package org.usergrid.rest.management.users;

import com.sun.jersey.api.json.JSONWithPadding;
import com.sun.jersey.api.view.Viewable;
import java.util.LinkedHashMap;
import java.util.UUID;
import javax.ws.rs.Consumes;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.UriInfo;
import net.tanesha.recaptcha.ReCaptchaImpl;
import net.tanesha.recaptcha.ReCaptchaResponse;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.usergrid.management.UserInfo;
import org.usergrid.persistence.entities.User;
import org.usergrid.rest.AbstractContextResource;
import org.usergrid.rest.ApiResponse;
import org.usergrid.rest.exceptions.AuthErrorInfo;
import org.usergrid.rest.exceptions.RedirectionException;
import org.usergrid.rest.exceptions.SecurityException;
import org.usergrid.security.shiro.utils.SubjectUtils;

@Produces({"application/json", "application/javascript", "application/x-javascript", "text/ecmascript", "application/ecmascript", "text/jscript"})
@Component("org.usergrid.rest.management.users.UsersResource")
/* loaded from: input_file:usergrid-rest-0.0.27.1-classes.jar:org/usergrid/rest/management/users/UsersResource.class */
public class UsersResource extends AbstractContextResource {
    private static final Logger logger = LoggerFactory.getLogger(UsersResource.class);
    String errorMsg;
    UserInfo user;

    public UsersResource() {
        logger.info("ManagementUsersResource initialized");
    }

    @Path("{userId: [A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}}")
    public UserResource getUserById(@Context UriInfo uriInfo, @PathParam("userId") String str) throws Exception {
        return ((UserResource) getSubResource(UserResource.class)).init(this.management.getAdminUserByUuid(UUID.fromString(str)));
    }

    @Path("{username}")
    public UserResource getUserByUsername(@Context UriInfo uriInfo, @PathParam("username") String str) throws Exception {
        if (!"me".equals(str)) {
            return ((UserResource) getSubResource(UserResource.class)).init(this.management.getAdminUserByUsername(str));
        }
        UserInfo adminUser = SubjectUtils.getAdminUser();
        if (adminUser == null || adminUser.getUuid() == null) {
            throw SecurityException.mappableSecurityException("unauthorized", "No admin identity for access credentials provided");
        }
        return ((UserResource) getSubResource(UserResource.class)).init(this.management.getAdminUserByUuid(adminUser.getUuid()));
    }

    @Path("{email: [a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,4}}")
    public UserResource getUserByEmail(@Context UriInfo uriInfo, @PathParam("email") String str) throws Exception {
        return ((UserResource) getSubResource(UserResource.class)).init(this.management.getAdminUserByEmail(str));
    }

    @POST
    @Consumes({"application/x-www-form-urlencoded"})
    public JSONWithPadding createUser(@Context UriInfo uriInfo, @FormParam("username") String str, @FormParam("name") String str2, @FormParam("email") String str3, @FormParam("password") String str4, @QueryParam("callback") @DefaultValue("callback") String str5) throws Exception {
        logger.info("Create user: " + str);
        ApiResponse createApiResponse = createApiResponse();
        createApiResponse.setAction("create user");
        UserInfo createAdminUser = this.management.createAdminUser(str, str2, str3, str4, false, false);
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        if (createAdminUser == null) {
            throw SecurityException.mappableSecurityException(AuthErrorInfo.BAD_CREDENTIALS_SYNTAX_ERROR);
        }
        linkedHashMap.put(User.ENTITY_TYPE, createAdminUser);
        createApiResponse.setData(linkedHashMap);
        createApiResponse.setSuccess();
        return new JSONWithPadding(createApiResponse, str5);
    }

    @GET
    @Produces({"text/html"})
    @Path("resetpw")
    public Viewable showPasswordResetForm(@Context UriInfo uriInfo) {
        return handleViewable("resetpw_email_form", this);
    }

    @Path("resetpw")
    @Consumes({"application/x-www-form-urlencoded"})
    @POST
    @Produces({"text/html"})
    public Viewable handlePasswordResetForm(@Context UriInfo uriInfo, @FormParam("email") String str, @FormParam("recaptcha_challenge_field") String str2, @FormParam("recaptcha_response_field") String str3) {
        try {
            if (StringUtils.isBlank(str)) {
                this.errorMsg = "No email provided, try again...";
                return handleViewable("resetpw_email_form", this);
            }
            ReCaptchaImpl reCaptchaImpl = new ReCaptchaImpl();
            reCaptchaImpl.setPrivateKey(this.properties.getRecaptchaPrivate());
            ReCaptchaResponse checkAnswer = reCaptchaImpl.checkAnswer(this.httpServletRequest.getRemoteAddr(), str2, str3);
            if (useReCaptcha() && !checkAnswer.isValid()) {
                this.errorMsg = "Incorrect Captcha, try again...";
                return handleViewable("resetpw_email_form", this);
            }
            this.user = this.management.findAdminUser(str);
            if (this.user != null) {
                this.management.startAdminUserPasswordResetFlow(this.user);
                return handleViewable("resetpw_email_success", this);
            }
            this.errorMsg = "We don't recognize that email, try again...";
            return handleViewable("resetpw_email_form", this);
        } catch (RedirectionException e) {
            throw e;
        } catch (Exception e2) {
            return handleViewable("error", e2);
        }
    }

    public String getErrorMsg() {
        return this.errorMsg;
    }

    public UserInfo getUser() {
        return this.user;
    }
}
