package org.visallo.web.auth.usernamepassword.routes;

import com.github.jknack.handlebars.Handlebars;
import com.github.jknack.handlebars.io.ClassPathTemplateLoader;
import com.google.inject.Inject;
import com.v5analytics.webster.ParameterizedHandler;
import com.v5analytics.webster.annotations.Handle;
import com.v5analytics.webster.annotations.Optional;
import java.io.IOException;
import java.math.BigInteger;
import java.security.SecureRandom;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Properties;
import java.util.TimeZone;
import javax.mail.Authenticator;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.PasswordAuthentication;
import javax.mail.Session;
import javax.mail.Transport;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeMessage;
import org.visallo.core.config.Configuration;
import org.visallo.core.exception.VisalloException;
import org.visallo.core.model.user.UserRepository;
import org.visallo.core.user.User;
import org.visallo.core.util.VisalloLogger;
import org.visallo.core.util.VisalloLoggerFactory;
import org.visallo.web.BadRequestException;
import org.visallo.web.VisalloResponse;
import org.visallo.web.auth.usernamepassword.ForgotPasswordConfiguration;
import org.visallo.web.auth.usernamepassword.UsernamePasswordWebAppPlugin;
import org.visallo.web.clientapi.model.ClientApiSuccess;
import org.visallo.web.parameterProviders.BaseUrl;

/* loaded from: input_file:org/visallo/web/auth/usernamepassword/routes/RequestToken.class */
public class RequestToken implements ParameterizedHandler {
    private static final VisalloLogger LOGGER = VisalloLoggerFactory.getLogger(RequestToken.class);
    private static final String USERNAME_PARAMETER_NAME = "username";
    private static final String TEMPLATE_PATH = "/org/visallo/web/auth/usernamepassword/templates";
    private static final String TEMPLATE_NAME = "forgotPasswordEmail";
    private static final String CHARSET = "UTF-8";
    private final UserRepository userRepository;
    private ForgotPasswordConfiguration forgotPasswordConfiguration = new ForgotPasswordConfiguration();

    @Inject
    public RequestToken(UserRepository userRepository, Configuration configuration) {
        this.userRepository = userRepository;
        configuration.setConfigurables(this.forgotPasswordConfiguration, ForgotPasswordConfiguration.CONFIGURATION_PREFIX);
    }

    @Handle
    public ClientApiSuccess handle(@BaseUrl String str, @Optional(name = "username") String str2) throws Exception {
        if (str2 == null) {
            throw new BadRequestException(USERNAME_PARAMETER_NAME, "username required");
        }
        User findByUsername = this.userRepository.findByUsername(str2);
        if (findByUsername == null) {
            throw new BadRequestException(USERNAME_PARAMETER_NAME, "username not found");
        }
        if (findByUsername.getEmailAddress() == null) {
            throw new BadRequestException(USERNAME_PARAMETER_NAME, "no e-mail address available for user");
        }
        createTokenAndSendEmail(str, findByUsername);
        return VisalloResponse.SUCCESS;
    }

    private void createTokenAndSendEmail(String str, User user) throws IOException {
        sendEmail(user.getEmailAddress(), getEmailBody(user.getDisplayName() != null ? user.getDisplayName() : user.getUsername(), str + UsernamePasswordWebAppPlugin.LOOKUP_TOKEN_ROUTE + "?token=" + createToken(user)));
        LOGGER.info("sent password reset e-mail to: %s", new Object[]{user.getEmailAddress()});
    }

    private String createToken(User user) {
        String bigInteger = new BigInteger(240, new SecureRandom()).toString(32);
        GregorianCalendar gregorianCalendar = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
        gregorianCalendar.add(12, this.forgotPasswordConfiguration.getTokenLifetimeMinutes());
        this.userRepository.setPasswordResetTokenAndExpirationDate(user, bigInteger, gregorianCalendar.getTime());
        return bigInteger;
    }

    private String getEmailBody(String str, String str2) throws IOException {
        HashMap hashMap = new HashMap();
        hashMap.put("displayNameOrUsername", str);
        hashMap.put("url", str2);
        return new Handlebars(new ClassPathTemplateLoader(TEMPLATE_PATH)).compile(TEMPLATE_NAME).apply(hashMap);
    }

    private void sendEmail(String str, String str2) {
        try {
            MimeMessage mimeMessage = new MimeMessage(getSession());
            mimeMessage.setFrom(InternetAddress.parse(this.forgotPasswordConfiguration.getEmailFrom())[0]);
            mimeMessage.setReplyTo(InternetAddress.parse(this.forgotPasswordConfiguration.getEmailReplyTo()));
            mimeMessage.setSubject(this.forgotPasswordConfiguration.getEmailSubject(), CHARSET);
            mimeMessage.setText(str2, CHARSET);
            mimeMessage.setSentDate(new Date());
            mimeMessage.setRecipients(Message.RecipientType.TO, InternetAddress.parse(str));
            Transport.send(mimeMessage);
        } catch (MessagingException e) {
            throw new VisalloException("exception while sending e-mail", e);
        }
    }

    private Session getSession() {
        Properties properties = new Properties();
        properties.put("mail.smtp.host", this.forgotPasswordConfiguration.getMailServerHostname());
        properties.put("mail.smtp.port", Integer.valueOf(this.forgotPasswordConfiguration.getMailServerPort()));
        Authenticator authenticator = null;
        switch (this.forgotPasswordConfiguration.getMailServerAuthentication()) {
            case NONE:
                break;
            case TLS:
                properties.put("mail.smtp.auth", "true");
                properties.put("mail.smtp.starttls.enable", "true");
                authenticator = getAuthenticator();
                break;
            case SSL:
                properties.put("mail.smtp.auth", "true");
                properties.put("mail.smtp.socketFactory.port", Integer.valueOf(this.forgotPasswordConfiguration.getMailServerPort()));
                properties.put("mail.smtp.socketFactory.class", "javax.net.ssl.SSLSocketFactory");
                authenticator = getAuthenticator();
                break;
            default:
                throw new VisalloException("unexpected MailServerAuthentication: " + this.forgotPasswordConfiguration.getMailServerAuthentication().toString());
        }
        return Session.getDefaultInstance(properties, authenticator);
    }

    private Authenticator getAuthenticator() {
        return new Authenticator() { // from class: org.visallo.web.auth.usernamepassword.routes.RequestToken.1
            protected PasswordAuthentication getPasswordAuthentication() {
                return new PasswordAuthentication(RequestToken.this.forgotPasswordConfiguration.getMailServerUsername(), RequestToken.this.forgotPasswordConfiguration.getMailServerPassword());
            }
        };
    }
}
