package com.liferay.portal.action;

import com.dotcms.auth.providers.jwt.beans.JWTBean;
import com.dotcms.auth.providers.jwt.factories.JsonWebTokenFactory;
import com.dotcms.cms.login.LoginServiceAPI;
import com.dotcms.repackage.javax.portlet.WindowState;
import com.dotcms.repackage.org.apache.struts.action.Action;
import com.dotcms.repackage.org.apache.struts.action.ActionForm;
import com.dotcms.repackage.org.apache.struts.action.ActionForward;
import com.dotcms.repackage.org.apache.struts.action.ActionMapping;
import com.dotcms.rest.api.v1.authentication.DotInvalidTokenException;
import com.dotcms.rest.api.v1.authentication.url.UrlStrategy;
import com.dotmarketing.business.APILocator;
import com.dotmarketing.business.DotInvalidPasswordException;
import com.dotmarketing.business.Layout;
import com.dotmarketing.exception.DotSecurityException;
import com.dotmarketing.util.Config;
import com.dotmarketing.util.PortletURLUtil;
import com.dotmarketing.util.SecurityLogger;
import com.dotmarketing.util.UtilMethods;
import com.liferay.portal.NoSuchUserException;
import com.liferay.portal.RequiredLayoutException;
import com.liferay.portal.SendPasswordException;
import com.liferay.portal.UserActiveException;
import com.liferay.portal.UserEmailAddressException;
import com.liferay.portal.UserIdException;
import com.liferay.portal.UserPasswordException;
import com.liferay.portal.auth.AuthException;
import com.liferay.portal.ejb.UserLocalManagerUtil;
import com.liferay.portal.ejb.UserManagerFactory;
import com.liferay.portal.ejb.UserManagerImpl;
import com.liferay.portal.ejb.UserManagerUtil;
import com.liferay.portal.util.Constants;
import com.liferay.portal.util.PortalUtil;
import com.liferay.portal.util.WebKeys;
import com.liferay.util.ParamUtil;
import com.liferay.util.Validator;
import com.liferay.util.servlet.SessionErrors;
import com.liferay.util.servlet.SessionMessages;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/liferay/portal/action/LoginAction.class */
public class LoginAction extends Action {
    private final LoginServiceAPI loginService = APILocator.getLoginServiceAPI();

    public ActionForward execute(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        SessionErrors.clear(httpServletRequest);
        SessionMessages.clear(httpServletRequest);
        HttpSession session = httpServletRequest.getSession();
        String parameter = httpServletRequest.getParameter("my_account_cmd");
        if (parameter != null && parameter.equals("auth")) {
            try {
                _login(httpServletRequest, httpServletResponse);
                List<Layout> loadLayoutsForUser = APILocator.getLayoutAPI().loadLayoutsForUser(UserLocalManagerUtil.getUserById((String) session.getAttribute(WebKeys.USER_ID)));
                if (loadLayoutsForUser == null || loadLayoutsForUser.size() == 0 || !UtilMethods.isSet(loadLayoutsForUser.get(0).getId())) {
                    new LogoutAction().execute(actionMapping, actionForm, httpServletRequest, httpServletResponse);
                    throw new RequiredLayoutException();
                }
                Layout layout = loadLayoutsForUser.get(0);
                String str = layout.getPortletIds().get(0);
                HashMap hashMap = new HashMap();
                hashMap.put("struts_action", new String[]{"/ext/director/direct"});
                session.setAttribute(com.dotmarketing.util.WebKeys.DIRECTOR_URL, PortletURLUtil.getActionURL(httpServletRequest, layout.getId(), WindowState.MAXIMIZED.toString(), hashMap, str));
                return actionMapping.findForward("/portal/touch_protected.jsp");
            } catch (Exception e) {
                if ((e == null || !(e instanceof AuthException)) && !(e instanceof NoSuchUserException) && !(e instanceof UserEmailAddressException) && !(e instanceof UserIdException) && !(e instanceof UserPasswordException) && !(e instanceof RequiredLayoutException) && !(e instanceof UserActiveException)) {
                    httpServletRequest.setAttribute("javax.servlet.jsp.jspException", e);
                    SecurityLogger.logInfo(getClass(), "An invalid attempt to login as " + ParamUtil.getString((ServletRequest) httpServletRequest, "my_account_login").toLowerCase() + " has been made from IP: " + httpServletRequest.getRemoteAddr());
                    return actionMapping.findForward(Constants.COMMON_ERROR);
                }
                SessionErrors.add(httpServletRequest, e.getClass().getName());
                SecurityLogger.logInfo(getClass(), "An invalid attempt to login as " + ParamUtil.getString((ServletRequest) httpServletRequest, "my_account_login").toLowerCase() + " has been made from IP: " + httpServletRequest.getRemoteAddr());
            }
        } else if (parameter != null && parameter.equals(Constants.SEND)) {
            try {
                _sendPassword(httpServletRequest);
            } catch (Exception e2) {
                if (e2 == null || !(e2 instanceof NoSuchUserException)) {
                    if ((e2 == null || !(e2 instanceof SendPasswordException)) && !(e2 instanceof UserEmailAddressException)) {
                        httpServletRequest.setAttribute("javax.servlet.jsp.jspException", e2);
                        return actionMapping.findForward(Constants.COMMON_ERROR);
                    }
                    SessionErrors.add(httpServletRequest, e2.getClass().getName());
                } else if (Config.getBooleanProperty("DISPLAY_NOT_EXISTING_USER_AT_RECOVER_PASSWORD", false)) {
                    SessionErrors.add(httpServletRequest, e2.getClass().getName());
                } else {
                    SecurityLogger.logInfo(UserManagerImpl.class, "User does NOT exist in the Database, returning OK message for security reasons");
                    SessionMessages.add(httpServletRequest, "new_password_sent", ParamUtil.getString((ServletRequest) httpServletRequest, "my_account_email_address"));
                }
            }
        } else if (parameter != null && parameter.equals("ereset")) {
            try {
                _resetPassword(httpServletRequest);
            } catch (Exception e3) {
                httpServletRequest.setAttribute("javax.servlet.jsp.jspException", e3);
                return actionMapping.findForward(Constants.COMMON_ERROR);
            }
        }
        return actionMapping.findForward("portal.login");
    }

