package org.broadleafcommerce.openadmin.web.controller;

import java.util.List;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.broadleafcommerce.common.service.GenericResponse;
import org.broadleafcommerce.common.web.controller.BroadleafAbstractController;
import org.broadleafcommerce.openadmin.server.security.domain.AdminMenu;
import org.broadleafcommerce.openadmin.server.security.domain.AdminSection;
import org.broadleafcommerce.openadmin.server.security.domain.AdminUser;
import org.broadleafcommerce.openadmin.server.security.service.AdminNavigationService;
import org.broadleafcommerce.openadmin.server.security.service.AdminSecurityService;
import org.broadleafcommerce.openadmin.web.form.ResetPasswordForm;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;

@Controller("blAdminLoginController")
/* loaded from: input_file:org/broadleafcommerce/openadmin/web/controller/AdminLoginController.class */
public class AdminLoginController extends BroadleafAbstractController {
    private static final String ANONYMOUS_USER_NAME = "anonymousUser";

    @Resource(name = "blAdminSecurityService")
    protected AdminSecurityService adminSecurityService;

    @Resource(name = "blAdminNavigationService")
    protected AdminNavigationService adminNavigationService;
    protected static String loginView = "login/login";
    protected static String forgotPasswordView = "login/forgotPassword";
    protected static String forgotUsernameView = "login/forgotUsername";
    protected static String resetPasswordView = "login/resetPassword";
    protected static String changePasswordView = "login/changePassword";
    protected static String loginRedirect = "login";
    protected static String resetPasswordRedirect = "resetPassword";

    @RequestMapping(value = {"/login"}, method = {RequestMethod.GET})
    public String baseLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Model model) {
        return getLoginView();
    }

    @RequestMapping(value = {"/", "/loginSuccess"}, method = {RequestMethod.GET})
    public String loginSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Model model) {
        AdminMenu buildMenu = this.adminNavigationService.buildMenu(getPersistentAdminUser());
        if (buildMenu.getAdminModules().isEmpty()) {
            return null;
        }
        List<AdminSection> sections = buildMenu.getAdminModules().get(0).getSections();
        if (sections.isEmpty()) {
            return null;
        }
        return "redirect:" + sections.get(0).getUrl();
    }

    @RequestMapping(value = {"/forgotPassword"}, method = {RequestMethod.GET})
    public String forgotPassword(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Model model) {
        return getForgotPasswordView();
    }

    @RequestMapping(value = {"/forgotUsername"}, method = {RequestMethod.GET})
    public String forgotUsername(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Model model) {
        return getForgotUsernameView();
    }

    @RequestMapping(value = {"/sendResetPassword"}, method = {RequestMethod.POST})
    public String processSendResetPasswordEmail(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestParam("username") String str) {
        GenericResponse sendResetPasswordNotification = this.adminSecurityService.sendResetPasswordNotification(str);
        if (sendResetPasswordNotification.getHasErrors()) {
            setErrors(sendResetPasswordNotification, httpServletRequest);
            return getForgotPasswordView();
        }
        httpServletRequest.getSession(true).setAttribute("forgot_password_username", str);
        return redirectToResetPasswordWithMessage("passwordTokenSent");
    }

    @RequestMapping(value = {"/resetPassword"}, method = {RequestMethod.POST})
    public String processResetPassword(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Model model, @ModelAttribute("resetPasswordForm") ResetPasswordForm resetPasswordForm) {
        GenericResponse resetPasswordUsingToken = this.adminSecurityService.resetPasswordUsingToken(resetPasswordForm.getUsername(), resetPasswordForm.getToken(), resetPasswordForm.getPassword(), resetPasswordForm.getConfirmPassword());
        if (!resetPasswordUsingToken.getHasErrors()) {
            return redirectToLoginWithMessage("passwordReset");
        }
        setErrors(resetPasswordUsingToken, httpServletRequest);
        return getResetPasswordView();
    }

