package com.liferay.portal.action;

import com.liferay.portal.NoSuchUserException;
import com.liferay.portal.UserPasswordException;
import com.liferay.portal.kernel.servlet.SessionErrors;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.model.Ticket;
import com.liferay.portal.model.User;
import com.liferay.portal.security.auth.AuthTokenUtil;
import com.liferay.portal.security.auth.PrincipalException;
import com.liferay.portal.service.CompanyLocalServiceUtil;
import com.liferay.portal.service.TicketLocalServiceUtil;
import com.liferay.portal.service.UserLocalServiceUtil;
import com.liferay.portal.struts.ActionConstants;
import com.liferay.portal.theme.ThemeDisplay;
import com.liferay.portal.util.PortalUtil;
import com.liferay.portlet.enterpriseadmin.search.UserDisplayTerms;
import com.liferay.portlet.login.util.LoginUtil;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

/* loaded from: input_file:com/liferay/portal/action/UpdatePasswordAction.class */
public class UpdatePasswordAction extends Action {
    public ActionForward execute(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        ThemeDisplay themeDisplay = (ThemeDisplay) httpServletRequest.getAttribute("THEME_DISPLAY");
        Ticket ticket = getTicket(httpServletRequest);
        if (!themeDisplay.isSignedIn() && ticket == null) {
            return actionMapping.findForward(ActionConstants.COMMON_REFERER);
        }
        if (Validator.isNull(ParamUtil.getString(httpServletRequest, "cmd"))) {
            return actionMapping.findForward("portal.update_password");
        }
        try {
            updatePassword(httpServletRequest, httpServletResponse, themeDisplay, ticket);
            return actionMapping.findForward(ActionConstants.COMMON_REFERER);
        } catch (Exception e) {
            if (e instanceof UserPasswordException) {
                SessionErrors.add(httpServletRequest, e.getClass().getName(), e);
                return actionMapping.findForward("portal.update_password");
            }
            if ((e instanceof NoSuchUserException) || (e instanceof PrincipalException)) {
                SessionErrors.add(httpServletRequest, e.getClass().getName());
                return actionMapping.findForward("portal.error");
            }
            PortalUtil.sendError(e, httpServletRequest, httpServletResponse);
            return null;
        }
    }

    protected Ticket getTicket(HttpServletRequest httpServletRequest) {
        String string = ParamUtil.getString(httpServletRequest, "ticket");
        if (Validator.isNull(string)) {
            return null;
        }
        try {
            Ticket ticket = TicketLocalServiceUtil.getTicket(string);
            if (!ticket.isExpired()) {
                return ticket;
            }
            TicketLocalServiceUtil.deleteTicket(ticket);
            return null;
        } catch (Exception e) {
            return null;
        }
    }

    protected void updatePassword(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ThemeDisplay themeDisplay, Ticket ticket) throws Exception {
        AuthTokenUtil.check(httpServletRequest);
        long classPK = ticket != null ? ticket.getClassPK() : themeDisplay.getUserId();
        String string = ParamUtil.getString(httpServletRequest, "password1");
        UserLocalServiceUtil.updatePassword(classPK, string, ParamUtil.getString(httpServletRequest, "password2"), false);
        if (ticket == null) {
            httpServletRequest.getSession().setAttribute("USER_PASSWORD", string);
            return;
        }
        TicketLocalServiceUtil.deleteTicket(ticket);
        User user = UserLocalServiceUtil.getUser(classPK);
        String str = null;
        String authType = CompanyLocalServiceUtil.getCompanyById(user.getCompanyId()).getAuthType();
        if (authType.equals("emailAddress")) {
            str = user.getEmailAddress();
        } else if (authType.equals(UserDisplayTerms.SCREEN_NAME)) {
            str = user.getScreenName();
        } else if (authType.equals("userId")) {
            str = String.valueOf(classPK);
        }
        LoginUtil.login(httpServletRequest, httpServletResponse, str, string, false, null);
    }
}
