package si.irm.mm.ejb.user;

import java.nio.file.Paths;
import java.security.NoSuchAlgorithmException;
import java.time.LocalDate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import javax.ejb.EJB;
import javax.ejb.LocalBean;
import javax.ejb.Stateless;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import si.irm.common.enums.YesNoKey;
import si.irm.common.utils.FileUtils;
import si.irm.common.utils.Logger;
import si.irm.common.utils.NumberUtils;
import si.irm.common.utils.StringUtils;
import si.irm.mm.ejb.ActEJBLocal;
import si.irm.mm.ejb.SettingsEJBLocal;
import si.irm.mm.ejb.util.UtilsEJBLocal;
import si.irm.mm.entities.Nuser;
import si.irm.mm.entities.NuserHistory;
import si.irm.mm.enums.ActSfact;
import si.irm.mm.enums.ActSfapp;
import si.irm.mm.enums.SNastavitveNaziv;
import si.irm.mm.exceptions.CheckException;
import si.irm.mm.exceptions.InternalException;
import si.irm.mm.exceptions.IrmException;
import si.irm.mm.exceptions.LoginException;
import si.irm.mm.messages.TransKey;
import si.irm.mm.util.HaveIBeenPwned;
import si.irm.mm.util.SecurityUtils;
import si.irm.mm.utils.data.MarinaProxy;

@LocalBean
@Stateless
/* loaded from: input_file:MarinaMaster.jar:si/irm/mm/ejb/user/UserCredentialEJB.class */
public class UserCredentialEJB implements UserCredentialEJBLocal {

    @PersistenceContext
    private EntityManager em;

    @EJB
    private ActEJBLocal actEJB;

    @EJB
    private UtilsEJBLocal utilsEJB;

    @EJB
    private SettingsEJBLocal settingsEJB;

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public Nuser login(MarinaProxy marinaProxy, String str, String str2, boolean z) throws LoginException {
        if (StringUtils.isBlank(str) || StringUtils.isBlank(str2)) {
            throw new LoginException(marinaProxy.getTranslation(TransKey.INSERT_USERNAME_AND_PASSWORD));
        }
        Nuser userByUsername = getUserByUsername(str);
        checkUserOnLogin(marinaProxy, userByUsername);
        checkPassword(marinaProxy, userByUsername, str, str2, z);
        resetUsersLockCount(marinaProxy, userByUsername);
        this.actEJB.writeLoginEvent(ActSfact.LOGIN, ActSfapp.MARINA_MASTER, userByUsername.getNuser());
        return userByUsername;
    }

    private Nuser getUserByUsername(String str) {
        return (Nuser) this.utilsEJB.findEntity(Nuser.class, StringUtils.emptyIfNull(str).toUpperCase());
    }

    private void checkUserOnLogin(MarinaProxy marinaProxy, Nuser nuser) throws LoginException {
        if (Objects.isNull(nuser) || !StringUtils.getBoolFromEngStr(nuser.getAkt())) {
            this.actEJB.writeLoginEvent(ActSfact.WRONG_LOGIN, ActSfapp.MARINA_MASTER, null);
            throw new LoginException(marinaProxy.getTranslation(TransKey.WRONG_USERNAME_OR_PASSWORD));
        }
        if (isUserLocked(nuser)) {
            throw new LoginException(marinaProxy.getTranslation(TransKey.USER_LOCKED));
        }
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public String getPassword(Nuser nuser, String str) {
        return StringUtils.getBoolFromEngStr(nuser.getPasswordCaseSensitive()) ? str : str.toUpperCase();
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public void checkPassword(MarinaProxy marinaProxy, Nuser nuser, String str, String str2, boolean z) throws LoginException {
        if (!z) {
            try {
                str2 = SecurityUtils.generateHashFromSaltAndPassword(StringUtils.emptyIfNull(nuser.getSol()), SecurityUtils.encryptPasswordWithOldAlgorithm(str.toUpperCase(), getPassword(nuser, str2)));
            } catch (NoSuchAlgorithmException e) {
                throw new LoginException(marinaProxy.getTranslation(TransKey.INTERNAL_ERROR_HAS_OCCURED));
            }
        }
        if (str2.equals(StringUtils.emptyIfNull(nuser.getGesloHash()))) {
            return;
        }
        this.actEJB.writeLoginEvent(ActSfact.WRONG_LOGIN, ActSfapp.MARINA_MASTER, null);
        throw new LoginException(marinaProxy.getTranslation(TransKey.WRONG_USERNAME_OR_PASSWORD));
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public void setNewPasswordForNusersWithOnlyOldPassword() {
        for (Nuser nuser : this.em.createNamedQuery(Nuser.QUERY_NAME_GET_ALLWITH_ONLY_OLD_PASSWORD, Nuser.class).getResultList()) {
            try {
                generateHashedPasswordForNuser(new MarinaProxy("INFO", ActSfapp.MARINA_MASTER), nuser, nuser.getPassword());
            } catch (InternalException e) {
            }
        }
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public void generateHashedPasswordForNuser(MarinaProxy marinaProxy, Nuser nuser, String str) throws InternalException {
        if (Objects.isNull(nuser) || StringUtils.isBlank(str)) {
            return;
        }
        String generateRandomSalt = SecurityUtils.generateRandomSalt();
        try {
            String generateHashFromSaltAndPassword = SecurityUtils.generateHashFromSaltAndPassword(generateRandomSalt, str);
            nuser.setSol(generateRandomSalt);
            nuser.setGesloHash(generateHashFromSaltAndPassword);
            nuser.setPasswordChanged(this.utilsEJB.getCurrentDBLocalDate());
            nuser.setLockCount(0L);
            nuser.setChangePassword(YesNoKey.NO.engVal());
            addPasswordChangeToHistory(nuser.getNuser(), str, generateRandomSalt, generateHashFromSaltAndPassword);
        } catch (NoSuchAlgorithmException e) {
            Logger.log(e);
            throw new InternalException(marinaProxy.getTranslation(TransKey.INTERNAL_ERROR_HAS_OCCURED));
        }
    }

