package oracle.ldap.util;

import java.io.Serializable;
import javax.naming.NamingException;
import javax.naming.OperationNotSupportedException;
import javax.naming.directory.DirContext;
import javax.naming.ldap.Control;
import javax.naming.ldap.LdapContext;
import oracle.ldap.util.controls.PasswordPolicyRequestControl;
import oracle.ldap.util.discovery.DiscoveryHelper;

/* loaded from: input_file:oracle/ldap/util/PasswordPolicy.class */
public class PasswordPolicy implements Serializable {
    public static final int PASSWORD_EXPIRED_EC = 9000;
    public static final int PASSWORD_ACCOUNT_LOCKED = 9001;
    public static final int PASSWORD_EXPIRE_WARNING = 9002;
    public static final int PASSWORD_MINLENGTH_EC = 9003;
    public static final int PASSWORD_NUMERIC_EC = 9004;
    public static final int PASSWORD_NULL_EC = 9005;
    public static final int PASSWORD_IN_HISTORY_EC = 9006;
    public static final int PASSWORD_ILLEGAL_VALUE_EC = 9007;
    public static final int PASSWORD_GRACE_LOGIN = 9008;
    public static final int PASSWORD_MUST_CHANGE = 9009;
    public static final int PASSWORD_IP_ACCOUNT_LOCKED = 9011;
    public static final int ACCT_DISABLED_EC = 9050;
    public static final int ACCT_UNLOCK_EC = 9051;
    public static final int ACCT_INACTIVE = 9053;
    public static final String PASSWORD_EXPIRE_WARNING_CONTROL = "2.16.840.1.113894.1.8.7";
    public static final String PASSWORD_EXPIRE_GRACE_LOGIN_CONTROL = "2.16.840.1.113894.1.8.8";
    public static final String PASSWORD_EXPIRE_MUST_CHANGE_CONTROL = "2.16.840.1.113894.1.8.9";
    public static final int PASSWORD_POLICY_ENABLED = 0;
    public static final int PASSWORD_MINLENGTH_PROPERTY = 1;
    public static final int PASSWORD_ALPHA_NUMERIC_PROPERTY = 2;
    public static final int PASSWORD_ILLEGAL_VALUES_PROPERTY = 3;
    private boolean passwordPolicyEnabled;
    private int passwordMinimumLength;
    private int passwordAlphaNumericValue;
    private static String[] passwordIllegalValues = null;
    private static final String[] passwordPolicyAttributes = {"orclpwdpolicyenable", "orclpwdalphanumeric", "pwdminlength", "orclpwdillegalvalues"};

    public static PasswordPolicy getPasswordPolicy(LdapContext ldapContext, Subscriber subscriber, String str) throws UtilException {
        try {
            return getPasswordPolicy(ldapContext, str);
        } catch (UtilException e) {
            if (e.isNamingException() && (e.returnNamingException() instanceof OperationNotSupportedException)) {
                return getPasswordPolicy((DirContext) ldapContext, subscriber);
            }
            throw e;
        }
    }

    public static PasswordPolicy getPasswordPolicy(DirContext dirContext, Subscriber subscriber) throws UtilException {
        return new PasswordPolicy(dirContext, Util.ldapSearch(dirContext, "cn=pwdpolicyentry,cn=common,cn=products,cn=oraclecontext," + subscriber.getDN(dirContext), "objectclass=pwdpolicy", 0, passwordPolicyAttributes).getPropertySet(0));
    }

    public static PasswordPolicy getPasswordPolicy(LdapContext ldapContext, String str) throws UtilException {
        Control[] controlArr = null;
        try {
            try {
                controlArr = ldapContext.getRequestControls();
                ldapContext.setRequestControls(new Control[]{new PasswordPolicyRequestControl()});
                try {
                    PropertySetCollection ldapSearch = Util.ldapSearch(ldapContext, str, "objectclass=*", 0, null);
                    try {
                        ldapContext.setRequestControls(controlArr);
                        return new PasswordPolicy(ldapContext, ldapSearch.getPropertySet(0));
                    } catch (Exception e) {
                        throw new UtilException(e);
                    }
                } catch (UtilException e2) {
                    throw e2;
                }
            } catch (NamingException e3) {
                throw new UtilException((Exception) e3);
            }
        } catch (Throwable th) {
            try {
                ldapContext.setRequestControls(controlArr);
                throw th;
            } catch (Exception e4) {
                throw new UtilException(e4);
            }
        }
    }

    private PasswordPolicy(DirContext dirContext, PropertySet propertySet) throws UtilException {
        this.passwordPolicyEnabled = false;
        this.passwordMinimumLength = 0;
        this.passwordAlphaNumericValue = 0;
        try {
            Property property = propertySet.getProperty("orclpwdpolicyenable");
            if (property != null && new Integer((String) property.getValue(0)).intValue() > 0) {
                this.passwordPolicyEnabled = true;
            }
            Property property2 = propertySet.getProperty("pwdminlength");
            if (property2 != null) {
                this.passwordMinimumLength = new Integer((String) property2.getValue(0)).intValue();
            }
            Property property3 = propertySet.getProperty("orclpwdalphanumeric");
            if (property3 != null) {
                this.passwordAlphaNumericValue = new Integer((String) property3.getValue(0)).intValue();
            }
            Property property4 = propertySet.getProperty("orclpwdillegalvalues");
            if (property4 != null) {
                passwordIllegalValues = new String[property4.size()];
                for (int i = 0; i < property4.size(); i++) {
                    passwordIllegalValues[i] = (String) property4.getValue(i);
                }
            }
        } catch (Exception e) {
            throw new PasswordPolicyException("Invalid Password Policy: " + propertySet.getDN());
        }
    }

    public void validatePassword(String str) throws PasswordPolicyException {
        if (this.passwordPolicyEnabled) {
            validateMinimumLength(str);
            validateAlphaNumericValue(str);
            validateIllegalValues(str);
        }
    }

    public Object getProperties(int i) throws InvalidParameterException {
        if (i == 0) {
            return this.passwordPolicyEnabled ? "1" : DiscoveryHelper.SSL_FALSE;
        }
        if (i == 1) {
            return new Integer(this.passwordMinimumLength).toString();
        }
        if (i == 2) {
            return new Integer(this.passwordAlphaNumericValue).toString();
        }
        if (i == 3) {
            return passwordIllegalValues;
        }
        throw new InvalidParameterException();
    }

    public void validateMinimumLength(String str) throws MinimumLengthException {
        if (str.length() < this.passwordMinimumLength) {
            throw new MinimumLengthException("Password must have at least " + this.passwordMinimumLength + " characters.");
        }
    }

    public void validateAlphaNumericValue(String str) throws NumericCharacterException {
        if (str.length() - str.replaceAll("[0-9]", "").length() < this.passwordAlphaNumericValue) {
            throw new NumericCharacterException("Password must have at least " + this.passwordAlphaNumericValue + " alphanumeric [0,9] characters.");
        }
    }

    public void validateIllegalValues(String str) throws IllegalValueException {
        if (passwordIllegalValues == null || passwordIllegalValues.length <= 0) {
            return;
        }
        for (int i = 0; i < passwordIllegalValues.length; i++) {
            if (str.equals(passwordIllegalValues[i])) {
                throw new IllegalValueException("Illegal Password value is detected: " + passwordIllegalValues[i]);
            }
        }
    }
}
