package org.cloudfoundry.identity.uaa.login;

import java.io.IOException;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.cloudfoundry.identity.uaa.error.UaaException;
import org.cloudfoundry.identity.uaa.oauth.Claims;
import org.cloudfoundry.identity.uaa.scim.endpoints.PasswordResetEndpoints;
import org.cloudfoundry.identity.uaa.util.UaaUrlUtils;
import org.cloudfoundry.identity.uaa.zone.IdentityZone;
import org.cloudfoundry.identity.uaa.zone.IdentityZoneHolder;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.type.TypeReference;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.util.StringUtils;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.RestClientException;
import org.thymeleaf.TemplateEngine;
import org.thymeleaf.context.Context;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-login-2.2.6.jar:org/cloudfoundry/identity/uaa/login/EmailResetPasswordService.class */
public class EmailResetPasswordService implements ResetPasswordService {
    private final Log logger = LogFactory.getLog(getClass());
    private final TemplateEngine templateEngine;
    private final MessageService messageService;
    private final PasswordResetEndpoints passwordResetEndpoints;
    private final UaaUrlUtils uaaUrlUtils;
    private final String brand;

    public EmailResetPasswordService(TemplateEngine templateEngine, MessageService messageService, PasswordResetEndpoints passwordResetEndpoints, UaaUrlUtils uaaUrlUtils, String str) {
        this.templateEngine = templateEngine;
        this.messageService = messageService;
        this.passwordResetEndpoints = passwordResetEndpoints;
        this.uaaUrlUtils = uaaUrlUtils;
        this.brand = str;
    }

    @Override // org.cloudfoundry.identity.uaa.login.ResetPasswordService
    public void forgotPassword(String str) {
        String subjectText = getSubjectText();
        String str2 = null;
        String str3 = null;
        try {
            ResponseEntity<Map<String, String>> resetPassword = this.passwordResetEndpoints.resetPassword(str);
            if (resetPassword.getStatusCode() == HttpStatus.CONFLICT) {
                str2 = getResetUnavailableEmailHtml(str);
                str3 = resetPassword.getBody().get(Claims.USER_ID);
            } else if (resetPassword.getStatusCode() != HttpStatus.NOT_FOUND) {
                str3 = resetPassword.getBody().get(Claims.USER_ID);
                str2 = getCodeSentEmailHtml(resetPassword.getBody().get("code"), str);
            }
        } catch (IOException e) {
            this.logger.error("Exception raised while creating password reset for " + str, e);
        } catch (HttpClientErrorException e2) {
            if (e2.getStatusCode() == HttpStatus.CONFLICT) {
                str2 = getResetUnavailableEmailHtml(str);
                try {
                    str3 = (String) ((Map) new ObjectMapper().readValue(e2.getResponseBodyAsString(), new TypeReference<Map<String, String>>() { // from class: org.cloudfoundry.identity.uaa.login.EmailResetPasswordService.1
                    })).get(Claims.USER_ID);
                } catch (IOException e3) {
                    this.logger.error("Bad response from UAA", e3);
                }
            } else {
                this.logger.info("Exception raised while creating password reset for " + str, e2);
            }
        }
        if (str2 == null || str3 == null) {
            return;
        }
        this.messageService.sendMessage(str3, str, MessageType.PASSWORD_RESET, subjectText, str2);
    }

    private String getSubjectText() {
        String serviceName = getServiceName();
        return StringUtils.isEmpty(serviceName) ? "Account password reset request" : serviceName + " account password reset request";
    }

    @Override // org.cloudfoundry.identity.uaa.login.ResetPasswordService
    public Map<String, String> resetPassword(String str, String str2) {
        try {
            PasswordResetEndpoints.PasswordChange passwordChange = new PasswordResetEndpoints.PasswordChange();
            passwordChange.setCode(str);
            passwordChange.setNewPassword(str2);
            ResponseEntity<Map<String, String>> changePassword = this.passwordResetEndpoints.changePassword(passwordChange);
            if (changePassword.getStatusCode() == HttpStatus.BAD_REQUEST) {
                throw new UaaException("Invalid password reset request.");
            }
            return changePassword.getBody();
        } catch (RestClientException e) {
            throw new UaaException(e.getMessage());
        }
    }

    private String getCodeSentEmailHtml(String str, String str2) {
        String uaaUrl = this.uaaUrlUtils.getUaaUrl("/reset_password");
        Context context = new Context();
        context.setVariable("serviceName", getServiceName());
        context.setVariable("code", str);
        context.setVariable("email", str2);
        context.setVariable("resetUrl", uaaUrl);
        return this.templateEngine.process("reset_password", context);
    }

    private String getResetUnavailableEmailHtml(String str) {
        String uaaHost = this.uaaUrlUtils.getUaaHost();
        Context context = new Context();
        context.setVariable("serviceName", getServiceName());
        context.setVariable("email", str);
        context.setVariable("hostname", uaaHost);
        return this.templateEngine.process("reset_password_unavailable", context);
    }

    private String getServiceName() {
        return IdentityZoneHolder.get().equals(IdentityZone.getUaa()) ? this.brand.equals("pivotal") ? "Pivotal" : "" : IdentityZoneHolder.get().getName();
    }
}
