEncodingException e) {
            LOG.error("Error encrypting password according to CRYPT mechanism", e);
            throw UserExceptionCode.UNSUPPORTED_ENCODING.create(e, e.getMessage());
        } catch (NoSuchAlgorithmException e2) {
            LOG.error("Error encrypting password according to SHA mechanism", e2);
            throw UserExceptionCode.UNSUPPORTED_ENCODING.create(e2, e2.getMessage());
        }
    }

    protected static final boolean validatePassword(String str) {
        return PATTERN_ALLOWED_CHARS.matcher(str).matches();
    }
}
