package pl.edu.icm.unity.engine.api.config;

import eu.unicore.util.configuration.ConfigurationException;
import eu.unicore.util.configuration.DocumentationReferenceMeta;
import eu.unicore.util.configuration.DocumentationReferencePrefix;
import eu.unicore.util.configuration.FilePropertiesHelper;
import eu.unicore.util.configuration.PropertyMD;
import java.io.File;
import java.io.IOException;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.event.EventCategory;
import pl.edu.icm.unity.engine.api.initializers.ScriptConfiguration;
import pl.edu.icm.unity.engine.api.initializers.ScriptType;
import pl.edu.icm.unity.types.authn.AuthenticationOptionDescription;

@Component
/* loaded from: input_file:pl/edu/icm/unity/engine/api/config/UnityServerConfiguration.class */
public class UnityServerConfiguration extends UnityFilePropertiesHelper {
    public static final String PROFILE_PRODUCTION = "production";
    public static final String CONFIGURATION_FILE = "conf/unityServer.conf";
    public static final String DEFAULT_EMAIL_CHANNEL = "Default e-mail channel";
    public static final String DEFAULT_SMS_CHANNEL = "Default SMS channel";
    public static final String SYSTEM_ALLOW_FULL_HTML = "unity.server.allowFullHtml";
    public static final String BASE_PREFIX = "unityServer.";