    public void addPasswordChangeToHistory(String str, String str2, String str3, String str4) {
        NuserHistory nuserHistory = new NuserHistory();
        nuserHistory.setDateCreate(this.utilsEJB.getCurrentDBLocalDateTime());
        nuserHistory.setGesloHash(str4);
        nuserHistory.setSol(str3);
        nuserHistory.setNuser(str);
        nuserHistory.setPassword(str2);
        this.em.persist(nuserHistory);
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public boolean setNewPasswordForUser(MarinaProxy marinaProxy, String str) {
        Nuser nuser = (Nuser) this.em.find(Nuser.class, str);
        try {
            generateHashedPasswordForNuser(marinaProxy, nuser, nuser.getPassword());
            return true;
        } catch (InternalException e) {
            return false;
        }
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public boolean isPasswordCaseSensitive() {
        return this.settingsEJB.getMarinaMarinaBooleanSetting(SNastavitveNaziv.USER_PASS_CASE_SENSITIVE, false).booleanValue();
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public boolean isPciCompliantPasswordManagementEnabled() {
        return this.settingsEJB.getMarinaMarinaBooleanSetting(SNastavitveNaziv.USER_PCI_PASS_MANAGEMENT, false).booleanValue();
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public boolean checkIfUserIsLocked(MarinaProxy marinaProxy, String str) {
        return isUserLocked((Nuser) this.utilsEJB.findEntity(Nuser.class, str));
    }

    private boolean isUserLocked(Nuser nuser) {
        return isPciCompliantPasswordManagementEnabled() && Objects.nonNull(nuser) && NumberUtils.zeroIfNull(nuser.getLockCount()).longValue() >= 3;
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public void checkIfPasswordIsValid(MarinaProxy marinaProxy, String str) throws CheckException {
        if (isPciCompliantPasswordManagementEnabled()) {
            validatePasswordInputFromDB(marinaProxy, marinaProxy.getNuser(), str);
        }
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public boolean checkIfPasswordExpired(MarinaProxy marinaProxy, String str) throws InternalException {
        if (!isPciCompliantPasswordManagementEnabled()) {
            return false;
        }
        Nuser nuser = (Nuser) this.utilsEJB.findEntity(Nuser.class, str);
        if (Objects.isNull(nuser)) {
            throw new InternalException("Internal exception: user " + str + "does not exists!");
        }
        return checkIfPasswordExpired(marinaProxy, nuser);
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public boolean checkIfPasswordExpired(MarinaProxy marinaProxy, Nuser nuser) {
        boolean z = false;
        Integer marinaMarinaIntegerSetting = this.settingsEJB.getMarinaMarinaIntegerSetting(SNastavitveNaziv.USER_PASS_EXPIRED_DAYS, true);
        if (NumberUtils.isNotEmptyOrZero(marinaMarinaIntegerSetting)) {
            if (Objects.isNull(nuser.getPasswordChanged())) {
                nuser.setPasswordChanged(LocalDate.now());
                this.em.merge(nuser);
            } else {
                z = nuser.getPasswordChanged().plusDays(marinaMarinaIntegerSetting.longValue()).isBefore(this.utilsEJB.getCurrentDBLocalDate());
            }
        }
        return z;
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public boolean checkIfUserMustChangePassword(MarinaProxy marinaProxy, String str) throws InternalException {
        Nuser nuser = (Nuser) this.em.find(Nuser.class, str);
        if (Objects.isNull(nuser)) {
            throw new InternalException("Internal error: username " + str + " does not exists!");
        }
        return checkIfUserMustChangePassword(marinaProxy, nuser);
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public boolean checkIfUserMustChangePassword(MarinaProxy marinaProxy, Nuser nuser) {
        return Objects.nonNull(nuser) && StringUtils.getBoolFromEngStr(nuser.getChangePassword());
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public void increaseUsersIlegalPasswordLockingCounter(MarinaProxy marinaProxy, String str) {
        Nuser nuser = (Nuser) this.utilsEJB.findEntity(Nuser.class, StringUtils.emptyIfNull(str).toUpperCase());
        if (Objects.isNull(nuser)) {
            return;
        }
        nuser.setLockCount(Long.valueOf(NumberUtils.zeroIfNull(nuser.getLockCount()).longValue() + 1));
        this.em.merge(nuser);
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public boolean resetUsersLockCount(MarinaProxy marinaProxy, String str) {
        Nuser nuser = (Nuser) this.utilsEJB.findEntity(Nuser.class, str);
        if (Objects.isNull(nuser)) {
            return false;
        }
        resetUsersLockCount(marinaProxy, nuser);
        return true;
    }

