package org.craftercms.security.impl.processors;

import java.io.Serializable;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import net.sf.ehcache.search.SearchException;
import org.apache.commons.lang.StringUtils;
import org.craftercms.profile.constants.ProfileConstants;
import org.craftercms.security.api.AuthenticationService;
import org.craftercms.security.api.RequestContext;
import org.craftercms.security.api.RequestSecurityProcessor;
import org.craftercms.security.api.RequestSecurityProcessorChain;
import org.craftercms.security.authentication.CreateProfileFailureHandler;
import org.craftercms.security.authentication.CreateProfileSuccessHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.beans.propertyeditors.CustomBooleanEditor;

/* loaded from: input_file:WEB-INF/lib/crafter-security-provider-2.2.2.jar:org/craftercms/security/impl/processors/CreateProfileProcessor.class */
public class CreateProfileProcessor implements RequestSecurityProcessor {
    public static final Logger logger = LoggerFactory.getLogger(ForgotPasswordProcessor.class);
    public static final String DEFAULT_CREATE_PROFILE_URL = "/crafter-create-profile";
    public static final String DEFAULT_CREATE_PROFILE_METHOD = "POST";
    public static final String DEFAULT_USERNAME_PARAM = "username";
    public static final String DEFAULT_PASSWORD_PARAM = "password";
    public static final String DEFAULT_CONFIRM_PASSWORD_PARAM = "confirmPassword";
    public static final String DEFAULT_ACTIVE_PARAM = "active";
    public static final String DEFAULT_TENANTNAME_PARAM = "tenantName";
    public static final String DEFAULT_EMAIL_PARAM = "email";
    public static final String DEFAULT_ROLES_PARAM = "roles";
    public static final String DEFAULT_VERIFICATION_ACOUNT_URL_PARAM = "verificationAccountUrl";
    protected AuthenticationService authenticationService;
    protected CreateProfileSuccessHandler createProfileSuccessHandler;
    protected CreateProfileFailureHandler createProfileFailureHandler;
    private String createProfileUrl = DEFAULT_CREATE_PROFILE_URL;
    private String createProfileMethod = "POST";
    private String usernameParameter = "username";
    private String passwordParameter = "password";
    private String confirmPasswordParameter = "confirmPassword";
    private String rolesParameter = "roles";
    private String activeParameter = "active";
    private String tenantNameParameter = "tenantName";
    private String emailParameter = "email";
    private String verificationAccountUrlParameter = "verificationAccountUrl";

    public String getCreateProfileUrl() {
        return this.createProfileUrl;
    }

    public void setCreateProfileUrl(String str) {
        this.createProfileUrl = str;
    }

    public String getCreateProfileMethod() {
        return this.createProfileMethod;
    }

    public void setCreateProfileMethod(String str) {
        this.createProfileMethod = str;
    }

    public String getUsernameParameter() {
        return this.usernameParameter;
    }

    public void setUsernameParameter(String str) {
        this.usernameParameter = str;
    }

    public String getPasswordParameter() {
        return this.passwordParameter;
    }

    public void setPasswordParameter(String str) {
        this.passwordParameter = str;
    }

    public String getActiveParameter() {
        return this.activeParameter;
    }

    public void setActiveParameter(String str) {
        this.activeParameter = str;
    }

    public String getTenantNameParameter() {
        return this.tenantNameParameter;
    }

    public void setTenantNameParameter(String str) {
        this.tenantNameParameter = str;
    }

    public String getEmailParameter() {
        return this.emailParameter;
    }

    public void setEmailParameter(String str) {
        this.emailParameter = str;
    }

    public String getVerificationAccountUrlParameter() {
        return this.verificationAccountUrlParameter;
    }

    public void setVerificationAccountUrlParameter(String str) {
        this.verificationAccountUrlParameter = str;
    }

    @Override // org.craftercms.security.api.RequestSecurityProcessor
    public void processRequest(RequestContext requestContext, RequestSecurityProcessorChain requestSecurityProcessorChain) throws Exception {
        if (!isCreateProfileRequest(requestContext.getRequest())) {
            requestSecurityProcessorChain.processRequest(requestContext);
            return;
        }
        try {
            this.createProfileSuccessHandler.onCreateProfileSuccess(this.authenticationService.createProfile(createMapFromQueryParam(requestContext)), requestContext);
        } catch (Exception e) {
            logger.error(e.getMessage());
            this.createProfileFailureHandler.onCreateProfileFailure(e, requestContext);
        }
    }

