package org.jahia.modules.userregistration.actions;

import java.text.MessageFormat;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.jahia.bin.Action;
import org.jahia.bin.ActionResult;
import org.jahia.engines.EngineMessage;
import org.jahia.engines.EngineMessages;
import org.jahia.modules.userregistration.actions.RecoverPassword;
import org.jahia.registries.ServicesRegistry;
import org.jahia.services.content.JCRSessionWrapper;
import org.jahia.services.pwdpolicy.JahiaPasswordPolicyService;
import org.jahia.services.pwdpolicy.PolicyEnforcementResult;
import org.jahia.services.render.RenderContext;
import org.jahia.services.render.Resource;
import org.jahia.services.render.URLResolver;
import org.jahia.services.usermanager.JahiaUser;
import org.jahia.utils.i18n.JahiaResourceBundle;
import org.jahia.utils.i18n.Messages;
import org.json.JSONObject;
import org.wikimodel.wem.xml.ISaxConst;

/* loaded from: input_file:userregistration-2.0.1.jar:org/jahia/modules/userregistration/actions/UnauthenticatedChangePasswordAction.class */
public class UnauthenticatedChangePasswordAction extends Action {
    private static final String BUNDLE = "resources.JahiaUserRegistration";

    public ActionResult doExecute(HttpServletRequest httpServletRequest, RenderContext renderContext, Resource resource, JCRSessionWrapper jCRSessionWrapper, Map<String, List<String>> map, URLResolver uRLResolver) throws Exception {
        String parameter = getParameter(map, "authKey");
        RecoverPassword.PasswordToken passwordToken = (RecoverPassword.PasswordToken) httpServletRequest.getSession().getAttribute("passwordRecoveryToken");
        if (StringUtils.isEmpty(parameter) || passwordToken == null || !passwordToken.getAuthkey().equals(parameter) || !passwordToken.getUserpath().equals(resource.getNode().getPath())) {
            return ActionResult.BAD_REQUEST;
        }
        HttpSession session = httpServletRequest.getSession();
        session.removeAttribute("passwordRecoveryToken");
        session.removeAttribute("passwordRecoveryAsked");
        String trim = httpServletRequest.getParameter("password").trim();
        JSONObject jSONObject = new JSONObject();
        if (!resource.getNode().hasPermission("jcr:write_default") || !resource.getNode().isNodeType("jnt:user")) {
            return new ActionResult(403, (String) null, (JSONObject) null);
        }
        if ("".equals(trim)) {
            jSONObject.put("errorMessage", Messages.get(BUNDLE, "passwordrecovery.recover.password.mandatory", renderContext.getUILocale()));
        } else if (httpServletRequest.getParameter("passwordconfirm").trim().equals(trim)) {
            JahiaPasswordPolicyService jahiaPasswordPolicyService = ServicesRegistry.getInstance().getJahiaPasswordPolicyService();
            JahiaUser lookupUser = ServicesRegistry.getInstance().getJahiaUserManagerService().lookupUser(resource.getNode().getName());
            PolicyEnforcementResult enforcePolicyOnPasswordChange = jahiaPasswordPolicyService.enforcePolicyOnPasswordChange(lookupUser, trim, true);
            if (enforcePolicyOnPasswordChange.isSuccess()) {
                lookupUser.setPassword(trim);
                jSONObject.put("errorMessage", Messages.get(BUNDLE, "passwordrecovery.recover.passwordChanged", renderContext.getUILocale()));
                session.setAttribute("org.jahia.usermanager.jahiauser", lookupUser);
                jSONObject.put("result", "success");
            } else {
                EngineMessages engineMessages = enforcePolicyOnPasswordChange.getEngineMessages();
                StringBuilder sb = new StringBuilder();
                for (EngineMessage engineMessage : engineMessages.getMessages()) {
                    sb.append(engineMessage.isResource() ? MessageFormat.format(JahiaResourceBundle.getJahiaInternalResource(engineMessage.getKey(), renderContext.getUILocale()), engineMessage.getValues()) : engineMessage.getKey()).append(ISaxConst.NEW_LINE);
                }
                jSONObject.put("errorMessage", sb.toString());
            }
        } else {
            jSONObject.put("errorMessage", Messages.get(BUNDLE, "passwordrecovery.recover.password.not.matching", renderContext.getUILocale()));
        }
        return new ActionResult(200, (String) null, jSONObject);
    }
}
