package org.codehaus.plexus.security.ui.web.action;

import com.opensymphony.xwork.Action;
import org.codehaus.plexus.security.authentication.PasswordBasedAuthenticationDataSource;
import org.codehaus.plexus.security.authentication.TokenBasedAuthenticationDataSource;
import org.codehaus.plexus.security.keys.AuthenticationKey;
import org.codehaus.plexus.security.keys.KeyManagerException;
import org.codehaus.plexus.security.keys.KeyNotFoundException;
import org.codehaus.plexus.security.system.SecuritySystem;
import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
import org.codehaus.plexus.security.user.User;
import org.codehaus.plexus.security.user.UserNotFoundException;
import org.codehaus.plexus.util.StringUtils;
import org.codehaus.plexus.util.xml.pull.XmlPullParser;

/* loaded from: input_file:WEB-INF/lib/plexus-security-ui-web-integration-1.0-alpha-5.jar:org/codehaus/plexus/security/ui/web/action/LoginAction.class */
public class LoginAction extends AbstractAuthenticationAction {
    protected SecuritySystem securitySystem;
    private String username;
    private String password;
    private boolean cancelButton;
    private String validateMe;
    private String resetPassword;
    private boolean rememberMe;

    public String show() {
        return Action.INPUT;
    }

    public String login() {
        if (this.cancelButton) {
            return "security-login-cancel";
        }
        if (StringUtils.isNotEmpty(this.validateMe)) {
            return validated();
        }
        if (StringUtils.isNotEmpty(this.resetPassword)) {
            return resetPassword();
        }
        if (StringUtils.isEmpty(this.username)) {
            addFieldError("username", "Username cannot be empty.");
            return Action.ERROR;
        }
        PasswordBasedAuthenticationDataSource passwordBasedAuthenticationDataSource = new PasswordBasedAuthenticationDataSource();
        passwordBasedAuthenticationDataSource.setPrincipal(this.username);
        passwordBasedAuthenticationDataSource.setPassword(this.password);
        return webLogin(this.securitySystem, passwordBasedAuthenticationDataSource, this.rememberMe);
    }

    public String resetPassword() {
        if (StringUtils.isEmpty(this.resetPassword)) {
            addActionError("Reset Password key missing.");
            return Action.ERROR;
        }
        try {
            AuthenticationKey findKey = this.securitySystem.getKeyManager().findKey(this.validateMe);
            User findUser = this.securitySystem.getUserManager().findUser(findKey.getForPrincipal());
            findUser.setPasswordChangeRequired(true);
            findUser.setEncodedPassword(XmlPullParser.NO_NAMESPACE);
            TokenBasedAuthenticationDataSource tokenBasedAuthenticationDataSource = new TokenBasedAuthenticationDataSource();
            tokenBasedAuthenticationDataSource.setPrincipal(findUser.getPrincipal().toString());
            tokenBasedAuthenticationDataSource.setToken(findKey.getKey());
            this.securitySystem.getUserManager().updateUser(findUser);
            return webLogin(this.securitySystem, tokenBasedAuthenticationDataSource, false);
        } catch (KeyNotFoundException e) {
            addActionError("Unable to find the key.");
            return Action.ERROR;
        } catch (KeyManagerException e2) {
            addActionError("Unable to process key at this time.  Please try again later.");
            getLogger().warn("Key Manager error: ", e2);
            return Action.ERROR;
        } catch (UserNotFoundException e3) {
            addActionError("Unable to find user.");
            return Action.ERROR;
        }
    }

    public String validated() {
        if (StringUtils.isEmpty(this.validateMe)) {
            addActionError("Validation failure key missing.");
            return Action.ERROR;
        }
        try {
            AuthenticationKey findKey = this.securitySystem.getKeyManager().findKey(this.validateMe);
            User findUser = this.securitySystem.getUserManager().findUser(findKey.getForPrincipal());
            findUser.setValidated(true);
            findUser.setLocked(false);
            findUser.setPasswordChangeRequired(true);
            findUser.setEncodedPassword(XmlPullParser.NO_NAMESPACE);
            TokenBasedAuthenticationDataSource tokenBasedAuthenticationDataSource = new TokenBasedAuthenticationDataSource();
            tokenBasedAuthenticationDataSource.setPrincipal(findUser.getPrincipal().toString());
            tokenBasedAuthenticationDataSource.setToken(findKey.getKey());
            this.securitySystem.getUserManager().updateUser(findUser);
            return webLogin(this.securitySystem, tokenBasedAuthenticationDataSource, false);
        } catch (KeyNotFoundException e) {
            addActionError("Unable to find the key.");
            return Action.ERROR;
        } catch (KeyManagerException e2) {
            addActionError("Unable to process key at this time.  Please try again later.");
            return Action.ERROR;
        } catch (UserNotFoundException e3) {
            addActionError("Unable to find user.");
            return Action.ERROR;
        }
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public boolean isCancelButton() {
        return this.cancelButton;
    }

    public void setCancelButton(boolean z) {
        this.cancelButton = z;
    }

    public String getValidateMe() {
        return this.validateMe;
    }

    public void setValidateMe(String str) {
        this.validateMe = str;
    }

    @Override // org.codehaus.plexus.security.ui.web.action.AbstractSecurityAction
    public SecureActionBundle initSecureActionBundle() throws SecureActionException {
        return SecureActionBundle.OPEN;
    }

    public String getResetPassword() {
        return this.resetPassword;
    }

    public void setResetPassword(String str) {
        this.resetPassword = str;
    }

    public boolean isRememberMe() {
        return this.rememberMe;
    }

    public void setRememberMe(boolean z) {
        this.rememberMe = z;
    }
}
