package org.broadleafcommerce.profile.core.service;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import javax.annotation.Resource;
import org.apache.commons.lang.RandomStringUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.broadleafcommerce.common.email.service.EmailService;
import org.broadleafcommerce.common.email.service.info.EmailInfo;
import org.broadleafcommerce.common.security.util.PasswordChange;
import org.broadleafcommerce.common.security.util.PasswordReset;
import org.broadleafcommerce.common.security.util.PasswordUtils;
import org.broadleafcommerce.common.service.GenericResponse;
import org.broadleafcommerce.common.time.SystemTime;
import org.broadleafcommerce.profile.core.dao.CustomerDao;
import org.broadleafcommerce.profile.core.dao.CustomerForgotPasswordSecurityTokenDao;
import org.broadleafcommerce.profile.core.dao.RoleDao;
import org.broadleafcommerce.profile.core.domain.Customer;
import org.broadleafcommerce.profile.core.domain.CustomerForgotPasswordSecurityToken;
import org.broadleafcommerce.profile.core.domain.CustomerForgotPasswordSecurityTokenImpl;
import org.broadleafcommerce.profile.core.domain.CustomerRoleImpl;
import org.broadleafcommerce.profile.core.domain.Role;
import org.broadleafcommerce.profile.core.service.handler.PasswordUpdatedHandler;
import org.broadleafcommerce.profile.core.service.listener.PostRegistrationObserver;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.authentication.dao.SaltSource;
import org.springframework.security.authentication.encoding.PasswordEncoder;
import org.springframework.stereotype.Service;

@Service("blCustomerService")
/* loaded from: input_file:org/broadleafcommerce/profile/core/service/CustomerServiceImpl.class */
public class CustomerServiceImpl implements CustomerService {
    private static final Log LOG = LogFactory.getLog(CustomerServiceImpl.class);

    @Resource(name = "blCustomerDao")
    protected CustomerDao customerDao;

    @Resource(name = "blIdGenerationService")
    protected IdGenerationService idGenerationService;

    @Resource(name = "blCustomerForgotPasswordSecurityTokenDao")
    protected CustomerForgotPasswordSecurityTokenDao customerForgotPasswordSecurityTokenDao;

    @Resource(name = "blPasswordEncoder")
    protected PasswordEncoder passwordEncoder;

    @Deprecated
    protected String salt;

    @Autowired(required = false)
    @Qualifier("blSaltSource")
    protected SaltSource saltSource;

    @Resource(name = "blRoleDao")
    protected RoleDao roleDao;

    @Resource(name = "blEmailService")
    protected EmailService emailService;

    @Resource(name = "blForgotPasswordEmailInfo")
    protected EmailInfo forgotPasswordEmailInfo;

    @Resource(name = "blForgotUsernameEmailInfo")
    protected EmailInfo forgotUsernameEmailInfo;

    @Resource(name = "blRegistrationEmailInfo")
    protected EmailInfo registrationEmailInfo;

    @Resource(name = "blChangePasswordEmailInfo")
    protected EmailInfo changePasswordEmailInfo;
    protected int tokenExpiredMinutes = 30;
    protected int passwordTokenLength = 20;
    protected final List<PostRegistrationObserver> postRegisterListeners = new ArrayList();
    protected List<PasswordUpdatedHandler> passwordResetHandlers = new ArrayList();
    protected List<PasswordUpdatedHandler> passwordChangedHandlers = new ArrayList();

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public Customer saveCustomer(Customer customer) {
        return saveCustomer(customer, customer.isRegistered());
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public Customer saveCustomer(Customer customer, boolean z) {
        if (z && !customer.isRegistered()) {
            customer.setRegistered(true);
        }
        if (customer.getUnencodedPassword() != null) {
            customer.setPassword(encodePassword(customer.getUnencodedPassword(), customer));
        }
        if (customer.getUnencodedChallengeAnswer() != null && !customer.getUnencodedChallengeAnswer().equals(customer.getChallengeAnswer())) {
            customer.setChallengeAnswer(encodePassword(customer.getUnencodedChallengeAnswer(), customer));
        }
        return this.customerDao.save(customer);
    }