    @DocumentationReferencePrefix
    public static final String P = "unityServer.core.";
    public static final String ENABLED_LOCALES = "enabledLocales.";
    public static final String DEFAULT_LOCALE = "defaultLocale";
    public static final String MAIL_CONF = "mailConfig";
    public static final String SMS_CONF = "smsConfig";
    public static final String TEMPLATES_CONF = "templatesFile";
    public static final String PKI_CONF = "pkiConfigFile";
    public static final String THREAD_POOL_SIZE = "threadPoolSize";
    public static final String IGNORE_CONFIGURED_CONTENTS_SETTING = "ignoreContentsReloadingFromConfiguration";
    public static final String CONFIG_ONLY_ERA_CONTROL = "fullyRecreateEndpointsAROnStartup";
    private static final String RECREATE_ENDPOINTS_ON_STARTUP = "recreateEndpointsOnStartup";
    public static final String LOGOUT_MODE = "logoutMode";
    public static final String DEFAULT_WEB_CONTENT_PATH = "defaultWebContentDirectory";
    public static final String MESSAGES_DIRECTORY = "i18nMessagesDirectory";
    public static final String THEME = "defaultTheme";
    public static final String CONFIRMATION_THEME = "confirmationUITheme";
    public static final String CONFIRMATION_TEMPLATE = "confirmationUITemplate";
    public static final String WELL_KNOWN_URL_THEME = "wellKnownUrlUITheme";
    public static final String WELL_KNOWN_URL_TEMPLATE = "wellKnownUrlUITemplate";
    public static final String UNITYGW_WEB_CONTENT_PATH = "unityGWWebContentDirectory";
    public static final String ALLOW_FULL_HTML = "allowFullHtml";
    public static final String DEFAULT_WEB_PATH = "defaultWebPath";
    public static final String REDIRECT_MODE = "redirectMode";
    public static final String IMPORT_PFX = "userImport.";
    public static final String ENDPOINTS = "endpoints.";
    public static final String ENDPOINT_DESCRIPTION = "endpointDescription";
    public static final String ENDPOINT_TYPE = "endpointType";
    public static final String ENDPOINT_CONFIGURATION = "endpointConfigurationFile";
    public static final String ENDPOINT_ADDRESS = "contextPath";
    public static final String ENDPOINT_NAME = "endpointName";
    public static final String ENDPOINT_DISPLAYED_NAME = "endpointDisplayedName";
    public static final String ENDPOINT_AUTHENTICATORS = "endpointAuthenticators";
    public static final String ENDPOINT_REALM = "endpointRealm";
    public static final String INITIALIZERS = "initializers.";
    public static final String UPDATE_INTERVAL = "asyncStateUpdateInterval";
    public static final String WORKSPACE_DIRECTORY = "workspaceDirectory";
    public static final String MAIN_CREDENTIAL = "credential";
    public static final String MAIN_TRUSTSTORE = "truststore";
    public static final String REALMS = "realms.";
    public static final String REALM_NAME = "realmName";
    public static final String REALM_DESCRIPTION = "realmDescription";
    public static final String REALM_BLOCK_AFTER_UNSUCCESSFUL = "blockAfterUnsuccessfulLogins";
    public static final String REALM_BLOCK_FOR = "blockFor";
    public static final String REALM_MAX_INACTIVITY = "maxInactivity";
    public static final String REALM_REMEMBER_ME = "enableRememberMeFor";
    public static final String AUTHENTICATORS = "authenticators.";
    public static final String AUTHENTICATOR_NAME = "authenticatorName";
    public static final String AUTHENTICATOR_TYPE = "authenticatorType";
    public static final String AUTHENTICATOR_CREDENTIAL = "localCredential";
    public static final String AUTHENTICATOR_VERIFICATOR_CONFIG = "verificatorConfigurationFile";
    public static final String AUTHENTICATOR_RETRIEVAL_CONFIG = "retrievalConfigurationFile";
    public static final String CREDENTIALS = "credentials.";
    public static final String CREDENTIAL_NAME = "credentialName";
    public static final String CREDENTIAL_TYPE = "credentialType";
    public static final String CREDENTIAL_DESCRIPTION = "credentialDescription";
    public static final String CREDENTIAL_CONFIGURATION = "credentialConfigurationFile";
    public static final String CREDENTIAL_REQS = "credentialRequirements.";
    public static final String CREDENTIAL_REQ_NAME = "credentialReqName";
    public static final String CREDENTIAL_REQ_DESCRIPTION = "credentialReqDescription";
    public static final String CREDENTIAL_REQ_CONTENTS = "credentialReqContents.";
    public static final String INITIAL_ADMIN_USER = "initialAdminUsername";
    public static final String INITIAL_ADMIN_PASSWORD = "initialAdminPassword";
    public static final String INITIAL_ADMIN_USER_OUTDATED = "initialAdminOutdated";
    public static final String TRANSLATION_PROFILES = "translationProfiles.";
    public static final String CONFIRMATION_REQUEST_LIMIT = "confirmationRequestLimit";
    public static final String CONFIRMATION_DEFAULT_RETURN_URL = "defaultPostConfirmationReturnURL";
    public static final String CONFIRMATION_AUTO_REDIRECT = "automaticRedirectAfterConfirmation";
    public static final String SCRIPTS = "script.";
    public static final String SCRIPT_FILE = "file";
    public static final String SCRIPT_TYPE = "type";
    public static final String SCRIPT_TRIGGER = "trigger";
    public static final String ENABLE_LOW_LEVEL_EVENTS = "enableLowLevelEvents";
    private UnityHttpServerConfiguration jp;
    private UnityPKIConfiguration pkiConf;
    private Map<String, Locale> enabledLocales;
    private Locale defaultLocale;
    private static final Logger log = Log.getLegacyLogger("unity.server.config", UnityServerConfiguration.class);

    @DocumentationReferenceMeta
    public static final Map<String, PropertyMD> defaults = new HashMap();
    public static final Map<String, Locale> SUPPORTED_LOCALES = new HashMap();

    /* loaded from: input_file:pl/edu/icm/unity/engine/api/config/UnityServerConfiguration$LogoutMode.class */
    public enum LogoutMode {
        internalOnly,
        internalAndSyncPeers,
        internalAndAsyncPeers
    }

