package no.kantega.publishing.security.action;

import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import no.kantega.publishing.common.Aksess;
import no.kantega.security.api.identity.Identity;
import no.kantega.security.api.password.DefaultResetPasswordToken;
import no.kantega.security.api.password.PasswordManager;
import no.kantega.security.api.password.ResetPasswordTokenManager;
import org.apache.commons.httpclient.cookie.Cookie2;
import org.apache.xerces.impl.xs.SchemaSymbols;
import org.springframework.web.servlet.ModelAndView;

/* loaded from: input_file:WEB-INF/lib/openaksess-core-7.1.27.jar:no/kantega/publishing/security/action/ResetPasswordAction.class */
public class ResetPasswordAction extends AbstractLoginAction {
    private String resetPasswordView = null;
    private String resetPasswordErrorView = null;
    private int minPasswordLength = 6;

    @Override // org.springframework.web.servlet.mvc.Controller
    public ModelAndView handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (!Aksess.isSecurityAllowPasswordReset()) {
            throw new Exception("Password reset not allowed");
        }
        String parameter = httpServletRequest.getParameter(SchemaSymbols.ATTVAL_TOKEN);
        Identity identityFromRequest = getIdentityFromRequest(httpServletRequest);
        if (parameter == null || identityFromRequest == null) {
            return showErrorForm("aksess.resetpassword.missingparameter");
        }
        ResetPasswordTokenManager resetPasswordTokenManager = getResetPasswordTokenManager();
        DefaultResetPasswordToken defaultResetPasswordToken = new DefaultResetPasswordToken();
        defaultResetPasswordToken.setToken(parameter);
        return !resetPasswordTokenManager.verifyPasswordToken(identityFromRequest, defaultResetPasswordToken) ? showErrorForm("aksess.resetpassword.invalidtoken") : httpServletRequest.getParameter("password1") != null ? resetPassword(httpServletRequest) : showPasswordForm(httpServletRequest);
    }

    private ModelAndView showErrorForm(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("loginLayout", getLoginLayout());
        hashMap.put("error", str);
        return new ModelAndView(this.resetPasswordErrorView, hashMap);
    }

    public ModelAndView resetPassword(HttpServletRequest httpServletRequest) throws Exception {
        String parameter = httpServletRequest.getParameter("password1");
        String parameter2 = httpServletRequest.getParameter("password2");
        if (isValidPassword(parameter, parameter2)) {
            ModelAndView showPasswordForm = showPasswordForm(httpServletRequest);
            showPasswordForm.getModel().put("error", "aksess.resetpassword.passwordmissing");
            return showPasswordForm;
        }
        Identity identityFromRequest = getIdentityFromRequest(httpServletRequest);
        PasswordManager passwordManager = getPasswordManager(identityFromRequest.getDomain());
        if (passwordManager == null) {
            return showErrorForm("aksess.resetpassword.nopasswordmanager");
        }
        HashMap hashMap = new HashMap();
        passwordManager.setPassword(identityFromRequest, parameter, parameter2);
        getResetPasswordTokenManager().deleteTokensForIdentity(identityFromRequest);
        hashMap.put("loginLayout", getLoginLayout());
        hashMap.put("minPasswordLength", Integer.valueOf(this.minPasswordLength));
        hashMap.put("passwordChanged", true);
        return new ModelAndView(this.resetPasswordView, hashMap);
    }

    private boolean isValidPassword(String str, String str2) {
        return str == null || str.length() < this.minPasswordLength || !str.equals(str2);
    }

    public ModelAndView showPasswordForm(HttpServletRequest httpServletRequest) throws Exception {
        HashMap hashMap = new HashMap();
        String parameter = httpServletRequest.getParameter(SchemaSymbols.ATTVAL_TOKEN);
        String parameter2 = httpServletRequest.getParameter("username");
        String parameter3 = httpServletRequest.getParameter(Cookie2.DOMAIN);
        hashMap.put("loginLayout", getLoginLayout());
        hashMap.put(SchemaSymbols.ATTVAL_TOKEN, parameter);
        hashMap.put("username", parameter2);
        hashMap.put(Cookie2.DOMAIN, parameter3);
        hashMap.put("minPasswordLength", Integer.valueOf(this.minPasswordLength));
        return new ModelAndView(this.resetPasswordView, hashMap);
    }

    public void setResetPasswordView(String str) {
        this.resetPasswordView = str;
    }

    public void setResetPasswordErrorView(String str) {
        this.resetPasswordErrorView = str;
    }

    public void setMinPasswordLength(int i) {
        this.minPasswordLength = i;
    }
}