    private Map<String, Serializable> createMapFromQueryParam(RequestContext requestContext) {
        Map<String, Serializable> hashMap = new HashMap<>();
        String username = getUsername(requestContext.getRequest());
        if (StringUtils.isEmpty(username)) {
            throw new SecurityException("Request  doesn't contain a username");
        }
        hashMap.put(ProfileConstants.USER_NAME, username);
        String password = getPassword(requestContext.getRequest());
        if (StringUtils.isEmpty(password)) {
            throw new SecurityException("Request  doesn't contain a password value");
        }
        String confirmPassword = getConfirmPassword(requestContext.getRequest());
        if (StringUtils.isEmpty(confirmPassword)) {
            throw new SecurityException("Request  doesn't contain a confirm password value");
        }
        if (!password.equals(confirmPassword)) {
            throw new SecurityException("Password and confirm password do not match");
        }
        hashMap.put("password", password);
        hashMap.put("active", getActive(requestContext.getRequest()));
        String tenantName = requestContext.getTenantName();
        if (StringUtils.isEmpty(tenantName)) {
            throw new SecurityException("Request  doesn't contain a tenantName");
        }
        hashMap.put("tenantName", tenantName);
        String email = getEmail(requestContext.getRequest());
        if (StringUtils.isEmpty(email)) {
            throw new SearchException("Request  doesn't contain a email");
        }
        hashMap.put("email", email);
        String verificationAccountUrl = getVerificationAccountUrl(requestContext.getRequest(), requestContext);
        if (StringUtils.isEmpty(verificationAccountUrl)) {
            throw new SearchException("Request  doesn't contain a verificationAccountUrl");
        }
        hashMap.put("verificationAccountUrl", verificationAccountUrl);
        addRoles(requestContext.getRequest(), hashMap);
        return hashMap;
    }

    private void addRoles(HttpServletRequest httpServletRequest, Map<String, Serializable> map) {
        ArrayList arrayList = new ArrayList();
        String[] strArr = httpServletRequest.getParameterMap().get(this.rolesParameter);
        if (strArr != null) {
            arrayList = (ArrayList) Arrays.asList(strArr);
        }
        map.put(this.rolesParameter, arrayList);
    }

    private String getVerificationAccountUrl(HttpServletRequest httpServletRequest, RequestContext requestContext) {
        String parameter = httpServletRequest.getParameter(this.verificationAccountUrlParameter);
        String str = parameter;
        try {
            if (!isAbsolute(parameter)) {
                str = createUrl(requestContext, parameter);
            }
        } catch (URISyntaxException e) {
            logger.warn("Verification URI Syntax Exception");
        }
        return str;
    }

    private String getEmail(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.emailParameter);
    }

    private String getActive(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(this.activeParameter);
        String str = "false";
        if (parameter == null || parameter.equals("")) {
            parameter = "off";
        }
        if (parameter != null && parameter.equalsIgnoreCase(CustomBooleanEditor.VALUE_ON)) {
            str = "true";
        }
        return str;
    }

    private String getPassword(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.passwordParameter);
    }

    private String getConfirmPassword(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.confirmPasswordParameter);
    }

    private String getUsername(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.usernameParameter);
    }

    protected boolean isCreateProfileRequest(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURI().equals(new StringBuilder().append(httpServletRequest.getContextPath()).append(this.createProfileUrl).toString()) && httpServletRequest.getMethod().equals(this.createProfileMethod);
    }

    @Required
    public void setAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    public CreateProfileSuccessHandler getCreateProfileSuccessHandler() {
        return this.createProfileSuccessHandler;
    }

    public void setCreateProfileSuccessHandler(CreateProfileSuccessHandler createProfileSuccessHandler) {
        this.createProfileSuccessHandler = createProfileSuccessHandler;
    }

    public CreateProfileFailureHandler getCreateProfileFailureHandler() {
        return this.createProfileFailureHandler;
    }

    public void setCreateProfileFailureHandler(CreateProfileFailureHandler createProfileFailureHandler) {
        this.createProfileFailureHandler = createProfileFailureHandler;
    }

    public String getConfirmPasswordParameter() {
        return this.confirmPasswordParameter;
    }

    public void setConfirmPasswordParameter(String str) {
        this.confirmPasswordParameter = str;
    }

    private String createUrl(RequestContext requestContext, String str) {
        String str2 = str;
        try {
            int indexOf = requestContext.getRequest().getRequestURL().indexOf(requestContext.getRequest().getRequestURI());
            if (indexOf >= 0) {
                String substring = requestContext.getRequest().getRequestURL().substring(0, indexOf);
                str2 = (substring.endsWith("/") && str.startsWith("/")) ? substring + str.substring(1) : substring.endsWith("/") ? substring + str : str.startsWith("/") ? substring + str : substring + "/" + str;
            }
        } catch (Exception e) {
            logger.error("Error generating the verification url: " + e.getMessage());
        }
        return str2;
    }

    private boolean isAbsolute(String str) throws URISyntaxException {
        return new URI(str).isAbsolute();
    }
}