    @Autowired
    public UnityServerConfiguration(Environment environment, ConfigurationLocationProvider configurationLocationProvider) throws ConfigurationException, IOException {
        super(P, getConfigurationFile(environment, configurationLocationProvider), defaults, log);
        this.pkiConf = new UnityPKIConfiguration(FilePropertiesHelper.load(getFileValue(PKI_CONF, false)));
        this.jp = new UnityHttpServerConfiguration(this.properties);
        this.enabledLocales = loadEnabledLocales();
        this.defaultLocale = safeLocaleDecode(getValue(DEFAULT_LOCALE));
        if (!isLocaleSupported(this.defaultLocale)) {
            throw new ConfigurationException("The default locale is not among enabled ones.");
        }
        checkRealmNames();
        File file = new File(getValue(WORKSPACE_DIRECTORY));
        if (!file.exists()) {
            file.mkdirs();
        }
        if (getBooleanValue(ALLOW_FULL_HTML).booleanValue()) {
            System.setProperty(SYSTEM_ALLOW_FULL_HTML, "true");
        }
    }

    private void checkRealmNames() {
        Iterator it = getStructuredListKeys(REALMS).iterator();
        while (it.hasNext()) {
            String value = getValue(((String) it.next()) + REALM_NAME);
            if (value.length() > 20) {
                throw new ConfigurationException("Realm name is longer then 20 characters: " + value);
            }
            if (!Charset.forName("US-ASCII").newEncoder().canEncode(value)) {
                throw new ConfigurationException("Realm name is not ASCII: " + value);
            }
            for (char c : value.toCharArray()) {
                if (!Character.isLetterOrDigit(c)) {
                    throw new ConfigurationException("Realm name must have only digits and letters: " + value);
                }
            }
        }
    }

    private static String getConfigurationFile(Environment environment, ConfigurationLocationProvider configurationLocationProvider) {
        String[] strArr = (String[]) environment.getProperty("nonOptionArgs", String[].class);
        String configurationLocation = (strArr == null || strArr.length <= 0) ? configurationLocationProvider.getConfigurationLocation() : strArr[0];
        log.info("Using configuration file: " + configurationLocation);
        return configurationLocation;
    }

    private Map<String, Locale> loadEnabledLocales() {
        List listOfValues = getListOfValues(ENABLED_LOCALES);
        if (listOfValues.isEmpty()) {
            listOfValues = new ArrayList();
            listOfValues.add("en English");
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        Iterator it = listOfValues.iterator();
        while (it.hasNext()) {
            String str = ((String) it.next()).trim() + " ";
            int indexOf = str.indexOf(32);
            String substring = str.substring(0, indexOf);
            String trim = str.substring(indexOf).trim();
            if (trim.equals("")) {
                trim = substring;
            }
            linkedHashMap.put(trim, safeLocaleDecode(substring));
        }
        return linkedHashMap;
    }

    public boolean isLocaleSupported(Locale locale) {
        Iterator<Locale> it = this.enabledLocales.values().iterator();
        while (it.hasNext()) {
            if (it.next().equals(locale)) {
                return true;
            }
        }
        return false;
    }

    public static Locale safeLocaleDecode(String str) {
        Locale locale;
        if (str == null) {
            return Locale.ENGLISH;
        }
        String trim = str.trim();
        if (trim.contains("_")) {
            String[] split = trim.split("_");
            locale = new Locale(split[0], split[1]);
        } else {
            locale = new Locale(trim);
        }
        return locale;
    }

    public UnityHttpServerConfiguration getJettyProperties() {
        return this.jp;
    }

    public Locale getDefaultLocale() {
        return this.defaultLocale;
    }

    public Map<String, Locale> getEnabledLocales() {
        return this.enabledLocales;
    }

    public UnityPKIConfiguration getPKIConfiguration() {
        return this.pkiConf;
    }

    public List<AuthenticationOptionDescription> getEndpointAuth(String str) {
        String[] split = getValue(str + ENDPOINT_AUTHENTICATORS).split(";");
        ArrayList arrayList = new ArrayList();
        for (String str2 : split) {
            String[] split2 = str2.split(",");
            if (split2.length > 2) {
                throw new ConfigurationException("Invalid configuration of authenticators of the endpoint with id " + str + ". In one authentication set maximum of 2 authenticators is allowed.");
            }
            arrayList.add(new AuthenticationOptionDescription(split2[0], split2.length == 2 ? split2[1] : null));
        }
        return arrayList;
    }

