package com.sun.identity.authentication.service;

import com.iplanet.am.sdk.AMUser;
import com.iplanet.am.util.Locale;
import com.sun.identity.common.AccountLockoutInfo;
import com.sun.identity.common.ISAccountLockout;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import netscape.ldap.util.DN;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:120091-08/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/authentication/service/AMAccountLockout.class */
public class AMAccountLockout {
    LoginState loginState;
    public boolean loginFailureLockoutMode;
    private long loginFailureLockoutTime;
    private int loginFailureLockoutCount;
    private String loginLockoutNotification;
    private int loginLockoutUserWarning;
    private long loginFailureLockoutDuration;
    public String loginLockoutAttrValue;
    public String loginLockoutAttrName;
    private ISAccountLockout isAccountLockout;
    private static final String USER_ACTIVE = "active";
    private static final String FALSE_VALUE = "false";
    private static final String INETUSERSTATUS_ATTR = "inetuserstatus";
    private static final String LOGIN_STATUS_ATTR = "iplanet-am-user-login-status";
    private static final String NSACCOUNTLOCK_ATTR = "nsaccountlock";
    private static AuthD ad = AuthD.getAuth();
    static Map loginFailHash = Collections.synchronizedMap(new HashMap());
    static String bundleName = "amAuth";
    private int userWarningCount = 0;
    private AccountLockoutInfo acInfo = null;
    String token = null;
    private boolean accountLocked = false;

    public AMAccountLockout(LoginState loginState) {
        this.loginState = null;
        this.loginFailureLockoutMode = false;
        this.loginFailureLockoutTime = 300L;
        this.loginFailureLockoutCount = 5;
        this.loginLockoutNotification = null;
        this.loginLockoutUserWarning = 3;
        this.loginFailureLockoutDuration = 0L;
        this.loginLockoutAttrValue = null;
        this.loginLockoutAttrName = null;
        this.loginState = loginState;
        this.loginFailureLockoutTime = loginState.getLoginFailureLockoutTime();
        this.loginFailureLockoutCount = loginState.getLoginFailureLockoutCount();
        this.loginLockoutNotification = loginState.getLoginLockoutNotification();
        this.loginLockoutUserWarning = loginState.getLoginLockoutUserWarning();
        this.loginLockoutAttrName = loginState.getLoginLockoutAttrName();
        this.loginLockoutAttrValue = loginState.getLoginLockoutAttrValue();
        this.loginFailureLockoutDuration = loginState.getLoginFailureLockoutDuration();
        this.loginFailureLockoutMode = loginState.getLoginFailureLockoutMode();
        this.isAccountLockout = new ISAccountLockout(this.loginFailureLockoutMode, this.loginFailureLockoutTime, this.loginFailureLockoutCount, this.loginLockoutNotification, this.loginLockoutUserWarning, this.loginLockoutAttrName, this.loginLockoutAttrValue, this.loginFailureLockoutDuration, bundleName);
    }

    public void invalidPasswd(String str) {
        try {
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("invalidPasswd ... :").append(str).toString());
            }
            this.token = str;
            if (this.isAccountLockout.isLockoutEnabled()) {
                String userDN = getUserDN(str);
                if (userDN != null) {
                    this.acInfo = (AccountLockoutInfo) loginFailHash.get(userDN);
                    if (this.acInfo != null) {
                        this.acInfo.setUserToken(str);
                    }
                    AuthD authD3 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD4 = ad;
                        AuthD.debug.message(new StringBuffer().append("userDN is. : ").append(userDN).toString());
                        AuthD authD5 = ad;
                        AuthD.debug.message(new StringBuffer().append("LoginFailHash is.. :").append(loginFailHash).toString());
                        AuthD authD6 = ad;
                        AuthD.debug.message(new StringBuffer().append("acInfo is.. :").append(this.acInfo).toString());
                    }
                    this.acInfo = this.isAccountLockout.invalidPasswd(AuthD.getAuth().getSDK().getUser(userDN), this.acInfo);
                    loginFailHash.put(userDN, this.acInfo);
                }
            } else {
                AuthD authD7 = ad;
                AuthD.debug.message("Failure lockout mode disabled");
            }
        } catch (Exception e) {
            AuthD authD8 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD9 = ad;
                AuthD.debug.message("Error ", e);
            }
        }
    }

    public boolean isAccountExpired() {
        AuthD authD = ad;
        AuthD.debug.message("in isAccountExpired");
        String accountLife = this.loginState.getAccountLife();
        if (accountLife == null) {
            AuthD authD2 = ad;
            if (!AuthD.debug.messageEnabled()) {
                return false;
            }
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("EXIT accountLife is null :").append(accountLife).toString());
            return false;
        }
        Date parseNormalizedDateString = Locale.parseNormalizedDateString(accountLife);
        AuthD authD4 = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD5 = ad;
            AuthD.debug.message(new StringBuffer().append("exprDate = ").append(parseNormalizedDateString).toString());
        }
        if (parseNormalizedDateString != null) {
            return parseNormalizedDateString.before(new Date());
        }
        return false;
    }

    public int getWarnUserCount() {
        return getWarnUserCount(this.token);
    }