    private void resetUsersLockCount(MarinaProxy marinaProxy, Nuser nuser) {
        if (Objects.isNull(nuser)) {
            return;
        }
        nuser.setLockCount(0L);
        this.em.merge(nuser);
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public void setChangePasswordForAllUsers(boolean z) {
        this.em.createNamedQuery(Nuser.QUERY_NAME_UPDATE_CHANGE_PASSWORD).setParameter(Nuser.CHANGE_PASSWORD, StringUtils.getStringFromBoolean(z)).executeUpdate();
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public void resetPassword(MarinaProxy marinaProxy, String str) throws IrmException {
        Nuser nuser = (Nuser) this.utilsEJB.findEntity(Nuser.class, str);
        if (Objects.isNull(nuser)) {
            return;
        }
        nuser.setPassword(SecurityUtils.encryptPasswordWithOldAlgorithm(nuser.getNuser(), nuser.getNuser()));
        nuser.setLoginToken(null);
        generateHashedPasswordForNuser(marinaProxy, nuser, nuser.getPassword());
        setUserValuesAfterPasswordReset(marinaProxy, nuser);
    }

    private boolean setUserValuesAfterPasswordReset(MarinaProxy marinaProxy, Nuser nuser) {
        if (Objects.isNull(nuser)) {
            return false;
        }
        nuser.setChangePassword(YesNoKey.YES.engVal());
        nuser.setPasswordCaseSensitive(YesNoKey.NO.engVal());
        nuser.setLockCount(0L);
        this.em.merge(nuser);
        return true;
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public boolean setUserValuesAfterPasswordReset(MarinaProxy marinaProxy, String str) {
        return setUserValuesAfterPasswordReset(marinaProxy, (Nuser) this.utilsEJB.findEntity(Nuser.class, str));
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public void changePassword(MarinaProxy marinaProxy, Nuser nuser) throws IrmException {
        validatePasswordInputFromDBOnPasswordChange(marinaProxy, nuser, nuser.getNewPlainPassword(), nuser.getNewRepeatedPlainPassword());
        checkPassword(marinaProxy, nuser, nuser.getNuser(), nuser.getPlainPassword(), false);
        nuser.setPasswordCaseSensitive(StringUtils.getStringFromBoolean(isPasswordCaseSensitive()));
        nuser.setPassword(SecurityUtils.encryptPasswordWithOldAlgorithm(nuser.getNuser(), getPassword(nuser, nuser.getNewPlainPassword())));
        generateHashedPasswordForNuser(marinaProxy, nuser, nuser.getPassword());
        nuser.setLoginToken(null);
        this.utilsEJB.updateEntity(marinaProxy, nuser);
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public void validatePasswordInputFromDBOnPasswordChange(MarinaProxy marinaProxy, Nuser nuser, String str, String str2) throws CheckException {
        if (StringUtils.isBlank(str)) {
            throw new CheckException(marinaProxy.getTranslation(TransKey.VALUE_MUST_BE_INSERTED, marinaProxy.getTranslation(TransKey.NEW_PASSWORD)));
        }
        if (StringUtils.isBlank(str2)) {
            throw new CheckException(marinaProxy.getTranslation(TransKey.VALUE_MUST_BE_INSERTED, marinaProxy.getTranslation(TransKey.REPEATED_PASSWORD)));
        }
        if (!str.equals(str2)) {
            throw new CheckException(marinaProxy.getTranslation(TransKey.PASSWORDS_MUST_MATCH));
        }
        validatePasswordInputFromDB(marinaProxy, nuser, str);
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public void validatePasswordInputFromDB(MarinaProxy marinaProxy, Nuser nuser, String str) throws CheckException {
        if (StringUtils.isBlank(str)) {
            throw new CheckException(marinaProxy.getTranslation(TransKey.VALUE_MUST_BE_INSERTED, marinaProxy.getTranslation(TransKey.PASSWORD_NS)));
