package cronapp.framework.rest;

import cronapi.Var;
import cronapp.framework.api.ApiManager;
import cronapp.framework.api.EventsManager;
import cronapp.framework.i18n.Messages;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/changePassword"})
@RestController
/* loaded from: input_file:cronapp/framework/rest/ChangePassword.class */
public class ChangePassword {
    private final PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();

    @RequestMapping(method = {RequestMethod.POST})
    @ResponseStatus(HttpStatus.OK)
    public void post(String str, String str2, String str3) throws Exception {
        if (!str2.equals(str3)) {
            throw new RuntimeException(Messages.getString("WrongConfirmationPassword"));
        }
        User user = (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        if (EventsManager.hasEvent("onChangePassword")) {
            EventsManager.executeEventOnTransaction("onChangePassword", Var.valueOf(user.getUsername()), Var.valueOf(str), Var.valueOf(str2), Var.valueOf(str3));
            return;
        }
        ApiManager byUser = ApiManager.byUser(user.getUsername());
        cronapp.framework.api.User user2 = byUser.getUser();
        if (user2 == null) {
            throw new UsernameNotFoundException(Messages.getString("UserNotFound"));
        }
        if (!byUser.passwordMatches(str, user2.getPassword())) {
            throw new BadCredentialsException(Messages.getString("UserOrPassordInvalids"));
        }
        byUser.updatePassword(this.passwordEncoder.encode(str2));
    }
}
