package org.apache.sling.jackrabbit.usermanager.post;

import java.util.List;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.Value;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.resource.ResourceNotFoundException;
import org.apache.sling.api.servlets.HtmlResponse;
import org.apache.sling.servlets.post.Modification;

/* loaded from: input_file:org/apache/sling/jackrabbit/usermanager/post/ChangeUserPasswordServlet.class */
public class ChangeUserPasswordServlet extends AbstractUserPostServlet {
    private static final long serialVersionUID = 1923614318474654502L;

    @Override // org.apache.sling.jackrabbit.usermanager.post.AbstractAuthorizablePostServlet
    protected void handleOperation(SlingHttpServletRequest slingHttpServletRequest, HtmlResponse htmlResponse, List<Modification> list) throws RepositoryException {
        Authorizable authorizable = null;
        Resource resource = slingHttpServletRequest.getResource();
        if (resource != null) {
            authorizable = (Authorizable) resource.adaptTo(Authorizable.class);
        }
        if (authorizable == null || authorizable.isGroup()) {
            throw new ResourceNotFoundException("User to update could not be determined.");
        }
        if ("anonymous".equals(authorizable.getID())) {
            throw new RepositoryException("Can not change the password of the anonymous user.");
        }
        if (((Session) slingHttpServletRequest.getResourceResolver().adaptTo(Session.class)) == null) {
            throw new RepositoryException("JCR Session not found");
        }
        String parameter = slingHttpServletRequest.getParameter("oldPwd");
        if (parameter == null || parameter.length() == 0) {
            throw new RepositoryException("Old Password was not submitted");
        }
        String parameter2 = slingHttpServletRequest.getParameter("newPwd");
        if (parameter2 == null || parameter2.length() == 0) {
            throw new RepositoryException("New Password was not submitted");
        }
        if (!parameter2.equals(slingHttpServletRequest.getParameter("newPwdConfirm"))) {
            throw new RepositoryException("New Password does not match the confirmation password");
        }
        try {
            String digestPassword = digestPassword(parameter);
            Value[] property = ((User) authorizable).getProperty("rep:password");
            if (property != null && property.length > 0 && !digestPassword.equals(property[0].getString())) {
                throw new RepositoryException("Old Password does not match");
            }
            ((User) authorizable).changePassword(digestPassword(parameter2));
            list.add(Modification.onModified(resource.getPath() + "/rep:password"));
        } catch (RepositoryException e) {
            throw new RepositoryException("Failed to change user password.", e);
        }
    }
}