        }
        if (StringUtils.containsSpace(str)) {
            throw new CheckException(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_NOT_CONTAIN_SPACES));
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(SNastavitveNaziv.USER_PCI_PASS_MANAGEMENT, false).booleanValue() && !nuser.isInfoUser()) {
            checkIfLastPasswordsAreTheSame(marinaProxy, nuser, str);
        }
        Integer marinaMarinaIntegerSetting = this.settingsEJB.getMarinaMarinaIntegerSetting(marinaProxy, SNastavitveNaziv.USER_PASS_MIN_LENGTH, false);
        if (str.length() < marinaMarinaIntegerSetting.intValue()) {
            throw new CheckException(marinaProxy.getTranslation(TransKey.PASSWORD_TOO_SHORT, marinaMarinaIntegerSetting.toString()));
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_MANDATORY_NUMBER, false).booleanValue() && !StringUtils.containsDigit(str)) {
            throw new CheckException(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_CONTAIN_ONE_NUMBER));
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_MANDATORY_UC_LETTER, false).booleanValue() && !StringUtils.containsUpperCaseLetter(str)) {
            throw new CheckException(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_CONTAIN_ONE_UPPERCASE_LETTER));
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_MANDATORY_LC_LETTER, false).booleanValue() && !StringUtils.containsLowerCaseLetter(str)) {
            throw new CheckException(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_CONTAIN_ONE_LOWERCASE_LETTER));
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_MANDATORY_SIGNS, false).booleanValue() && !StringUtils.containsSpecialChar(str)) {
            throw new CheckException(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_CONTAIN_ONE_SPECIAL_CHAR, StringUtils.getAllSpecialChars()));
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_NON_REPETITIVE_CONSECUTIVE_CHARS_CHECK, false).booleanValue() && StringUtils.containsRepetitiveConsecutiveChar(str)) {
            throw new CheckException(marinaProxy.getTranslation(TransKey.PASSWORD_CANNOT_HAVE_REPETITIVE_CONSECUTIVE_CHARACTERS));
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_DICTIONARY_CHECK, false).booleanValue()) {
            checkPasswordAgainstCommonPasswordLists(marinaProxy, str);
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_BREACH_CHECK, false).booleanValue()) {
            checkPasswordAgainstPreviouslyBreachedPasswordLists(marinaProxy, str);
        }
    }

    private void checkIfLastPasswordsAreTheSame(MarinaProxy marinaProxy, Nuser nuser, String str) throws CheckException {
        String encryptPasswordWithOldAlgorithm = SecurityUtils.encryptPasswordWithOldAlgorithm(nuser.getNuser(), getPassword(nuser, str));
        Integer marinaMarinaIntegerSetting = this.settingsEJB.getMarinaMarinaIntegerSetting(SNastavitveNaziv.USER_PASS_NUM_LAST_DIFF, false);
        if (Objects.isNull(marinaMarinaIntegerSetting) || marinaMarinaIntegerSetting.intValue() <= 0) {
            marinaMarinaIntegerSetting = 4;
        }
        Iterator it = this.em.createNamedQuery(NuserHistory.QUERY_NAME_GET_ALL_BY_USER, NuserHistory.class).setParameter("username", nuser.getNuser()).setFirstResult(0).setMaxResults(marinaMarinaIntegerSetting.intValue()).getResultList().iterator();
        while (it.hasNext()) {
            if (StringUtils.areTrimmedStrEql(((NuserHistory) it.next()).getPassword(), encryptPasswordWithOldAlgorithm)) {
                throw new CheckException(marinaProxy.getTranslation(TransKey.PASSWORD_WAS_ALLREADY_USED));
            }
        }
    }

