package org.gatein.portal.installer;

import java.math.BigInteger;
import java.security.SecureRandom;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.jcr.Session;
import org.exoplatform.commons.utils.PropertyManager;
import org.exoplatform.container.ExoContainerContext;
import org.exoplatform.container.PortalContainer;
import org.exoplatform.container.component.RequestLifeCycle;
import org.exoplatform.container.xml.InitParams;
import org.exoplatform.container.xml.ValueParam;
import org.exoplatform.services.jcr.RepositoryService;
import org.exoplatform.services.jcr.core.ManageableRepository;
import org.exoplatform.services.log.ExoLogger;
import org.exoplatform.services.log.Log;
import org.exoplatform.services.organization.Group;
import org.exoplatform.services.organization.MembershipType;
import org.exoplatform.services.organization.OrganizationService;
import org.exoplatform.services.organization.User;
import org.exoplatform.services.organization.UserStatus;
import org.picocontainer.Startable;

/* loaded from: input_file:org/gatein/portal/installer/PortalSetupService.class */
public class PortalSetupService implements Startable {
    public static final String GATEIN_SETUP_ENABLE = "gatein.portal.setup.enable";
    public static final String ROOT_PASSWORD_PROPERTY = "gatein.portal.setup.initialpassword.root";
    private static final String SETUP_FLAG = "gatein-setup-flag";
    private String jcrWS;
    private String jcrRepo;
    private ManageableRepository repository;
    private Map<String, Boolean> setup = new ConcurrentHashMap();
    private OrganizationService orgService;
    private RepositoryService jcrService;
    private static Log log = ExoLogger.getLogger(PortalSetupService.class);
    private static String SALT = "unodostrescuatro";
    private static int COUNT = 9;
    private static String KEY = "somearbitrarycrazystringthatdoesnotmatter";

    public PortalSetupService(InitParams initParams, OrganizationService organizationService, RepositoryService repositoryService) throws Exception {
        ValueParam valueParam = initParams.getValueParam("repository");
        if (valueParam != null) {
            this.jcrRepo = valueParam.getValue().trim();
        }
        ValueParam valueParam2 = initParams.getValueParam("workspace");
        if (valueParam2 != null) {
            this.jcrWS = valueParam2.getValue().trim();
        }
        this.orgService = organizationService;
        this.jcrService = repositoryService;
    }

    public void start() {
        try {
            if (this.jcrRepo != null) {
                this.repository = this.jcrService.getRepository(this.jcrRepo);
            } else {
                this.repository = this.jcrService.getCurrentRepository();
            }
            if (this.jcrWS == null) {
                this.jcrWS = this.repository.getConfiguration().getDefaultWorkspaceName();
            }
        } catch (Exception e) {
            log.error("Can't get JCR repository", e);
        }
        if (isEnable()) {
            RequestLifeCycle.begin(PortalContainer.getInstance());
            checkJcrFlag();
            try {
                try {
                    if (!isSetup()) {
                        User rootUser = getRootUser();
                        rootUser.setPassword(rootPassword());
                        this.orgService.getUserHandler().saveUser(rootUser, true);
                    }
                } catch (Exception e2) {
                    throw new RuntimeException(e2);
                }
            } finally {
                RequestLifeCycle.end();
            }
        }
    }

    public User getRootUser() throws Exception {
        User findUserByName = this.orgService.getUserHandler().findUserByName("root", UserStatus.ANY);
        if (findUserByName == null) {
            findUserByName = this.orgService.getUserHandler().createUserInstance("root");
            findUserByName.setFirstName("Root");
            findUserByName.setLastName("Root");
            findUserByName.setEmail("root@localhost");
            findUserByName.setDisplayName("root");
            this.orgService.getUserHandler().createUser(findUserByName, true);
            MembershipType findMembershipType = this.orgService.getMembershipTypeHandler().findMembershipType("manager");
            MembershipType findMembershipType2 = this.orgService.getMembershipTypeHandler().findMembershipType("member");
            Group findGroupById = this.orgService.getGroupHandler().findGroupById("/platform/administrators");
            Group findGroupById2 = this.orgService.getGroupHandler().findGroupById("/platform/users");
            Group findGroupById3 = this.orgService.getGroupHandler().findGroupById("/organization/management/executive-board");
            this.orgService.getMembershipHandler().linkMembership(findUserByName, findGroupById, findMembershipType, true);
            this.orgService.getMembershipHandler().linkMembership(findUserByName, findGroupById2, findMembershipType2, true);
            this.orgService.getMembershipHandler().linkMembership(findUserByName, findGroupById3, findMembershipType2, true);
        }
        return findUserByName;
    }

    private String getPCName() {
        return ExoContainerContext.getCurrentContainer().getContext().getPortalContainerName();
    }

    private void checkJcrFlag() {
        this.setup.put(getPCName(), false);
        try {
            Session jcrSession = getJcrSession();
            if (jcrSession.itemExists("/gatein-setup-flag")) {
                this.setup.put(getPCName(), true);
            }
            jcrSession.logout();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public void setJcrFlag() {
        RequestLifeCycle.begin(PortalContainer.getInstance());
        try {
            try {
                Session jcrSession = getJcrSession();
                jcrSession.getRootNode().addNode(SETUP_FLAG);
                jcrSession.save();
                jcrSession.logout();
                this.setup.put(getPCName(), true);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        } finally {
            RequestLifeCycle.end();
        }
    }

    private String rootPassword() {
        try {
            String decodePassword = decodePassword(System.getProperty(ROOT_PASSWORD_PROPERTY));
            if (decodePassword == null) {
                decodePassword = randomPassword();
                this.setup.put(getPCName(), false);
            } else {
                this.setup.put(getPCName(), true);
                setJcrFlag();
            }
            return decodePassword;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public String decodePassword(String str) throws Exception {
        if (str == null) {
            return null;
        }
        byte[] bytes = SALT.substring(0, 8).getBytes();
        int i = COUNT;
        char[] charArray = KEY.toCharArray();
        return PBEUtils.decode64(str, "PBEwithMD5andDES", SecretKeyFactory.getInstance("PBEwithMD5andDES").generateSecret(new PBEKeySpec(charArray)), new PBEParameterSpec(bytes, i));
    }

    public static String encodePassword(String str) throws Exception {
        if (str == null) {
            return null;
        }
        byte[] bytes = SALT.substring(0, 8).getBytes();
        int i = COUNT;
        char[] charArray = KEY.toCharArray();
        PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bytes, i);
        return PBEUtils.encode64(str.getBytes("UTF-8"), "PBEwithMD5andDES", SecretKeyFactory.getInstance("PBEwithMD5andDES").generateSecret(new PBEKeySpec(charArray)), pBEParameterSpec);
    }

    public boolean isSetup(String str) {
        if (this.setup.get(str) != null) {
            return this.setup.get(str).booleanValue();
        }
        return false;
    }

    public boolean isSetup() {
        return isSetup(getPCName());
    }

    public boolean isEnable() {
        return Boolean.parseBoolean(PropertyManager.getProperty(GATEIN_SETUP_ENABLE));
    }

    public void setFlag() {
        this.setup.put(getPCName(), true);
    }

    private String randomPassword() {
        return new BigInteger(130, new SecureRandom()).toString(8);
    }

    public void stop() {
    }

    private Session getJcrSession() throws Exception {
        if (this.repository == null) {
            throw new IllegalStateException("repository is null, jcrSession can only be retrieved after PortalSetupService has started");
        }
        return this.repository.getSystemSession(this.jcrWS);
    }
}
