package com.dotcms.rest.api.v1.authentication;

import com.dotcms.auth.providers.jwt.beans.JWTBean;
import com.dotcms.auth.providers.jwt.factories.JsonWebTokenFactory;
import com.dotcms.auth.providers.jwt.services.JsonWebTokenService;
import com.dotcms.repackage.com.google.common.annotations.VisibleForTesting;
import com.dotcms.repackage.javax.ws.rs.POST;
import com.dotcms.repackage.javax.ws.rs.Path;
import com.dotcms.repackage.javax.ws.rs.Produces;
import com.dotcms.repackage.javax.ws.rs.core.Context;
import com.dotcms.repackage.javax.ws.rs.core.Response;
import com.dotcms.repackage.org.glassfish.jersey.server.JSONP;
import com.dotcms.rest.ResponseEntityView;
import com.dotcms.rest.annotation.InitRequestRequired;
import com.dotcms.rest.annotation.NoCache;
import com.dotcms.rest.exception.mapper.ExceptionMapperUtil;
import com.dotmarketing.business.DotInvalidPasswordException;
import com.dotmarketing.business.NoSuchUserException;
import com.dotmarketing.exception.DotSecurityException;
import com.dotmarketing.portlets.cmsmaintenance.ajax.LogConsoleAjaxAction;
import com.dotmarketing.util.SecurityLogger;
import com.liferay.portal.ejb.UserManager;
import com.liferay.portal.ejb.UserManagerFactory;
import com.liferay.util.LocaleUtil;
import java.util.Locale;
import javax.servlet.http.HttpServletRequest;

@Path("/v1/changePassword")
/* loaded from: input_file:com/dotcms/rest/api/v1/authentication/ResetPasswordResource.class */
public class ResetPasswordResource {
    private final UserManager userManager;
    private final ResponseUtil responseUtil;
    private final JsonWebTokenService jsonWebTokenService;

    public ResetPasswordResource() {
        this(UserManagerFactory.getManager(), ResponseUtil.INSTANCE, JsonWebTokenFactory.getInstance().getJsonWebTokenService());
    }

    @VisibleForTesting
    public ResetPasswordResource(UserManager userManager, ResponseUtil responseUtil, JsonWebTokenService jsonWebTokenService) {
        this.userManager = userManager;
        this.responseUtil = responseUtil;
        this.jsonWebTokenService = jsonWebTokenService;
    }

    @Produces({LogConsoleAjaxAction.CONTENT_JSON, "application/javascript"})
    @POST
    @NoCache
    @JSONP
    @InitRequestRequired
    public final Response resetPassword(@Context HttpServletRequest httpServletRequest, ResetPasswordForm resetPasswordForm) {
        Response createResponse;
        String password = resetPasswordForm.getPassword();
        String token = resetPasswordForm.getToken();
        Locale locale = LocaleUtil.getLocale(httpServletRequest);
        try {
            JWTBean parseToken = this.jsonWebTokenService.parseToken(token);
            if (null == parseToken) {
                SecurityLogger.logInfo(ResetPasswordResource.class, "Error reseting password. " + this.responseUtil.getFormattedMessage(null, "reset-password-token-expired", new Object[0]));
                createResponse = this.responseUtil.getErrorResponse(httpServletRequest, Response.Status.UNAUTHORIZED, locale, null, "reset-password-token-expired");
            } else {
                String id = parseToken.getId();
                this.userManager.resetPassword(id, parseToken.getSubject(), password);
                SecurityLogger.logInfo(ResetPasswordResource.class, String.format("User %s successful changed his password from IP: %s", id, httpServletRequest.getRemoteAddr()));
                createResponse = Response.ok(new ResponseEntityView(id)).build();
            }
        } catch (DotInvalidTokenException e) {
            if (e.isExpired()) {
                SecurityLogger.logInfo(ResetPasswordResource.class, "Error resetting password. " + this.responseUtil.getFormattedMessage(null, "reset-password-token-expired", new Object[0]));
                createResponse = this.responseUtil.getErrorResponse(httpServletRequest, Response.Status.UNAUTHORIZED, locale, null, "reset-password-token-expired");
            } else {
                SecurityLogger.logInfo(ResetPasswordResource.class, "Error resetting password. " + this.responseUtil.getFormattedMessage(null, "reset-password-token-invalid", new Object[0]));
                createResponse = this.responseUtil.getErrorResponse(httpServletRequest, Response.Status.BAD_REQUEST, locale, null, "reset-password-token-invalid");
            }
        } catch (DotInvalidPasswordException e2) {
            SecurityLogger.logInfo(ResetPasswordResource.class, "Error resetting password. " + this.responseUtil.getFormattedMessage(null, "reset-password-invalid-password", new Object[0]));
            createResponse = this.responseUtil.getErrorResponse(httpServletRequest, Response.Status.BAD_REQUEST, locale, null, "reset-password-invalid-password");
        } catch (NoSuchUserException e3) {
            SecurityLogger.logInfo(ResetPasswordResource.class, "Error resetting password. " + this.responseUtil.getFormattedMessage(null, "please-enter-a-valid-login", new Object[0]));
            createResponse = this.responseUtil.getErrorResponse(httpServletRequest, Response.Status.BAD_REQUEST, locale, null, "please-enter-a-valid-login");
        } catch (DotSecurityException e4) {
            SecurityLogger.logInfo(ResetPasswordResource.class, "Error resetting password. " + e4.getMessage());
            createResponse = ExceptionMapperUtil.createResponse(e4, Response.Status.INTERNAL_SERVER_ERROR);
        } catch (Exception e5) {
            SecurityLogger.logInfo(ResetPasswordResource.class, "Error resetting password. " + e5.getMessage());
            createResponse = ExceptionMapperUtil.createResponse(e5, Response.Status.INTERNAL_SERVER_ERROR);
        }
        return createResponse;
    }
}
