package org.molgenis.security.account;

import java.io.IOException;
import java.util.Collections;
import java.util.Map;
import javax.naming.NoPermissionException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.Valid;
import javax.validation.constraints.NotNull;
import org.molgenis.auth.MolgenisUser;
import org.molgenis.data.MolgenisDataAccessException;
import org.molgenis.data.MolgenisDataException;
import org.molgenis.framework.server.MolgenisSettings;
import org.molgenis.security.captcha.CaptchaException;
import org.molgenis.security.captcha.CaptchaRequest;
import org.molgenis.security.captcha.CaptchaService;
import org.molgenis.security.user.MolgenisUserException;
import org.molgenis.util.CountryCodes;
import org.molgenis.util.ErrorMessageResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.StringUtils;
import org.springframework.validation.BindException;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.support.ServletUriComponentsBuilder;

@RequestMapping({AccountController.URI})
@Controller
/* loaded from: input_file:org/molgenis/security/account/AccountController.class */
public class AccountController {
    private static final Logger LOG = LoggerFactory.getLogger(AccountController.class);
    public static final String URI = "/account";
    private static final String CHANGE_PASSWORD_RELATIVE_URI = "/password/change";
    public static final String CHANGE_PASSWORD_URI = "/account/password/change";
    static final String REGISTRATION_SUCCESS_MESSAGE_USER = "You have successfully registered, an activation e-mail has been sent to your email.";
    static final String REGISTRATION_SUCCESS_MESSAGE_ADMIN = "You have successfully registered, your request has been forwarded to the administrator.";

    @Autowired
    private AccountService accountService;

    @Autowired
    private CaptchaService captchaService;

    @Autowired
    private RedirectStrategy redirectStrategy;

    @Autowired
    private MolgenisSettings molgenisSettings;

    @RequestMapping(value = {"/login"}, method = {RequestMethod.GET})
    public ModelAndView getLoginForm() {
        ModelAndView modelAndView = new ModelAndView("login-modal");
        modelAndView.addObject("enable_self_registration", Boolean.valueOf(this.molgenisSettings.getBooleanProperty(AccountService.KEY_PLUGIN_AUTH_ENABLE_SELFREGISTRATION, true)));
        return modelAndView;
    }

    @RequestMapping(value = {"/register"}, method = {RequestMethod.GET})
    public ModelAndView getRegisterForm() {
        ModelAndView modelAndView = new ModelAndView("register-modal");
        modelAndView.addObject("countries", CountryCodes.get());
        modelAndView.addObject("min_password_length", 6);
        return modelAndView;
    }

    @RequestMapping(value = {"/password/reset"}, method = {RequestMethod.GET})
    public String getPasswordResetForm() {
        return "resetpassword-modal";
    }

    @RequestMapping(value = {CHANGE_PASSWORD_RELATIVE_URI}, method = {RequestMethod.GET})
    public String getChangePasswordForm() {
        return "view-change-password";
    }

    @RequestMapping(value = {CHANGE_PASSWORD_RELATIVE_URI}, method = {RequestMethod.POST})
    public void changePassword(@Valid ChangePasswordForm changePasswordForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            if (authentication != null) {
                this.accountService.changePassword(authentication.getName(), changePasswordForm.getPassword1());
            }
            this.redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, "/");
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @RequestMapping(value = {"/register"}, method = {RequestMethod.POST}, headers = {"Content-Type=application/x-www-form-urlencoded"})
    @ResponseBody
    public Map<String, String> registerUser(@Valid @ModelAttribute RegisterRequest registerRequest, @Valid @ModelAttribute CaptchaRequest captchaRequest, HttpServletRequest httpServletRequest) throws CaptchaException, BindException, NoPermissionException {
        String str;
        Object obj;
        if (!this.accountService.isSelfRegistrationEnabled()) {
            throw new NoPermissionException("Self registration is disabled");
        }
        if (!registerRequest.getPassword().equals(registerRequest.getConfirmPassword())) {
            throw new BindException(RegisterRequest.class, "password does not match confirm password");
        }
        if (!this.captchaService.consumeCaptcha(captchaRequest.getCaptcha())) {
            throw new CaptchaException("invalid captcha answer");
        }
        MolgenisUser molgenisUser = toMolgenisUser(registerRequest);
        if (StringUtils.isEmpty(httpServletRequest.getHeader("X-Forwarded-Host"))) {
            str = ServletUriComponentsBuilder.fromCurrentRequest().replacePath("/account/activate").build().toUriString();
        } else {
            String header = httpServletRequest.getHeader("X-Forwarded-Proto");
            if (header == null) {
                header = httpServletRequest.getScheme();
            }
            str = header + "://" + httpServletRequest.getHeader("X-Forwarded-Host") + URI + "/activate";
        }
        this.accountService.createUser(molgenisUser, str);
        switch (this.accountService.getActivationMode()) {
            case ADMIN:
                obj = REGISTRATION_SUCCESS_MESSAGE_ADMIN;
                break;
            case USER:
                obj = REGISTRATION_SUCCESS_MESSAGE_USER;
                break;
            default:
                throw new RuntimeException("Unknown activation mode " + this.accountService.getActivationMode());
        }
        return Collections.singletonMap("message", obj);
    }

