package com.mware.web.auth.usernamepassword.routes;

import com.google.inject.Inject;
import com.mware.core.model.user.UserRepository;
import com.mware.core.user.User;
import com.mware.core.util.BcLogger;
import com.mware.core.util.BcLoggerFactory;
import com.mware.web.BadRequestException;
import com.mware.web.BcResponse;
import com.mware.web.framework.ParameterizedHandler;
import com.mware.web.framework.annotations.Handle;
import com.mware.web.framework.annotations.Required;
import com.mware.web.model.ClientApiSuccess;
import java.time.ZonedDateTime;

/* loaded from: input_file:com/mware/web/auth/usernamepassword/routes/ChangePassword.class */
public class ChangePassword implements ParameterizedHandler {
    private static final BcLogger LOGGER = BcLoggerFactory.getLogger(ChangePassword.class);
    public static final String TOKEN_PARAMETER_NAME = "token";
    public static final String NEW_PASSWORD_PARAMETER_NAME = "newPassword";
    public static final String NEW_PASSWORD_CONFIRMATION_PARAMETER_NAME = "newPasswordConfirmation";
    private final UserRepository userRepository;

    @Inject
    public ChangePassword(UserRepository userRepository) {
        this.userRepository = userRepository;
    }

    @Handle
    public ClientApiSuccess handle(@Required(name = "token") String str, @Required(name = "newPassword") String str2, @Required(name = "newPasswordConfirmation") String str3) throws Exception {
        User findByPasswordResetToken = this.userRepository.findByPasswordResetToken(str);
        if (findByPasswordResetToken == null) {
            throw new BadRequestException("invalid token");
        }
        if (!findByPasswordResetToken.getPasswordResetTokenExpirationDate().isAfter(ZonedDateTime.now())) {
            throw new BadRequestException("expired token");
        }
        if (str2.length() <= 0) {
            throw new BadRequestException(NEW_PASSWORD_PARAMETER_NAME, "new password may not be blank");
        }
        if (!str2.equals(str3)) {
            throw new BadRequestException(NEW_PASSWORD_CONFIRMATION_PARAMETER_NAME, "new password and new password confirmation do not match");
        }
        this.userRepository.setPassword(findByPasswordResetToken, str2);
        this.userRepository.clearPasswordResetTokenAndExpirationDate(findByPasswordResetToken);
        LOGGER.info("changed password for user: %s", new Object[]{findByPasswordResetToken.getUsername()});
        return BcResponse.SUCCESS;
    }
}
