package org.craftercms.profile.services.impl;

import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.text.DateFormat;
import java.text.ParseException;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.craftercms.profile.domain.Profile;
import org.craftercms.profile.exceptions.CipherException;
import org.craftercms.profile.exceptions.ExpiryDateException;
import org.craftercms.profile.exceptions.MailException;
import org.craftercms.profile.exceptions.NoSuchProfileException;
import org.craftercms.profile.security.util.crypto.CipherPasswordChangeToken;
import org.craftercms.profile.services.MailService;
import org.craftercms.profile.services.PasswordService;
import org.craftercms.profile.services.ProfileService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;

@Service
/* loaded from: input_file:WEB-INF/classes/org/craftercms/profile/services/impl/PasswordServiceImpl.class */
public class PasswordServiceImpl implements PasswordService {

    @Autowired
    private ProfileService profileService;

    @Autowired
    private MailService mailService;
    private String resetEmailSubject;
    private String resetEmailTemplate;
    private String fromAddress;

    @Autowired
    private CipherPasswordChangeToken cipherPasswordChangeToken;
    protected final Log log = LogFactory.getLog(getClass());
    private int expiryMinutes = 60;

    @Override // org.craftercms.profile.services.PasswordService
    public Profile forgotPassword(String str, String str2, String str3) throws CipherException, MailException, NoSuchProfileException {
        if (this.log.isDebugEnabled()) {
            this.log.debug("Starting forget process");
        }
        Profile profileByUserName = this.profileService.getProfileByUserName(str2, str3);
        if (profileByUserName == null) {
            this.log.warn("Profile " + str2 + " doesn't exist for tenant " + str3);
            throw new NoSuchProfileException("Profile " + str2 + " doesn't exist for tenant " + str3);
        }
        if (profileByUserName.getEmail() == null || profileByUserName.getEmail().equals("")) {
            this.log.warn("Profile " + str2 + " doesn't have an email to complete the reset password process.");
            throw new MailException("Profile " + str2 + " doesn't have an email to complete the reset password process.");
        }
        try {
            String encode = URLEncoder.encode(this.cipherPasswordChangeToken.encrypt(getRawValue(str3, str2)), "UTF-8");
            if (this.log.isDebugEnabled()) {
                this.log.debug("Token generated and encrypted");
            }
            String str4 = str + "?token=" + encode;
            if (str != null && str.endsWith("?")) {
                str4 = str + "token=" + encode;
            }
            HashMap hashMap = new HashMap();
            hashMap.put("changePasswordLink", str4);
            if (this.log.isDebugEnabled()) {
                this.log.debug("Mailing the url to change the password");
            }
            this.mailService.sendMailTLS(this.resetEmailSubject, str4, this.resetEmailTemplate, hashMap, profileByUserName.getEmail(), this.fromAddress);
            if (this.log.isDebugEnabled()) {
                this.log.debug("Email sent to change the password");
            }
            return profileByUserName;
        } catch (UnsupportedEncodingException e) {
            this.log.warn("Unsupported Ending error");
            throw new CipherException("Unsupported Ending error");
        }
    }

    @Override // org.craftercms.profile.services.PasswordService
    public Profile resetPassword(String str, String str2) throws CipherException, NoSuchProfileException, ParseException, ExpiryDateException {
        try {
            String decode = URLDecoder.decode(str2, "UTF-8");
            if (this.log.isDebugEnabled()) {
                this.log.debug("Change password process started");
            }
            String[] splitTokens = splitTokens(this.cipherPasswordChangeToken.decrypt(decode));
            if (splitTokens != null && splitTokens.length > 2 && this.profileService.getProfileByUserName(splitTokens[1], splitTokens[0]) == null) {
                this.log.warn("Profile " + splitTokens[1] + " doesn't exist for tenant " + splitTokens[0]);
                throw new NoSuchProfileException("Profile " + splitTokens[1] + " doesn't exist for tenant " + splitTokens[0]);
            }
            if (splitTokens == null || splitTokens.length < 2) {
                this.log.warn("Error decrypting the token " + decode);
                throw new CipherException("Error decrypting the token " + decode);
            }
            if (!isValidTokenDate(splitTokens[2])) {
                this.log.warn("Token date is expired " + splitTokens[2]);
                throw new ExpiryDateException("Token date is expired " + splitTokens[2]);
            }
            Profile profileByUserNameWithAllAttributes = this.profileService.getProfileByUserNameWithAllAttributes(splitTokens[1], splitTokens[0]);
            Profile updateProfile = this.profileService.updateProfile(profileByUserNameWithAllAttributes.getId().toString(), profileByUserNameWithAllAttributes.getUserName(), str, profileByUserNameWithAllAttributes.getActive(), profileByUserNameWithAllAttributes.getTenantName(), profileByUserNameWithAllAttributes.getEmail(), profileByUserNameWithAllAttributes.getAttributes(), profileByUserNameWithAllAttributes.getRoles());
            if (this.log.isDebugEnabled()) {
                this.log.debug("Password changed successfuly");
            }
            return updateProfile;
        } catch (UnsupportedEncodingException e) {
            this.log.warn("Unsupported decode error UTF-8");
            throw new CipherException("Unsupported decode error");
        }
    }

    @Value("#{ssrSettings['crafter.profile.password.reset.mail.ftl']}")
    public void setResetEmailTemplateFtl(String str) {
        this.resetEmailTemplate = str;
    }

    @Value("#{ssrSettings['crafter.profile.password.reset.mail.subject']}")
    public void setResetEmailSubject(String str) {
        this.resetEmailSubject = str;
    }

    @Value("#{ssrSettings['crafter.profile.mail.from.address']}")
    public void setMailFrom(String str) {
        this.fromAddress = str;
    }

    @Value("#{ssrSettings['crafter.profile.password.change.token.expiry']}")
    public void setPasswordChangeTokenExpiry(String str) {
        if (str == null || !str.equals("")) {
            return;
        }
        this.expiryMinutes = Integer.parseInt(str);
    }

    private boolean isValidTokenDate(String str) throws ParseException {
        Date parse = DateFormat.getDateTimeInstance().parse(str);
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar.setTime(parse);
        calendar.add(12, this.expiryMinutes);
        return calendar2.before(calendar);
    }

    private String getRawValue(String str, String str2) {
        return str + CipherPasswordChangeToken.SEP + str2 + CipherPasswordChangeToken.SEP + DateFormat.getDateTimeInstance().format(new Date());
    }

    private String[] splitTokens(String str) {
        String[] strArr = new String[3];
        String[] split = StringUtils.split(str, CipherPasswordChangeToken.SEP);
        strArr[0] = split[0];
        String[] split2 = StringUtils.split(split[1], CipherPasswordChangeToken.SEP);
        strArr[1] = split2[0];
        if (split2.length > 1) {
            strArr[2] = split2[1];
        }
        return strArr;
    }
}