    public String getConfiguredTheme(String str, String str2) {
        return isSet(str) ? getValue(str) : isSet(THEME) ? getValue(THEME) : str2;
    }

    public List<ScriptConfiguration> getContentInitializersConfiguration() {
        Set<String> structuredListKeys = getStructuredListKeys(SCRIPTS);
        ArrayList arrayList = new ArrayList(structuredListKeys.size());
        for (String str : structuredListKeys) {
            arrayList.add(new ScriptConfiguration((ScriptType) getEnumValue(str + SCRIPT_TYPE, ScriptType.class), getValue(str + SCRIPT_TRIGGER), getValue(str + SCRIPT_FILE)));
        }
        return arrayList;
    }

    public List<String> getSortedListKeys(String str) {
        Set sortedStringKeys = getSortedStringKeys(this.prefix + str, false);
        int length = (this.prefix + str).length();
        return (List) sortedStringKeys.stream().map(str2 -> {
            return str2.substring(length);
        }).collect(Collectors.toList());
    }

    public Properties getProperties() {
        return this.properties;
    }

    static {
        PropertyMD.DocumentationCategory documentationCategory = new PropertyMD.DocumentationCategory("General settings", "1");
        PropertyMD.DocumentationCategory documentationCategory2 = new PropertyMD.DocumentationCategory("Content initializers: credentials", "2");
        PropertyMD.DocumentationCategory documentationCategory3 = new PropertyMD.DocumentationCategory("Content initializers: credential requirements", "3");
        PropertyMD.DocumentationCategory documentationCategory4 = new PropertyMD.DocumentationCategory("Content initializers: authenticators", "4");
        PropertyMD.DocumentationCategory documentationCategory5 = new PropertyMD.DocumentationCategory("Content initializers: authentication realms", "5");
        PropertyMD.DocumentationCategory documentationCategory6 = new PropertyMD.DocumentationCategory("Content initializers: endpoints", "6");
        PropertyMD.DocumentationCategory documentationCategory7 = new PropertyMD.DocumentationCategory("Other", "8");
        defaults.put(ENABLED_LOCALES, new PropertyMD().setList(true).setCategory(documentationCategory).setDescription("List of enabled locales. Each entry must have a language code as 'en' or 'pl' first, and then, after a space an optional, short name which will be presented in the UI. By default the 'en' locale is installed."));
        defaults.put(DEFAULT_LOCALE, new PropertyMD("en").setCategory(documentationCategory).setDescription("The default locale to be used. Must be one of the enabled locales."));
        defaults.put(MAIL_CONF, new PropertyMD().setPath().setCategory(documentationCategory).setDescription("A configuration file for the mail notification subsystem. Email notifications will be disabled if unset."));
        defaults.put(SMS_CONF, new PropertyMD().setPath().setCategory(documentationCategory).setDescription("A configuration file for the SMS notification subsystem. SMS notifications will be disabled if unset."));
        defaults.put(TEMPLATES_CONF, new PropertyMD("conf/msgTemplates.properties").setPath().setCategory(documentationCategory).setDescription("A file with the initial message templates. You can have this file empty and manage the templates via the Admin UI."));
        defaults.put(PKI_CONF, new PropertyMD("conf/pki.properties").setPath().setCategory(documentationCategory).setDescription("A file with the configuration of the PKI: credentials and truststores."));
        defaults.put(RECREATE_ENDPOINTS_ON_STARTUP, new PropertyMD("true").setCategory(documentationCategory).setDeprecated().setDescription("This setting is ignored. By default all endpoints, realms and authenticators are reloaded at startup.As a more admin-friendly counterpart of this setting use ."));
        defaults.put(IGNORE_CONFIGURED_CONTENTS_SETTING, new PropertyMD("false").setCategory(documentationCategory).setDescription("If set to true then all configuration settings related to loading of database contents (endpoints, authenticators, credentials, ...) are ignored. This is useful in the case of redundant Unity instance, which should use the database contents configured at the master serevr."));
