package com.appiancorp.ag.user;

import com.appiancorp.ag.ExtendedUserService;
import com.appiancorp.ag.security.PasswordConfig;
import com.appiancorp.ag.security.PasswordVerifier;
import com.appiancorp.ag.util.PasswordManager;
import com.appiancorp.common.config.ApplicationContextHolder;
import com.appiancorp.common.monitoring.ProductMetricsAggregatedDataCollector;
import com.appiancorp.security.SecurityConfiguration;
import com.appiancorp.security.auth.saml.SamlSettingsSelector;
import com.appiancorp.services.spring.ServiceContextProvider;
import com.appiancorp.suite.cfg.ConfigurationFactory;
import com.appiancorp.suite.cfg.SamlConfiguration;
import com.appiancorp.suiteapi.common.exceptions.PrivilegeException;
import com.appiancorp.suiteapi.expression.Writer;
import jakarta.mail.internet.AddressException;
import java.net.URISyntaxException;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/appiancorp/ag/user/ResetPasswordWriter.class */
public class ResetPasswordWriter implements Writer {
    private static final Logger LOG = Logger.getLogger(ResetPasswordWriter.class);
    private String[] usernames;
    private ServiceContextProvider serviceContextProvider;
    private ExtendedUserService userService;
    private String executingUsername;
    private PasswordVerifier passwordVerifier;
    private SecurityConfiguration securityConfig = (SecurityConfiguration) ConfigurationFactory.getConfiguration(SecurityConfiguration.class);
    private final SamlConfiguration samlConfiguration;
    private final SamlSettingsSelector samlSettingsSelector;

    public ResetPasswordWriter(ExtendedUserService extendedUserService, ServiceContextProvider serviceContextProvider, String[] strArr, SamlConfiguration samlConfiguration, SamlSettingsSelector samlSettingsSelector) {
        this.userService = extendedUserService;
        this.usernames = (String[]) strArr.clone();
        this.serviceContextProvider = serviceContextProvider;
        this.executingUsername = this.serviceContextProvider.get().getIdentity().getIdentity();
        this.passwordVerifier = ((PasswordConfig) ApplicationContextHolder.getBean(PasswordConfig.class)).createPasswordVerifier(this.serviceContextProvider.get());
        this.samlConfiguration = samlConfiguration;
        this.samlSettingsSelector = samlSettingsSelector;
    }

    public void execute() {
        String resetPasswordRejectJSP;
        try {
            for (String str : this.usernames) {
                char[] resetUserPassword = resetUserPassword(str);
                try {
                    isNotSamlUser(str);
                    resetPasswordRejectJSP = this.securityConfig.getResetPasswordJSP();
                } catch (IllegalStateException e) {
                    resetPasswordRejectJSP = this.securityConfig.getResetPasswordRejectJSP();
                }
                try {
                    try {
                        PasswordManager.sendEmail(str, resetUserPassword, resetPasswordRejectJSP, this.serviceContextProvider.get());
                    } catch (AddressException e2) {
                        LOG.error("An error occured while parsing the email address of the user [" + str + "] whose password is being reset by the administrator [" + this.executingUsername + "].", e2);
                    }
                } catch (URISyntaxException e3) {
                    LOG.error("An unexpected error occur occured while sending reset password email for the user - " + str, e3);
                }
            }
            ProductMetricsAggregatedDataCollector.recordData("adminConsole.userManagement.resetPassword", this.usernames.length);
        } catch (Throwable th) {
            LOG.error("Unexpected error trying to reset password for users: " + th, th);
            throw th;
        }
    }

    private char[] resetUserPassword(String str) {
        if (this.userService.getUser(str).getStatus() == 0) {
            throw new IllegalStateException("Cannot reset the password of a deactivated user");
        }
        try {
            this.userService.unlockUser(str);
            char[] generatePassword = this.passwordVerifier.generatePassword();
            try {
                this.userService.changeUnhashedUserPassword(str, generatePassword, true);
                if (LOG.isInfoEnabled()) {
                    LOG.info("Password reset for [" + str + "] by [" + this.executingUsername + "]");
                }
                return generatePassword;
            } catch (PrivilegeException e) {
                throw new IllegalStateException("An unexpected error occured while trying to reset the password for the user [" + str + "]. The user [" + this.executingUsername + "] does not have sufficient privileges to reset this user's password.", e);
            }
        } catch (PrivilegeException e2) {
            throw new IllegalStateException("An unexpected error occured while trying to reset the password for the user [" + str + "]. The user [" + this.executingUsername + "] does not have sufficient privileges to unlock this user.", e2);
        }
    }

    public void isNotSamlUser(String str) {
        if (this.samlConfiguration.isEnabled() && this.samlSettingsSelector.selectSettingsForUser(str).isPresent()) {
            throw new IllegalStateException("Not appian authenticated user");
        }
    }
}
