package org.apereo.cas.configuration.support;

import java.security.Security;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.env.Environment;

/* loaded from: input_file:WEB-INF/lib/cas-server-core-configuration-5.1.0.jar:org/apereo/cas/configuration/support/CasConfigurationJasyptDecryptor.class */
public class CasConfigurationJasyptDecryptor {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) CasConfigurationJasyptDecryptor.class);
    private static final String ENCRYPTED_VALUE_PREFIX = "{cipher}";
    private final StandardPBEStringEncryptor decryptor = new StandardPBEStringEncryptor();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-configuration-5.1.0.jar:org/apereo/cas/configuration/support/CasConfigurationJasyptDecryptor$JasyptEncryptionParameters.class */
    public enum JasyptEncryptionParameters {
        ALGORITHM("cas.standalone.config.security.alg", "PBEWithMD5AndTripleDES"),
        PROVIDER("cas.standalone.config.security.provider", null),
        ITERATIONS("cas.standalone.config.security.iteration", null),
        PASSWORD("cas.standalone.config.security.psw", null);

        private String name;
        private String defaultValue;

        JasyptEncryptionParameters(String str, String str2) {
            this.name = str;
            this.defaultValue = str2;
        }

        public String getName() {
            return this.name;
        }

        public String getDefaultValue() {
            return this.defaultValue;
        }
    }

    public CasConfigurationJasyptDecryptor(Environment environment) {
        String jasyptParamFromEnv = getJasyptParamFromEnv(environment, JasyptEncryptionParameters.ALGORITHM);
        if (StringUtils.isNotBlank(jasyptParamFromEnv)) {
            LOGGER.debug("Configured decryptor algorithm [{}]", jasyptParamFromEnv);
            this.decryptor.setAlgorithm(jasyptParamFromEnv);
        }
        String jasyptParamFromEnv2 = getJasyptParamFromEnv(environment, JasyptEncryptionParameters.PASSWORD);
        if (StringUtils.isNotBlank(jasyptParamFromEnv2)) {
            LOGGER.debug("Configured decryptor password");
            this.decryptor.setPassword(jasyptParamFromEnv2);
        }
        String jasyptParamFromEnv3 = getJasyptParamFromEnv(environment, JasyptEncryptionParameters.PROVIDER);
        if (StringUtils.isNotBlank(jasyptParamFromEnv3)) {
            LOGGER.debug("Configured decryptor provider");
            if (StringUtils.equals(jasyptParamFromEnv3, BouncyCastleProvider.PROVIDER_NAME)) {
                Security.addProvider(new BouncyCastleProvider());
            }
            this.decryptor.setProviderName(jasyptParamFromEnv3);
        }
        String jasyptParamFromEnv4 = getJasyptParamFromEnv(environment, JasyptEncryptionParameters.ITERATIONS);
        if (StringUtils.isNotBlank(jasyptParamFromEnv4) && NumberUtils.isCreatable(jasyptParamFromEnv4)) {
            LOGGER.debug("Configured decryptor iterations");
            this.decryptor.setKeyObtentionIterations(Integer.valueOf(jasyptParamFromEnv4).intValue());
        }
    }

    private static String getJasyptParamFromEnv(Environment environment, JasyptEncryptionParameters jasyptEncryptionParameters) {
        return environment.getProperty(jasyptEncryptionParameters.getName(), jasyptEncryptionParameters.getDefaultValue());
    }

    public Map<Object, Object> decrypt(Map<Object, Object> map) {
        HashMap hashMap = new HashMap();
        map.forEach((obj, obj2) -> {
            String stringPropertyValue = getStringPropertyValue(obj2);
            if (!StringUtils.isNotBlank(stringPropertyValue) || !stringPropertyValue.startsWith(ENCRYPTED_VALUE_PREFIX)) {
                hashMap.put(obj, obj2);
                return;
            }
            try {
                if (!this.decryptor.isInitialized()) {
                    LOGGER.debug("Initializing decryptor...");
                    this.decryptor.initialize();
                }
                String substring = stringPropertyValue.substring(ENCRYPTED_VALUE_PREFIX.length());
                LOGGER.debug("Decrypting property [{}]...", obj);
                String decrypt = this.decryptor.decrypt(substring);
                LOGGER.debug("Decrypted property [{}] successfully.", obj);
                hashMap.put(obj, decrypt);
            } catch (Exception e) {
                LOGGER.error("Could not decrypt property [{}]. Setting will be ignored by CAS", obj, e);
            }
        });
        return hashMap;
    }

    private static String getStringPropertyValue(Object obj) {
        if (obj instanceof String) {
            return obj.toString();
        }
        return null;
    }
}
