package com.liferay.portal.action;

import com.liferay.petra.string.StringBundler;
import com.liferay.portal.kernel.exception.NoSuchUserException;
import com.liferay.portal.kernel.exception.UserLockoutException;
import com.liferay.portal.kernel.exception.UserPasswordException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.model.Company;
import com.liferay.portal.kernel.model.Ticket;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.security.auth.AuthTokenUtil;
import com.liferay.portal.kernel.security.auth.PrincipalException;
import com.liferay.portal.kernel.security.auth.session.AuthenticatedSessionManagerUtil;
import com.liferay.portal.kernel.service.CompanyLocalServiceUtil;
import com.liferay.portal.kernel.service.TicketLocalServiceUtil;
import com.liferay.portal.kernel.service.UserLocalServiceUtil;
import com.liferay.portal.kernel.servlet.HttpHeaders;
import com.liferay.portal.kernel.servlet.SessionErrors;
import com.liferay.portal.kernel.theme.ThemeDisplay;
import com.liferay.portal.kernel.util.Constants;
import com.liferay.portal.kernel.util.HtmlUtil;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.portal.kernel.util.PortalUtil;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.kernel.util.WebKeys;
import com.liferay.portal.kernel.workflow.WorkflowConstants;
import com.liferay.portal.security.DefaultAdminUtil;
import com.liferay.portal.security.pwd.PwdToolkitUtilThreadLocal;
import com.liferay.portal.struts.Action;
import com.liferay.portal.struts.model.ActionForward;
import com.liferay.portal.struts.model.ActionMapping;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.xerces.impl.xs.SchemaSymbols;

/* loaded from: input_file:com/liferay/portal/action/UpdatePasswordAction.class */
public class UpdatePasswordAction implements Action {
    private static final Log _log = LogFactoryUtil.getLog((Class<?>) UpdatePasswordAction.class);

    @Override // com.liferay.portal.struts.Action
    public ActionForward execute(ActionMapping actionMapping, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        Ticket ticket = getTicket(httpServletRequest);
        if (ticket != null && StringUtil.equals(httpServletRequest.getMethod(), "GET")) {
            resendAsPost(httpServletRequest, httpServletResponse);
            return null;
        }
        httpServletRequest.setAttribute(WebKeys.TICKET, ticket);
        if (Validator.isNull(ParamUtil.getString(httpServletRequest, Constants.CMD))) {
            if (ticket != null) {
                User user = UserLocalServiceUtil.getUser(ticket.getClassPK());
                try {
                    UserLocalServiceUtil.checkLockout(user);
                    UserLocalServiceUtil.updatePasswordReset(user.getUserId(), true);
                } catch (UserLockoutException e) {
                    SessionErrors.add(httpServletRequest, e.getClass(), e);
                }
            }
            User user2 = PortalUtil.getUser(httpServletRequest);
            if (user2 != null && _isUserDefaultAdmin(user2)) {
                String reminderQueryAnswer = user2.getReminderQueryAnswer();
                if (Validator.isNotNull(reminderQueryAnswer) && reminderQueryAnswer.equals(WorkflowConstants.LABEL_PENDING)) {
                    httpServletRequest.setAttribute(WebKeys.TITLE_SET_PASSWORD, "set-password");
                }
            }
            return actionMapping.getActionForward("portal.update_password");
        }
        ThemeDisplay themeDisplay = (ThemeDisplay) httpServletRequest.getAttribute(WebKeys.THEME_DISPLAY);
        try {
            updatePassword(httpServletRequest, httpServletResponse, themeDisplay, ticket);
            String string = ParamUtil.getString(httpServletRequest, WebKeys.REFERER);
            if (Validator.isNotNull(string)) {
                string = PortalUtil.escapeRedirect(string);
            }
            if (Validator.isNull(string)) {
                string = themeDisplay.getPathMain();
            }
            httpServletResponse.sendRedirect(string);
            return null;
        } catch (Exception e2) {
            if (e2 instanceof UserPasswordException) {
                SessionErrors.add(httpServletRequest, e2.getClass(), e2);
                return actionMapping.getActionForward("portal.update_password");
            }
            if ((e2 instanceof NoSuchUserException) || (e2 instanceof PrincipalException)) {
                SessionErrors.add(httpServletRequest, e2.getClass());
                return actionMapping.getActionForward("portal.error");
            }
            PortalUtil.sendError(e2, httpServletRequest, httpServletResponse);
            return null;
        }
    }

