package org.apereo.cas.pm.web.flow.actions;

import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.pm.InvalidPasswordException;
import org.apereo.cas.pm.PasswordChangeBean;
import org.apereo.cas.pm.PasswordManagementService;
import org.apereo.cas.pm.PasswordValidationService;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.binding.message.MessageBuilder;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.action.EventFactorySupport;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-pm-webflow-5.3.11.jar:org/apereo/cas/pm/web/flow/actions/PasswordChangeAction.class */
public class PasswordChangeAction extends AbstractAction {
    public static final String PASSWORD_UPDATE_SUCCESS = "passwordUpdateSuccess";
    private static final String PASSWORD_VALIDATION_FAILURE_CODE = "pm.validationFailure";
    private static final String DEFAULT_MESSAGE = "Could not update the account password";
    private final PasswordManagementService passwordManagementService;
    private final PasswordValidationService passwordValidationService;

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) PasswordChangeAction.class);
    private static final MessageBuilder ERROR_MSG_BUILDER = new MessageBuilder().error();

    @Override // org.springframework.webflow.action.AbstractAction
    protected Event doExecute(RequestContext requestContext) {
        UsernamePasswordCredential usernamePasswordCredential;
        PasswordChangeBean passwordChangeBean;
        try {
            usernamePasswordCredential = (UsernamePasswordCredential) WebUtils.getCredential(requestContext);
            LOGGER.debug("Retrieved the current credential from webflow [{}]", usernamePasswordCredential);
            passwordChangeBean = (PasswordChangeBean) requestContext.getFlowScope().get("password", PasswordChangeBean.class);
            LOGGER.debug("Attempting to validate the provided password");
        } catch (InvalidPasswordException e) {
            LOGGER.error(e.getMessage(), (Throwable) e);
            return getErrorEvent(requestContext, PASSWORD_VALIDATION_FAILURE_CODE + ((String) StringUtils.defaultIfBlank(e.getCode(), "")), (String) StringUtils.defaultIfBlank(e.getValidationMessage(), DEFAULT_MESSAGE), e.getParams());
        } catch (Exception e2) {
            LOGGER.error(e2.getMessage(), (Throwable) e2);
        }
        if (!this.passwordValidationService.isValid(usernamePasswordCredential, passwordChangeBean)) {
            LOGGER.error("Failed to validate the password; perhaps the provided passwords are blank or the password does not match the expected policy pattern");
            return getErrorEvent(requestContext, PASSWORD_VALIDATION_FAILURE_CODE, DEFAULT_MESSAGE, new Object[0]);
        }
        LOGGER.debug("Attempting to update the password");
        if (this.passwordManagementService.change(usernamePasswordCredential, passwordChangeBean)) {
            WebUtils.putCredential(requestContext, new UsernamePasswordCredential(usernamePasswordCredential.getUsername(), passwordChangeBean.getPassword()));
            return new EventFactorySupport().event(this, PASSWORD_UPDATE_SUCCESS);
        }
        LOGGER.error("Unable to update the password");
        return getErrorEvent(requestContext, "pm.updateFailure", DEFAULT_MESSAGE, new Object[0]);
    }

    private Event getErrorEvent(RequestContext requestContext, String str, String str2, Object... objArr) {
        requestContext.getMessageContext().addMessage(ERROR_MSG_BUILDER.code(str).defaultText(str2).args(objArr).build());
        return error();
    }

    @Generated
    public PasswordChangeAction(PasswordManagementService passwordManagementService, PasswordValidationService passwordValidationService) {
        this.passwordManagementService = passwordManagementService;
        this.passwordValidationService = passwordValidationService;
    }
}
