package org.apereo.cas.pm.web.flow.actions;

import java.nio.charset.StandardCharsets;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.email.EmailProperties;
import org.apereo.cas.configuration.model.support.sms.SmsProperties;
import org.apereo.cas.pm.PasswordManagementService;
import org.apereo.cas.pm.web.flow.PasswordManagementWebflowUtils;
import org.apereo.cas.ticket.TicketFactory;
import org.apereo.cas.ticket.TransientSessionTicket;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.io.CommunicationsManager;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.binding.message.MessageBuilder;
import org.springframework.web.util.UriUtils;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.action.EventFactorySupport;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:org/apereo/cas/pm/web/flow/actions/SendPasswordResetInstructionsAction.class */
public class SendPasswordResetInstructionsAction extends AbstractAction {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(SendPasswordResetInstructionsAction.class);
    protected final CasConfigurationProperties casProperties;
    protected final CommunicationsManager communicationsManager;
    protected final PasswordManagementService passwordManagementService;
    protected final TicketRegistry ticketRegistry;
    protected final TicketFactory ticketFactory;

    public String buildPasswordResetUrl(String str, PasswordManagementService passwordManagementService, CasConfigurationProperties casConfigurationProperties, WebApplicationService webApplicationService) {
        String createToken = passwordManagementService.createToken(str);
        if (!StringUtils.isNotBlank(createToken)) {
            LOGGER.error("Could not create password reset url since no reset token could be generated");
            return null;
        }
        TransientSessionTicket create = this.ticketFactory.get(TransientSessionTicket.class).create(webApplicationService, CollectionUtils.wrap(PasswordManagementWebflowUtils.FLOWSCOPE_PARAMETER_NAME_TOKEN, createToken));
        this.ticketRegistry.addTicket(create);
        StringBuilder append = new StringBuilder(casConfigurationProperties.getServer().getPrefix()).append('/').append("login").append('?').append(PasswordManagementWebflowUtils.REQUEST_PARAMETER_NAME_PASSWORD_RESET_TOKEN).append('=').append(create.getId());
        if (webApplicationService != null) {
            append.append('&').append("service").append('=').append(UriUtils.encode(webApplicationService.getOriginalUrl(), StandardCharsets.UTF_8));
        }
        String sb = append.toString();
        LOGGER.debug("Final password reset URL designed for [{}] is [{}]", str, sb);
        return sb;
    }

    protected Event doExecute(RequestContext requestContext) {
        this.communicationsManager.validate();
        if (!this.communicationsManager.isMailSenderDefined() && !this.communicationsManager.isSmsSenderDefined()) {
            return getErrorEvent("contact.failed", "Unable to send email as no mail sender is defined", requestContext);
        }
        String parameter = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext).getParameter("username");
        if (StringUtils.isBlank(parameter)) {
            LOGGER.warn("No username parameter is provided");
            return getErrorEvent("username.required", "No username is provided", requestContext);
        }
        String findEmail = this.passwordManagementService.findEmail(parameter);
        String findPhone = this.passwordManagementService.findPhone(parameter);
        if (StringUtils.isBlank(findEmail) && StringUtils.isBlank(findPhone)) {
            LOGGER.warn("No recipient is provided with a valid email/phone");
            return getErrorEvent("contact.invalid", "Provided email address or phone number is invalid", requestContext);
        }
        String buildPasswordResetUrl = buildPasswordResetUrl(parameter, this.passwordManagementService, this.casProperties, WebUtils.getService(requestContext));
        if (StringUtils.isNotBlank(buildPasswordResetUrl)) {
            LOGGER.debug("Generated password reset URL [{}]; Link is only active for the next [{}] minute(s)", buildPasswordResetUrl, Long.valueOf(this.casProperties.getAuthn().getPm().getReset().getExpirationMinutes()));
            if (sendPasswordResetEmailToAccount(findEmail, buildPasswordResetUrl) || sendPasswordResetSmsToAccount(findPhone, buildPasswordResetUrl)) {
                return success();
            }
        } else {
            LOGGER.error("No password reset URL could be built and sent to [{}]", findEmail);
        }
        LOGGER.error("Failed to notify account [{}]", findEmail);
        return getErrorEvent("contact.failed", "Failed to send the password reset link to the given email address or phone number", requestContext);
    }

    protected boolean sendPasswordResetSmsToAccount(String str, String str2) {
        if (!StringUtils.isNotBlank(str)) {
            return false;
        }
        LOGGER.debug("Sending password reset URL [{}] via SMS to [{}]", str2, str);
        SmsProperties sms = this.casProperties.getAuthn().getPm().getReset().getSms();
        return this.communicationsManager.sms(sms.getFrom(), str, sms.getFormattedText(new Object[]{str2}));
    }

    protected boolean sendPasswordResetEmailToAccount(String str, String str2) {
        if (!StringUtils.isNotBlank(str)) {
            return false;
        }
        EmailProperties mail = this.casProperties.getAuthn().getPm().getReset().getMail();
        String formattedBody = mail.getFormattedBody(new Object[]{str2});
        LOGGER.debug("Sending password reset URL [{}] via email to [{}]", str2, str);
        return this.communicationsManager.email(mail, str, formattedBody);
    }

    protected Event getErrorEvent(String str, String str2, RequestContext requestContext) {
        requestContext.getMessageContext().addMessage(new MessageBuilder().error().code("screen.pm.reset." + str).build());
        LOGGER.error(str2);
        return new EventFactorySupport().event(this, "error");
    }

    @Generated
    public SendPasswordResetInstructionsAction(CasConfigurationProperties casConfigurationProperties, CommunicationsManager communicationsManager, PasswordManagementService passwordManagementService, TicketRegistry ticketRegistry, TicketFactory ticketFactory) {
        this.casProperties = casConfigurationProperties;
        this.communicationsManager = communicationsManager;
        this.passwordManagementService = passwordManagementService;
        this.ticketRegistry = ticketRegistry;
        this.ticketFactory = ticketFactory;
    }
}
