package org.bibsonomy.webapp.controller.actions;

import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
import java.util.Random;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bibsonomy.common.enums.Role;
import org.bibsonomy.common.enums.UserUpdateOperation;
import org.bibsonomy.common.exceptions.InternServerException;
import org.bibsonomy.model.User;
import org.bibsonomy.model.logic.LogicInterface;
import org.bibsonomy.util.HashUtils;
import org.bibsonomy.util.MailUtils;
import org.bibsonomy.util.UrlUtils;
import org.bibsonomy.util.ValidationUtils;
import org.bibsonomy.webapp.command.actions.PasswordReminderCommand;
import org.bibsonomy.webapp.config.AuthConfig;
import org.bibsonomy.webapp.config.AuthMethod;
import org.bibsonomy.webapp.util.ErrorAware;
import org.bibsonomy.webapp.util.RequestAware;
import org.bibsonomy.webapp.util.RequestLogic;
import org.bibsonomy.webapp.util.ValidationAwareController;
import org.bibsonomy.webapp.util.Validator;
import org.bibsonomy.webapp.util.View;
import org.bibsonomy.webapp.util.captcha.Captcha;
import org.bibsonomy.webapp.util.captcha.CaptchaResponse;
import org.bibsonomy.webapp.validation.PasswordReminderValidator;
import org.bibsonomy.webapp.view.Views;
import org.jasypt.util.text.BasicTextEncryptor;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.util.Assert;
import org.springframework.validation.Errors;

/* loaded from: input_file:WEB-INF/classes/org/bibsonomy/webapp/controller/actions/PasswordReminderController.class */
public class PasswordReminderController implements ErrorAware, ValidationAwareController<PasswordReminderCommand>, RequestAware {
    private static final Log log = LogFactory.getLog(PasswordReminderController.class);
    private LogicInterface adminLogic;
    private RequestLogic requestLogic;
    private Captcha captcha;
    private MailUtils mailUtils;
    private String cryptKey;
    private AuthConfig authConfig;
    private int maxMinutesPasswordReminderValid = 60;
    private Errors errors = null;

    @Override // org.bibsonomy.webapp.util.MinimalisticController
    public PasswordReminderCommand instantiateCommand() {
        return new PasswordReminderCommand();
    }

    @Override // org.bibsonomy.webapp.util.MinimalisticController
    public View workOn(PasswordReminderCommand passwordReminderCommand) {
        if (!this.authConfig.containsAuthMethod(AuthMethod.INTERNAL)) {
            this.errors.reject("error.method_not_allowed");
            return Views.ERROR;
        }
        Locale locale = this.requestLogic.getLocale();
        User user = new User();
        user.setName(passwordReminderCommand.getUserName());
        user.setEmail(passwordReminderCommand.getUserEmail());
        String inetAddress = this.requestLogic.getInetAddress();
        checkCaptcha(passwordReminderCommand.getRecaptcha_challenge_field(), passwordReminderCommand.getRecaptcha_response_field(), this.requestLogic.getHostInetAddress());
        if (this.errors.hasErrors()) {
            passwordReminderCommand.setCaptchaHTML(this.captcha.createCaptchaHtml(locale));
            return Views.PASSWORD_REMINDER;
        }
        User userDetails = this.adminLogic.getUserDetails(user.getName());
        if (userDetails == null || userDetails.getName() == null || Role.DELETED.equals(userDetails.getRole())) {
            this.errors.rejectValue("userName", "error.field.valid.user.name");
        } else if (!user.getEmail().equalsIgnoreCase(userDetails.getEmail())) {
            this.errors.rejectValue("userEmail", "error.field.valid.user.email");
        } else if (ValidationUtils.present(userDetails.getLdapId())) {
            this.errors.reject("error.passReminder.ldap", "You are registered using LDAP and thus don't have a password we could send you a reminder for.");
        } else if (ValidationUtils.present(userDetails.getOpenID())) {
            this.errors.reject("error.passReminder.openid", "You are registered using OpenID and thus don't have a password we could send you a reminder for.");
        }
        if (this.errors.hasErrors()) {
            passwordReminderCommand.setCaptchaHTML(this.captcha.createCaptchaHtml(locale));
            return Views.PASSWORD_REMINDER;
        }
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.setTime(userDetails.getReminderPasswordRequestDate());
        calendar2.add(12, this.maxMinutesPasswordReminderValid);
        if (calendar.before(calendar2)) {
            int timeInMillis = (((int) (calendar2.getTimeInMillis() - calendar.getTimeInMillis())) / 1000) / 60;
            this.errors.reject("error.passReminder.time", new Object[]{Integer.valueOf(this.maxMinutesPasswordReminderValid), Integer.valueOf(timeInMillis)}, "You already requested a password in the last " + this.maxMinutesPasswordReminderValid + " minutes. Please wait " + timeInMillis + " minutes before you can request a new password");
        }
        if (this.errors.hasErrors()) {
            passwordReminderCommand.setCaptchaHTML(this.captcha.createCaptchaHtml(locale));
            return Views.PASSWORD_REMINDER;
        }
        String randomString = getRandomString();
        user.setReminderPassword(randomString);
        user.setReminderPasswordRequestDate(new Date());
        String encryptReminderHash = encryptReminderHash(user.getName(), randomString);
        this.adminLogic.updateUser(user, UserUpdateOperation.UPDATE_ALL);
        this.mailUtils.sendPasswordReminderMail(user.getName(), user.getEmail(), inetAddress, locale, this.maxMinutesPasswordReminderValid, UrlUtils.safeURIEncode(encryptReminderHash));
        passwordReminderCommand.setSuccess(true);
        return Views.PASSWORD_REMINDER;
    }

