package org.lamsfoundation.lams.web;

import java.io.IOException;
import java.net.URLEncoder;
import java.util.Date;
import java.util.List;
import java.util.Properties;
import javax.mail.MessagingException;
import javax.mail.internet.AddressException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.hibernate.engine.spi.SessionImplementor;
import org.hibernate.id.Configurable;
import org.hibernate.id.UUIDGenerator;
import org.hibernate.service.ServiceRegistry;
import org.hibernate.type.StringType;
import org.lamsfoundation.lams.usermanagement.ForgotPasswordRequest;
import org.lamsfoundation.lams.usermanagement.User;
import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
import org.lamsfoundation.lams.util.CentralConstants;
import org.lamsfoundation.lams.util.Configuration;
import org.lamsfoundation.lams.util.Emailer;
import org.lamsfoundation.lams.util.MessageService;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;

/* loaded from: input_file:org/lamsfoundation/lams/web/ForgotPasswordServlet.class */
public class ForgotPasswordServlet extends HttpServlet {
    private static final long serialVersionUID = -4833236166181290760L;
    private static Logger log = Logger.getLogger(ForgotPasswordServlet.class);
    public static String SMTP_SERVER_NOT_SET = "error.support.email.not.set";
    public static String USER_NOT_FOUND = "error.user.not.found";
    public static String PASSWORD_REQUEST_EXPIRED = "error.password.request.expired";
    public static String SUCCESS_REQUEST_EMAIL = "forgot.password.email.sent";
    public static String SUCCESS_CHANGE_PASS = "heading.password.changed.screen";
    public static String EMAIL_NOT_FOUND = "error.email.not.found";
    public static String INTERNAL_ERROR = "error.email.internal";
    public static String EMAIL_FAILED = "error.email.not.sent";
    public static String REQUEST_KEY_NOT_FOUND = "error.forgot.password.incorrect.key";
    private static int MILLISECONDS_IN_A_DAY = 86400000;
    private static String STATE = "&state=";
    private static String LANGUAGE_KEY = "&languageKey=";
    private static String EMAIL_SENT = "&emailSent=";

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String parameter;
        String parameter2 = httpServletRequest.getParameter(CentralConstants.PARAM_METHOD);
        if (!parameter2.equals("requestEmail")) {
            if (parameter2.equals("requestPasswordChange")) {
                handlePasswordChange(httpServletRequest.getParameter("newPassword"), httpServletRequest.getParameter("key"), httpServletResponse);
                return;
            } else {
                httpServletResponse.sendError(400);
                return;
            }
        }
        Boolean bool = false;
        if (httpServletRequest.getParameter("selectType").equals("radioEmail")) {
            bool = true;
            parameter = httpServletRequest.getParameter("email");
        } else {
            parameter = httpServletRequest.getParameter("login");
        }
        handleEmailRequest(bool, parameter.trim(), httpServletResponse);
    }

