package org.apereo.cas.pm.web.flow.actions;

import java.util.Optional;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.pm.InvalidPasswordException;
import org.apereo.cas.pm.PasswordChangeRequest;
import org.apereo.cas.pm.PasswordManagementService;
import org.apereo.cas.pm.PasswordValidationService;
import org.apereo.cas.pm.web.flow.PasswordManagementWebflowConfigurer;
import org.apereo.cas.pm.web.flow.PasswordManagementWebflowUtils;
import org.apereo.cas.util.LoggingUtils;
import org.apereo.cas.web.flow.actions.BaseCasWebflowAction;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.action.EventFactorySupport;
import org.springframework.webflow.core.collection.LocalAttributeMap;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:org/apereo/cas/pm/web/flow/actions/PasswordChangeAction.class */
public class PasswordChangeAction extends BaseCasWebflowAction {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(PasswordChangeAction.class);
    private static final String PASSWORD_VALIDATION_FAILURE_CODE = "pm.validationFailure";
    private static final String DEFAULT_MESSAGE = "Could not update the account password";
    private final PasswordManagementService passwordManagementService;
    private final PasswordValidationService passwordValidationService;

    protected static PasswordChangeRequest getPasswordChangeRequest(RequestContext requestContext) {
        PasswordChangeRequest passwordChangeRequest = (PasswordChangeRequest) requestContext.getFlowScope().get(PasswordManagementWebflowConfigurer.FLOW_VAR_ID_PASSWORD, PasswordChangeRequest.class);
        passwordChangeRequest.setUsername(PasswordManagementWebflowUtils.getPasswordResetUsername(requestContext));
        return passwordChangeRequest;
    }

    protected Event doExecute(RequestContext requestContext) {
        PasswordChangeRequest passwordChangeRequest;
        try {
            passwordChangeRequest = getPasswordChangeRequest(requestContext);
            Optional.ofNullable(WebUtils.getCredential(requestContext, UsernamePasswordCredential.class)).ifPresent(usernamePasswordCredential -> {
                passwordChangeRequest.setCurrentPassword(usernamePasswordCredential.getPassword());
            });
            LOGGER.debug("Attempting to validate the password change bean for username [{}]", passwordChangeRequest.getUsername());
        } catch (InvalidPasswordException e) {
            return getErrorEvent(requestContext, "pm.validationFailure" + ((String) StringUtils.defaultIfBlank(e.getCode(), "")), (String) StringUtils.defaultIfBlank(e.getValidationMessage(), DEFAULT_MESSAGE), e.getParams());
        } catch (Exception e2) {
            LoggingUtils.error(LOGGER, e2);
        }
        if (StringUtils.isBlank(passwordChangeRequest.getUsername()) || !this.passwordValidationService.isValid(passwordChangeRequest)) {
            LOGGER.error("Failed to validate the provided password");
            return getErrorEvent(requestContext, PASSWORD_VALIDATION_FAILURE_CODE, DEFAULT_MESSAGE, new Object[0]);
        }
        if (this.passwordManagementService.change(passwordChangeRequest)) {
            WebUtils.putCredential(requestContext, new UsernamePasswordCredential(passwordChangeRequest.getUsername(), passwordChangeRequest.toPassword()));
            LOGGER.info("Password successfully changed for [{}]", passwordChangeRequest.getUsername());
            return getSuccessEvent(requestContext, passwordChangeRequest);
        }
        return getErrorEvent(requestContext, "pm.updateFailure", DEFAULT_MESSAGE, new Object[0]);
    }

    protected Event getSuccessEvent(RequestContext requestContext, PasswordChangeRequest passwordChangeRequest) {
        return new EventFactorySupport().event(this, "passwordUpdateSuccess", new LocalAttributeMap("passwordChangeRequest", passwordChangeRequest));
    }

    private Event getErrorEvent(RequestContext requestContext, String str, String str2, Object... objArr) {
        WebUtils.addErrorMessageToContext(requestContext, str, str2, objArr);
        return error();
    }

    @Generated
    public PasswordChangeAction(PasswordManagementService passwordManagementService, PasswordValidationService passwordValidationService) {
        this.passwordManagementService = passwordManagementService;
        this.passwordValidationService = passwordValidationService;
    }

    @Generated
    public PasswordManagementService getPasswordManagementService() {
        return this.passwordManagementService;
    }

    @Generated
    public PasswordValidationService getPasswordValidationService() {
        return this.passwordValidationService;
    }
}
