package org.apache.directory.server.changepw.service;

import java.util.ArrayList;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.changepw.ChangePasswordConfiguration;
import org.apache.directory.server.changepw.exceptions.ChangePasswordException;
import org.apache.directory.server.changepw.exceptions.ErrorType;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/directory/server/changepw/service/CheckPasswordPolicy.class */
public class CheckPasswordPolicy implements IoHandlerCommand {
    private static final Logger log = LoggerFactory.getLogger(CheckPasswordPolicy.class);
    private String contextKey = "context";

    public void execute(IoHandlerCommand.NextCommand nextCommand, IoSession ioSession, Object obj) throws Exception {
        ChangePasswordContext changePasswordContext = (ChangePasswordContext) ioSession.getAttribute(getContextKey());
        ChangePasswordConfiguration config = changePasswordContext.getConfig();
        KerberosPrincipal clientPrincipal = changePasswordContext.getAuthenticator().getClientPrincipal();
        String password = changePasswordContext.getPassword();
        String name = clientPrincipal.getName();
        int passwordLengthPolicy = config.getPasswordLengthPolicy();
        int categoryCountPolicy = config.getCategoryCountPolicy();
        int tokenSizePolicy = config.getTokenSizePolicy();
        if (isValid(name, password, passwordLengthPolicy, categoryCountPolicy, tokenSizePolicy)) {
            nextCommand.execute(ioSession, obj);
            return;
        }
        String buildErrorMessage = buildErrorMessage(name, password, passwordLengthPolicy, categoryCountPolicy, tokenSizePolicy);
        log.error(buildErrorMessage);
        throw new ChangePasswordException(ErrorType.KRB5_KPASSWD_SOFTERROR, buildErrorMessage.getBytes("UTF-8"));
    }

    boolean isValid(String str, String str2, int i, int i2, int i3) {
        return isValidPasswordLength(str2, i) && isValidCategoryCount(str2, i2) && isValidUsernameSubstring(str, str2, i3);
    }

    boolean isValidPasswordLength(String str, int i) {
        return str.length() >= i;
    }

    boolean isValidCategoryCount(String str, int i) {
        int i2 = 0;
        int i3 = 0;
        int i4 = 0;
        int i5 = 0;
        char[] charArray = str.toCharArray();
        for (int i6 = 0; i6 < charArray.length; i6++) {
            if (Character.isLowerCase(charArray[i6])) {
                i3 = 1;
            } else if (Character.isUpperCase(charArray[i6])) {
                i2 = 1;
            } else if (Character.isDigit(charArray[i6])) {
                i4 = 1;
            } else if (!Character.isLetterOrDigit(charArray[i6])) {
                i5 = 1;
            }
        }
        return ((i2 + i3) + i4) + i5 >= i;
    }

    boolean isValidUsernameSubstring(String str, String str2, int i) {
        String[] split = str.split("[^a-zA-Z]");
        for (int i2 = 0; i2 < split.length; i2++) {
            if (split[i2].length() >= i && str2.matches("(?i).*" + split[i2] + ".*")) {
                return false;
            }
        }
        return true;
    }

    private String buildErrorMessage(String str, String str2, int i, int i2, int i3) {
        ArrayList<String> arrayList = new ArrayList();
        if (!isValidPasswordLength(str2, i)) {
            arrayList.add("length too short");
        }
        if (!isValidCategoryCount(str2, i2)) {
            arrayList.add("insufficient character mix");
        }
        if (!isValidUsernameSubstring(str, str2, i3)) {
            arrayList.add("contains portions of username");
        }
        StringBuffer stringBuffer = new StringBuffer("Password violates policy:  ");
        boolean z = true;
        for (String str3 : arrayList) {
            if (z) {
                z = false;
            } else {
                stringBuffer.append(", ");
            }
            stringBuffer.append(str3);
        }
        return stringBuffer.toString();
    }

    public String getContextKey() {
        return this.contextKey;
    }
}