        defaults.put(CONFIG_ONLY_ERA_CONTROL, new PropertyMD("true").setCategory(documentationCategory).setDescription("If set to true then all Endpoints, Authenticators and authentication Realms are fully recreated from configuration at startup. This is convenient unless you use other management means for those artefacts (as REST interface). Then set it to false, to have only incremental changes from configuration - elements not present in configuration will not be removed then. Note that this option is ignored if ignoreContentsReloadingFromConfiguration is true."));
        defaults.put(LOGOUT_MODE, new PropertyMD(LogoutMode.internalAndSyncPeers).setCategory(documentationCategory).setDescription("Controls the way how the logout operation is performed. +internalOnly+ will perform only a local logout. +internalAndSyncPeers+ will also logout all remote session participants but only using a synchronous binding. Finally +internalAndAsyncPeers+ will logout remote session participants also using asynchronous protocols (with web browser redirects) if needed. This last option is risky as it may happen that a faulty peer won't redirect the web agent back."));
        defaults.put(THREAD_POOL_SIZE, new PropertyMD("4").setCategory(documentationCategory).setDescription("Number of threads used by internal processes of the server. HTTP server threads use a separate pool."));
        defaults.put(INITIALIZERS, new PropertyMD().setList(true).setCategory(documentationCategory).setDescription("List of identifiers of initialization modules that should be run on the first startup."));
        defaults.put(UPDATE_INTERVAL, new PropertyMD("60").setPositive().setCategory(documentationCategory).setDescription("Defines the interval of background update tasks in seconds. Those tasks are used to update runtime state of the server (for instance the deployed endpoints) with the data which is stored in database."));
        defaults.put(WORKSPACE_DIRECTORY, new PropertyMD("data/workspace").setPath().setCategory(documentationCategory).setDescription("Defines a folder where the server will write its internal files."));
        defaults.put(MESSAGES_DIRECTORY, new PropertyMD("i18n").setPath().setCategory(documentationCategory).setDescription("Defines a folder where internacionalized messages are stored. Note that this directory is optional: a fallback messages are always included in the application."));
        defaults.put(DEFAULT_WEB_CONTENT_PATH, new PropertyMD("webContent").setPath().setCategory(documentationCategory).setDescription("Defines a default folder from which the web endpoints will serve static content, configured locally. Also used for the shared endpoint under /unitygw path."));
        defaults.put(THEME, new PropertyMD().setCategory(documentationCategory).setDescription("Overrides the default theme name as used for rendering the web endpoints. This setting can be overriden per-endpoint. Applicable only for the web endpoints."));
        defaults.put(ALLOW_FULL_HTML, new PropertyMD("false").setCategory(documentationCategory).setDescription("If set to true then Unity will render full HTML in admin-configured descriptions of elements intended for end-user presentation (e.g. registration form agreements or credential description). If false then only a very limited set of HTML formatting tags will be rendered, the rest will be escaped. This setting must be set to false in case when Unity is used by not-fully trusted administrators, who (even with partially limited rights) may performXSS attacks. Then, however functionality of registration forms etc is slightly limited as it is impossible to insert links and other advanced formating."));
        defaults.put(DEFAULT_WEB_PATH, new PropertyMD().setCategory(documentationCategory).setDescription("If set Unity will redirect request without the path to this one"));
        defaults.put(UNITYGW_WEB_CONTENT_PATH, new PropertyMD().setPath().setCategory(documentationCategory).setDescription("Defines a folder from which all the web applications operating on the shared unitygw path (e.g. the email confirmation screen) will serve static content as images. Overrides the default webContent path."));
