package org.neo4j.server.security.systemgraph.versions;

import java.util.Optional;
import org.neo4j.dbms.database.ComponentVersion;
import org.neo4j.graphdb.Transaction;
import org.neo4j.internal.kernel.api.security.AbstractSecurityLog;
import org.neo4j.kernel.impl.security.User;
import org.neo4j.logging.Log;
import org.neo4j.server.security.SecureHasher;
import org.neo4j.server.security.SystemGraphCredential;
import org.neo4j.server.security.auth.UserRepository;
import org.neo4j.server.security.systemgraph.SystemGraphRealmHelper;
import org.neo4j.string.UTF8;

/* loaded from: input_file:org/neo4j/server/security/systemgraph/versions/SupportedCommunitySecurityComponentVersion.class */
public abstract class SupportedCommunitySecurityComponentVersion extends KnownCommunitySecurityComponentVersion {
    private final UserRepository userRepository;
    private final SecureHasher secureHasher;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SupportedCommunitySecurityComponentVersion(ComponentVersion componentVersion, UserRepository userRepository, Log log, AbstractSecurityLog abstractSecurityLog) {
        super(componentVersion, log, abstractSecurityLog);
        this.userRepository = userRepository;
        this.secureHasher = new SecureHasher();
    }

    @Override // org.neo4j.server.security.systemgraph.versions.KnownCommunitySecurityComponentVersion
    public void setupUsers(Transaction transaction) throws Exception {
        addDefaultUser(transaction);
    }

    private void addDefaultUser(Transaction transaction) throws Exception {
        Optional<User> initialUser = getInitialUser();
        if (initialUser.isPresent()) {
            User user = initialUser.get();
            this.debugLog.info(String.format("Setting up initial user from `auth.ini` file: %s", user.name()));
            addUser(transaction, "neo4j", user.credentials(), user.passwordChangeRequired(), user.hasFlag(SystemGraphRealmHelper.IS_SUSPENDED));
        } else {
            SystemGraphCredential createCredentialForPassword = SystemGraphCredential.createCredentialForPassword(UTF8.encode("neo4j"), this.secureHasher);
            this.debugLog.info(String.format("Setting up initial user from defaults: %s", "neo4j"));
            addUser(transaction, "neo4j", createCredentialForPassword, true, false);
        }
    }

    @Override // org.neo4j.server.security.systemgraph.versions.KnownCommunitySecurityComponentVersion
    public void updateInitialUserPassword(Transaction transaction) throws Exception {
        Optional<User> initialUser = getInitialUser();
        if (initialUser.isPresent()) {
            updateInitialUserPassword(transaction, initialUser.get());
        } else {
            this.debugLog.debug("Not updating initial user password: No initial user found in `auth.ini`");
        }
    }

    private Optional<User> getInitialUser() throws Exception {
        this.userRepository.start();
        this.debugLog.debug("Opened `auth.ini` file to find the initial user");
        if (this.userRepository.numberOfUsers() == 0) {
            this.debugLog.debug("Not updating initial user password: No initial user found in `auth.ini`");
        }
        if (this.userRepository.numberOfUsers() != 1) {
            if (this.userRepository.numberOfUsers() <= 1) {
                return Optional.empty();
            }
            this.debugLog.error("Invalid `auth.ini` file: the file contains more than one user");
            throw new IllegalStateException("Invalid `auth.ini` file: the file contains more than one user");
        }
        User userByName = this.userRepository.getUserByName("neo4j");
        if (userByName == null) {
            this.debugLog.error("Invalid `auth.ini` file: the user in the file is not named neo4j");
            throw new IllegalStateException("Invalid `auth.ini` file: the user in the file is not named neo4j");
        }
        this.debugLog.debug("Valid `auth.ini` file: found initial user");
        return Optional.of(userByName);
    }
}
