package org.artifactory.ui.rest.service.admin.security.user.userprofile;

import org.apache.commons.lang.StringUtils;
import org.artifactory.api.security.AuthorizationService;
import org.artifactory.api.security.PasswordEncryptionFailureException;
import org.artifactory.api.security.UserGroupService;
import org.artifactory.common.ArtifactoryHome;
import org.artifactory.common.crypto.CryptoHelper;
import org.artifactory.factory.InfoFactoryHolder;
import org.artifactory.rest.common.service.ArtifactoryRestRequest;
import org.artifactory.rest.common.service.RestResponse;
import org.artifactory.rest.common.service.RestService;
import org.artifactory.security.MutableUserInfo;
import org.artifactory.security.UserInfo;
import org.artifactory.ui.rest.model.admin.configuration.bintray.BintrayUIModel;
import org.artifactory.ui.rest.model.admin.configuration.ssh.SshClientUIModel;
import org.artifactory.ui.rest.model.admin.security.login.UserLogin;
import org.artifactory.ui.rest.model.admin.security.user.User;
import org.artifactory.ui.rest.model.admin.security.user.UserProfile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;

@Scope("prototype")
@Component
/* loaded from: input_file:org/artifactory/ui/rest/service/admin/security/user/userprofile/UnlockUserProfileService.class */
public class UnlockUserProfileService implements RestService {
    private static final Logger log = LoggerFactory.getLogger(UnlockUserProfileService.class);

    @Autowired
    private AuthorizationService authorizationService;

    @Autowired
    private UserGroupService userGroupService;

    @Autowired
    private UserProfileHelperService userProfileHelperService;

    public void execute(ArtifactoryRestRequest artifactoryRestRequest, RestResponse restResponse) {
        fetchUserProfile(restResponse, (UserLogin) artifactoryRestRequest.getImodel());
    }

    private void fetchUserProfile(RestResponse restResponse, UserLogin userLogin) {
        UserInfo loadUserInfo = this.userProfileHelperService.loadUserInfo();
        if (loadUserInfo.isAnonymous()) {
            restResponse.error("Unable to unlock settings for anonymous user");
            return;
        }
        String password = userLogin.getPassword();
        if (!this.authorizationService.requireProfileUnlock() || this.userProfileHelperService.authenticate(loadUserInfo, password)) {
            restResponse.iModel(getUserProfile(loadUserInfo, userLogin));
        } else {
            restResponse.error("The specified password is incorrect");
        }
    }

    private UserProfile getUserProfile(UserInfo userInfo, UserLogin userLogin) {
        UserProfile userProfile = new UserProfile();
        updateUserInfo(userInfo, userProfile, userLogin);
        updateBintrayData(userInfo, userProfile);
        updateSshInfo(userInfo, userProfile);
        return userProfile;
    }

    private void updateUserInfo(UserInfo userInfo, UserProfile userProfile, UserLogin userLogin) {
        User user = new User();
        user.setRealm(userInfo.getRealm());
        user.setEmail(userInfo.getEmail());
        user.setProfileUpdatable(userInfo.isUpdatableProfile());
        user.setInternalPasswordDisabled(userInfo.isPasswordDisabled());
        userProfile.setUser(user);
        MutableUserInfo copyUser = InfoFactoryHolder.get().copyUser(userInfo);
        try {
            user.setPassword(this.userGroupService.createEncryptedPasswordIfNeeded(copyUser, userLogin.getPassword()));
        } catch (Exception e) {
            if (e instanceof PasswordEncryptionFailureException) {
                resetUserKeys(copyUser);
                log.trace("Fallback retrieving the encrypted password");
                try {
                    user.setPassword(this.userGroupService.createEncryptedPasswordIfNeeded(copyUser, userLogin.getPassword()));
                } catch (PasswordEncryptionFailureException e2) {
                    resetUserKeys(copyUser);
                    this.userGroupService.updateUser(copyUser, false);
                    user.setPassword(null);
                    throw new IllegalStateException("Fallback password encryption failed", e);
                }
            }
        }
    }

    private void resetUserKeys(MutableUserInfo mutableUserInfo) {
        mutableUserInfo.setPrivateKey((String) null);
        mutableUserInfo.setPublicKey((String) null);
    }

    private void updateBintrayData(UserInfo userInfo, UserProfile userProfile) {
        String[] strArr = null;
        String bintrayAuth = userInfo.getBintrayAuth();
        if (userInfo.getBintrayAuth() != null) {
            if (CryptoHelper.isArtifactoryKeyEncrypted(bintrayAuth)) {
                bintrayAuth = CryptoHelper.decryptIfNeeded(ArtifactoryHome.get(), bintrayAuth);
            }
            strArr = bintrayAuth.split(":");
        }
        BintrayUIModel bintrayUIModel = new BintrayUIModel();
        if (strArr != null && strArr.length > 1) {
            bintrayUIModel.setUserName(strArr[0]);
            bintrayUIModel.setApiKey(strArr[1]);
        }
        userProfile.setBintray(bintrayUIModel);
    }

    private void updateSshInfo(UserInfo userInfo, UserProfile userProfile) {
        String first = this.userGroupService.findPropertiesForUser(userInfo.getUsername()).getFirst("sshPublicKey");
        SshClientUIModel sshClientUIModel = new SshClientUIModel();
        if (StringUtils.isNotBlank(first)) {
            sshClientUIModel.setPublicKey(first);
        }
        userProfile.setSsh(sshClientUIModel);
    }
}
