package eu.smesec.cysec.platform.core.endpoints;

import eu.smesec.cysec.platform.bridge.execptions.CacheException;
import eu.smesec.cysec.platform.bridge.execptions.TokenExpiredException;
import eu.smesec.cysec.platform.bridge.generated.Token;
import eu.smesec.cysec.platform.bridge.generated.User;
import eu.smesec.cysec.platform.bridge.utils.TokenUtils;
import eu.smesec.cysec.platform.core.auth.CryptPasswordStorage;
import eu.smesec.cysec.platform.core.cache.CacheAbstractionLayer;
import eu.smesec.cysec.platform.core.services.MailServiceImpl;
import java.time.LocalDateTime;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.security.PermitAll;
import javax.inject.Inject;
import javax.servlet.ServletContext;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.commons.lang3.StringUtils;
import org.glassfish.jersey.logging.LoggingFeature;

@Path("rest/resetPassword")
@PermitAll
/* loaded from: input_file:WEB-INF/classes/eu/smesec/cysec/platform/core/endpoints/PasswordForgottenService.class */
public class PasswordForgottenService {
    private static final Logger logger = Logger.getLogger(LoggingFeature.DEFAULT_LOGGER_NAME);
    private static final int tokenExpiryHours = 1;

    @Context
    ServletContext context;

    @Inject
    private CacheAbstractionLayer cal;

    @Inject
    private MailServiceImpl mailService;

    @PermitAll
    @Path("/create")
    @Consumes({MediaType.APPLICATION_JSON})
    @POST
    @Produces({MediaType.TEXT_HTML})
    public Response createToken(@QueryParam("email") String str, @QueryParam("company") String str2) {
        try {
            User userByEmail = this.cal.getUserByEmail(str2, str);
            if (userByEmail == null) {
                logger.warning("Could not find user with email " + str + " in company " + str2);
                return Response.status(Response.Status.NOT_FOUND).build();
            }
            Token createToken = TokenUtils.createToken(TokenUtils.TOKEN_RESET, TokenUtils.generateRandomHexToken(16), LocalDateTime.now().plusDays(1L));
            logger.info("Created new password reset token for email '" + str + "': " + createToken.getId());
            this.cal.updateUser(str2, userByEmail);
            this.mailService.sendMail(userByEmail, (String) null, (String) null, "Your password reset token", "A password reset token was requested for the account registered with your email address.\n\nTo set a new password, please visit the following website and enter the token:\nhttps://wwwtest.smesec.eu/cysec/public/resetPassword/resetPassword.html\n\nToken:\n" + createToken.getValue() + StringUtils.LF);
            return Response.status(Response.Status.NO_CONTENT).build();
        } catch (CacheException e) {
            logger.log(Level.WARNING, e.getMessage(), (Throwable) e);
            return Response.status(Response.Status.BAD_REQUEST).build();
        } catch (Exception e2) {
            logger.log(Level.SEVERE, e2.getMessage(), (Throwable) e2);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        }
    }

    @PermitAll
    @Path("verifyToken/{token}")
    @POST
    @Produces({MediaType.TEXT_HTML})
    public Response verifyToken(@PathParam("token") String str, @QueryParam("password1") String str2, @QueryParam("password2") String str3, @QueryParam("company") String str4) {
        try {
            if ("".equals(str2) || "".equals(str3) || !str2.equals(str3)) {
                logger.warning("Empty or non-matching passwords, returning form");
                return Response.notModified().build();
            }
            if ("".equals(str)) {
                logger.info("No token provided in request");
                return Response.status(Response.Status.BAD_REQUEST).build();
            }
            User userByToken = this.cal.getUserByToken(str4, str);
            if (userByToken == null) {
                return Response.status(Response.Status.NOT_FOUND).build();
            }
            userByToken.setPassword(new CryptPasswordStorage(str2, null).getPasswordStorage());
            userByToken.getToken().removeIf(token -> {
                return token.getId().equals(TokenUtils.TOKEN_RESET);
            });
            this.cal.updateUser(str4, userByToken);
            return Response.status(Response.Status.NO_CONTENT).build();
        } catch (TokenExpiredException e) {
            logger.log(Level.WARNING, e.getMessage(), (Throwable) e);
            return Response.status(Response.Status.UNAUTHORIZED).build();
        } catch (CacheException e2) {
            logger.log(Level.WARNING, e2.getMessage(), (Throwable) e2);
            return Response.status(Response.Status.BAD_REQUEST).build();
        } catch (Exception e3) {
            logger.log(Level.SEVERE, "Error during update of password: " + e3.getMessage());
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        }
    }
}
