package com.mirth.connect.server.util;

import com.mirth.connect.client.core.ControllerException;
import com.mirth.connect.model.Credentials;
import com.mirth.connect.model.PasswordRequirements;
import com.mirth.connect.server.controllers.ControllerFactory;
import com.mirth.connect.server.controllers.UserController;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.regex.Pattern;
import org.apache.commons.configuration2.PropertiesConfiguration;
import org.apache.commons.lang3.StringUtils;
import org.joda.time.DateTime;
import org.joda.time.Duration;

/* loaded from: input_file:com/mirth/connect/server/util/PasswordRequirementsChecker.class */
public class PasswordRequirementsChecker implements Serializable {
    private static final long serialVersionUID = 1;
    private static final String PASSWORD_IS_TOO_SHORT_MINIMUM_LENGTH = "Password is too short. Minimum length is %d characters";
    private static final String PASSWORD_MUST_CONTAIN_A_SPECIAL_CHARACTER = "Password must contain %d special character(s)";
    private static final String PASSWORD_MUST_NOT_CONTAIN_A_SPECIAL_CHARACTER = "Password must not contain a special character";
    private static final String PASSWORD_MUST_CONTAIN_A_NUMERIC_VALUE = "Password must contain %d numeric value(s)";
    private static final String PASSWORD_MUST_NOT_CONTAIN_A_NUMERIC_VALUE = "Password must not contain a numeric value";
    private static final String PASSWORD_MUST_CONTAIN_A_LOWERCASE_LETTER = "Password must contain %d lowercase letter(s)";
    private static final String PASSWORD_MUST_NOT_CONTAIN_A_LOWERCASE_LETTER = "Password must not contain a lowercase letter";
    private static final String PASSWORD_MUST_CONTAIN_AN_UPPERCASE_LETTER = "Password must contain %d uppercase letter(s)";
    private static final String PASSWORD_MUST_NOT_CONTAIN_AN_UPPERCASE_LETTER = "Password not must contain an uppercase letter";
    private static final String PASSWORD_MINLENGTH = "password.minlength";
    private static final String PASSWORD_MIN_NUMERIC = "password.minnumeric";
    private static final String PASSWORD_MIN_LOWER = "password.minlower";
    private static final String PASSWORD_MIN_UPPER = "password.minupper";
    private static final String PASSWORD_MIN_SPECIAL = "password.minspecial";
    private static final String PASSWORD_EXPIRATION = "password.expiration";
    private static final String PASSWORD_GRACE_PERIOD = "password.graceperiod";
    private static final String PASSWORD_RETRY_LIMIT = "password.retrylimit";
    private static final String PASSWORD_LOCKOUT_PERIOD = "password.lockoutperiod";
    private static final String PASSWORD_REUSE_PERIOD = "password.reuseperiod";
    private static final String PASSWORD_REUSE_LIMIT = "password.reuselimit";
    private static PasswordRequirementsChecker instance = null;

    private PasswordRequirementsChecker() {
    }

    public static PasswordRequirementsChecker getInstance() {
        PasswordRequirementsChecker passwordRequirementsChecker;
        synchronized (PasswordRequirementsChecker.class) {
            if (instance == null) {
                instance = new PasswordRequirementsChecker();
            }
            passwordRequirementsChecker = instance;
        }
        return passwordRequirementsChecker;
    }

    public PasswordRequirements loadPasswordRequirements(PropertiesConfiguration propertiesConfiguration) {
        PasswordRequirements passwordRequirements = new PasswordRequirements();
        passwordRequirements.setMinLength(propertiesConfiguration.getInt(PASSWORD_MINLENGTH, 0));
        passwordRequirements.setMinUpper(propertiesConfiguration.getInt(PASSWORD_MIN_UPPER, 0));
        passwordRequirements.setMinLower(propertiesConfiguration.getInt(PASSWORD_MIN_LOWER, 0));
        passwordRequirements.setMinNumeric(propertiesConfiguration.getInt(PASSWORD_MIN_NUMERIC, 0));
        passwordRequirements.setMinSpecial(propertiesConfiguration.getInt(PASSWORD_MIN_SPECIAL, 0));
        passwordRequirements.setExpiration(propertiesConfiguration.getInt(PASSWORD_EXPIRATION, 0));
        passwordRequirements.setGracePeriod(propertiesConfiguration.getInt(PASSWORD_GRACE_PERIOD, 0));
        passwordRequirements.setRetryLimit(propertiesConfiguration.getInt(PASSWORD_RETRY_LIMIT, 0));
        passwordRequirements.setLockoutPeriod(propertiesConfiguration.getInt(PASSWORD_LOCKOUT_PERIOD, 0));
        passwordRequirements.setReusePeriod(propertiesConfiguration.getInt(PASSWORD_REUSE_PERIOD, 0));
        passwordRequirements.setReuseLimit(propertiesConfiguration.getInt(PASSWORD_REUSE_LIMIT, 0));
        return passwordRequirements;
    }

