package com.sun.identity.common;

import com.iplanet.am.sdk.AMConstants;
import com.iplanet.am.sdk.AMException;
import com.iplanet.am.sdk.AMInvalidDNException;
import com.iplanet.am.sdk.AMSDKBundle;
import com.iplanet.am.sdk.AMServiceUtils;
import com.iplanet.am.sdk.AMUserPasswordValidation;
import com.iplanet.am.util.Debug;
import com.iplanet.sso.SSOToken;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.sm.SchemaType;
import com.sun.identity.sm.ServiceConfig;
import java.security.AccessController;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;

/* loaded from: input_file:120955-01/SUNWamsdk/reloc/SUNWam/lib/am_sdk.jar:com/sun/identity/common/AMUserPasswordValidationPlugin.class */
public class AMUserPasswordValidationPlugin extends AMUserPasswordValidation implements AMConstants {
    static Debug debug = Debug.getInstance("amProfile_ldap");
    private static String SEPERATOR = "|";

    @Override // com.iplanet.am.sdk.AMUserPasswordValidation
    public void validateUserID(String str, Map map) throws AMException {
        StringBuffer stringBuffer = new StringBuffer(10);
        String orgUserInvalidChars = getOrgUserInvalidChars((String) map.get(Constants.ORGANIZATION_NAME), (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance()));
        if (str == null || str.equals("")) {
            debug.error(new StringBuffer().append("AMUserPasswordValidationPlugin.validateUserID() : Source string is null or empty").append(str).toString());
            throw new AMInvalidDNException(AMSDKBundle.getString("157"), "157");
        }
        if (orgUserInvalidChars == null || orgUserInvalidChars.length() == 0) {
            debug.error(new StringBuffer().append("AMUserPasswordValidationPlugin.validateUserID() : List of invalid characters is null or empty").append(orgUserInvalidChars).toString());
            throw new AMInvalidDNException(AMSDKBundle.getString("157"), "157");
        }
        StringTokenizer stringTokenizer = new StringTokenizer(orgUserInvalidChars, SEPERATOR);
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (str.indexOf(nextToken) > -1) {
                debug.error("AMUserPasswordValidationPlugin.validateUserID() : Detected invalid chars ...");
                debug.error(new StringBuffer().append("AMUserPasswordValidationPlugin.validateUserID() : User Name validation Failed:").append(nextToken).toString());
                stringBuffer.append(nextToken).append(" ");
            }
        }
        Object[] objArr = {str, stringBuffer.toString()};
        if (stringBuffer.length() != 0) {
            throw new AMException(AMSDKBundle.getString("1002", objArr), "1002", objArr);
        }
    }

    private String getOrgUserInvalidChars(String str, SSOToken sSOToken) {
        try {
            ServiceConfig orgConfig = AMServiceUtils.getOrgConfig(sSOToken, str, "iPlanetAMAdminConsoleService");
            if (orgConfig == null) {
                return getGlobalUserInvalidChars(sSOToken);
            }
            Set set = (Set) orgConfig.getAttributes().get(AMConstants.INVALID_USERID_CHARACTERS);
            if (set == null || set.isEmpty()) {
                return null;
            }
            return (String) set.iterator().next();
        } catch (Exception e) {
            return getGlobalUserInvalidChars(sSOToken);
        }
    }

    private String getGlobalUserInvalidChars(SSOToken sSOToken) {
        if (debug.messageEnabled()) {
            debug.message("AMUserPasswordValidationPlugin.getGlobalUserInvalidChars(): Organization config for service (iPlanetAMAdminConsoleService,iplanet-am-admin-console-invalid-chars) not found. Obtaining default service config values ..");
        }
        try {
            Map serviceConfig = AMServiceUtils.getServiceConfig(sSOToken, "iPlanetAMAdminConsoleService", SchemaType.ORGANIZATION);
            if (serviceConfig == null) {
                return null;
            }
            Set set = (Set) serviceConfig.get(AMConstants.INVALID_USERID_CHARACTERS);
            if (set == null || set.isEmpty()) {
                return null;
            }
            return (String) set.iterator().next();
        } catch (Exception e) {
            if (!debug.warningEnabled()) {
                return null;
            }
            debug.warning("AMUserPasswordValidationPlugin.getGlobalUserInvalidChars(): Unable to get UserID invalid characters", e);
            return null;
        }
    }
}
