package org.craftercms.profile.management.web;

import javax.servlet.http.HttpServletRequest;
import org.craftercms.profile.exceptions.AppAuthenticationFailedException;
import org.craftercms.profile.impl.domain.Profile;
import org.craftercms.profile.management.model.ForgotPassword;
import org.craftercms.profile.management.model.PasswordChange;
import org.craftercms.profile.management.services.PasswordChangeService;
import org.craftercms.profile.management.services.impl.ProfileDAOServiceImpl;
import org.craftercms.profile.management.services.impl.ProfileServiceManager;
import org.craftercms.security.api.SecurityConstants;
import org.craftercms.security.api.UserProfile;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

@Controller
/* loaded from: input_file:WEB-INF/classes/org/craftercms/profile/management/web/ChangePasswordController.class */
public class ChangePasswordController {

    @Autowired
    private PasswordChangeService passwordChangeService;

    @Autowired
    private ProfileDAOServiceImpl profileDAOServiceImpl;

    @RequestMapping(value = {"/forgot-password"}, method = {RequestMethod.GET})
    public ModelAndView forgotPassword() {
        ModelAndView modelAndView = new ModelAndView();
        ForgotPassword forgotPassword = new ForgotPassword();
        forgotPassword.setTenantName(ProfileServiceManager.getCrafterProfileAppTenantName());
        forgotPassword.setChangePasswordUrl(this.passwordChangeService.getCrafterProfileChangePasswordUrl());
        modelAndView.setViewName("forgot-password");
        modelAndView.addObject("forgotPassword", forgotPassword);
        return modelAndView;
    }

    @RequestMapping(value = {"/forgeting-password"}, method = {RequestMethod.POST})
    public ModelAndView forgotPassword(@ModelAttribute("forgotPassword") ForgotPassword forgotPassword, BindingResult bindingResult, Model model) throws AppAuthenticationFailedException {
        ModelAndView modelAndView = new ModelAndView();
        forgotPassword.setTenantName(ProfileServiceManager.getCrafterProfileAppTenantName());
        validateForgetPassword(forgotPassword, bindingResult);
        if (bindingResult.hasErrors()) {
            modelAndView.setViewName("forgotpassword");
            modelAndView.addObject("forgotPassword", forgotPassword);
            return modelAndView;
        }
        this.passwordChangeService.forgotPassword(forgotPassword.getTenantName(), forgotPassword.getUsername());
        modelAndView.addObject("profile", this.profileDAOServiceImpl.getUser(forgotPassword.getUsername(), forgotPassword.getTenantName()));
        modelAndView.setViewName("forgetsucceed");
        return modelAndView;
    }

    @RequestMapping(value = {"/forgot-success"}, method = {RequestMethod.GET})
    public ModelAndView forgotPassword(Model model, HttpServletRequest httpServletRequest) throws AppAuthenticationFailedException {
        ModelAndView modelAndView = new ModelAndView();
        UserProfile userProfile = (UserProfile) httpServletRequest.getSession().getAttribute(SecurityConstants.PROFILE_FORGOT_PASSWORD);
        modelAndView.setViewName("forgot-success");
        modelAndView.addObject("profile", userProfile);
        return modelAndView;
    }

    @RequestMapping(value = {"/reset-password"}, method = {RequestMethod.GET})
    public ModelAndView changePassword(@RequestParam(required = false) String str) {
        ModelAndView modelAndView = new ModelAndView();
        PasswordChange passwordChange = new PasswordChange();
        passwordChange.setToken(str);
        modelAndView.setViewName("reset-password");
        modelAndView.addObject("passwordChange", passwordChange);
        return modelAndView;
    }

    @RequestMapping(value = {"/changing-password"}, method = {RequestMethod.POST})
    public ModelAndView changingPassword(@ModelAttribute("passwordChange") PasswordChange passwordChange, BindingResult bindingResult, Model model) throws AppAuthenticationFailedException {
        ModelAndView modelAndView = new ModelAndView();
        validateChangePassword(passwordChange, bindingResult);
        if (bindingResult.hasErrors()) {
            modelAndView.setViewName("changepassword");
            modelAndView.addObject("passwordChange", passwordChange);
            return modelAndView;
        }
        this.passwordChangeService.changePassword(passwordChange.getToken(), passwordChange.getNewpass());
        modelAndView.setViewName("login");
        return modelAndView;
    }

    private void validateChangePassword(PasswordChange passwordChange, BindingResult bindingResult) {
        if (!passwordChange.getNewpass().equals(passwordChange.getConfirmPass())) {
            bindingResult.rejectValue("newpass", "user.validation.fields.errors.change.password", null, "user.validation.fields.errors.change.password");
        }
        if (passwordChange.getNewpass() == null || passwordChange.getNewpass().isEmpty()) {
            bindingResult.rejectValue("newpass", "user.validation.error.empty.or.whitespace", null, "user.validation.error.empty.or.whitespace");
        }
        if (passwordChange.getConfirmPass() == null || passwordChange.getConfirmPass().equals("")) {
            bindingResult.rejectValue("confirmPass", "user.validation.error.empty.or.whitespace", null, "user.validation.error.empty.or.whitespace");
        }
    }

    private void validateForgetPassword(ForgotPassword forgotPassword, BindingResult bindingResult) throws AppAuthenticationFailedException {
        if (forgotPassword.getUsername() == null || forgotPassword.getUsername().equals("")) {
            bindingResult.rejectValue("username", "user.validation.error.empty.or.whitespace", null, "user.validation.error.empty.or.whitespace");
        }
        if (bindingResult.hasErrors()) {
            return;
        }
        Profile user = this.profileDAOServiceImpl.getUser(forgotPassword.getUsername(), forgotPassword.getTenantName());
        if (user == null) {
            bindingResult.rejectValue("username", "forgot.validation.fields.errors.user.no.exist", null, "forgot.validation.fields.errors.user.no.exist");
        } else if (user.getEmail() == null || user.getEmail().isEmpty()) {
            bindingResult.rejectValue("username", "forgot.validation.fields.errors.email.no.exist", null, "forgot.validation.fields.errors.user.no.exist");
        }
    }
}
