package org.forgerock.selfservice.stages.email;

import java.net.URISyntaxException;
import java.util.Hashtable;
import java.util.Map;
import java.util.UUID;
import javax.inject.Inject;
import org.apache.commons.lang3.StringUtils;
import org.forgerock.http.MutableUri;
import org.forgerock.json.JsonPointer;
import org.forgerock.json.JsonValue;
import org.forgerock.json.resource.BadRequestException;
import org.forgerock.json.resource.Connection;
import org.forgerock.json.resource.ConnectionFactory;
import org.forgerock.json.resource.Requests;
import org.forgerock.json.resource.ResourceException;
import org.forgerock.selfservice.core.IllegalStageTagException;
import org.forgerock.selfservice.core.ProcessContext;
import org.forgerock.selfservice.core.ProgressStage;
import org.forgerock.selfservice.core.StageResponse;
import org.forgerock.selfservice.core.annotations.SelfService;
import org.forgerock.selfservice.core.snapshot.SnapshotTokenCallback;
import org.forgerock.selfservice.core.util.RequirementsBuilder;
import org.forgerock.selfservice.stages.CommonStateFields;
import org.forgerock.selfservice.stages.utils.LocaleUtils;
import org.forgerock.util.Reject;
import org.forgerock.util.i18n.PreferredLocales;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/forgerock/selfservice/stages/email/VerifyEmailAccountStage.class */
public final class VerifyEmailAccountStage implements ProgressStage<VerifyEmailAccountConfig> {
    private static final Logger logger = LoggerFactory.getLogger(VerifyEmailAccountStage.class);
    static final String REQUIREMENT_KEY_EMAIL = "mail";
    static final String REQUIREMENT_KEY_QUERYSTRING_PARAMS = "querystringParams";
    private static final String VALIDATE_CODE_TAG = "validateCode";
    private final ConnectionFactory connectionFactory;

    @Inject
    public VerifyEmailAccountStage(@SelfService ConnectionFactory connectionFactory) {
        this.connectionFactory = connectionFactory;
    }

    public JsonValue gatherInitialRequirements(ProcessContext processContext, VerifyEmailAccountConfig verifyEmailAccountConfig) {
        Reject.ifNull(verifyEmailAccountConfig.getEmailServiceUrl(), "Email service url should be configured");
        Reject.ifNull(verifyEmailAccountConfig.getMessageTranslations(), "Email message should be configured");
        Reject.ifNull(verifyEmailAccountConfig.getSubjectTranslations(), "Email subject should be configured");
        Reject.ifNull(verifyEmailAccountConfig.getVerificationLink(), "Verification link should be configured");
        Reject.ifNull(verifyEmailAccountConfig.getVerificationLinkToken(), "Verification link token should be configured");
        Reject.ifNull(verifyEmailAccountConfig.getIdentityEmailField(), "Identity email field should be configured");
        if (processContext.containsState("mail") && processContext.containsState("querystringParams")) {
            return RequirementsBuilder.newEmptyRequirements();
        }
        RequirementsBuilder newInstance = RequirementsBuilder.newInstance("Verify your email address");
        if (!processContext.containsState("mail")) {
            newInstance.addRequireProperty("mail", "Email address");
        }
        if (!processContext.containsState("querystringParams")) {
            newInstance.addProperty("querystringParams", "hidden", "Querystring params");
        }
        return newInstance.build();
    }

    public StageResponse advance(ProcessContext processContext, VerifyEmailAccountConfig verifyEmailAccountConfig) throws ResourceException {
        String stageTag = processContext.getStageTag();
        boolean z = -1;
        switch (stageTag.hashCode()) {
            case 1080737827:
                if (stageTag.equals(VALIDATE_CODE_TAG)) {
                    z = true;
                    break;
                }
                break;
            case 1948342084:
                if (stageTag.equals("initial")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return sendEmail(processContext, verifyEmailAccountConfig);
            case true:
                return validateCode(processContext);
            default:
                throw new IllegalStageTagException(processContext.getStageTag());
        }
    }

    private StageResponse sendEmail(ProcessContext processContext, final VerifyEmailAccountConfig verifyEmailAccountConfig) throws ResourceException {
        JsonValue jsonValue;
        if (!processContext.containsState("querystringParams") && processContext.getInput() != null && (jsonValue = processContext.getInput().get("querystringParams")) != null && jsonValue.asString() != null) {
            processContext.putState("querystringParams", jsonValue.asString());
        }
        final String emailAsString = getEmailAsString(processContext, verifyEmailAccountConfig);
        final String uuid = UUID.randomUUID().toString();
        processContext.putState("code", uuid);
        return StageResponse.newBuilder().setStageTag(VALIDATE_CODE_TAG).setRequirements(RequirementsBuilder.newInstance("Verify emailed code").addRequireProperty("code", "Enter code emailed").build()).setCallback(new SnapshotTokenCallback() { // from class: org.forgerock.selfservice.stages.email.VerifyEmailAccountStage.1
            public void snapshotTokenPreview(ProcessContext processContext2, String str) throws ResourceException {
                VerifyEmailAccountStage.this.sendEmail(processContext2, str, uuid, emailAsString, verifyEmailAccountConfig);
            }
        }).build();
    }

