package com.atlassian.confluence.user.actions;

import com.atlassian.confluence.core.FormAware;
import com.atlassian.confluence.security.login.LoginManager;
import com.atlassian.crowd.exception.runtime.CrowdRuntimeException;
import com.atlassian.user.EntityException;
import com.atlassian.user.security.authentication.InvalidPasswordException;
import com.opensymphony.webwork.ServletActionContext;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/confluence/user/actions/ChangeMyPasswordAction.class */
public class ChangeMyPasswordAction extends AbstractUserProfileAction implements FormAware {
    private static final Logger log = LoggerFactory.getLogger(ChangeMyPasswordAction.class);
    private LoginManager loginManager;
    private String currentPassword;
    private String newPassword;
    private String newPasswordConfirmation;

    public String getCurrentPassword() {
        return this.currentPassword;
    }

    public void setCurrentPassword(String str) {
        this.currentPassword = str;
    }

    public String getNewPassword() {
        return this.newPassword;
    }

    public void setNewPassword(String str) {
        this.newPassword = str;
    }

    public String getNewPasswordConfirmation() {
        return this.newPasswordConfirmation;
    }

    public void setNewPasswordConfirmation(String str) {
        this.newPasswordConfirmation = str;
    }

    @Override // com.atlassian.confluence.validation.MessageHolderAware
    public void validate() {
        if (this.loginManager.requiresElevatedSecurityCheck(getUser().getName()) || this.userAccessor.authenticate(getUser().getName(), this.currentPassword)) {
            return;
        }
        this.loginManager.onFailedLoginAttempt(getUser().getName(), ServletActionContext.getRequest());
        addActionError(getText("cur.pass.not.correct"));
    }

    public String execute() throws Exception {
        if (this.loginManager.requiresElevatedSecurityCheck(getUser().getName())) {
            AuthenticationHelper.logout(getUser(), ServletActionContext.getRequest(), ServletActionContext.getResponse(), this.eventManager, this);
            return "login";
        }
        try {
            this.userAccessor.alterPassword(getUser(), this.newPassword);
            return "success";
        } catch (InvalidPasswordException e) {
            addFieldError("newPassword", getText("new.pass.invalid"));
            return "error";
        } catch (EntityException e2) {
            log.error("error setting password", e2);
            addFieldError("newPassword", getText("new.pass.error"));
            return "error";
        } catch (CrowdRuntimeException e3) {
            String rootCauseMessage = ExceptionUtils.getRootCauseMessage(e3);
            addActionError(getText("change.my.pass.failure"));
            log.warn("Failed to update user password. Cause: {}", rootCauseMessage);
            return "error";
        }
    }

    @Override // com.atlassian.confluence.core.ConfluenceActionSupport
    public boolean isPermitted() {
        return getUsername() != null && super.isPermitted();
    }

    @Override // com.atlassian.confluence.core.FormAware
    public boolean isEditMode() {
        return true;
    }

    @Override // com.atlassian.confluence.core.ConfluenceActionSupport
    public void setLoginManager(LoginManager loginManager) {
        super.setLoginManager(loginManager);
        this.loginManager = loginManager;
    }

    public String getLoginUrl() {
        return AuthenticationHelper.getLoginUrl();
    }
}