    public void handleEmailRequest(Boolean bool, String str, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        int i = 0;
        String str2 = "";
        boolean z = false;
        if (str == null || str.equals("")) {
            httpServletResponse.sendError(400);
            return;
        }
        String str3 = Configuration.get("SMTPServer");
        String str4 = Configuration.get("LamsSupportEmail");
        User user = null;
        if (str3 == null || str3.equals("") || str4 == null || str4.equals("")) {
            str2 = SMTP_SERVER_NOT_SET;
        } else {
            WebApplicationContext requiredWebApplicationContext = WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext());
            IUserManagementService iUserManagementService = (IUserManagementService) requiredWebApplicationContext.getBean("userManagementService");
            MessageService messageService = (MessageService) requiredWebApplicationContext.getBean(CentralConstants.CENTRAL_MESSAGE_SERVICE_BEAN_NAME);
            if (bool.booleanValue()) {
                try {
                    List allUsersWithEmail = iUserManagementService.getAllUsersWithEmail(str);
                    if (allUsersWithEmail.size() == 1) {
                        user = (User) allUsersWithEmail.get(0);
                    } else if (allUsersWithEmail.size() == 0) {
                        str2 = EMAIL_NOT_FOUND;
                        z = true;
                    } else {
                        str2 = INTERNAL_ERROR;
                        log.info("Password recovery: The email is assigned to multiple users: " + str);
                        z = true;
                    }
                } catch (Exception e) {
                    str2 = INTERNAL_ERROR;
                    log.error("Error while recovering password.", e);
                    z = true;
                }
            } else if (iUserManagementService.getUserByLogin(str) != null) {
                user = iUserManagementService.getUserByLogin(str);
            } else {
                str2 = USER_NOT_FOUND;
                z = true;
            }
            if (!z) {
                String generateUniqueKey = generateUniqueKey();
                ForgotPasswordRequest forgotPasswordRequest = new ForgotPasswordRequest();
                forgotPasswordRequest.setRequestDate(new Date());
                forgotPasswordRequest.setUserId(user.getUserId());
                forgotPasswordRequest.setRequestKey(generateUniqueKey);
                iUserManagementService.save(forgotPasswordRequest);
                try {
                    Emailer.sendFromSupportEmail(messageService.getMessage("forgot.password.email.subject"), user.getEmail(), messageService.getMessage("forgot.password.email.body") + "\n\n" + Configuration.get("ServerURL") + "forgotPasswordChange.jsp?key=" + generateUniqueKey, false);
                    str2 = SUCCESS_REQUEST_EMAIL;
                    i = 1;
                } catch (Exception e2) {
                    log.error("Problem sending email to: " + user.getLogin() + " with email: " + user.getEmail(), e2);
                    str2 = EMAIL_FAILED;
                    i = 0;
                } catch (MessagingException e3) {
                    log.error("Problem sending email to: " + user.getLogin() + " with email: " + user.getEmail(), e3);
                    str2 = EMAIL_FAILED;
                    i = 0;
                } catch (AddressException e4) {
                    log.error("Problem sending email to: " + user.getLogin() + " with email: " + user.getEmail(), e4);
                    str2 = EMAIL_FAILED;
                    i = 0;
                }
            }
        }
        String str5 = Configuration.get("ServerURL") + "forgotPasswordProc.jsp?" + STATE + i + LANGUAGE_KEY + str2;
        if (i == 1 && user.getEmail() != null) {
            str5 = str5 + EMAIL_SENT + URLEncoder.encode(user.getEmail(), "UTF-8");
        }
        httpServletResponse.sendRedirect(str5);
    }

    public void handlePasswordChange(String str, String str2, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String str3;
        int i = 0;
        if (str2 == null || str2.equals("") || str == null || str.equals("")) {
            httpServletResponse.sendError(400);
            return;
        }
        IUserManagementService iUserManagementService = (IUserManagementService) WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext()).getBean("userManagementService");
        ForgotPasswordRequest forgotPasswordRequest = iUserManagementService.getForgotPasswordRequest(str2);
        if (forgotPasswordRequest == null) {
            httpServletResponse.sendRedirect(Configuration.get("ServerURL") + "forgotPasswordProc.jsp?" + STATE + 0 + LANGUAGE_KEY + REQUEST_KEY_NOT_FOUND);
            return;
        }
        if (new Date().getTime() < forgotPasswordRequest.getRequestDate().getTime() + MILLISECONDS_IN_A_DAY) {
            User user = (User) iUserManagementService.findById(User.class, forgotPasswordRequest.getUserId());
            iUserManagementService.updatePassword(user.getLogin(), str);
            iUserManagementService.auditPasswordChanged(user, CentralConstants.MODULE_NAME);
            str3 = SUCCESS_CHANGE_PASS;
            i = 1;
        } else {
            str3 = PASSWORD_REQUEST_EXPIRED;
        }
        iUserManagementService.delete(forgotPasswordRequest);
        httpServletResponse.sendRedirect(Configuration.get("ServerURL") + "forgotPasswordProc.jsp?" + STATE + i + LANGUAGE_KEY + str3);
    }

    public static String generateUniqueKey() {
        Properties properties = new Properties();
        Configurable uUIDGenerator = new UUIDGenerator();
        uUIDGenerator.configure(StringType.INSTANCE, properties, (ServiceRegistry) null);
        return ((String) uUIDGenerator.generate((SessionImplementor) null, (Object) null)).toLowerCase();
    }
}