        defaults.put(CONFIRMATION_THEME, new PropertyMD().setCategory(documentationCategory).setDescription("Sets the theme used for rendering the confirmation UI (shown after confirming email etc).This setting overrides the default server theme."));
        defaults.put(CONFIRMATION_TEMPLATE, new PropertyMD("default.ftl").setCategory(documentationCategory).setDescription("The name of a Freemarker template, relative to templates directory, with a template of the confirmation UI. Custom template can be used to add static header/footer etc."));
        defaults.put(WELL_KNOWN_URL_THEME, new PropertyMD().setCategory(documentationCategory).setDescription("Sets the theme used for rendering the well known links UI (used for standalone registration forms and others).This setting overrides the default server theme."));
        defaults.put(WELL_KNOWN_URL_TEMPLATE, new PropertyMD("default.ftl").setCategory(documentationCategory).setDescription("The name of a Freemarker template, relative to templates directory, with a template of the well-known links web interface. Custom template can be used to add static header/footer etc."));
        defaults.put(INITIAL_ADMIN_USER, new PropertyMD().setCategory(documentationCategory).setDescription("Username of the administrator to be installed to the database upon startup. Remove the property if no admin should be added."));
        defaults.put(INITIAL_ADMIN_PASSWORD, new PropertyMD("admin").setCategory(documentationCategory).setDescription("Password of the administrator to be installed to the empty database."));
        defaults.put(INITIAL_ADMIN_USER_OUTDATED, new PropertyMD("true").setCategory(documentationCategory).setDescription("If false then the default admin user is not set to outdated state after creation. Useful only for testbeds."));
        defaults.put("userImport.", new PropertyMD().setList(false).setCategory(documentationCategory).setDescription("List of file paths, where each file contains a definition of a user import subsystem. Use of user import feature is naturally optional and so this list typically is empty."));
        defaults.put(TRANSLATION_PROFILES, new PropertyMD().setList(false).setCategory(documentationCategory).setDescription("List of file paths, where each file contains a definition of a translation profile, used to configure mapping of remote identities to the local representation."));
        defaults.put(ENDPOINTS, new PropertyMD().setStructuredList(false).setCategory(documentationCategory6).setDescription("List of initially enabled endpoints"));
        defaults.put(ENDPOINT_TYPE, new PropertyMD().setStructuredListEntry(ENDPOINTS).setMandatory().setCategory(documentationCategory6).setDescription("Endpoint type"));
        defaults.put(ENDPOINT_CONFIGURATION, new PropertyMD().setStructuredListEntry(ENDPOINTS).setPath().setMandatory().setCategory(documentationCategory6).setDescription("Path of the file with JSON configuration of the endpoint"));
        defaults.put(ENDPOINT_DESCRIPTION, new PropertyMD("").setStructuredListEntry(ENDPOINTS).setCategory(documentationCategory6).setDescription("Description of the endpoint"));
        defaults.put(ENDPOINT_ADDRESS, new PropertyMD().setStructuredListEntry(ENDPOINTS).setMandatory().setCategory(documentationCategory6).setDescription("Context path of the endpoint"));
        defaults.put(ENDPOINT_NAME, new PropertyMD().setStructuredListEntry(ENDPOINTS).setMandatory().setCategory(documentationCategory6).setDescription("Endpoint identifier. It is used to refer to this endpoint in other parts of the system."));
        defaults.put(ENDPOINT_DISPLAYED_NAME, new PropertyMD().setStructuredListEntry(ENDPOINTS).setCanHaveSubkeys().setCategory(documentationCategory6).setDescription("Endpoint displayed name. It is used whenever endpoint's name is presented to the end-user, e.g. in top bars of web UIs. Localized values can be given with subkeys equal to locale name. If undefined then Unity will use endpointName"));
        defaults.put(ENDPOINT_AUTHENTICATORS, new PropertyMD().setStructuredListEntry(ENDPOINTS).setMandatory().setCategory(documentationCategory6).setDescription("Endpoint authenticator names: each set is separated with ';' and particular authenticators in each set with ','."));
