package org.appng.application.authentication.webform;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Locale;
import org.apache.commons.lang3.StringUtils;
import org.appng.api.BusinessException;
import org.appng.api.Environment;
import org.appng.api.FieldProcessor;
import org.appng.api.Options;
import org.appng.api.Request;
import org.appng.api.auth.PasswordPolicy;
import org.appng.api.model.Application;
import org.appng.api.model.AuthSubject;
import org.appng.api.model.Properties;
import org.appng.api.model.Site;
import org.appng.api.model.UserType;
import org.appng.application.authentication.AbstractLogon;
import org.appng.application.authentication.AuthenticationSettings;
import org.appng.application.authentication.MessageConstants;
import org.appng.core.domain.SubjectImpl;
import org.appng.core.security.BCryptPasswordHandler;
import org.appng.core.security.Sha1PasswordHandler;
import org.appng.core.service.CoreService;
import org.appng.mail.Mail;
import org.appng.mail.MailException;
import org.appng.mail.MailTransport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:org/appng/application/authentication/webform/PasswordReset.class */
public class PasswordReset extends AbstractLogon {
    private static final Logger LOGGER = LoggerFactory.getLogger(PasswordReset.class);
    private static final String UTF_8 = "UTF-8";

    public PasswordReset(CoreService coreService) {
        super(coreService);
    }

    public void perform(Site site, Application application, Environment environment, Options options, Request request, LoginData loginData, FieldProcessor fieldProcessor) {
        CoreService coreService = (CoreService) application.getBean(CoreService.class);
        SubjectImpl subjectByName = coreService.getSubjectByName(loginData.getUsername(), false);
        if (null == subjectByName) {
            fieldProcessor.addErrorMessage(request.getMessage(MessageConstants.USER_UNKNOWN, new Object[0]));
        } else if (UserType.LOCAL_USER.equals(subjectByName.getUserType())) {
            doReset(site, application, environment, request, fieldProcessor, coreService, subjectByName, site.getPasswordPolicy(), subjectByName.getName(), subjectByName.getEmail());
        } else {
            fieldProcessor.addErrorMessage(request.getMessage(MessageConstants.USER_NOT_LOCAL, new Object[]{loginData.getUsername()}));
        }
    }

    protected boolean doReset(Site site, Application application, Environment environment, Request request, FieldProcessor fieldProcessor, CoreService coreService, AuthSubject authSubject, PasswordPolicy passwordPolicy, String str, String str2) {
        String calculatePasswordResetDigest;
        boolean z = false;
        String parameter = request.getParameter("action");
        String parameter2 = request.getParameter("form_action");
        Properties properties = application.getProperties();
        Locale locale = new Locale(authSubject.getLanguage());
        MailTransport mailTransport = (MailTransport) application.getBean(MailTransport.class);
        String string = properties.getString(AuthenticationSettings.MAIL_FROM);
        String string2 = site.getProperties().getString("manager-path");
        try {
            if ("resetPassword".equals(parameter)) {
                String message = application.getMessage(locale, MessageConstants.PASSWORD_ERROR, new Object[0]);
                if (StringUtils.isBlank(authSubject.getSalt())) {
                    fieldProcessor.addErrorMessage(message);
                    return false;
                }
                byte[] resetPassword = coreService.resetPassword(authSubject, passwordPolicy, str2, request.getParameter("hash"));
                String message2 = application.getMessage(locale, MessageConstants.MAIL_SUBJECT_NEW_PASSWORD, new Object[0]);
                if (null != resetPassword) {
                    sendMail(mailTransport, str2, string, message2, getMessageResetPassword(application, authSubject, locale, site.getDomain() + string2, resetPassword));
                    fieldProcessor.addOkMessage(application.getMessage(locale, MessageConstants.PASSWORD_SEND_TO, new Object[]{str}));
                    return true;
                }
                fieldProcessor.addErrorMessage(message);
            } else if ("forgotPassword".equals(parameter) || "forgotPassword".equals(parameter2)) {
                application.getMessage(locale, MessageConstants.USER_UNKNOWN, new Object[]{str});
                String message3 = application.getMessage(locale, MessageConstants.MAIL_SUBJECT_FORGOT_PASSWORD, new Object[0]);
                if (authSubject instanceof SubjectImpl) {
                    calculatePasswordResetDigest = coreService.forgotPassword(authSubject);
                } else {
                    calculatePasswordResetDigest = (!authSubject.getDigest().startsWith(BCryptPasswordHandler.getPrefix()) ? new Sha1PasswordHandler(authSubject) : new BCryptPasswordHandler(authSubject)).calculatePasswordResetDigest();
                    authSubject.setDigest(calculatePasswordResetDigest);
                    z = true;
                }
                StringBuilder sb = new StringBuilder(site.getDomain());
                sb.append(string2);
                sb.append("?action=resetPassword");
                sb.append("&username=" + str);
                sb.append("&hash=");
                sb.append(URLEncoder.encode(calculatePasswordResetDigest, UTF_8));
                sendMail(mailTransport, str2, string, message3, getMessageForgotPassword(application, authSubject, locale, sb.toString()));
                fieldProcessor.addOkMessage(application.getMessage(locale, MessageConstants.LINK_SEND_TO, new Object[]{str}));
            }
        } catch (UnsupportedEncodingException e) {
            LOGGER.error("error during action " + parameter, e);
            fieldProcessor.addErrorMessage((String) null);
        } catch (MailException e2) {
            LOGGER.error("error while sending mail", e2);
            fieldProcessor.addErrorMessage(application.getMessage(locale, MessageConstants.SEND_ERROR, new Object[0]));
        } catch (BusinessException e3) {
            LOGGER.error("error during action " + parameter, e3);
            fieldProcessor.addErrorMessage((String) null);
        }
        return z;
    }

    protected String getMessageForgotPassword(Application application, AuthSubject authSubject, Locale locale, String str) {
        return application.getMessage(locale, MessageConstants.MAIL_CONTENT_FORGOT_PASSWORD, new Object[]{authSubject.getAuthName(), str});
    }

    protected String getMessageResetPassword(Application application, AuthSubject authSubject, Locale locale, String str, byte[] bArr) {
        return application.getMessage(locale, MessageConstants.MAIL_CONTENT_RESET_PASSWORD, new Object[]{authSubject.getAuthName(), str, new String(bArr)});
    }

    private void sendMail(MailTransport mailTransport, String str, String str2, String str3, String str4) throws MailException {
        Mail createMail = mailTransport.createMail();
        createMail.setFrom(str2);
        createMail.setSubject(str3);
        createMail.addReceiver(str, Mail.RecipientType.TO);
        createMail.setTextContent(str4);
        mailTransport.send(createMail);
    }

    @Override // org.appng.application.authentication.AbstractLogon
    protected Logger log() {
        return LOGGER;
    }
}
