package org.georchestra.console.ws.passwordrecovery;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.georchestra.console.ds.UserTokenDao;
import org.georchestra.console.ws.utils.PasswordUtils;
import org.georchestra.ds.DataServiceException;
import org.georchestra.ds.users.AccountDao;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.ldap.NameNotFoundException;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.SessionAttributes;
import org.springframework.web.bind.support.SessionStatus;

@SessionAttributes(types = {NewPasswordFormBean.class})
@Controller
/* loaded from: input_file:WEB-INF/classes/org/georchestra/console/ws/passwordrecovery/NewPasswordFormController.class */
public class NewPasswordFormController {
    private static final Log LOG = LogFactory.getLog(NewPasswordFormController.class.getName());

    @Autowired
    protected PasswordUtils passwordUtils;
    private final AccountDao accountDao;
    private final UserTokenDao userTokenDao;

    @Autowired
    private boolean reCaptchaActivated;

    @Autowired
    public NewPasswordFormController(AccountDao accountDao, UserTokenDao userTokenDao) {
        this.accountDao = accountDao;
        this.userTokenDao = userTokenDao;
    }

    @InitBinder
    public void initForm(WebDataBinder webDataBinder) {
        webDataBinder.setAllowedFields("password", "confirmPassword");
    }

    @RequestMapping(value = {"/account/newPassword"}, method = {RequestMethod.GET})
    public String setupForm(@RequestParam(name = "token", required = false) String str, Model model, HttpServletRequest httpServletRequest) throws IOException {
        model.addAttribute("recaptchaActivated", Boolean.valueOf(this.reCaptchaActivated));
        try {
            String findUserByToken = this.userTokenDao.findUserByToken(str);
            NewPasswordFormBean newPasswordFormBean = new NewPasswordFormBean();
            newPasswordFormBean.setToken(str);
            newPasswordFormBean.setUid(findUserByToken);
            model.addAttribute(newPasswordFormBean);
            return "newPasswordForm";
        } catch (DataServiceException e) {
            LOG.error("cannot insert the setup the passwordRecoveryForm. " + e.getMessage());
            throw new IOException(e);
        } catch (NameNotFoundException e2) {
            model.asMap().clear();
            httpServletRequest.getSession().setAttribute("errmsg", "bad.token");
            return "redirect:/account/passwordRecovery";
        }
    }

    @RequestMapping(value = {"/account/newPassword"}, method = {RequestMethod.POST})
    public String newPassword(@ModelAttribute NewPasswordFormBean newPasswordFormBean, BindingResult bindingResult, SessionStatus sessionStatus) throws IOException {
        this.passwordUtils.validate(newPasswordFormBean.getPassword(), newPasswordFormBean.getConfirmPassword(), bindingResult);
        if (bindingResult.hasErrors()) {
            return "newPasswordForm";
        }
        try {
            String uid = newPasswordFormBean.getUid();
            this.accountDao.changePassword(uid, newPasswordFormBean.getPassword());
            this.userTokenDao.delete(uid);
            sessionStatus.setComplete();
            return "passwordUpdated";
        } catch (DataServiceException e) {
            LOG.error("cannot set the the new password. " + e.getMessage());
            throw new IOException(e);
        }
    }

    @ModelAttribute("newPasswordFormBean")
    public NewPasswordFormBean getNewPasswordFormBean() {
        return new NewPasswordFormBean();
    }
}