    protected String generateSecurePassword() {
        return RandomStringUtils.randomAlphanumeric(16);
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public Customer registerCustomer(Customer customer, String str, String str2) {
        customer.setRegistered(true);
        if (customer.getId() == null) {
            customer.setId(findNextCustomerId());
        }
        customer.setUnencodedPassword(str);
        Customer saveCustomer = saveCustomer(customer);
        createRegisteredCustomerRoles(saveCustomer);
        HashMap hashMap = new HashMap();
        hashMap.put("customer", saveCustomer);
        this.emailService.sendTemplateEmail(customer.getEmailAddress(), getRegistrationEmailInfo(), hashMap);
        notifyPostRegisterListeners(saveCustomer);
        return saveCustomer;
    }

    protected void createRegisteredCustomerRoles(Customer customer) {
        Role readRoleByName = this.roleDao.readRoleByName("ROLE_USER");
        CustomerRoleImpl customerRoleImpl = new CustomerRoleImpl();
        customerRoleImpl.setRole(readRoleByName);
        customerRoleImpl.setCustomer(customer);
        this.roleDao.addRoleToCustomer(customerRoleImpl);
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public Customer readCustomerByEmail(String str) {
        return this.customerDao.readCustomerByEmail(str);
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public Customer changePassword(PasswordChange passwordChange) {
        Customer readCustomerByUsername = readCustomerByUsername(passwordChange.getUsername());
        readCustomerByUsername.setUnencodedPassword(passwordChange.getNewPassword());
        readCustomerByUsername.setPasswordChangeRequired(passwordChange.getPasswordChangeRequired());
        Customer saveCustomer = saveCustomer(readCustomerByUsername);
        Iterator<PasswordUpdatedHandler> it = this.passwordChangedHandlers.iterator();
        while (it.hasNext()) {
            it.next().passwordChanged(passwordChange, saveCustomer, passwordChange.getNewPassword());
        }
        return saveCustomer;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public Customer resetPassword(PasswordReset passwordReset) {
        Customer readCustomerByUsername = readCustomerByUsername(passwordReset.getUsername());
        String generateTemporaryPassword = PasswordUtils.generateTemporaryPassword(passwordReset.getPasswordLength());
        readCustomerByUsername.setUnencodedPassword(generateTemporaryPassword);
        readCustomerByUsername.setPasswordChangeRequired(passwordReset.getPasswordChangeRequired());
        Customer saveCustomer = saveCustomer(readCustomerByUsername);
        Iterator<PasswordUpdatedHandler> it = this.passwordResetHandlers.iterator();
        while (it.hasNext()) {
            it.next().passwordChanged(passwordReset, saveCustomer, generateTemporaryPassword);
        }
        return saveCustomer;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public void addPostRegisterListener(PostRegistrationObserver postRegistrationObserver) {
        this.postRegisterListeners.add(postRegistrationObserver);
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public void removePostRegisterListener(PostRegistrationObserver postRegistrationObserver) {
        if (this.postRegisterListeners.contains(postRegistrationObserver)) {
            this.postRegisterListeners.remove(postRegistrationObserver);
        }
    }

    protected void notifyPostRegisterListeners(Customer customer) {
        Iterator<PostRegistrationObserver> it = this.postRegisterListeners.iterator();
        while (it.hasNext()) {
            it.next().processRegistrationEvent(customer);
        }
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public Customer createCustomer() {
        return createCustomerFromId(null);
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public Customer createCustomerFromId(Long l) {
        Customer readCustomerById = l != null ? readCustomerById(l) : null;
        if (readCustomerById == null) {
            readCustomerById = this.customerDao.create();
            if (l != null) {
                readCustomerById.setId(l);
            } else {
                readCustomerById.setId(findNextCustomerId());
            }
        }
        return readCustomerById;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public Long findNextCustomerId() {
        return this.idGenerationService.findNextId("org.broadleafcommerce.profile.core.domain.Customer");
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public Customer createNewCustomer() {
        return createCustomerFromId(null);
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public Customer readCustomerByUsername(String str) {
        return this.customerDao.readCustomerByUsername(str);
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public Customer readCustomerById(Long l) {
        return this.customerDao.readCustomerById(l);
    }

