package org.codehaus.plexus.redback.xwork.action;

import com.opensymphony.webwork.dispatcher.SessionMap;
import com.opensymphony.xwork.Action;
import java.util.ArrayList;
import java.util.Iterator;
import org.codehaus.plexus.redback.policy.PasswordEncoder;
import org.codehaus.plexus.redback.policy.PasswordRuleViolationException;
import org.codehaus.plexus.redback.policy.PasswordRuleViolations;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserNotFoundException;
import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.redback.xwork.util.AutoLoginCookies;
import org.codehaus.plexus.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/redback-xwork-integration-1.0-alpha-2.jar:org/codehaus/plexus/redback/xwork/action/PasswordAction.class */
public class PasswordAction extends AbstractSecurityAction implements CancellableAction {
    protected SecuritySystem securitySystem;
    private String existingPassword;
    private String newPassword;
    private String newPasswordConfirm;
    private boolean provideExisting;
    private AutoLoginCookies autologinCookies;

    public String show() {
        this.provideExisting = StringUtils.isNotEmpty(getSecuritySession().getUser().getEncodedPassword());
        return Action.INPUT;
    }

    public String submit() {
        SecuritySession securitySession = getSecuritySession();
        this.provideExisting = StringUtils.isNotEmpty(securitySession.getUser().getEncodedPassword());
        if (StringUtils.isEmpty(this.newPassword)) {
            addFieldError("newPassword", getText("newPassword.cannot.be.empty"));
        }
        if (!StringUtils.equals(this.newPassword, this.newPasswordConfirm)) {
            addFieldError("newPassword", getText("password.confimation.failed"));
        }
        User user = securitySession.getUser();
        PasswordEncoder passwordEncoder = this.securitySystem.getPolicy().getPasswordEncoder();
        if (this.provideExisting && !passwordEncoder.isPasswordValid(user.getEncodedPassword(), this.existingPassword)) {
            addFieldError("existingPassword", getText("password.provided.does.not.match.existing"));
        }
        try {
            User createUser = this.securitySystem.getUserManager().createUser("temp", "temp", "temp");
            createUser.setPassword(this.newPassword);
            this.securitySystem.getPolicy().validatePassword(createUser);
        } catch (PasswordRuleViolationException e) {
            PasswordRuleViolations violations = e.getViolations();
            if (violations != null) {
                Iterator it = violations.getLocalizedViolations().iterator();
                while (it.hasNext()) {
                    addFieldError("newPassword", (String) it.next());
                }
            }
        }
        if (hasActionErrors() || hasFieldErrors() || hasActionMessages()) {
            this.newPassword = "";
            this.newPasswordConfirm = "";
            this.existingPassword = "";
            return "error";
        }
        try {
            user.setEncodedPassword(passwordEncoder.encodePassword(this.newPassword));
            user.setPassword(this.newPassword);
            this.securitySystem.getPolicy().validatePassword(user);
            this.securitySystem.getUserManager().updateUser(user);
            getLogger().info("Password Change Request Success.");
            if (!securitySession.isAuthenticated()) {
                getLogger().debug("User is not authenticated.");
                return "requires-authentication";
            }
            if (!this.provideExisting) {
                return "security-register-success";
            }
            this.autologinCookies.removeRememberMeCookie();
            this.autologinCookies.removeSignonCookie();
            setAuthTokens(null);
            if (this.session == null) {
                return Action.SUCCESS;
            }
            ((SessionMap) this.session).invalidate();
            return Action.SUCCESS;
        } catch (PasswordRuleViolationException e2) {
            PasswordRuleViolations violations2 = e2.getViolations();
            if (violations2 == null) {
                return "error";
            }
            Iterator it2 = violations2.getLocalizedViolations().iterator();
            while (it2.hasNext()) {
                addFieldError("newPassword", (String) it2.next());
            }
            return "error";
        } catch (UserNotFoundException e3) {
            ArrayList arrayList = new ArrayList();
            arrayList.add(user.getUsername());
            addActionError(getText("cannot.update.user.not.found", arrayList));
            addActionError(getText("admin.deleted.account"));
            return "error";
        }
    }

    @Override // org.codehaus.plexus.redback.xwork.action.CancellableAction
    public String cancel() {
        return CancellableAction.CANCEL;
    }

    public String getExistingPassword() {
        return this.existingPassword;
    }

    public void setExistingPassword(String str) {
        this.existingPassword = str;
    }

    public String getNewPassword() {
        return this.newPassword;
    }

    public void setNewPassword(String str) {
        this.newPassword = str;
    }

    public String getNewPasswordConfirm() {
        return this.newPasswordConfirm;
    }

    public void setNewPasswordConfirm(String str) {
        this.newPasswordConfirm = str;
    }

    public boolean isProvideExisting() {
        return this.provideExisting;
    }

    public void setProvideExisting(boolean z) {
    }

    @Override // org.codehaus.plexus.redback.xwork.action.AbstractSecurityAction
    public SecureActionBundle initSecureActionBundle() throws SecureActionException {
        return SecureActionBundle.AUTHONLY;
    }
}
