package edu.asu.diging.simpleusers.core.service.impl;

import edu.asu.diging.simpleusers.core.config.ConfigurationProvider;
import edu.asu.diging.simpleusers.core.data.TokenRepository;
import edu.asu.diging.simpleusers.core.exceptions.InvalidTokenException;
import edu.asu.diging.simpleusers.core.exceptions.TokenExpiredException;
import edu.asu.diging.simpleusers.core.exceptions.UserDoesNotExistException;
import edu.asu.diging.simpleusers.core.model.IUser;
import edu.asu.diging.simpleusers.core.model.impl.PasswordResetToken;
import edu.asu.diging.simpleusers.core.service.IEmailService;
import edu.asu.diging.simpleusers.core.service.ITokenService;
import edu.asu.diging.simpleusers.core.service.IUserManager;
import java.io.IOException;
import java.time.OffsetDateTime;
import java.util.Arrays;
import java.util.UUID;
import javax.mail.MessagingException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:edu/asu/diging/simpleusers/core/service/impl/TokenService.class */
public class TokenService implements ITokenService {

    @Autowired
    private IUserManager userManager;

    @Autowired
    private ConfigurationProvider configProvider;

    @Autowired
    private TokenRepository tokenRepo;

    @Autowired
    private IEmailService emailService;

    @Override // edu.asu.diging.simpleusers.core.service.ITokenService
    public void resetPassword(String str) throws UserDoesNotExistException, IOException, MessagingException {
        IUser findByEmail = this.userManager.findByEmail(str);
        if (findByEmail == null) {
            throw new UserDoesNotExistException("User with email " + str + " does not exist.");
        }
        PasswordResetToken passwordResetToken = new PasswordResetToken();
        passwordResetToken.setUser(findByEmail);
        passwordResetToken.setToken(UUID.randomUUID().toString());
        passwordResetToken.setExpiryDate(OffsetDateTime.now().plusMinutes(this.configProvider.getTokenExpirationPeriod()));
        this.tokenRepo.save(passwordResetToken);
        this.emailService.sendResetPasswordEmail(findByEmail, passwordResetToken);
    }

    @Override // edu.asu.diging.simpleusers.core.service.ITokenService
    public boolean validateToken(String str, String str2) throws InvalidTokenException, TokenExpiredException {
        PasswordResetToken findByToken = this.tokenRepo.findByToken(str);
        if (findByToken == null || !findByToken.getUser().getUsername().equals(str2)) {
            throw new InvalidTokenException("Token is invalid.");
        }
        if (findByToken.getExpiryDate().isBefore(OffsetDateTime.now())) {
            throw new TokenExpiredException("Token expired on " + findByToken.getExpiryDate().toString());
        }
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(findByToken.getUser(), (Object) null, Arrays.asList(new SimpleGrantedAuthority("ROLE_CHANGE_PASSWORD_PRIVILEGE"))));
        return true;
    }
}