    @Override // org.bibsonomy.webapp.util.ErrorAware
    public Errors getErrors() {
        return this.errors;
    }

    @Override // org.bibsonomy.webapp.util.ErrorAware
    public void setErrors(Errors errors) {
        this.errors = errors;
    }

    @Override // org.bibsonomy.webapp.util.ValidationAwareController
    public Validator<PasswordReminderCommand> getValidator() {
        return new PasswordReminderValidator();
    }

    @Override // org.bibsonomy.webapp.util.ValidationAwareController
    public boolean isValidationRequired(PasswordReminderCommand passwordReminderCommand) {
        return true;
    }

    @Override // org.bibsonomy.webapp.util.RequestAware
    @Required
    public void setRequestLogic(RequestLogic requestLogic) {
        this.requestLogic = requestLogic;
    }

    @Required
    public void setCaptcha(Captcha captcha) {
        this.captcha = captcha;
    }

    @Required
    public void setAdminLogic(LogicInterface logicInterface) {
        Assert.notNull(logicInterface, "The provided logic interface must not be null.");
        this.adminLogic = logicInterface;
        Assert.isTrue(Role.ADMIN.equals(this.adminLogic.getAuthenticatedUser().getRole()), "The provided logic interface must have admin access.");
    }

    private void checkCaptcha(String str, String str2, String str3) throws InternServerException {
        if (ValidationUtils.present(str) && ValidationUtils.present(str2)) {
            try {
                CaptchaResponse checkAnswer = this.captcha.checkAnswer(str, str2, str3);
                if (!checkAnswer.isValid()) {
                    this.errors.rejectValue("recaptcha_response_field", "error.field.valid.captcha");
                } else if (checkAnswer.getErrorMessage() != null) {
                    log.warn("Could not validate captcha response: " + checkAnswer.getErrorMessage());
                }
            } catch (Exception e) {
                log.fatal("Could not validate captcha response.", e);
                throw new InternServerException("error.captcha");
            }
        }
    }

    private String getRandomString() {
        byte[] bArr = new byte[8];
        new Random().nextBytes(bArr);
        return HashUtils.toHexString(bArr);
    }

    public void setMailUtils(MailUtils mailUtils) {
        this.mailUtils = mailUtils;
    }

    public void setMaxMinutesPasswordReminderValid(int i) {
        this.maxMinutesPasswordReminderValid = i;
    }

    private String encryptReminderHash(String str, String str2) {
        BasicTextEncryptor basicTextEncryptor = new BasicTextEncryptor();
        basicTextEncryptor.setPassword(this.cryptKey);
        return basicTextEncryptor.encrypt(str + ":" + str2);
    }

    public void setCryptKey(String str) {
        this.cryptKey = str;
    }

    public void setAuthConfig(AuthConfig authConfig) {
        this.authConfig = authConfig;
    }
}