    @RequestMapping(value = {"/activate/{activationCode}"}, method = {RequestMethod.GET})
    public String activateUser(@PathVariable @NotNull @Valid String str, Model model) {
        try {
            this.accountService.activateUser(str);
            model.addAttribute("successMessage", "Your account has been activated, you can now sign in.");
            return "forward:/";
        } catch (RuntimeException e) {
            model.addAttribute("errorMessage", e.getMessage());
            return "forward:/";
        }
    }

    @RequestMapping(value = {"/password/reset"}, method = {RequestMethod.POST}, headers = {"Content-Type=application/x-www-form-urlencoded"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void resetPassword(@Valid @ModelAttribute PasswordResetRequest passwordResetRequest) {
        this.accountService.resetPassword(passwordResetRequest.getEmail());
    }

    @ExceptionHandler({MolgenisDataAccessException.class})
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    private void handleMolgenisDataAccessException(MolgenisDataAccessException molgenisDataAccessException) {
    }

    @ExceptionHandler({CaptchaException.class})
    @ResponseStatus(HttpStatus.BAD_REQUEST)
    private void handleCaptchaException(CaptchaException captchaException) {
    }

    @ExceptionHandler({MolgenisUserException.class})
    @ResponseStatus(HttpStatus.BAD_REQUEST)
    @ResponseBody
    public ErrorMessageResponse handleMolgenisUserException(MolgenisUserException molgenisUserException) {
        LOG.debug("", molgenisUserException);
        return new ErrorMessageResponse(Collections.singletonList(new ErrorMessageResponse.ErrorMessage(molgenisUserException.getMessage())));
    }

    @ExceptionHandler({MolgenisDataException.class})
    @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
    @ResponseBody
    public ErrorMessageResponse handleMolgenisDataException(MolgenisDataException molgenisDataException) {
        LOG.error("", molgenisDataException);
        return new ErrorMessageResponse(Collections.singletonList(new ErrorMessageResponse.ErrorMessage(molgenisDataException.getMessage())));
    }

    @ExceptionHandler({RuntimeException.class})
    @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
    @ResponseBody
    public ErrorMessageResponse handleRuntimeException(RuntimeException runtimeException) {
        LOG.error("", runtimeException);
        return new ErrorMessageResponse(Collections.singletonList(new ErrorMessageResponse.ErrorMessage(runtimeException.getMessage())));
    }

    private MolgenisUser toMolgenisUser(RegisterRequest registerRequest) {
        MolgenisUser molgenisUser = new MolgenisUser();
        molgenisUser.setUsername(registerRequest.getUsername());
        molgenisUser.setPassword(registerRequest.getPassword());
        molgenisUser.setEmail(registerRequest.getEmail());
        molgenisUser.setPhone(registerRequest.getPhone());
        molgenisUser.setFax(registerRequest.getFax());
        molgenisUser.setTollFreePhone(registerRequest.getTollFreePhone());
        molgenisUser.setAddress(registerRequest.getAddress());
        molgenisUser.setTitle(registerRequest.getTitle());
        molgenisUser.setLastName(registerRequest.getLastname());
        molgenisUser.setFirstName(registerRequest.getFirstname());
        molgenisUser.setDepartment(registerRequest.getDepartment());
        molgenisUser.setCity(registerRequest.getCity());
        molgenisUser.setCountry(CountryCodes.get(registerRequest.getCountry()));
        molgenisUser.setChangePassword(false);
        return molgenisUser;
    }
}
