package org.appng.application.authentication.webform;

import java.util.Locale;
import org.apache.commons.lang3.StringUtils;
import org.appng.api.DataContainer;
import org.appng.api.DataProvider;
import org.appng.api.Environment;
import org.appng.api.FieldProcessor;
import org.appng.api.MessageParam;
import org.appng.api.Options;
import org.appng.api.Request;
import org.appng.api.Scope;
import org.appng.api.auth.PasswordPolicy;
import org.appng.api.model.Application;
import org.appng.api.model.AuthSubject;
import org.appng.api.model.Site;
import org.appng.api.model.Subject;
import org.appng.application.authentication.AbstractLogon;
import org.appng.application.authentication.MessageConstants;
import org.appng.core.domain.SubjectImpl;
import org.appng.core.security.ConfigurablePasswordPolicy;
import org.appng.core.security.DefaultPasswordPolicy;
import org.appng.core.service.CoreService;
import org.appng.xml.platform.FieldDef;
import org.appng.xml.platform.Message;
import org.appng.xml.platform.MessageType;
import org.appng.xml.platform.Pattern;
import org.appng.xml.platform.Size;
import org.appng.xml.platform.Validation;
import org.passay.LengthRule;
import org.passay.Rule;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:org/appng/application/authentication/webform/PasswordChange.class */
public class PasswordChange extends AbstractLogon implements DataProvider {
    private static final Logger LOGGER = LoggerFactory.getLogger(PasswordChange.class);
    private static final String PREVIOUS_PATH = "previousPath";
    private static final String BASE_URL = "baseUrl";

    public PasswordChange(CoreService coreService) {
        super(coreService);
    }

    public void perform(Site site, Application application, Environment environment, Options options, Request request, LoginData loginData, FieldProcessor fieldProcessor) {
        CoreService coreService = (CoreService) application.getBean(CoreService.class);
        String name = environment.getSubject().getName();
        SubjectImpl subjectByName = coreService.getSubjectByName(name, false);
        if (null == subjectByName) {
            fieldProcessor.addErrorMessage(application.getMessage(environment.getLocale(), MessageConstants.USER_UNKNOWN, new Object[0]));
            return;
        }
        Locale locale = new Locale(subjectByName.getLanguage());
        loginData.setUsername(name);
        String password = loginData.getPassword();
        String oldpassword = loginData.getOldpassword();
        String passwordConfirmation = loginData.getPasswordConfirmation();
        if (StringUtils.isEmpty(oldpassword)) {
            fieldProcessor.addErrorMessage(application.getMessage(locale, MessageConstants.OLDPASSWORD_EMPTY, new Object[0]));
            return;
        }
        if (!StringUtils.equals(password, passwordConfirmation)) {
            fieldProcessor.addErrorMessage(application.getMessage(locale, MessageConstants.PASSWORD_NOT_EQUAL, new Object[0]));
            return;
        }
        if (!coreService.getDefaultPasswordHandler(subjectByName).isValidPassword(oldpassword)) {
            fieldProcessor.addErrorMessage(application.getMessage(locale, MessageConstants.OLDPASSWORD_ERROR, new Object[0]));
            return;
        }
        PasswordPolicy.ValidationResult updatePassword = coreService.updatePassword(site.getPasswordPolicy(), oldpassword.toCharArray(), password.toCharArray(), subjectByName);
        if (updatePassword.isValid()) {
            String message = application.getMessage(locale, MessageConstants.PASSWORD_CHANGE, new Object[0]);
            subjectByName.setPasswordChangePolicy(AuthSubject.PasswordChangePolicy.MAY);
            environment.getSubject().setPasswordChangePolicy(AuthSubject.PasswordChangePolicy.MAY);
            coreService.updateSubject(subjectByName);
            fieldProcessor.addOkMessage(message);
            site.sendRedirect(environment, (String) environment.getAttribute(Scope.SESSION, PREVIOUS_PATH), Integer.valueOf(HttpStatus.FOUND.value()));
            return;
        }
        for (MessageParam messageParam : updatePassword.getMessages()) {
            fieldProcessor.addErrorMessage(fieldProcessor.getField("password"), request.getMessage(messageParam.getMessageKey(), messageParam.getMessageArgs()));
        }
    }