    private void _resetPassword(HttpServletRequest httpServletRequest) throws Exception {
        String string = ParamUtil.getString((ServletRequest) httpServletRequest, "my_user_id");
        String string2 = ParamUtil.getString((ServletRequest) httpServletRequest, UrlStrategy.TOKEN);
        if (!UtilMethods.isSet(string)) {
            JWTBean parseToken = JsonWebTokenFactory.getInstance().getJsonWebTokenService().parseToken(string2);
            string = parseToken.getId();
            string2 = parseToken.getSubject();
        }
        String string3 = ParamUtil.getString((ServletRequest) httpServletRequest, "my_new_pass1");
        String string4 = ParamUtil.getString((ServletRequest) httpServletRequest, "my_new_pass2");
        if (!UtilMethods.isSet(string3) || !UtilMethods.isSet(string4)) {
            SecurityLogger.logInfo(LoginAction.class, "User " + string + " successful password reset request from IP:" + httpServletRequest.getRemoteAddr());
            SessionMessages.add(httpServletRequest, "reset_ok");
            return;
        }
        if (!string3.equals(string4)) {
            SessionErrors.add(httpServletRequest, "reset_pass_not_match");
            return;
        }
        try {
            UserManagerFactory.getManager().resetPassword(string, string2, string3);
            SecurityLogger.logInfo(LoginAction.class, "User " + string + " successful changed his password from IP:" + httpServletRequest.getRemoteAddr());
            SessionMessages.add(httpServletRequest, "reset_pass_success");
        } catch (DotInvalidTokenException e) {
            if (!e.isExpired()) {
                SecurityLogger.logInfo(LoginAction.class, "Attempt to reset user password (" + string + ") with wrong token. IP:" + httpServletRequest.getRemoteAddr());
            } else {
                SecurityLogger.logInfo(LoginAction.class, "User " + string + " requested password reset with expired token from IP:" + httpServletRequest.getRemoteAddr());
                SessionErrors.add(httpServletRequest, "reset_token_expired");
            }
        } catch (DotInvalidPasswordException e2) {
            SecurityLogger.logInfo(LoginAction.class, "User " + string + " couldn't reset password because it is invalid. From IP:" + httpServletRequest.getRemoteAddr());
            SessionErrors.add(httpServletRequest, "reset_pass_invalid_pass");
        } catch (com.dotmarketing.business.NoSuchUserException | DotSecurityException e3) {
            throw e3;
        }
    }

    private void _login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        String lowerCase = ParamUtil.getString((ServletRequest) httpServletRequest, "my_account_login").toLowerCase();
        String string = ParamUtil.getString((ServletRequest) httpServletRequest, "password");
        if (Validator.isNull(string)) {
            string = ParamUtil.getString((ServletRequest) httpServletRequest, "password");
        }
        this.loginService.doActionLogin(lowerCase, string, ParamUtil.get((ServletRequest) httpServletRequest, "my_account_r_m", false), httpServletRequest, httpServletResponse);
    }

    private void _sendPassword(HttpServletRequest httpServletRequest) throws Exception {
        String string = ParamUtil.getString((ServletRequest) httpServletRequest, "my_account_email_address");
        if (PortalUtil.getCompany(httpServletRequest).getAuthType().equals("userId")) {
            string = UserLocalManagerUtil.getUserById(string).getEmailAddress();
        }
        UserManagerUtil.sendPassword(PortalUtil.getCompanyId(httpServletRequest), string, (Locale) httpServletRequest.getSession().getAttribute("com.dotcms.repackage.org.apache.struts.action.LOCALE"));
        SecurityLogger.logInfo(getClass(), "Email address " + string + " has request to reset his password from IP: " + httpServletRequest.getRemoteAddr());
        SessionMessages.add(httpServletRequest, "new_password_sent", string);
    }
}
