package org.craftercms.security.impl.processors;

import javax.servlet.http.HttpServletRequest;
import org.craftercms.profile.exceptions.PasswordException;
import org.craftercms.security.api.AuthenticationService;
import org.craftercms.security.api.RequestContext;
import org.craftercms.security.api.RequestSecurityProcessor;
import org.craftercms.security.api.RequestSecurityProcessorChain;
import org.craftercms.security.authentication.ResetPasswordFailureHandler;
import org.craftercms.security.authentication.ResetPasswordSuccessHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;

/* loaded from: input_file:WEB-INF/lib/crafter-security-provider-v2.4.2.jar:org/craftercms/security/impl/processors/ResetPasswordProcessor.class */
public class ResetPasswordProcessor implements RequestSecurityProcessor {
    public static final Logger logger = LoggerFactory.getLogger(ResetPasswordProcessor.class);
    public static final String DEFAULT_FORGOT_PASSWORD_URL = "/crafter-security-reset-password";
    public static final String DEFAULT_FORGOT_PASSWORD_METHOD = "POST";
    public static final String DEFAULT_PASSWORD_PARAM = "newPassword";
    public static final String DEFAULT_CONFIRM_PASSWORD_PARAM = "confirmPassword";
    public static final String DEFAULT_TOKEN_PARAM = "token";
    protected String changePasswordUrl = DEFAULT_FORGOT_PASSWORD_URL;
    protected String changePasswordMethod = "POST";
    protected String newPasswordParameter = "newPassword";
    protected String confirmPasswordParameter = "confirmPassword";
    protected String tokenParameter = "token";
    protected String forgotPassUrlParameter;
    protected AuthenticationService authenticationService;
    protected ResetPasswordSuccessHandler resetPasswordSuccessHandler;
    protected ResetPasswordFailureHandler resetPasswordFailureHandler;

    public String getChangePasswordUrl() {
        return this.changePasswordUrl;
    }

    public void setChangePasswordUrl(String str) {
        this.changePasswordUrl = str;
    }

    public String getChangePasswordMethod() {
        return this.changePasswordMethod;
    }

    public void setChangePasswordMethod(String str) {
        this.changePasswordMethod = str;
    }

    public String getNewPasswordParameter() {
        return this.newPasswordParameter;
    }

    public void setNewPasswordParameter(String str) {
        this.newPasswordParameter = str;
    }

    public String getConfirmPasswordParameter() {
        return this.confirmPasswordParameter;
    }

    public void setConfirmPasswordParameter(String str) {
        this.confirmPasswordParameter = str;
    }

    @Override // org.craftercms.security.api.RequestSecurityProcessor
    public void processRequest(RequestContext requestContext, RequestSecurityProcessorChain requestSecurityProcessorChain) throws Exception {
        HttpServletRequest request = requestContext.getRequest();
        if (!isChangePasswordRequest(request)) {
            requestSecurityProcessorChain.processRequest(requestContext);
            return;
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Processing login request");
        }
        String password = getPassword(request);
        String cofirmPassword = getCofirmPassword(request);
        String token = getToken(request);
        if (password == null) {
            password = "";
        }
        if (token == null) {
            token = "";
        }
        if (password != null && cofirmPassword != null) {
            try {
                if (!password.equals("") && !cofirmPassword.equals("")) {
                    if (!password.equals(cofirmPassword)) {
                        throw new PasswordException("Password and Confirm password must match");
                    }
                    if (logger.isDebugEnabled()) {
                        logger.debug("ResetPassword request for token " + token);
                    }
                    this.resetPasswordSuccessHandler.onResetPasswordSuccess(this.authenticationService.resetPassword(password, token), requestContext);
                    return;
                }
            } catch (Exception e) {
                logger.error(e.getMessage());
                this.resetPasswordFailureHandler.onResetPasswordFailure(e, requestContext, token);
                return;
            }
        }
        throw new PasswordException("Password and Confirm password are required values");
    }

    protected String getPassword(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.newPasswordParameter);
    }

    protected String getCofirmPassword(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.confirmPasswordParameter);
    }

    protected String getToken(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.tokenParameter);
    }

    protected boolean isChangePasswordRequest(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURI().equals(new StringBuilder().append(httpServletRequest.getContextPath()).append(this.changePasswordUrl).toString()) && httpServletRequest.getMethod().equals(this.changePasswordMethod);
    }

    @Required
    public void setAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    public ResetPasswordSuccessHandler getResetPasswordSuccessHandler() {
        return this.resetPasswordSuccessHandler;
    }

    public void setResetPasswordSuccessHandler(ResetPasswordSuccessHandler resetPasswordSuccessHandler) {
        this.resetPasswordSuccessHandler = resetPasswordSuccessHandler;
    }

    public ResetPasswordFailureHandler getResetPasswordFailureHandler() {
        return this.resetPasswordFailureHandler;
    }

    public void setResetPasswordFailureHandler(ResetPasswordFailureHandler resetPasswordFailureHandler) {
        this.resetPasswordFailureHandler = resetPasswordFailureHandler;
    }
}
