package woko.ext.usermanagement.facets.password;

import java.util.UUID;
import javax.servlet.http.HttpSession;
import net.sourceforge.jfacets.IFacetDescriptorManager;
import net.sourceforge.jfacets.IInstanceFacet;
import net.sourceforge.jfacets.annotations.FacetKey;
import net.sourceforge.stripes.action.ActionBeanContext;
import net.sourceforge.stripes.action.DontValidate;
import net.sourceforge.stripes.action.ForwardResolution;
import net.sourceforge.stripes.action.RedirectResolution;
import net.sourceforge.stripes.action.Resolution;
import net.sourceforge.stripes.action.StrictBinding;
import net.sourceforge.stripes.validation.EmailTypeConverter;
import net.sourceforge.stripes.validation.Validate;
import woko.ext.usermanagement.core.DatabaseUserManager;
import woko.ext.usermanagement.core.User;
import woko.facets.BaseResolutionFacet;
import woko.facets.builtin.Layout;
import woko.mail.MailService;
import woko.persistence.ObjectStore;
import woko.users.UsernameResolutionStrategy;
import woko.util.WLogger;

@StrictBinding(defaultPolicy = StrictBinding.Policy.DENY, allow = {"facet.email", "facet.token"})
@FacetKey(name = ResetPassword.FACET_NAME, profileId = "all")
/* loaded from: input_file:woko/ext/usermanagement/facets/password/ResetPassword.class */
public class ResetPassword<OsType extends ObjectStore, UmType extends DatabaseUserManager<?, User>, UnsType extends UsernameResolutionStrategy, FdmType extends IFacetDescriptorManager> extends BaseResolutionFacet<OsType, UmType, UnsType, FdmType> implements IInstanceFacet {
    private static final WLogger logger = WLogger.getLogger(ResetPassword.class);
    public static final String FACET_NAME = "resetPassword";

    @Validate(required = true, converter = EmailTypeConverter.class)
    private String email;
    private String token;

    public String getEmail() {
        return this.email;
    }

    public void setEmail(String str) {
        this.email = str;
    }

    public String getToken() {
        return this.token;
    }

    public void setToken(String str) {
        this.token = str;
    }

    public boolean matchesTargetObject(Object obj) {
        return getWoko().getUsername(getRequest()) == null;
    }

    @DontValidate
    public Resolution getResolution(ActionBeanContext actionBeanContext) {
        return new ForwardResolution(getJspPath());
    }

    public Resolution emailToken(ActionBeanContext actionBeanContext) {
        User userByEmail = ((DatabaseUserManager) getWoko().getUserManager()).getUserByEmail(this.email);
        if (userByEmail != null) {
            MailService mailService = (MailService) getWoko().getIoc().getComponent("MailService");
            if (mailService == null) {
                throw new IllegalStateException("User tries to reset its password but there ain't no MailService ! email = " + this.email);
            }
            String uuid = UUID.randomUUID().toString();
            getRequest().getSession().setAttribute("wokoResetPasswordToken", uuid);
            mailService.sendMail(userByEmail.getEmail(), getWoko().getLocalizedMessage(getRequest(), "woko.ext.usermanagement.password.reset.email.subject", new String[]{getAppName()}), getWoko().getLocalizedMessage(getRequest(), "woko.ext.usermanagement.password.reset.email.content", new String[]{getAppName(), mailService.getAppUrl() + "/resetPassword?doReset=true&facet.email=" + this.email + "&facet.token=" + uuid}));
        }
        return new RedirectResolution("/resetPassword").addParameter("confirmEmail", new Object[]{"true"}).addParameter("facet.email", new Object[]{this.email});
    }

    public Resolution confirmEmail() {
        return new ForwardResolution("/WEB-INF/woko/ext/usermanagement/resetPasswordConfirmEmail.jsp");
    }

    public Resolution doReset(ActionBeanContext actionBeanContext) {
        HttpSession session = getRequest().getSession();
        if (this.token == null) {
            throw new IllegalArgumentException("token must be passed");
        }
        String str = (String) session.getAttribute("wokoResetPasswordToken");
        if (str == null) {
            throw new IllegalStateException("session token not found ! cannot reset password");
        }
        if (!str.equals(this.token)) {
            throw new IllegalArgumentException("invalid request token (not equals to session token)");
        }
        DatabaseUserManager databaseUserManager = (DatabaseUserManager) getWoko().getUserManager();
        User userByEmail = databaseUserManager.getUserByEmail(this.email);
        if (userByEmail == null) {
            throw new IllegalArgumentException("No user found for email " + this.email);
        }
        String generatePassword = generatePassword();
        session.setAttribute("wokoNewPassword", generatePassword);
        userByEmail.setPassword(databaseUserManager.encodePassword(generatePassword));
        databaseUserManager.save(userByEmail);
        logger.warn("password reset for email " + this.email);
        return new RedirectResolution("/resetPasswordConfirm");
    }

    protected String generatePassword() {
        return UUID.randomUUID().toString();
    }

    protected String getAppName() {
        return ((Layout) getWoko().getFacet("layout", getRequest(), (Object) null, Object.class, true)).getAppTitle();
    }

    public String getJspPath() {
        return "/WEB-INF/woko/ext/usermanagement/resetPassword.jsp";
    }
}
