package com.hack23.cia.service.impl.action.user;

import com.hack23.cia.model.internal.application.secure.impl.EncryptedValue;
import com.hack23.cia.model.internal.application.secure.impl.EncryptedValue_;
import com.hack23.cia.model.internal.application.system.impl.ApplicationEventGroup;
import com.hack23.cia.model.internal.application.system.impl.ApplicationOperationType;
import com.hack23.cia.model.internal.application.user.impl.UserAccount;
import com.hack23.cia.service.api.action.application.CreateApplicationEventRequest;
import com.hack23.cia.service.api.action.common.ServiceResponse;
import com.hack23.cia.service.api.action.user.ChangePasswordRequest;
import com.hack23.cia.service.api.action.user.ChangePasswordResponse;
import com.hack23.cia.service.data.api.EncryptedValueDAO;
import com.hack23.cia.service.impl.action.application.encryption.VaultManager;
import com.hack23.cia.service.impl.action.common.AbstractBusinessServiceImpl;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Propagation;
import org.springframework.transaction.annotation.Transactional;

@Transactional(propagation = Propagation.REQUIRED, timeout = 600)
@Service
/* loaded from: input_file:com/hack23/cia/service/impl/action/user/ChangePasswordService.class */
public final class ChangePasswordService extends AbstractBusinessServiceImpl<ChangePasswordRequest, ChangePasswordResponse> {
    private static final Logger LOGGER = LoggerFactory.getLogger(ChangePasswordService.class);

    @Autowired
    private EncryptedValueDAO encryptedValueDAO;

    @Autowired
    private VaultManager vaultManager;
    private final PasswordEncoder passwordEncoder;
    private final PasswordValidator passwordValidator;

    public ChangePasswordService() {
        super(ChangePasswordRequest.class);
        this.passwordEncoder = new BCryptPasswordEncoder();
        this.passwordValidator = new PasswordValidator(new Rule[]{new LengthRule(8, 64), new CharacterRule(EnglishCharacterData.UpperCase, 1), new CharacterRule(EnglishCharacterData.LowerCase, 1), new CharacterRule(EnglishCharacterData.Digit, 1), new CharacterRule(EnglishCharacterData.Special, 1), new WhitespaceRule()});
    }

    @Override // com.hack23.cia.service.impl.action.common.BusinessService
    @Secured({"ROLE_USER", "ROLE_ADMIN"})
    public ChangePasswordResponse processService(ChangePasswordRequest changePasswordRequest) {
        ChangePasswordResponse inputValidation = inputValidation(changePasswordRequest);
        if (inputValidation != null) {
            return inputValidation;
        }
        LOGGER.info("{}:{}", changePasswordRequest.getClass().getSimpleName(), changePasswordRequest.getSessionId());
        CreateApplicationEventRequest createApplicationEventForService = createApplicationEventForService(changePasswordRequest);
        UserAccount userAccountFromSecurityContext = getUserAccountFromSecurityContext();
        ChangePasswordResponse changePasswordResponse = new ChangePasswordResponse(ServiceResponse.ServiceResult.SUCCESS);
        if (userAccountFromSecurityContext != null) {
            if (this.passwordEncoder.matches(userAccountFromSecurityContext.getUserId() + ".uuid" + changePasswordRequest.getCurrentPassword(), userAccountFromSecurityContext.getUserpassword()) && changePasswordRequest.getNewPassword().equals(changePasswordRequest.getRepeatNewPassword())) {
                RuleResult validate = this.passwordValidator.validate(new PasswordData(changePasswordRequest.getNewPassword()));
                if (validate.isValid()) {
                    userAccountFromSecurityContext.setUserpassword(this.passwordEncoder.encode(userAccountFromSecurityContext.getUserId() + ".uuid" + changePasswordRequest.getNewPassword()));
                    getUserDAO().merge(userAccountFromSecurityContext);
                    reencryptVaultValues(changePasswordRequest, userAccountFromSecurityContext);
                } else {
                    changePasswordResponse = new ChangePasswordResponse(ServiceResponse.ServiceResult.FAILURE);
                    String obj = this.passwordValidator.getMessages(validate).toString();
                    changePasswordResponse.setErrorMessage(obj);
                    createApplicationEventForService.setErrorMessage(obj);
                }
            } else {
                changePasswordResponse = new ChangePasswordResponse(ServiceResponse.ServiceResult.FAILURE);
            }
        }
        createApplicationEventForService.setApplicationMessage(changePasswordResponse.getResult().toString());
        this.createApplicationEventService.processService(createApplicationEventForService);
        return changePasswordResponse;
    }

    private void reencryptVaultValues(ChangePasswordRequest changePasswordRequest, UserAccount userAccount) {
        String encryptedValue = this.vaultManager.getEncryptedValue(changePasswordRequest.getCurrentPassword(), userAccount);
        if (encryptedValue != null) {
            EncryptedValue findFirstByProperty = this.encryptedValueDAO.findFirstByProperty(EncryptedValue_.userId, userAccount.getUserId());
            findFirstByProperty.setStorage(this.vaultManager.encryptValue(changePasswordRequest.getNewPassword(), userAccount.getUserId(), encryptedValue));
            this.encryptedValueDAO.merge(findFirstByProperty);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.hack23.cia.service.impl.action.common.AbstractBusinessServiceImpl
    public CreateApplicationEventRequest createApplicationEventForService(ChangePasswordRequest changePasswordRequest) {
        CreateApplicationEventRequest createBaseApplicationEventRequest = createBaseApplicationEventRequest();
        createBaseApplicationEventRequest.setEventGroup(ApplicationEventGroup.USER);
        createBaseApplicationEventRequest.setApplicationOperation(ApplicationOperationType.CREATE);
        createBaseApplicationEventRequest.setActionName(ChangePasswordRequest.class.getSimpleName());
        createBaseApplicationEventRequest.setSessionId(changePasswordRequest.getSessionId());
        return createBaseApplicationEventRequest;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.hack23.cia.service.impl.action.common.AbstractBusinessServiceImpl
    public ChangePasswordResponse createErrorResponse() {
        return new ChangePasswordResponse(ServiceResponse.ServiceResult.FAILURE);
    }
}