    public DataContainer getData(Site site, Application application, Environment environment, Options options, Request request, FieldProcessor fieldProcessor) {
        Subject subject = environment.getSubject();
        DataContainer dataContainer = new DataContainer(fieldProcessor);
        if (subject == null) {
            site.sendRedirect(environment, (String) environment.getAttribute(Scope.REQUEST, BASE_URL), Integer.valueOf(HttpStatus.FOUND.value()));
        } else if (AuthSubject.PasswordChangePolicy.MUST_NOT.equals(subject.getPasswordChangePolicy())) {
            String message = application.getMessage(environment.getLocale(), MessageConstants.PASSWORD_CHANGE_NOT_ALLOWED, new Object[0]);
            LoginData loginData = new LoginData();
            loginData.setUsername(subject.getName());
            fieldProcessor.getFields().forEach(fieldDef -> {
                fieldDef.setReadonly(Boolean.TRUE.toString());
            });
            fieldProcessor.addErrorMessage(message);
            dataContainer.setItem(loginData);
        } else {
            LoginData loginData2 = new LoginData();
            if (AuthSubject.PasswordChangePolicy.MUST.equals(subject.getPasswordChangePolicy())) {
                fieldProcessor.addInvalidMessage(request.getMessage(MessageConstants.PASSWORD_MUST_CHANGE, new Object[0]));
            }
            addValidationForPolicy(request, fieldProcessor, site.getPasswordPolicy());
            loginData2.setUsername(subject.getName());
            dataContainer.setItem(loginData2);
        }
        return dataContainer;
    }

    private void addValidationForPolicy(Request request, FieldProcessor fieldProcessor, PasswordPolicy passwordPolicy) {
        FieldDef field = fieldProcessor.getField("password");
        if (passwordPolicy instanceof DefaultPasswordPolicy) {
            Validation validation = new Validation();
            field.setValidation(validation);
            Pattern pattern = new Pattern();
            pattern.setRegexp(((DefaultPasswordPolicy) DefaultPasswordPolicy.class.cast(passwordPolicy)).getPattern().pattern());
            Message message = new Message();
            message.setClazz(MessageType.ERROR);
            message.setRef(field.getBinding());
            pattern.setMessage(getMessage(field, request.getMessage(passwordPolicy.getErrorMessageKey(), new Object[0])));
            validation.setPattern(pattern);
            return;
        }
        if (passwordPolicy instanceof ConfigurablePasswordPolicy) {
            for (Rule rule : ((ConfigurablePasswordPolicy) ConfigurablePasswordPolicy.class.cast(passwordPolicy)).getValidator().getRules()) {
                if (rule instanceof LengthRule) {
                    Validation validation2 = new Validation();
                    field.setValidation(validation2);
                    Size size = new Size();
                    size.setMin(Integer.valueOf(((LengthRule) LengthRule.class.cast(rule)).getMinimumLength()));
                    size.setMax(Integer.valueOf(((LengthRule) LengthRule.class.cast(rule)).getMaximumLength()));
                    size.setMessage(getMessage(field, request.getMessage(MessageConstants.PASSWORD_LENGTH, new Object[]{size.getMin(), size.getMax()})));
                    validation2.setSize(size);
                }
            }
        }
    }

    private Message getMessage(FieldDef fieldDef, String str) {
        Message message = new Message();
        message.setClazz(MessageType.ERROR);
        message.setRef(fieldDef.getBinding());
        message.setContent(str);
        return message;
    }

    @Override // org.appng.application.authentication.AbstractLogon
    protected Logger log() {
        return LOGGER;
    }
}
