package nosi.webapps.igrp.pages.resetpassword;

import java.io.IOException;
import java.util.Base64;
import java.util.Properties;
import nosi.core.config.ConfigCommonMainConstants;
import nosi.core.i18n.Translator;
import nosi.core.integration.autentika.RemoteUserStoreManagerServiceSoapClient;
import nosi.core.integration.autentika.dto.UpdateCredentialByAdminRequestDTO;
import nosi.core.webapp.Controller;
import nosi.core.webapp.Core;
import nosi.core.webapp.Response;
import nosi.webapps.igrp.dao.User;

/* loaded from: input_file:nosi/webapps/igrp/pages/resetpassword/ResetpasswordController.class */
public class ResetpasswordController extends Controller {
    public Response actionIndex() throws IOException, IllegalArgumentException, IllegalAccessException {
        Resetpassword resetpassword = new Resetpassword();
        resetpassword.load();
        resetpassword.setSign_in("igrp", "Dominio", "index");
        ResetpasswordView resetpasswordView = new ResetpasswordView();
        resetpassword.setSign_in("webapps?r=igrp/login/login");
        String param = Core.getParam("t");
        if (param != null) {
            try {
                if (!param.isEmpty()) {
                    User one = new User().find().andWhere("password_reset_token", "=", param).one();
                    if (one == null) {
                        throw new Exception("Invalid or expired token.");
                    }
                    resetpassword.setUsername(one.getEmail());
                    if (new String(Base64.getUrlDecoder().decode(one.getPassword_reset_token())).split("_")[1].compareTo(System.currentTimeMillis() + "") <= 0 || one.getStatus() == 0) {
                        throw new Exception("Invalid or expired token.");
                    }
                    resetpasswordView.btn_guardar.setLink("guardar&t=" + param);
                    resetpasswordView.setModel(resetpassword);
                    return renderView(resetpasswordView);
                }
            } catch (Exception e) {
                Core.setMessageError(Translator.gt("Token inválido ou expirado."));
                Core.setMessageInfo(Translator.gt("Favor solicitar um novo reset."));
                return redirect("igrp", "Resetbyemail", "index", queryString());
            }
        }
        throw new RuntimeException("Invalid or expired token.");
    }

    public Response actionGuardar() throws IOException, IllegalArgumentException, IllegalAccessException {
        Resetpassword resetpassword = new Resetpassword();
        resetpassword.load();
        String param = Core.getParam("t");
        if (param != null) {
            try {
                if (!param.isEmpty()) {
                    User one = new User().find().andWhere("password_reset_token", "=", param).one();
                    if (one == null) {
                        throw new Exception("Invalid or expired token.");
                    }
                    if (new String(Base64.getUrlDecoder().decode(one.getPassword_reset_token())).split("_")[1].compareTo(System.currentTimeMillis() + "") <= 0 || one.getStatus() == 0) {
                        throw new Exception("Invalid or expired token.");
                    }
                    String user_name = one.getUser_name();
                    String nova_senha = resetpassword.getNova_senha();
                    if (nova_senha.equals(resetpassword.getConfirmar_nova_senha())) {
                        String autenticationType = getConfig().getAutenticationType();
                        if (autenticationType.equals(ConfigCommonMainConstants.IGRP_AUTHENTICATION_TYPE_DATABASE.value())) {
                            if (db(user_name, nova_senha)) {
                                return redirectToUrl("webapps?r=igrp/login/login");
                            }
                        } else if (autenticationType.equals(ConfigCommonMainConstants.IGRP_AUTHENTICATION_TYPE_LDAP.value()) && ldap(user_name, nova_senha)) {
                            return redirectToUrl("webapps?r=igrp/login/login");
                        }
                    } else {
                        Core.setMessageError("Password inconsistentes. Tente novamente !");
                    }
                    addQueryString("t", param);
                    return redirect("igrp", "Resetpassword", "index", queryString());
                }
            } catch (Exception e) {
                addQueryString("t", param);
                Core.setMessageError(Translator.gt("Token inválido ou expirado."));
                Core.setMessageInfo(Translator.gt("Favor solicitar um novo reset."));
                return forward("igrp", "Resetbyemail", "index", queryString());
            }
        }
        throw new Exception("Invalid or expired token.");
    }

    private boolean db(String str, String str2) {
        boolean z = false;
        User findUserByUsername = Core.findUserByUsername(str);
        if (findUserByUsername != null) {
            findUserByUsername.setPass_hash(nosi.core.webapp.User.encryptToHash(str + "" + str2, "SHA-256"));
            if (findUserByUsername.update() != null) {
                Core.setMessageSuccess("Password alterado com sucesso. Faça o login para continuar.");
                z = true;
            } else {
                Core.setMessageError();
            }
        } else {
            Core.setMessageError();
        }
        return z;
    }

    private boolean ldap(String str, String str2) {
        Properties mainSettings = this.configApp.getMainSettings();
        RemoteUserStoreManagerServiceSoapClient remoteUserStoreManagerServiceSoapClient = new RemoteUserStoreManagerServiceSoapClient(mainSettings.getProperty(ConfigCommonMainConstants.IDS_AUTENTIKA_REMOTE_USER_STORE_MANAGER_SERVICE_WSDL_URL.value()), mainSettings.getProperty(ConfigCommonMainConstants.IDS_AUTENTIKA_ADMIN_USN.value()), mainSettings.getProperty(ConfigCommonMainConstants.IDS_AUTENTIKA_ADMIN_PWD.value()));
        if (!remoteUserStoreManagerServiceSoapClient.isExistingUser(str)) {
            Core.setMessageError(Translator.gt("Ocorreu um erro. Utilizador inválido."));
            return false;
        }
        UpdateCredentialByAdminRequestDTO updateCredentialByAdminRequestDTO = new UpdateCredentialByAdminRequestDTO();
        updateCredentialByAdminRequestDTO.setUserName(str);
        updateCredentialByAdminRequestDTO.setNewCredential(str2);
        if (remoteUserStoreManagerServiceSoapClient.updateCredentialByAdmin(updateCredentialByAdminRequestDTO)) {
            Core.setMessageSuccess(Translator.gt("Password alterado com sucesso. Faça o login para continuar."));
            return true;
        }
        Core.setMessageError();
        return false;
    }
}