    protected Ticket getTicket(HttpServletRequest httpServletRequest) {
        String string = ParamUtil.getString(httpServletRequest, "ticketKey");
        if (Validator.isNull(string)) {
            return null;
        }
        try {
            Ticket fetchTicket = TicketLocalServiceUtil.fetchTicket(string);
            if (fetchTicket == null || fetchTicket.getType() != 3) {
                return null;
            }
            if (!fetchTicket.isExpired()) {
                return fetchTicket;
            }
            TicketLocalServiceUtil.deleteTicket(fetchTicket);
            return null;
        } catch (Exception e) {
            if (!_log.isDebugEnabled()) {
                return null;
            }
            _log.debug((Throwable) e);
            return null;
        }
    }

    protected boolean isValidatePassword(HttpServletRequest httpServletRequest) {
        Boolean bool = (Boolean) httpServletRequest.getSession().getAttribute(WebKeys.SETUP_WIZARD_PASSWORD_UPDATED);
        return bool == null || !bool.booleanValue();
    }

    protected void resendAsPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setHeader(HttpHeaders.CACHE_CONTROL, "no-cache, no-store, must-revalidate");
        httpServletResponse.setHeader(HttpHeaders.EXPIRES, SchemaSymbols.ATTVAL_FALSE_0);
        httpServletResponse.setHeader(HttpHeaders.PRAGMA, HttpHeaders.PRAGMA_NO_CACHE_VALUE);
        PrintWriter writer = httpServletResponse.getWriter();
        Map<String, String[]> parameterMap = httpServletRequest.getParameterMap();
        StringBundler stringBundler = new StringBundler(8 + (parameterMap.size() * 5));
        stringBundler.append("<html><body onload=\"document.fm.submit();\">");
        stringBundler.append("<form action=\"");
        stringBundler.append(PortalUtil.getPortalURL(httpServletRequest));
        stringBundler.append(PortalUtil.getPathContext());
        stringBundler.append("/c/portal/update_password\" method=\"post\" name=\"fm\">");
        for (String str : parameterMap.keySet()) {
            String string = ParamUtil.getString(httpServletRequest, str);
            stringBundler.append("<input name=\"");
            stringBundler.append(HtmlUtil.escapeAttribute(str));
            stringBundler.append("\" type=\"hidden\" value=\"");
            stringBundler.append(HtmlUtil.escapeAttribute(string));
            stringBundler.append("\"/>");
        }
        stringBundler.append("<noscript>");
        stringBundler.append("<input type=\"submit\" value=\"Please continue here...\"/>");
        stringBundler.append("</noscript></form></body></html>");
        writer.write(stringBundler.toString());
        writer.close();
    }

    protected void updatePassword(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ThemeDisplay themeDisplay, Ticket ticket) throws Exception {
        AuthTokenUtil.checkCSRFToken(httpServletRequest, UpdatePasswordAction.class.getName());
        long classPK = ticket != null ? ticket.getClassPK() : themeDisplay.getUserId();
        String parameter = httpServletRequest.getParameter("password1");
        String parameter2 = httpServletRequest.getParameter("password2");
        boolean isValidate = PwdToolkitUtilThreadLocal.isValidate();
        try {
            PwdToolkitUtilThreadLocal.setValidate(isValidatePassword(httpServletRequest));
            User updatePassword = UserLocalServiceUtil.updatePassword(classPK, parameter, parameter2, false);
            String reminderQueryAnswer = updatePassword.getReminderQueryAnswer();
            if (_isUserDefaultAdmin(updatePassword) && reminderQueryAnswer.equals(WorkflowConstants.LABEL_PENDING) && Validator.isNull(updatePassword.getReminderQueryQuestion())) {
                updatePassword.setReminderQueryAnswer(null);
                UserLocalServiceUtil.updateUser(updatePassword);
            }
            User user = UserLocalServiceUtil.getUser(classPK);
            Company companyById = CompanyLocalServiceUtil.getCompanyById(user.getCompanyId());
            if (ticket != null) {
                TicketLocalServiceUtil.deleteTicket(ticket);
                UserLocalServiceUtil.updatePasswordReset(classPK, false);
                if (companyById.isStrangersVerify()) {
                    UserLocalServiceUtil.updateEmailAddressVerified(classPK, true);
                }
            }
            String str = null;
            String authType = companyById.getAuthType();
            if (authType.equals("emailAddress")) {
                str = user.getEmailAddress();
            } else if (authType.equals("screenName")) {
                str = user.getScreenName();
            } else if (authType.equals("userId")) {
                str = String.valueOf(classPK);
            }
            AuthenticatedSessionManagerUtil.login(httpServletRequest, httpServletResponse, str, parameter, false, null);
        } finally {
            PwdToolkitUtilThreadLocal.setValidate(isValidate);
        }
    }

    private boolean _isUserDefaultAdmin(User user) {
        User fetchDefaultAdmin = DefaultAdminUtil.fetchDefaultAdmin(user.getCompanyId());
        return fetchDefaultAdmin != null && fetchDefaultAdmin.getUserId() == user.getUserId();
    }
}