    private String getEmailAsString(ProcessContext processContext, VerifyEmailAccountConfig verifyEmailAccountConfig) throws BadRequestException {
        if (processContext.containsState("mail")) {
            return getEmailAsString(processContext.getState("mail"));
        }
        String emailAsString = getEmailAsString(processContext.getInput().get("mail"));
        processContext.putState("mail", emailAsString);
        updateUserIfAvailable(processContext, verifyEmailAccountConfig, emailAsString);
        return emailAsString;
    }

    private void updateUserIfAvailable(ProcessContext processContext, VerifyEmailAccountConfig verifyEmailAccountConfig, String str) throws BadRequestException {
        if (processContext.containsState(CommonStateFields.USER_FIELD)) {
            JsonValue state = processContext.getState(CommonStateFields.USER_FIELD);
            JsonValue jsonValue = state.get(new JsonPointer(verifyEmailAccountConfig.getIdentityEmailField()));
            if (jsonValue == null) {
                state.put(new JsonPointer(verifyEmailAccountConfig.getIdentityEmailField()), str);
            } else if (!jsonValue.asString().equalsIgnoreCase(str)) {
                throw new BadRequestException("Email address mismatch");
            }
        }
    }

    private String getEmailAsString(JsonValue jsonValue) throws BadRequestException {
        if (jsonValue == null || StringUtils.isEmpty(jsonValue.asString())) {
            throw new BadRequestException("mail should not be empty");
        }
        return jsonValue.asString();
    }

    private StageResponse validateCode(ProcessContext processContext) throws ResourceException {
        String asString = processContext.getState("code").asString();
        String asString2 = processContext.getInput().get("code").asString();
        if (StringUtils.isEmpty(asString2)) {
            throw new BadRequestException("Input code is missing");
        }
        if (asString.equals(asString2)) {
            return StageResponse.newBuilder().build();
        }
        throw new BadRequestException("Invalid code");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendEmail(ProcessContext processContext, String str, String str2, String str3, VerifyEmailAccountConfig verifyEmailAccountConfig) throws ResourceException {
        String str4 = verifyEmailAccountConfig.getVerificationLink() + "&token=" + str + "&code=" + str2;
        String str5 = str4;
        if (processContext.getState("querystringParams") != null) {
            try {
                String asString = processContext.getState("querystringParams").asString();
                if (asString != null && asString.length() > 0) {
                    Hashtable<String, String> parseQueryString = parseQueryString(asString);
                    parseQueryString.remove("realm");
                    parseQueryString.remove("token");
                    parseQueryString.remove("code");
                    MutableUri mutableUri = new MutableUri(str4);
                    Hashtable hashtable = new Hashtable();
                    hashtable.putAll(parseQueryString(mutableUri.getRawQuery()));
                    hashtable.putAll(parseQueryString);
                    mutableUri.setRawQuery(joinQueryString(hashtable));
                    str5 = mutableUri.toString();
                }
            } catch (URISyntaxException e) {
                logger.error("sendEmail - Error adding querystringParams to emailUrl", e);
            }
        }
        PreferredLocales preferredLocales = processContext.getRequest().getPreferredLocales();
        String translationFromLocaleMap = LocaleUtils.getTranslationFromLocaleMap(preferredLocales, verifyEmailAccountConfig.getSubjectTranslations());
        String replace = LocaleUtils.getTranslationFromLocaleMap(preferredLocales, verifyEmailAccountConfig.getMessageTranslations()).replace(verifyEmailAccountConfig.getVerificationLinkToken(), str5);
        Connection connection = this.connectionFactory.getConnection();
        try {
            connection.action(processContext.getRequestContext(), Requests.newActionRequest(verifyEmailAccountConfig.getEmailServiceUrl(), "send").setContent(JsonValue.json(JsonValue.object(new Map.Entry[]{JsonValue.field("to", str3), JsonValue.field("from", verifyEmailAccountConfig.getFrom()), JsonValue.field("subject", translationFromLocaleMap), JsonValue.field("type", verifyEmailAccountConfig.getMimeType()), JsonValue.field("body", replace)}))));
            if (connection != null) {
                connection.close();
            }
        } catch (Throwable th) {
            if (connection != null) {
                try {
                    connection.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private static Hashtable<String, String> parseQueryString(String str) {
        Hashtable<String, String> hashtable = new Hashtable<>();
        if (str != null) {
            for (String str2 : str.split("&")) {
                String[] split = str2.split("=", 2);
                String str3 = split[0];
                if (str3.length() > 0) {
                    hashtable.put(str3, split.length > 1 ? split[1] : "");
                }
            }
        }
        return hashtable;
    }

    private static String joinQueryString(Hashtable<String, String> hashtable) {
        String str = new String();
        for (String str2 : hashtable.keySet()) {
            str = str + "&" + str2 + "=" + hashtable.get(str2);
        }
        return str.length() > 0 ? str.substring(1, str.length()) : str;
    }
}