    public List<String> doesPasswordMeetRequirements(Integer num, String str, PasswordRequirements passwordRequirements) {
        ArrayList arrayList = new ArrayList();
        addResult(arrayList, checkMinLower(str, passwordRequirements.getMinLower()));
        addResult(arrayList, checkMinUpper(str, passwordRequirements.getMinUpper()));
        addResult(arrayList, checkMinNumeric(str, passwordRequirements.getMinNumeric()));
        addResult(arrayList, checkMinSpecial(str, passwordRequirements.getMinSpecial()));
        if (passwordRequirements.getMinLength() > 0 && str.length() < passwordRequirements.getMinLength()) {
            addResult(arrayList, String.format(PASSWORD_IS_TOO_SHORT_MINIMUM_LENGTH, Integer.valueOf(passwordRequirements.getMinLength())));
        }
        if (num != null && (passwordRequirements.getReusePeriod() != 0 || passwordRequirements.getReuseLimit() != 0)) {
            try {
                List<Credentials> userCredentials = ControllerFactory.getFactory().createUserController().getUserCredentials(num);
                addResult(arrayList, checkReusePeriod(userCredentials, str, passwordRequirements.getReusePeriod()));
                addResult(arrayList, checkReuseLimit(userCredentials, str, passwordRequirements.getReuseLimit()));
            } catch (ControllerException e) {
                addResult(arrayList, "There was an error checking against previous user passwords.");
            }
        }
        if (arrayList.size() == 0) {
            return null;
        }
        return arrayList;
    }

    private void addResult(List<String> list, String str) {
        if (StringUtils.isNotBlank(str)) {
            list.add(str);
        }
    }

    private String checkMinNumeric(String str, int i) {
        if (i == -1) {
            if (Pattern.compile("[0-9]").matcher(str).find()) {
                return PASSWORD_MUST_NOT_CONTAIN_A_NUMERIC_VALUE;
            }
            return null;
        }
        if (Pattern.compile("(?=(.*[0-9]){" + i + "})").matcher(str).find()) {
            return null;
        }
        return String.format(PASSWORD_MUST_CONTAIN_A_NUMERIC_VALUE, Integer.valueOf(i));
    }

    private String checkMinUpper(String str, int i) {
        if (i == -1) {
            if (Pattern.compile("[A-Z]").matcher(str).find()) {
                return PASSWORD_MUST_NOT_CONTAIN_AN_UPPERCASE_LETTER;
            }
            return null;
        }
        if (Pattern.compile("(?=(.*[A-Z]){" + i + "})").matcher(str).find()) {
            return null;
        }
        return String.format(PASSWORD_MUST_CONTAIN_AN_UPPERCASE_LETTER, Integer.valueOf(i));
    }

    private String checkMinLower(String str, int i) {
        if (i == -1) {
            if (Pattern.compile("[a-z]").matcher(str).find()) {
                return PASSWORD_MUST_NOT_CONTAIN_A_LOWERCASE_LETTER;
            }
            return null;
        }
        if (Pattern.compile("(?=(.*[a-z]){" + i + "})").matcher(str).find()) {
            return null;
        }
        return String.format(PASSWORD_MUST_CONTAIN_A_LOWERCASE_LETTER, Integer.valueOf(i));
    }

    private String checkMinSpecial(String str, int i) {
        if (i == -1) {
            if (Pattern.compile("[!,@,#,$,%,^,&,*,?,_,~,\\+,-,=,\\(,\\),`,\\[,\\],:,;,\",',/,<,>]").matcher(str).find()) {
                return PASSWORD_MUST_NOT_CONTAIN_A_SPECIAL_CHARACTER;
            }
            return null;
        }
        if (Pattern.compile("(?=(.*[!,@,#,$,%,^,&,*,?,_,~,\\+,-,=,\\(,\\),`,\\[,\\],:,;,\",',/,<,>]){" + i + "})").matcher(str).find()) {
            return null;
        }
        return String.format(PASSWORD_MUST_CONTAIN_A_SPECIAL_CHARACTER, Integer.valueOf(i));
    }

    private String checkReusePeriod(List<Credentials> list, String str, int i) {
        if (i == 0) {
            return null;
        }
        UserController createUserController = ControllerFactory.getFactory().createUserController();
        Duration standardDays = i != -1 ? Duration.standardDays(i) : null;
        for (Credentials credentials : list) {
            if ((standardDays == null ? true : standardDays.isLongerThan(new Duration(credentials.getPasswordDate().getTimeInMillis(), System.currentTimeMillis()))) && createUserController.checkPassword(str, credentials.getPassword())) {
                return i == -1 ? "You cannot reuse the same password." : "You cannot reuse the same password within " + i + " days.";
            }
        }
        return null;
    }

    private String checkReuseLimit(List<Credentials> list, String str, int i) {
        if (i == 0) {
            return null;
        }
        UserController createUserController = ControllerFactory.getFactory().createUserController();
        int i2 = 0;
        Iterator<Credentials> it = list.iterator();
        while (it.hasNext()) {
            if (createUserController.checkPassword(str, it.next().getPassword())) {
                i2++;
            }
        }
        if (i2 <= 0 || i2 <= i) {
            return null;
        }
        return i == -1 ? "You cannot reuse the same password." : "You cannot reuse the same password more than " + i + " times.";
    }

    public Calendar getLastExpirationDate(PasswordRequirements passwordRequirements) {
        DateTime dateTime = new DateTime();
        if (passwordRequirements.getReusePeriod() == -1 || passwordRequirements.getReuseLimit() != 0) {
            return null;
        }
        return passwordRequirements.getReusePeriod() == 0 ? Calendar.getInstance() : dateTime.minus(Duration.standardDays(passwordRequirements.getReusePeriod())).toCalendar(Locale.getDefault());
    }
}