        defaults.put(ENDPOINT_REALM, new PropertyMD().setMandatory().setStructuredListEntry(ENDPOINTS).setCategory(documentationCategory6).setDescription("Authentication realm name, to which this endpoint belongs."));
        defaults.put(AUTHENTICATORS, new PropertyMD().setStructuredList(false).setCategory(documentationCategory4).setDescription("List of initially enabled authenticators"));
        defaults.put(AUTHENTICATOR_NAME, new PropertyMD().setStructuredListEntry(AUTHENTICATORS).setMandatory().setCategory(documentationCategory4).setDescription("Authenticator name"));
        defaults.put(AUTHENTICATOR_TYPE, new PropertyMD().setStructuredListEntry(AUTHENTICATORS).setMandatory().setCategory(documentationCategory4).setDescription("Authenticator type"));
        defaults.put(AUTHENTICATOR_CREDENTIAL, new PropertyMD().setStructuredListEntry(AUTHENTICATORS).setCategory(documentationCategory4).setDescription("For local authenticator the name of the local credential associated with it."));
        defaults.put(AUTHENTICATOR_VERIFICATOR_CONFIG, new PropertyMD().setStructuredListEntry(AUTHENTICATORS).setCategory(documentationCategory4).setDescription("Authenticator configuration file of the verificator"));
        defaults.put(AUTHENTICATOR_RETRIEVAL_CONFIG, new PropertyMD().setStructuredListEntry(AUTHENTICATORS).setCategory(documentationCategory4).setDescription("Authenticator configuration file of the retrieval"));
        defaults.put(REALMS, new PropertyMD().setStructuredList(false).setCategory(documentationCategory5).setDescription("List of authentication realm definitions."));
        defaults.put(REALM_NAME, new PropertyMD().setMandatory().setStructuredListEntry(REALMS).setCategory(documentationCategory5).setDescription("Defines the realm's name. Must contain only alphanumeric letters, and can not exceed 20 characters."));
        defaults.put(REALM_DESCRIPTION, new PropertyMD().setStructuredListEntry(REALMS).setCategory(documentationCategory5).setDescription("Realm's description."));
        defaults.put(REALM_BLOCK_AFTER_UNSUCCESSFUL, new PropertyMD("5").setPositive().setStructuredListEntry(REALMS).setCategory(documentationCategory5).setDescription("Defines maximum number of unsuccessful logins before the access is temporarely blocked for a client."));
        defaults.put(REALM_BLOCK_FOR, new PropertyMD("60").setPositive().setStructuredListEntry(REALMS).setCategory(documentationCategory5).setDescription("Defines for how long (in seconds) the access should be blocked for theclient reaching the limit of unsuccessful logins."));
        defaults.put(REALM_MAX_INACTIVITY, new PropertyMD("1800").setPositive().setStructuredListEntry(REALMS).setCategory(documentationCategory5).setDescription("Defines after what time of inactivity the login session is terminated (in seconds). Note: the HTTP sessions (if applicable for endpoint) will be couple of seconds shorter to allow for login session expiration warning."));
        defaults.put(REALM_REMEMBER_ME, new PropertyMD("-1").setStructuredListEntry(REALMS).setCategory(documentationCategory5).setDescription("(web endpoints only) If set to positive number, the realm authentication will allow for remeberinging the user's login even after session is lost due to expiration or browser closing. The period of time to remember the login will be equal to the number of days as given to this option. IMPORTANT! This is an insecure option. Use it only for realms containing only endpoints with low security requirements."));
        defaults.put("credentials.", new PropertyMD().setStructuredList(false).setCategory(documentationCategory2).setDescription("List of initially defined credentials"));
        defaults.put(CREDENTIAL_NAME, new PropertyMD().setStructuredListEntry("credentials.").setMandatory().setCategory(documentationCategory2).setDescription("Credential name"));
        defaults.put(CREDENTIAL_TYPE, new PropertyMD().setStructuredListEntry("credentials.").setMandatory().setCategory(documentationCategory2).setDescription("Credential type"));
        defaults.put(CREDENTIAL_DESCRIPTION, new PropertyMD("").setStructuredListEntry("credentials.").setCategory(documentationCategory2).setDescription("Credential description"));
