package com.atlassian.jira.web.action.user;

import com.atlassian.event.api.EventPublisher;
import com.atlassian.jira.bc.security.login.LoginService;
import com.atlassian.jira.event.user.OnboardingEvent;
import com.atlassian.jira.permission.management.beans.ProjectPermissionOperationResultBean;
import com.atlassian.jira.plugin.user.PasswordPolicyManager;
import com.atlassian.jira.plugin.user.WebErrorMessage;
import com.atlassian.jira.security.request.RequestMethod;
import com.atlassian.jira.security.request.SupportedMethods;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.user.util.UserManager;
import com.atlassian.jira.user.util.UserUtil;
import com.atlassian.jira.web.action.JiraWebActionSupport;
import com.atlassian.jira.web.action.admin.user.PasswordChangeService;
import com.atlassian.jira.workflow.function.issue.UpdateIssueFieldFunction;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import webwork.action.ResultException;

/* loaded from: input_file:com/atlassian/jira/web/action/user/ResetPassword.class */
public class ResetPassword extends JiraWebActionSupport {
    private final UserUtil userUtil;
    private final UserManager userManager;
    private final LoginService loginService;
    private final PasswordPolicyManager passwordPolicyManager;
    private final PasswordChangeService passwordChangeService;
    private final EventPublisher eventPublisher;
    private String token;
    private String os_username;
    private String password;
    private String confirm;
    private ApplicationUser userInPlay;
    private boolean userInvalid;
    private boolean tokenTimedOut;
    private boolean tokenInvalid;
    private final List<WebErrorMessage> passwordErrors = new ArrayList();

    public ResetPassword(UserUtil userUtil, UserManager userManager, LoginService loginService, EventPublisher eventPublisher, PasswordPolicyManager passwordPolicyManager, PasswordChangeService passwordChangeService) {
        this.userUtil = userUtil;
        this.userManager = userManager;
        this.loginService = loginService;
        this.eventPublisher = eventPublisher;
        this.passwordPolicyManager = passwordPolicyManager;
        this.passwordChangeService = passwordChangeService;
    }

    @SupportedMethods({RequestMethod.GET})
    public String doDefault() {
        validateUserAndToken();
        if (isOnboardingUser()) {
            this.eventPublisher.publish(new OnboardingEvent(this.os_username, this.tokenTimedOut));
        }
        return hasAnyErrors() ? "error" : "input";
    }

    protected void validate() throws ResultException {
        validateUserAndToken();
        if (this.userInvalid || this.tokenInvalid || this.tokenTimedOut) {
            return;
        }
        validateNewPasswords();
    }

    @SupportedMethods({RequestMethod.POST})
    protected String doExecute() {
        if (this.userInvalid || this.tokenInvalid || this.tokenTimedOut || invalidInput()) {
            return "error";
        }
        this.passwordChangeService.setPassword(this, this.userInPlay, this.password);
        return invalidInput() ? "error" : ProjectPermissionOperationResultBean.SUCCESS_TYPE;
    }

    private void validateUserAndToken() {
        boolean z = true;
        this.userInPlay = this.userManager.getUserByName(this.os_username);
        if (this.userInPlay == null) {
            z = false;
            this.userInvalid = true;
        } else {
            UserUtil.PasswordResetTokenValidation validatePasswordResetToken = this.userUtil.validatePasswordResetToken(this.userInPlay, this.token);
            if (validatePasswordResetToken.getStatus() == UserUtil.PasswordResetTokenValidation.Status.EXPIRED) {
                z = false;
                this.tokenTimedOut = true;
            } else if (validatePasswordResetToken.getStatus() == UserUtil.PasswordResetTokenValidation.Status.UNEQUAL) {
                z = false;
                this.tokenInvalid = true;
            }
        }
        if (z) {
            return;
        }
        addErrorMessage(getText("resetpassword.error.invalid.user.or.token"));
    }

    private void validateNewPasswords() {
        if (StringUtils.isBlank(this.password) || StringUtils.isBlank(this.confirm)) {
            addErrorMessage(getText("resetpassword.error.password.blank"));
            return;
        }
        if (!nvl(this.password, UpdateIssueFieldFunction.UNASSIGNED_VALUE).equals(this.confirm)) {
            addErrorMessage(getText("resetpassword.error.password.mustmatch"));
            return;
        }
        Collection<WebErrorMessage> checkPolicy = this.passwordPolicyManager.checkPolicy(this.userManager.getUserByName(this.os_username), null, this.password);
        if (checkPolicy.isEmpty()) {
            return;
        }
        addError("password", getText("changepassword.new.password.rejected"));
        Iterator<WebErrorMessage> it = checkPolicy.iterator();
        while (it.hasNext()) {
            this.passwordErrors.add(it.next());
        }
    }

    private String nvl(String str, String str2) {
        return str == null ? str2 : str;
    }

    public String getToken() {
        return this.token;
    }

    public void setToken(String str) {
        this.token = str;
    }

    public String getOs_username() {
        return this.os_username;
    }

    public void setOs_username(String str) {
        this.os_username = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public List<WebErrorMessage> getPasswordErrors() {
        return this.passwordErrors;
    }

    public String getConfirm() {
        return this.confirm;
    }

    public void setConfirm(String str) {
        this.confirm = str;
    }

    public boolean isTokenTimedOut() {
        return this.tokenTimedOut;
    }

    public boolean isTokenInvalid() {
        return this.tokenInvalid;
    }

    public boolean isUserInvalid() {
        return this.userInvalid;
    }

    private long getLoginCount() {
        Long loginCount = this.loginService.getLoginInfo(this.os_username).getLoginCount();
        if (loginCount == null) {
            return 0L;
        }
        return loginCount.longValue();
    }

    private boolean isOnboardingUser() {
        return !this.userInvalid && getLoginCount() == 0;
    }
}
