package com.axelor.auth;

import com.axelor.auth.db.User;
import com.axelor.i18n.I18n;
import com.axelor.rpc.ActionRequest;
import com.axelor.rpc.ActionResponse;
import com.axelor.rpc.Context;
import com.google.common.base.Objects;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.inject.persist.Transactional;
import java.util.Map;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.credential.DefaultPasswordService;
import org.apache.shiro.crypto.hash.DefaultHashService;
import org.apache.shiro.crypto.hash.format.ParsableHashFormat;
import org.apache.shiro.crypto.hash.format.Shiro1CryptFormat;

@Singleton
/* loaded from: input_file:com/axelor/auth/AuthService.class */
public class AuthService {
    private final DefaultPasswordService passwordService = new DefaultPasswordService();
    private final DefaultHashService hashService = new DefaultHashService();
    private final ParsableHashFormat hashFormat = new Shiro1CryptFormat();
    public static AuthService instance;

    @Inject
    private AuthLdap authLdap;

    @Inject
    public AuthService(@Named("auth.hash.algorithm") String str, @Named("auth.hash.iterations") int i) {
        this.hashService.setHashAlgorithmName(str);
        this.hashService.setHashIterations(i);
        this.hashService.setGeneratePublicSalt(true);
        this.passwordService.setHashService(this.hashService);
        this.passwordService.setHashFormat(this.hashFormat);
        if (instance != null) {
            throw new RuntimeException("AuthService initialized twice.");
        }
        instance = this;
    }

    public static AuthService getInstance() {
        if (instance == null) {
            throw new IllegalStateException("AuthService is not initialized, did you forget to bind the AuthService?");
        }
        return instance;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean ldapLogin(String str, String str2) throws AuthenticationException {
        return this.authLdap.login(str, str2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean ldapEnabled() {
        return this.authLdap.isEnabled();
    }

    public String encrypt(String str) {
        try {
            this.hashFormat.parse(str);
            return str;
        } catch (IllegalArgumentException e) {
            return this.passwordService.encryptPassword(str);
        }
    }

    public User encrypt(User user) {
        user.setPassword(encrypt(user.getPassword()));
        return user;
    }

    public Object encrypt(Object obj, Map map) {
        return obj instanceof User ? encrypt((User) obj) : obj;
    }

    public boolean match(String str, String str2) {
        if (Objects.equal(str, str2)) {
            return true;
        }
        return this.passwordService.passwordsMatch(str, str2);
    }

    @Transactional
    public void validate(ActionRequest actionRequest, ActionResponse actionResponse) {
        Context context = actionRequest.getContext();
        if (context.get("confirm") == null) {
            return;
        }
        String str = (String) context.get("newPassword");
        if (!Objects.equal(str, (String) context.get("confirm"))) {
            actionResponse.setData(ImmutableList.of(ImmutableMap.of("error", I18n.get("Password doesn't match"))));
            return;
        }
        actionResponse.setValue("password", encrypt(str));
        actionResponse.setValue("newPassword", null);
        actionResponse.setValue("confirm", null);
        actionResponse.setValue("change", false);
    }
}
