package cronapp.framework.rest;

import cronapi.AppConfig;
import cronapi.Var;
import cronapp.framework.CannotChangePasswordException;
import cronapp.framework.api.ApiManager;
import cronapp.framework.api.EventsManager;
import cronapp.framework.api.User;
import cronapp.framework.i18n.Messages;
import cronapp.framework.persistence.InvalidConfirmationPasswordException;
import cronapp.framework.persistence.PasswordConstraintException;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/changePassword"})
@RestController
/* loaded from: input_file:cronapp/framework/rest/ChangePassword.class */
public class ChangePassword {
    @PostMapping
    @ResponseStatus(HttpStatus.OK)
    public void post(String str, String str2, String str3) throws Exception {
        String type = AppConfig.type();
        if (type != null && !type.equalsIgnoreCase("internal") && !type.equalsIgnoreCase("token")) {
            throw new CannotChangePasswordException(Messages.getString("CannotChangePassword"));
        }
        if (!str2.equals(str3)) {
            throw new InvalidConfirmationPasswordException();
        }
        String username = AuthenticationUtil.getUsername();
        if (EventsManager.hasEvent("onChangePassword")) {
            EventsManager.executeEventOnTransaction("onChangePassword", Var.valueOf("username", username), Var.valueOf("oldPassword", str), Var.valueOf("newPassword", str2), Var.valueOf("newPasswordConfirmation", str3));
            return;
        }
        ApiManager byUser = ApiManager.byUser(username);
        User user = byUser.getUser();
        if (user == null) {
            throw new UsernameNotFoundException(Messages.getString("UserNotFound"));
        }
        if (!byUser.passwordMatches(str, user.getPassword())) {
            throw new BadCredentialsException(Messages.getString("UserOrPassordInvalids"));
        }
        try {
            byUser.updatePassword(str2);
        } catch (Exception e) {
            PasswordConstraintException unwrap = PasswordConstraintException.unwrap(e);
            if (unwrap == null) {
                throw e;
            }
            throw unwrap;
        }
    }
}
