package net.unit8.bouncr.api.resource;

import enkan.component.BeansConverter;
import enkan.util.jpa.EntityTransactionManager;
import java.util.Set;
import javax.inject.Inject;
import javax.persistence.EntityManager;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.criteria.CriteriaQuery;
import kotowari.restful.Decision;
import kotowari.restful.DecisionPoint;
import kotowari.restful.component.BeansValidator;
import kotowari.restful.data.Problem;
import kotowari.restful.data.RestContext;
import kotowari.restful.resource.AllowedMethods;
import net.unit8.bouncr.api.boundary.PasswordResetRequest;
import net.unit8.bouncr.api.service.PasswordCredentialService;
import net.unit8.bouncr.api.service.UserLockService;
import net.unit8.bouncr.component.BouncrConfiguration;
import net.unit8.bouncr.component.config.HookPoint;
import net.unit8.bouncr.data.InitialPassword;
import net.unit8.bouncr.entity.PasswordResetChallenge;
import net.unit8.bouncr.entity.User;

@AllowedMethods({"PUT"})
/* loaded from: input_file:net/unit8/bouncr/api/resource/PasswordResetResource.class */
public class PasswordResetResource {

    @Inject
    private BouncrConfiguration config;

    @Inject
    private BeansConverter converter;

    @Inject
    private BeansValidator validator;

    @Decision(value = DecisionPoint.MALFORMED, method = {"PUT"})
    public Problem validate(PasswordResetRequest passwordResetRequest) {
        Set validate = this.validator.validate(passwordResetRequest);
        if (validate.isEmpty()) {
            return null;
        }
        return Problem.fromViolations(validate);
    }

    @Decision(DecisionPoint.PROCESSABLE)
    public boolean existsCode(PasswordResetRequest passwordResetRequest, RestContext restContext, EntityManager entityManager) {
        CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
        CriteriaQuery createQuery = criteriaBuilder.createQuery(PasswordResetChallenge.class);
        createQuery.where(criteriaBuilder.equal(createQuery.from(PasswordResetChallenge.class).get("code"), passwordResetRequest.getCode()));
        PasswordResetChallenge passwordResetChallenge = (PasswordResetChallenge) entityManager.createQuery(createQuery).getResultStream().findAny().orElse(null);
        if (passwordResetChallenge != null) {
            restContext.putValue(passwordResetChallenge);
            restContext.putValue(passwordResetChallenge.getUser());
        }
        return passwordResetChallenge != null;
    }

    @Decision(DecisionPoint.PUT)
    public InitialPassword reset(PasswordResetChallenge passwordResetChallenge, User user, RestContext restContext, EntityManager entityManager) {
        PasswordCredentialService passwordCredentialService = new PasswordCredentialService(entityManager, this.config);
        UserLockService userLockService = new UserLockService(entityManager, this.config);
        new EntityTransactionManager(entityManager).required(() -> {
            entityManager.remove(passwordResetChallenge);
            userLockService.unlockUser(user);
            restContext.putValue(passwordCredentialService.initializePassword(user));
        });
        this.config.getHookRepo().runHook(HookPoint.AFTER_PASSWORD_RESET, restContext);
        return (InitialPassword) restContext.getValue(InitialPassword.class).orElse(null);
    }
}
