package pl.sparkbit.security.service.impl;

import java.beans.ConstructorProperties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import pl.sparkbit.security.Security;
import pl.sparkbit.security.config.SecurityProperties;
import pl.sparkbit.security.dao.CredentialsDao;
import pl.sparkbit.security.domain.Credentials;
import pl.sparkbit.security.exception.InvalidCurrentPasswordException;
import pl.sparkbit.security.mvc.dto.in.ChangePasswordDTO;
import pl.sparkbit.security.service.PasswordChangeService;

@ConditionalOnProperty(value = {SecurityProperties.PASSWORD_CHANGE_ENABLED}, havingValue = "true", matchIfMissing = true)
@Service
/* loaded from: input_file:pl/sparkbit/security/service/impl/PasswordChangeServiceImpl.class */
public class PasswordChangeServiceImpl implements PasswordChangeService {
    private static final Logger log = LoggerFactory.getLogger(PasswordChangeServiceImpl.class);
    private final CredentialsDao credentialsDao;
    private final PasswordEncoder passwordEncoder;
    private final Security security;

    @Override // pl.sparkbit.security.service.PasswordChangeService
    @Transactional
    public void changeCurrentUserPassword(ChangePasswordDTO changePasswordDTO) {
        String currentUserId = this.security.currentUserId();
        verifyCurrentPassword(currentUserId, changePasswordDTO.getCurrentPassword());
        this.credentialsDao.updateCredentials(Credentials.builder().userId(currentUserId).password(this.passwordEncoder.encode(changePasswordDTO.getNewPassword())).build());
    }

    private void verifyCurrentPassword(String str, String str2) {
        if (!this.passwordEncoder.matches(str2, this.credentialsDao.selectPasswordHashForUser(str).get())) {
            throw new InvalidCurrentPasswordException("Invalid current password");
        }
    }

    @ConstructorProperties({"credentialsDao", "passwordEncoder", "security"})
    public PasswordChangeServiceImpl(CredentialsDao credentialsDao, PasswordEncoder passwordEncoder, Security security) {
        this.credentialsDao = credentialsDao;
        this.passwordEncoder = passwordEncoder;
        this.security = security;
    }
}