    private void checkPasswordAgainstCommonPasswordLists(MarinaProxy marinaProxy, String str) throws CheckException {
        String marinaMarinaStringSetting = this.settingsEJB.getMarinaMarinaStringSetting(SNastavitveNaziv.USER_PASS_DICTIONARY_FOLDER_PATH, false);
        if (!StringUtils.isBlank(marinaMarinaStringSetting) && FileUtils.doesAnyFileInFolderContainLineString(Paths.get(marinaMarinaStringSetting, new String[0]), str)) {
            throw new CheckException(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_NOT_BE_PRESENT_IN_A_LIST_OF_COMMON_PASSWORDS));
        }
    }

    private void checkPasswordAgainstPreviouslyBreachedPasswordLists(MarinaProxy marinaProxy, String str) throws CheckException {
        if (HaveIBeenPwned.hasPasswordBeenAlreadyBreached(str)) {
            throw new CheckException(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_NOT_BE_PRESENT_IN_A_LIST_OF_PREVIOUSLY_BREACHED_PASSWORDS));
        }
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public List<String> buildPasswordPolicy(MarinaProxy marinaProxy) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(marinaProxy.getTranslation(TransKey.PASSWORDS_MUST_MATCH));
        arrayList.add(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_NOT_CONTAIN_SPACES));
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(SNastavitveNaziv.USER_PCI_PASS_MANAGEMENT, false).booleanValue()) {
            arrayList.add(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_BE_DIFFERENT_FROM_LAST_PASSWORDS, StringUtils.getStringFromInteger(this.settingsEJB.getMarinaMarinaIntegerSetting(SNastavitveNaziv.USER_PASS_NUM_LAST_DIFF, false))));
        }
        arrayList.add(marinaProxy.getTranslation(TransKey.PASSWORD_TOO_SHORT, this.settingsEJB.getMarinaMarinaIntegerSetting(marinaProxy, SNastavitveNaziv.USER_PASS_MIN_LENGTH, false).toString()));
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_MANDATORY_NUMBER, false).booleanValue()) {
            arrayList.add(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_CONTAIN_ONE_NUMBER));
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_MANDATORY_UC_LETTER, false).booleanValue()) {
            arrayList.add(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_CONTAIN_ONE_UPPERCASE_LETTER));
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_MANDATORY_LC_LETTER, false).booleanValue()) {
            arrayList.add(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_CONTAIN_ONE_LOWERCASE_LETTER));
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_MANDATORY_SIGNS, false).booleanValue()) {
            arrayList.add(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_CONTAIN_ONE_SPECIAL_CHAR, StringUtils.getAllSpecialChars()));
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_NON_REPETITIVE_CONSECUTIVE_CHARS_CHECK, false).booleanValue()) {
            arrayList.add(marinaProxy.getTranslation(TransKey.PASSWORD_CANNOT_HAVE_REPETITIVE_CONSECUTIVE_CHARACTERS));
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_DICTIONARY_CHECK, false).booleanValue()) {
            arrayList.add(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_NOT_BE_PRESENT_IN_A_LIST_OF_COMMON_PASSWORDS));
        }
        if (this.settingsEJB.getMarinaMarinaBooleanSetting(marinaProxy, SNastavitveNaziv.USER_PASS_BREACH_CHECK, false).booleanValue()) {
            arrayList.add(marinaProxy.getTranslation(TransKey.PASSWORD_MUST_NOT_BE_PRESENT_IN_A_LIST_OF_PREVIOUSLY_BREACHED_PASSWORDS));
        }
        return arrayList;
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public Nuser checkLoginTokenValidityForUsername(String str, String str2) {
        Nuser userByUsername = getUserByUsername(str);
        if (Objects.nonNull(userByUsername) && StringUtils.getBoolFromEngStr(userByUsername.getAkt()) && !isUserLocked(userByUsername) && StringUtils.areTrimmedStrEql(str2, userByUsername.getLoginToken())) {
            return userByUsername;
        }
        return null;
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public String generateNewLoginTokenForUser(Nuser nuser) {
        if (Objects.isNull(nuser)) {
            return null;
        }
        String generateRandomSalt = SecurityUtils.generateRandomSalt();
        nuser.setLoginToken(generateRandomSalt);
        this.em.merge(nuser);
        return generateRandomSalt;
    }

    @Override // si.irm.mm.ejb.user.UserCredentialEJBLocal
    public void deleteLoginTokenForUser(Nuser nuser) {
        Nuser nuser2 = (Nuser) this.utilsEJB.findEntity(Nuser.class, nuser.getNuser());
        if (Objects.isNull(nuser2)) {
            return;
        }
        nuser2.setLoginToken(null);
        this.em.merge(nuser2);
    }
}
