package com.atlassian.bamboo.security;

import com.atlassian.bamboo.user.PasswordResetToken;
import com.atlassian.bamboo.ww2.BambooActionSupport;
import com.atlassian.bamboo.ww2.aware.permissions.GlobalBypassSecurityAware;
import com.atlassian.core.util.DateUtils;
import com.atlassian.user.User;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/atlassian/bamboo/security/ChangeForgottenPassword.class */
public class ChangeForgottenPassword extends BambooActionSupport implements GlobalBypassSecurityAware {
    private static final Logger log = Logger.getLogger(ChangeForgottenPassword.class);
    private String username;
    private String newPassword;
    private String confirmedPassword;
    private String token;

    public void validate() {
        super.validate();
        if (!StringUtils.isNotBlank(getUsername())) {
            addActionError(getText("user.username.error.required"));
            return;
        }
        if (isValidToken()) {
            if (StringUtils.isBlank(this.newPassword)) {
                addFieldError("newPassword", getText("user.password.change.new.required"));
            } else {
                if (this.newPassword.equals(this.confirmedPassword)) {
                    return;
                }
                addFieldError("confirmedPassword", getText("user.password.change.new.confirm.invalid"));
            }
        }
    }

    @Override // com.atlassian.bamboo.ww2.BambooActionSupport
    public String doDefault() throws Exception {
        return !isValidToken() ? "error" : super.doDefault();
    }

    @Override // com.atlassian.bamboo.ww2.BambooActionSupport
    public String execute() throws Exception {
        User user = getBambooUserManager().getUser(this.username);
        getBambooUserManager().deletePasswordResetToken(this.username);
        getBambooUserManager().alterPassword(user, getNewPassword());
        return "success";
    }

    private boolean isValidToken() {
        PasswordResetToken passwordResetToken = getBambooUserManager().getPasswordResetToken(getUsername());
        if (passwordResetToken == null || !passwordResetToken.getToken().equals(this.token)) {
            log.info("Incorrect username was used to change forgotten password: " + getUsername());
            addActionError(getText("user.password.reset.token.invalid"));
            return false;
        }
        if (System.currentTimeMillis() - passwordResetToken.getTokenCreationTime().getTime() <= DateUtils.DAY_MILLIS) {
            return true;
        }
        addActionError(getText("user.password.reset.token.expired"));
        return false;
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public String getNewPassword() {
        return this.newPassword;
    }

    public void setNewPassword(String str) {
        this.newPassword = str;
    }

    public String getConfirmedPassword() {
        return this.confirmedPassword;
    }

    public void setConfirmedPassword(String str) {
        this.confirmedPassword = str;
    }

    public String getToken() {
        return this.token;
    }

    public void setToken(String str) {
        this.token = str;
    }
}