    public int getWarnUserCount(String str) {
        String userDN = getUserDN(str);
        if (userDN != null) {
            AccountLockoutInfo accountLockoutInfo = (AccountLockoutInfo) loginFailHash.get(userDN);
            if (accountLockoutInfo != null) {
                this.userWarningCount = accountLockoutInfo.getWarningCount();
            }
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("Warning count is . :").append(this.userWarningCount).toString());
            }
        }
        return this.userWarningCount;
    }

    public void sendLockOutNotice(String str) {
        this.isAccountLockout.sendLockOutNotice(str);
    }

    public void resetPasswdLockout(String str) {
        String userDN = getUserDN(str);
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("resetPasswordFailCount: token=").append(str).append("  useDN=").append(userDN).toString());
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("loginFailHash is : ").append(loginFailHash).toString());
        }
        if (userDN != null) {
            loginFailHash.remove(userDN);
            this.userWarningCount = 0;
            this.acInfo = null;
        }
    }

    public boolean isLockedOut() {
        return isLockedOut(normalizeDN(this.loginState.getUserDN()));
    }

    public boolean isLockedOut(String str) {
        boolean z = false;
        try {
            if (this.isAccountLockout.isMemoryLocking()) {
                String userDN = getUserDN(str);
                if (loginFailHash != null && !loginFailHash.isEmpty()) {
                    this.acInfo = (AccountLockoutInfo) loginFailHash.get(userDN);
                    AuthD authD = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD2 = ad;
                        AuthD.debug.message(new StringBuffer().append("isLockedOut:userDN=").append(userDN).toString());
                        AuthD authD3 = ad;
                        AuthD.debug.message(new StringBuffer().append("isLockedOut:loginFailHash=").append(loginFailHash).toString());
                        AuthD authD4 = ad;
                        AuthD.debug.message(new StringBuffer().append("isLockedOut:acInfo=").append(this.acInfo).toString());
                    }
                    if (this.acInfo != null) {
                        z = this.isAccountLockout.isLockedOut(this.acInfo);
                        if (!z && this.acInfo.isLockout()) {
                            loginFailHash.remove(userDN);
                        }
                    }
                    AuthD authD5 = ad;
                    if (AuthD.debug.messageEnabled()) {
                        AuthD authD6 = ad;
                        AuthD.debug.message(new StringBuffer().append("isLockedOut :").append(z).toString());
                    }
                }
            }
        } catch (Exception e) {
            AuthD authD7 = ad;
            AuthD.debug.message("Exception ", e);
        }
        return z;
    }

    public boolean isAccountLocked(String str) {
        boolean z = false;
        try {
            String userDN = getUserDN(str);
            this.acInfo = (AccountLockoutInfo) loginFailHash.get(userDN);
            AMUser user = AuthD.getAuth().getSDK().getUser(userDN);
            AuthD authD = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD2 = ad;
                AuthD.debug.message(new StringBuffer().append("userDN=").append(userDN).toString());
                AuthD authD3 = ad;
                AuthD.debug.message(new StringBuffer().append("loginFailHash=").append(loginFailHash).toString());
                AuthD authD4 = ad;
                AuthD.debug.message(new StringBuffer().append("acInfo=").append(this.acInfo).toString());
            }
            if (this.isAccountLockout.isMemoryLocking() && this.acInfo != null) {
                z = this.acInfo.isLockout();
            } else if (isAccountValid(user)) {
                z = this.isAccountLockout.isAccountLocked(user);
                if (z) {
                    resetPasswdLockout(str);
                }
            } else {
                z = true;
                resetPasswdLockout(str);
            }
            AuthD authD5 = ad;
            if (AuthD.debug.messageEnabled()) {
                AuthD authD6 = ad;
                AuthD.debug.message(new StringBuffer().append("isLockedOut :").append(z).toString());
            }
        } catch (Exception e) {
            AuthD authD7 = ad;
            AuthD.debug.message("Exception ", e);
        }
        return z;
    }