    public void setCustomerDao(CustomerDao customerDao) {
        this.customerDao = customerDao;
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    @Deprecated
    public Object getSalt(Customer customer) {
        return getSalt(customer, "");
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public Object getSalt(Customer customer, String str) {
        Object obj = null;
        if (this.saltSource != null && customer != null) {
            obj = this.saltSource.getSalt(new CustomerUserDetails(customer.getId(), customer.getUsername(), str, new ArrayList()));
        }
        return obj;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public String encodePassword(String str, Customer customer) {
        return this.passwordEncoder.encodePassword(str, getSalt(customer, str));
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public boolean isPasswordValid(String str, String str2, Customer customer) {
        return this.passwordEncoder.isPasswordValid(str2, str, getSalt(customer, str));
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    @Deprecated
    public String getSalt() {
        return this.salt;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    @Deprecated
    public void setSalt(String str) {
        this.salt = str;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public SaltSource getSaltSource() {
        return this.saltSource;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public void setSaltSource(SaltSource saltSource) {
        this.saltSource = saltSource;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public List<PasswordUpdatedHandler> getPasswordResetHandlers() {
        return this.passwordResetHandlers;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public void setPasswordResetHandlers(List<PasswordUpdatedHandler> list) {
        this.passwordResetHandlers = list;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public List<PasswordUpdatedHandler> getPasswordChangedHandlers() {
        return this.passwordChangedHandlers;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public void setPasswordChangedHandlers(List<PasswordUpdatedHandler> list) {
        this.passwordChangedHandlers = list;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public GenericResponse sendForgotUsernameNotification(String str) {
        GenericResponse genericResponse = new GenericResponse();
        List<Customer> readCustomersByEmail = str != null ? this.customerDao.readCustomersByEmail(str) : null;
        if (readCustomersByEmail == null || readCustomersByEmail.isEmpty()) {
            genericResponse.addErrorCode("notFound");
        } else {
            ArrayList arrayList = new ArrayList();
            for (Customer customer : readCustomersByEmail) {
                if (!customer.isDeactivated()) {
                    arrayList.add(customer.getUsername());
                }
            }
            if (arrayList.size() > 0) {
                HashMap hashMap = new HashMap();
                hashMap.put("userNames", arrayList);
                this.emailService.sendTemplateEmail(str, getForgotUsernameEmailInfo(), hashMap);
            } else {
                genericResponse.addErrorCode("inactiveUser");
            }
        }
        return genericResponse;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public GenericResponse sendForgotPasswordNotification(String str, String str2) {
        GenericResponse genericResponse = new GenericResponse();
        Customer customer = null;
        if (str != null) {
            customer = this.customerDao.readCustomerByUsername(str);
        }
        checkCustomer(customer, genericResponse);
        if (!genericResponse.getHasErrors()) {
            String lowerCase = PasswordUtils.generateTemporaryPassword(getPasswordTokenLength()).toLowerCase();
            CustomerForgotPasswordSecurityTokenImpl customerForgotPasswordSecurityTokenImpl = new CustomerForgotPasswordSecurityTokenImpl();
            customerForgotPasswordSecurityTokenImpl.setCustomerId(customer.getId());
            customerForgotPasswordSecurityTokenImpl.setToken(encodePassword(lowerCase, null));
            customerForgotPasswordSecurityTokenImpl.setCreateDate(SystemTime.asDate());
            this.customerForgotPasswordSecurityTokenDao.saveToken(customerForgotPasswordSecurityTokenImpl);
            HashMap hashMap = new HashMap();
            hashMap.put("token", lowerCase);
            if (!StringUtils.isEmpty(str2)) {
                str2 = str2.contains("?") ? str2 + "&token=" + lowerCase : str2 + "?token=" + lowerCase;
            }
            hashMap.put("resetPasswordUrl", str2);
            this.emailService.sendTemplateEmail(customer.getEmailAddress(), getForgotPasswordEmailInfo(), hashMap);
        }
        return genericResponse;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public GenericResponse checkPasswordResetToken(String str) {
        GenericResponse genericResponse = new GenericResponse();
        checkPasswordResetToken(str, genericResponse);
        return genericResponse;
    }

    private CustomerForgotPasswordSecurityToken checkPasswordResetToken(String str, GenericResponse genericResponse) {
        if (str == null || "".equals(str)) {
            genericResponse.addErrorCode("invalidToken");
        }
        CustomerForgotPasswordSecurityToken customerForgotPasswordSecurityToken = null;
        if (!genericResponse.getHasErrors()) {
            customerForgotPasswordSecurityToken = this.customerForgotPasswordSecurityTokenDao.readToken(encodePassword(str.toLowerCase(), null));
            if (customerForgotPasswordSecurityToken == null) {
                genericResponse.addErrorCode("invalidToken");
            } else if (customerForgotPasswordSecurityToken.isTokenUsedFlag()) {
                genericResponse.addErrorCode("tokenUsed");
            } else if (isTokenExpired(customerForgotPasswordSecurityToken)) {
                genericResponse.addErrorCode("tokenExpired");
            }
        }
        return customerForgotPasswordSecurityToken;
    }

