package com.sun.enterprise.security.cli;

import com.sun.enterprise.config.serverbeans.AuthRealm;
import com.sun.enterprise.config.serverbeans.Config;
import com.sun.enterprise.config.serverbeans.Domain;
import com.sun.enterprise.config.serverbeans.SecurityService;
import com.sun.enterprise.config.serverbeans.Server;
import com.sun.enterprise.security.auth.realm.NoSuchRealmException;
import com.sun.enterprise.security.auth.realm.RealmsManager;
import com.sun.enterprise.security.auth.realm.file.FileRealm;
import com.sun.enterprise.util.LocalStringManagerImpl;
import java.util.Enumeration;
import java.util.Iterator;
import org.glassfish.admin.rest.Constants;
import org.glassfish.api.ActionReport;
import org.glassfish.api.I18n;
import org.glassfish.api.Param;
import org.glassfish.api.admin.AdminCommand;
import org.glassfish.api.admin.AdminCommandContext;
import org.glassfish.api.admin.Cluster;
import org.glassfish.api.admin.RuntimeType;
import org.glassfish.api.admin.ServerEnvironment;
import org.glassfish.config.support.CommandTarget;
import org.glassfish.config.support.TargetType;
import org.jvnet.hk2.annotations.Inject;
import org.jvnet.hk2.annotations.Scoped;
import org.jvnet.hk2.annotations.Service;
import org.jvnet.hk2.component.PerLookup;
import org.jvnet.hk2.config.types.Property;

@Service(name = "change-admin-password")
@Scoped(PerLookup.class)
@TargetType({CommandTarget.DAS, CommandTarget.STANDALONE_INSTANCE, CommandTarget.CLUSTER})
@I18n("change.admin.password")
@Cluster({RuntimeType.DAS, RuntimeType.INSTANCE})
/* loaded from: input_file:com/sun/enterprise/security/cli/ChangeAdminPassword.class */
public class ChangeAdminPassword implements AdminCommand {
    private static final LocalStringManagerImpl localStrings = new LocalStringManagerImpl(ChangeAdminPassword.class);

    @Param(name = "password", password = true)
    private String oldpassword;

    @Param(name = "newpassword", password = true)
    private String newpassword;

    @Param(name = "username", primary = true)
    private String userName;

    @Param(name = "target", optional = true, defaultValue = "server")
    private String target;

    @Inject(name = ServerEnvironment.DEFAULT_INSTANCE_NAME)
    private Config config;

    @Inject
    private Domain domain;

    @Inject
    private RealmsManager realmsManager;
    private static final String ADMIN_REALM = "admin-realm";

    @Override // org.glassfish.api.admin.AdminCommand
    public void execute(AdminCommandContext adminCommandContext) {
        ActionReport actionReport = adminCommandContext.getActionReport();
        Server serverNamed = this.domain.getServerNamed(this.target);
        if (serverNamed != null) {
            this.config = this.domain.getConfigNamed(serverNamed.getConfigRef());
        }
        com.sun.enterprise.config.serverbeans.Cluster clusterNamed = this.domain.getClusterNamed(this.target);
        if (clusterNamed != null) {
            this.config = this.domain.getConfigNamed(clusterNamed.getConfigRef());
        }
        SecurityService securityService = this.config.getSecurityService();
        AuthRealm authRealm = null;
        Iterator<AuthRealm> it = securityService.getAuthRealm().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            AuthRealm next = it.next();
            if (next.getName().equals("admin-realm")) {
                authRealm = next;
                break;
            }
        }
        if (authRealm == null) {
            actionReport.setMessage(localStrings.getLocalString("change.admin.password.adminrealmnotfound", "Server Error: There is no admin realm to perform this operation"));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        String classname = authRealm.getClassname();
        if (classname != null && !classname.equals(org.glassfish.admin.amx.intf.config.AuthRealm.DEFAULT_REALM_CLASSNAME)) {
            actionReport.setMessage(localStrings.getLocalString("change.admin.password.adminrealmnotsupported", "Configured admin realm is not supported."));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        String str = null;
        for (Property property : authRealm.getProperty()) {
            if (property.getName().equals("file")) {
                str = property.getValue();
            }
        }
        if (str == null) {
            actionReport.setMessage(localStrings.getLocalString("change.admin.password.keyfilenotfound", "There is no physical file associated with admin realm"));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        try {
            this.realmsManager.createRealms(securityService);
            FileRealm fileRealm = (FileRealm) this.realmsManager.getFromLoadedRealms(authRealm.getName());
            if (fileRealm == null) {
                throw new NoSuchRealmException(authRealm.getName());
            }
            try {
                Enumeration groupNames = fileRealm.getGroupNames(this.userName);
                int i = 0;
                while (groupNames.hasMoreElements()) {
                    i++;
                    groupNames.nextElement();
                }
                String[] strArr = new String[i];
                Enumeration groupNames2 = fileRealm.getGroupNames(this.userName);
                for (int i2 = 0; i2 < i; i2++) {
                    strArr[i2] = (String) groupNames2.nextElement();
                }
                fileRealm.updateUser(this.userName, this.userName, this.newpassword.toCharArray(), strArr);
                fileRealm.writeKeyFile(str);
                actionReport.setActionExitCode(ActionReport.ExitCode.SUCCESS);
            } catch (Exception e) {
                actionReport.setMessage(localStrings.getLocalString("change.admin.password.userupdatefailed", "Password change failed for user named {0}", this.userName) + Constants.INDENT + e.getLocalizedMessage());
                actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                actionReport.setFailureCause(e);
            }
        } catch (NoSuchRealmException e2) {
            actionReport.setMessage(localStrings.getLocalString("change.admin.password.realmnotsupported", "Configured admin realm does not exist.") + Constants.INDENT + e2.getLocalizedMessage());
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            actionReport.setFailureCause(e2);
        }
    }
}
