package com.appiancorp.security.auth.forgotpassword;

import com.appiancorp.common.config.ApplicationContextHolder;
import com.appiancorp.security.csrf.CsrfTokenManager;
import com.appiancorp.suite.cfg.AdminSecurityConfiguration;
import com.appiancorp.suite.cfg.ConfigurationFactory;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/appiancorp/security/auth/forgotpassword/ForgotPasswordRequestServlet.class */
public class ForgotPasswordRequestServlet extends HttpServlet {
    private static final Logger LOG = Logger.getLogger(ForgotPasswordRequestServlet.class);
    private static final String USERNAME_FIELD_NAME = "username";
    static final String PASSWORD_REQUEST_JSP = "/forgotpassword/passwordresetrequest.jsp";
    static final String ERROR_JSP = "/framework/error/genericerror.jsp";

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (isForgotPasswordEnabled().booleanValue()) {
            forwardSuccess(httpServletRequest, httpServletResponse);
        } else {
            httpServletResponse.setStatus(403);
            forwardForbidden(httpServletRequest, httpServletResponse);
        }
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (!isForgotPasswordEnabled().booleanValue() || !CsrfTokenManager.loginTokensMatch(httpServletRequest)) {
            httpServletResponse.setStatus(403);
            forwardForbidden(httpServletRequest, httpServletResponse);
            return;
        }
        String parameter = httpServletRequest.getParameter("username");
        String trim = parameter != null ? parameter.trim() : "";
        try {
            ((ForgotPasswordRequestHelper) ApplicationContextHolder.getBean(ForgotPasswordRequestHelper.class)).processResetRequest(trim, httpServletRequest.getRemoteAddr());
        } catch (Exception e) {
            LOG.error("Unexpected exception when processing password reset request.", e);
        }
        httpServletRequest.setAttribute("forgotpasswordsent", "true");
        httpServletRequest.setAttribute("username", trim);
        forwardSuccess(httpServletRequest, httpServletResponse);
    }

    private void forwardSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletRequest.getRequestDispatcher(PASSWORD_REQUEST_JSP).forward(httpServletRequest, httpServletResponse);
    }

    private void forwardForbidden(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletRequest.getRequestDispatcher(ERROR_JSP).forward(httpServletRequest, httpServletResponse);
    }

    private Boolean isForgotPasswordEnabled() {
        return ((AdminSecurityConfiguration) ConfigurationFactory.getConfiguration(AdminSecurityConfiguration.class)).isForgotPasswordEnabled();
    }
}