    /* JADX WARN: Removed duplicated region for block: B:24:0x00b0  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    boolean isAccountValid(com.iplanet.am.sdk.AMUser r5) {
        /*
            r4 = this;
            r0 = 1
            r6 = r0
            r0 = r5
            java.lang.String r1 = "inetuserstatus"
            java.lang.String r0 = r0.getStringAttribute(r1)     // Catch: java.lang.Exception -> L92
            r7 = r0
            r0 = r5
            java.lang.String r1 = "iplanet-am-user-login-status"
            java.lang.String r0 = r0.getStringAttribute(r1)     // Catch: java.lang.Exception -> L92
            r8 = r0
            r0 = r8
            if (r0 == 0) goto L22
            r0 = r8
            int r0 = r0.length()     // Catch: java.lang.Exception -> L92
            if (r0 != 0) goto L26
        L22:
            java.lang.String r0 = "active"
            r8 = r0
        L26:
            r0 = r5
            java.lang.String r1 = "nsaccountlock"
            java.lang.String r0 = r0.getStringAttribute(r1)     // Catch: java.lang.Exception -> L92
            r9 = r0
            r0 = r9
            if (r0 == 0) goto L3d
            r0 = r9
            int r0 = r0.length()     // Catch: java.lang.Exception -> L92
            if (r0 != 0) goto L41
        L3d:
            java.lang.String r0 = "false"
            r9 = r0
        L41:
            com.sun.identity.authentication.service.AuthD r0 = com.sun.identity.authentication.service.AMAccountLockout.ad     // Catch: java.lang.Exception -> L92
            com.iplanet.am.util.Debug r0 = com.sun.identity.authentication.service.AuthD.debug     // Catch: java.lang.Exception -> L92
            boolean r0 = r0.messageEnabled()     // Catch: java.lang.Exception -> L92
            if (r0 == 0) goto L6c
            com.sun.identity.authentication.service.AuthD r0 = com.sun.identity.authentication.service.AMAccountLockout.ad     // Catch: java.lang.Exception -> L92
            com.iplanet.am.util.Debug r0 = com.sun.identity.authentication.service.AuthD.debug     // Catch: java.lang.Exception -> L92
            java.lang.StringBuffer r1 = new java.lang.StringBuffer     // Catch: java.lang.Exception -> L92
            r2 = r1
            r2.<init>()     // Catch: java.lang.Exception -> L92
            java.lang.String r2 = "nsAccountVal:"
            java.lang.StringBuffer r1 = r1.append(r2)     // Catch: java.lang.Exception -> L92
            r2 = r9
            java.lang.StringBuffer r1 = r1.append(r2)     // Catch: java.lang.Exception -> L92
            java.lang.String r1 = r1.toString()     // Catch: java.lang.Exception -> L92
            r0.message(r1)     // Catch: java.lang.Exception -> L92
        L6c:
            r0 = r7
            java.lang.String r1 = "active"
            boolean r0 = r0.equalsIgnoreCase(r1)     // Catch: java.lang.Exception -> L92
            if (r0 == 0) goto L8d
            r0 = r8
            java.lang.String r1 = "active"
            boolean r0 = r0.equalsIgnoreCase(r1)     // Catch: java.lang.Exception -> L92
            if (r0 == 0) goto L8d
            r0 = r9
            java.lang.String r1 = "false"
            boolean r0 = r0.equalsIgnoreCase(r1)     // Catch: java.lang.Exception -> L92
            if (r0 == 0) goto L8d
            r0 = 1
            goto L8e
        L8d:
            r0 = 0
        L8e:
            r6 = r0
            goto La3
        L92:
            r7 = move-exception
            com.sun.identity.authentication.service.AuthD r0 = com.sun.identity.authentication.service.AMAccountLockout.ad
            com.iplanet.am.util.Debug r0 = com.sun.identity.authentication.service.AuthD.debug
            java.lang.String r1 = "Error :"
            r2 = r7
            r0.message(r1, r2)
            goto La3
        La3:
            com.sun.identity.authentication.service.AuthD r0 = com.sun.identity.authentication.service.AMAccountLockout.ad
            com.iplanet.am.util.Debug r0 = com.sun.identity.authentication.service.AuthD.debug
            boolean r0 = r0.messageEnabled()
            if (r0 == 0) goto Lcd
            com.sun.identity.authentication.service.AuthD r0 = com.sun.identity.authentication.service.AMAccountLockout.ad
            com.iplanet.am.util.Debug r0 = com.sun.identity.authentication.service.AuthD.debug
            java.lang.StringBuffer r1 = new java.lang.StringBuffer
            r2 = r1
            r2.<init>()
            java.lang.String r2 = "Userenabled..."
            java.lang.StringBuffer r1 = r1.append(r2)
            r2 = r6
            java.lang.StringBuffer r1 = r1.append(r2)
            java.lang.String r1 = r1.toString()
            r0.message(r1)
        Lcd:
            r0 = r6
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.authentication.service.AMAccountLockout.isAccountValid(com.iplanet.am.sdk.AMUser):boolean");
    }

    private String getUserDN(String str) {
        String str2 = str;
        if (str != null) {
            try {
                if (this.isAccountLockout.isMemoryLocking()) {
                    str2 = !DN.isDN(str) ? this.loginState.tokenToDN(str) : str;
                } else if (this.loginState.getUserProfile(str, true)) {
                    AuthD authD = ad;
                    AuthD.debug.message("Found user profile... ");
                    str2 = this.loginState.getUserDN();
                }
            } catch (Exception e) {
                AuthD authD2 = ad;
                AuthD.debug.message("Exception getUserDN ", e);
            }
            str2 = normalizeDN(str2);
        }
        return str2;
    }

    private String normalizeDN(String str) {
        String str2 = str;
        if (str != null && DN.isDN(str)) {
            str2 = new DN(str).toRFCString().toLowerCase();
        }
        AuthD authD = ad;
        if (AuthD.debug.messageEnabled()) {
            AuthD authD2 = ad;
            AuthD.debug.message(new StringBuffer().append("Original DN is:").append(str).toString());
            AuthD authD3 = ad;
            AuthD.debug.message(new StringBuffer().append("Normalized DN is:").append(str2).toString());
        }
        return str2;
    }
}