        defaults.put(CREDENTIAL_CONFIGURATION, new PropertyMD().setStructuredListEntry("credentials.").setMandatory().setCategory(documentationCategory2).setDescription("Credential configuration file"));
        defaults.put(CREDENTIAL_REQS, new PropertyMD().setStructuredList(false).setCategory(documentationCategory3).setDescription("List of initially defined credential requirements"));
        defaults.put(CREDENTIAL_REQ_NAME, new PropertyMD().setStructuredListEntry(CREDENTIAL_REQS).setMandatory().setCategory(documentationCategory3).setDescription("Credential requirement name"));
        defaults.put(CREDENTIAL_REQ_DESCRIPTION, new PropertyMD("").setStructuredListEntry(CREDENTIAL_REQS).setCategory(documentationCategory3).setDescription("Credential requirement description"));
        defaults.put(CREDENTIAL_REQ_CONTENTS, new PropertyMD().setStructuredListEntry(CREDENTIAL_REQS).setList(false).setCategory(documentationCategory3).setDescription("Credential requirement contents, i.e. credentials that belongs to it"));
        defaults.put(CONFIRMATION_REQUEST_LIMIT, new PropertyMD("3").setCategory(documentationCategory).setDescription("Defines number of confirmation request that can be send to particular address in day"));
        defaults.put(CONFIRMATION_DEFAULT_RETURN_URL, new PropertyMD().setCategory(documentationCategory).setDescription("If set the value should be a valid URL. The URL is used as a return (redirect) URL to be used after confirmation of a verifiable element as email. Can be overriden for instance in registration form definition, for all confirmations related to the form."));
        defaults.put(CONFIRMATION_AUTO_REDIRECT, new PropertyMD("false").setCategory(documentationCategory).setDescription("If false Unity will show its confirmation screen after email verification. If true and a return URL is defined for the confirmation then the screen is not shown and redirect is immediate."));
        defaults.put(MAIN_TRUSTSTORE, new PropertyMD().setMandatory().setCategory(documentationCategory).setDescription("Name of the truststore to be used by the server."));
        defaults.put(MAIN_CREDENTIAL, new PropertyMD().setMandatory().setCategory(documentationCategory).setDescription("Name of the credential to be used by the server."));
        defaults.put("httpServer.", new PropertyMD().setCanHaveSubkeys().setCategory(documentationCategory7).setDescription("Properties starting with this prefix are used to configure Jetty HTTP server settings. See separate table for details."));
        defaults.put(SCRIPTS, new PropertyMD().setStructuredList(true).setCategory(documentationCategory).setDescription("List of scripts that that can be used to enhance default server functionality"));
        defaults.put(SCRIPT_FILE, new PropertyMD().setStructuredListEntry(SCRIPTS).setMandatory().setCategory(documentationCategory).setDescription("A file with enhancement script contents"));
        defaults.put(SCRIPT_TYPE, new PropertyMD(ScriptType.groovy).setStructuredListEntry(SCRIPTS).setCategory(documentationCategory).setDescription("Type of script."));
        defaults.put(SCRIPT_TRIGGER, new PropertyMD().setStructuredListEntry(SCRIPTS).setMandatory().setCategory(documentationCategory).setDescription("Defines the name of event which triggers script invocation. See scripts documentation about more complete information. For execution at server startup it is possible to use: " + EventCategory.PRE_INIT + ": run before configuration settings are loaded to database (endpoints, authenticators, credentials, ...). " + EventCategory.POST_INIT + ": run after configuration settings are loaded to database."));
        defaults.put(ENABLE_LOW_LEVEL_EVENTS, new PropertyMD("false").setCategory(documentationCategory).setDescription("If set to true then all platform low level operations will trigger events, which can be in turn consumed by scripts. This feature however causes a small performance penalty (even without taking into account a potential script execution time) and therefore by defualt is disabled."));
        SUPPORTED_LOCALES.put("en", new Locale("en"));
        SUPPORTED_LOCALES.put("pl", new Locale("pl"));
        SUPPORTED_LOCALES.put("de", new Locale("de"));
    }
}