    @Override // org.broadleafcommerce.profile.core.service.CustomerService
    public GenericResponse resetPasswordUsingToken(String str, String str2, String str3, String str4) {
        GenericResponse genericResponse = new GenericResponse();
        Customer customer = null;
        if (str != null) {
            customer = this.customerDao.readCustomerByUsername(str);
        }
        checkCustomer(customer, genericResponse);
        checkPassword(str3, str4, genericResponse);
        CustomerForgotPasswordSecurityToken checkPasswordResetToken = checkPasswordResetToken(str2, genericResponse);
        if (!genericResponse.getHasErrors() && !customer.getId().equals(checkPasswordResetToken.getCustomerId())) {
            if (LOG.isWarnEnabled()) {
                LOG.warn("Password reset attempt tried with mismatched customer and token " + customer.getId() + ", " + str2);
            }
            genericResponse.addErrorCode("invalidToken");
        }
        if (!genericResponse.getHasErrors()) {
            customer.setUnencodedPassword(str3);
            saveCustomer(customer);
            checkPasswordResetToken.setTokenUsedFlag(true);
            this.customerForgotPasswordSecurityTokenDao.saveToken(checkPasswordResetToken);
        }
        return genericResponse;
    }

    protected void checkCustomer(Customer customer, GenericResponse genericResponse) {
        if (customer == null) {
            genericResponse.addErrorCode("invalidCustomer");
            return;
        }
        if (customer.getEmailAddress() == null || "".equals(customer.getEmailAddress())) {
            genericResponse.addErrorCode("emailNotFound");
        } else if (customer.isDeactivated()) {
            genericResponse.addErrorCode("inactiveUser");
        }
    }

    protected void checkPassword(String str, String str2, GenericResponse genericResponse) {
        if (str == null || str2 == null || "".equals(str) || "".equals(str2)) {
            genericResponse.addErrorCode("invalidPassword");
        } else {
            if (str.equals(str2)) {
                return;
            }
            genericResponse.addErrorCode("passwordMismatch");
        }
    }

    protected boolean isTokenExpired(CustomerForgotPasswordSecurityToken customerForgotPasswordSecurityToken) {
        return (SystemTime.asDate().getTime() - customerForgotPasswordSecurityToken.getCreateDate().getTime()) / 60000 > ((long) this.tokenExpiredMinutes);
    }

    public int getTokenExpiredMinutes() {
        return this.tokenExpiredMinutes;
    }

    public void setTokenExpiredMinutes(int i) {
        this.tokenExpiredMinutes = i;
    }

    public int getPasswordTokenLength() {
        return this.passwordTokenLength;
    }

    public void setPasswordTokenLength(int i) {
        this.passwordTokenLength = i;
    }

    public EmailInfo getForgotPasswordEmailInfo() {
        return this.forgotPasswordEmailInfo;
    }

    public void setForgotPasswordEmailInfo(EmailInfo emailInfo) {
        this.forgotPasswordEmailInfo = emailInfo;
    }

    public EmailInfo getForgotUsernameEmailInfo() {
        return this.forgotUsernameEmailInfo;
    }

    public void setForgotUsernameEmailInfo(EmailInfo emailInfo) {
        this.forgotUsernameEmailInfo = emailInfo;
    }

    public EmailInfo getRegistrationEmailInfo() {
        return this.registrationEmailInfo;
    }

    public void setRegistrationEmailInfo(EmailInfo emailInfo) {
        this.registrationEmailInfo = emailInfo;
    }

    public EmailInfo getChangePasswordEmailInfo() {
        return this.changePasswordEmailInfo;
    }

    public void setChangePasswordEmailInfo(EmailInfo emailInfo) {
        this.changePasswordEmailInfo = emailInfo;
    }
}