    @RequestMapping(value = {"/forgotUsername"}, method = {RequestMethod.POST})
    public String processForgotUserName(HttpServletRequest httpServletRequest, @RequestParam("emailAddress") String str) {
        GenericResponse sendForgotUsernameNotification = this.adminSecurityService.sendForgotUsernameNotification(str);
        if (!sendForgotUsernameNotification.getHasErrors()) {
            return redirectToLoginWithMessage("usernameSent");
        }
        setErrors(sendForgotUsernameNotification, httpServletRequest);
        return getForgotUsernameView();
    }

    @RequestMapping(value = {"/resetPassword"}, method = {RequestMethod.GET})
    public String resetPassword(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Model model) {
        return getResetPasswordView();
    }

    @ModelAttribute("resetPasswordForm")
    public ResetPasswordForm initResetPasswordForm(HttpServletRequest httpServletRequest) {
        ResetPasswordForm resetPasswordForm = new ResetPasswordForm();
        String str = (String) httpServletRequest.getSession(true).getAttribute("forgot_password_username");
        resetPasswordForm.setToken(httpServletRequest.getParameter("token"));
        resetPasswordForm.setUsername(str);
        return resetPasswordForm;
    }

    @RequestMapping(value = {"/changePassword"}, method = {RequestMethod.GET})
    public String changePassword(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Model model) {
        return getChangePasswordView();
    }

    @RequestMapping(value = {"/changePassword"}, method = {RequestMethod.POST})
    public String processchangePassword(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Model model, @ModelAttribute("resetPasswordForm") ResetPasswordForm resetPasswordForm) {
        GenericResponse changePassword = this.adminSecurityService.changePassword(resetPasswordForm.getUsername(), resetPasswordForm.getOldPassword(), resetPasswordForm.getPassword(), resetPasswordForm.getConfirmPassword());
        if (!changePassword.getHasErrors()) {
            return redirectToLoginWithMessage("passwordReset");
        }
        setErrors(changePassword, httpServletRequest);
        return getChangePasswordView();
    }

    protected String redirectToLoginWithMessage(String str) {
        return new StringBuffer("redirect:").append(loginRedirect).append("?messageCode=").append(str).toString();
    }

    protected String redirectToResetPasswordWithMessage(String str) {
        return new StringBuffer("redirect:").append(resetPasswordRedirect).append("?messageCode=").append(str).toString();
    }

    protected void setErrors(GenericResponse genericResponse, HttpServletRequest httpServletRequest) {
        httpServletRequest.setAttribute("errorCode", (String) genericResponse.getErrorCodesList().get(0));
    }

    protected AdminUser getPersistentAdminUser() {
        Authentication authentication;
        SecurityContext context = SecurityContextHolder.getContext();
        if (context == null || (authentication = context.getAuthentication()) == null || authentication.getName().equals(ANONYMOUS_USER_NAME)) {
            return null;
        }
        return this.adminSecurityService.readAdminUserByUserName(((UserDetails) authentication.getPrincipal()).getUsername());
    }

    public static String getLoginView() {
        return loginView;
    }

    public static void setLoginView(String str) {
        loginView = str;
    }

    public static String getForgotPasswordView() {
        return forgotPasswordView;
    }

    public static void setForgotPasswordView(String str) {
        forgotPasswordView = str;
    }

    public static String getForgotUsernameView() {
        return forgotUsernameView;
    }

    public static void setForgotUsernameView(String str) {
        forgotUsernameView = str;
    }

    public static String getResetPasswordView() {
        return resetPasswordView;
    }

    public static void setResetPasswordView(String str) {
        resetPasswordView = str;
    }

    public static String getChangePasswordView() {
        return changePasswordView;
    }

    public static void setChangePasswordView(String str) {
        changePasswordView = str;
    }

    public AdminSecurityService getAdminSecurityService() {
        return this.adminSecurityService;
    }

    public void setAdminSecurityService(AdminSecurityService adminSecurityService) {
        this.adminSecurityService = adminSecurityService;
    }

    public static String getLoginRedirect() {
        return loginRedirect;
    }

    public static void setLoginRedirect(String str) {
        loginRedirect = str;
    }

    public static String getResetPasswordRedirect() {
        return resetPasswordRedirect;
    }

    public static void setResetPasswordRedirect(String str) {
        resetPasswordRedirect = str;
    }
}
