package no.kantega.security.api.impl.dbuser.password;

import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:no/kantega/security/api/impl/dbuser/password/DbUserPasswordRehasher.class */
public class DbUserPasswordRehasher {
    private Logger log = LoggerFactory.getLogger(getClass());
    private String domain;
    private PasswordDao passwordDao;
    private PasswordHashManager passwordHashManager;
    private PasswordCryptManager passwordCryptManager;

    public void rehashAll() {
        PasswordHash decode;
        this.log.info("Looking for passwords that needs re-hashing");
        String defaultAlgorithm = this.passwordHashManager.getDefaultAlgorithm();
        for (String str : this.passwordDao.findUsersWithPasswords(this.domain)) {
            String passwordHash = this.passwordDao.getPasswordHash(this.domain, str);
            boolean z = false;
            if (passwordHash.startsWith("{")) {
                decode = PasswordHashJsonEncoder.decode(passwordHash);
            } else {
                decode = wrapInPasswordHash(passwordHash, this.passwordCryptManager.getPasswordCrypt(this.passwordDao.getPasswordHashAlgorithm(this.domain, str)));
                z = true;
            }
            List<PasswordHashAlgorithm> algorithms = decode.getAlgorithms();
            if (!algorithms.get(algorithms.size() - 1).getId().equals(defaultAlgorithm)) {
                this.log.info("Found a password that needs re-hashing; userId=" + str + "; previous hash algorithm=" + algorithms.get(0).getId());
                rehash(decode);
                z = true;
            }
            if (z) {
                this.passwordDao.storePasswordHash(this.domain, str, PasswordHashJsonEncoder.encode(decode));
            }
        }
    }

    public void setPasswordDao(PasswordDao passwordDao) {
        this.passwordDao = passwordDao;
    }

    public void setDomain(String str) {
        this.domain = str;
    }

    public void setPasswordHashManager(PasswordHashManager passwordHashManager) {
        this.passwordHashManager = passwordHashManager;
    }

    public void setPasswordCryptManager(PasswordCryptManager passwordCryptManager) {
        this.passwordCryptManager = passwordCryptManager;
    }

    private void rehash(PasswordHash passwordHash) {
        PasswordHash hashPassword = this.passwordHashManager.getDefaultPasswordHasher().hashPassword(passwordHash.getHash());
        passwordHash.setHash(hashPassword.getHash());
        passwordHash.addAlgorithm(hashPassword.getAlgorithms().get(0));
    }

    private PasswordHash wrapInPasswordHash(String str, PasswordCrypt passwordCrypt) {
        PasswordHash passwordHash = new PasswordHash();
        passwordHash.setHash(str);
        PasswordHashAlgorithm passwordHashAlgorithm = new PasswordHashAlgorithm();
        passwordHashAlgorithm.setId(passwordCrypt.getId());
        passwordHash.addAlgorithm(passwordHashAlgorithm);
        return passwordHash;
    }
}
