package org.ametys.web.usermanagement;

import com.google.common.collect.Multimap;
import jakarta.mail.MessagingException;
import java.io.IOException;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.time.LocalDate;
import java.time.ZoneId;
import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.UUID;
import java.util.stream.Collectors;
import org.ametys.cms.repository.Content;
import org.ametys.cms.transformation.xslt.ResolveURIComponent;
import org.ametys.core.datasource.AbstractMyBatisDAO;
import org.ametys.core.datasource.ConnectionHelper;
import org.ametys.core.right.RightManager;
import org.ametys.core.trace.ForensicLogger;
import org.ametys.core.ui.Callable;
import org.ametys.core.ui.mail.StandardMailBodyHelper;
import org.ametys.core.user.CurrentUserProvider;
import org.ametys.core.user.InvalidModificationException;
import org.ametys.core.user.User;
import org.ametys.core.user.UserIdentity;
import org.ametys.core.user.UserManager;
import org.ametys.core.user.directory.ModifiableUserDirectory;
import org.ametys.core.user.directory.NotUniqueUserException;
import org.ametys.core.user.directory.UserDirectory;
import org.ametys.core.user.directory.UserDirectoryFactory;
import org.ametys.core.user.population.PopulationContextHelper;
import org.ametys.core.user.population.UserPopulation;
import org.ametys.core.user.population.UserPopulationDAO;
import org.ametys.core.util.I18nUtils;
import org.ametys.core.util.URIUtils;
import org.ametys.core.util.mail.SendMailHelper;
import org.ametys.plugins.repository.AmetysObjectIterable;
import org.ametys.plugins.repository.AmetysObjectIterator;
import org.ametys.plugins.repository.AmetysObjectResolver;
import org.ametys.plugins.repository.AmetysRepositoryException;
import org.ametys.plugins.repository.query.expression.Expression;
import org.ametys.runtime.i18n.I18nizableText;
import org.ametys.web.renderingcontext.RenderingContext;
import org.ametys.web.renderingcontext.RenderingContextHandler;
import org.ametys.web.repository.page.Page;
import org.ametys.web.repository.page.PageQueryHelper;
import org.ametys.web.repository.page.Zone;
import org.ametys.web.repository.page.ZoneItem;
import org.ametys.web.repository.site.Site;
import org.ametys.web.repository.site.SiteManager;
import org.ametys.web.site.SiteConfigurationExtensionPoint;
import org.ametys.web.tags.TagExpression;
import org.ametys.web.usermanagement.UserManagementException;
import org.apache.avalon.framework.configuration.Configuration;
import org.apache.avalon.framework.configuration.ConfigurationException;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.ibatis.session.RowBounds;
import org.apache.ibatis.session.SqlSession;

/* loaded from: input_file:org/ametys/web/usermanagement/UserSignupManager.class */
public class UserSignupManager extends AbstractMyBatisDAO {
    public static final String ROLE = UserSignupManager.class.getName();
    public static final String SITE_PARAM_SIGNUP_TYPE = "signup-type";
    public static final String SIGNUP_SERVICE_PARAMETER_USERDIRECTORY = "userdirectory";
    public static final String SIGNUP_PAGE_TAG_NAME = "USER_SIGNUP";
    public static final String SIGNUP_PAGE_SERVICE_ID = "org.ametys.web.service.UserSignup";
    public static final String CHANGE_PASSWORD_PAGE_TAG_NAME = "USER_PASSWORD_CHANGE";
    public static final String CHANGE_PASSWORD_PAGE_SERVICE_ID = "org.ametys.web.service.UserPassword";
    private static final String __EVENT_ACCOUNT_TEMP_SIGNUP = "account.temporary.signup";
    private static final String __EVENT_ACCOUNT_CREATED = "account.created";
    private static final String __EVENT_ACCOUNT_PASSWORD_RESET = "account.password.reset";
    private static final String __EVENT_ACCOUNT_PASSWORD_CHANGE = "account.password.change";
    private static final String __EVENT_ACCOUNT_PASSWORD_CHANGE_FAILED = "account.password.change.failed";
    protected UserManager _userManager;
    protected UserPopulationDAO _userPopulationDAO;
    protected SiteManager _siteManager;
    protected SiteConfigurationExtensionPoint _siteConf;
    protected AmetysObjectResolver _resolver;
    protected I18nUtils _i18nUtils;
    protected UserSignUpConfiguration _userSignUpConfiguration;
    protected String _tempUsersTable;
    protected String _pwdChangeTable;
    protected PopulationContextHelper _populationContextHelper;
    protected RenderingContextHandler _renderingContextHandler;
    protected UserDirectoryFactory _userDirectoryFactory;
    protected CurrentUserProvider _currentUserProvider;
    protected RightManager _rightManager;

    /* loaded from: input_file:org/ametys/web/usermanagement/UserSignupManager$SignupType.class */
    public enum SignupType {
        UNAUTHORIZED,
        INVITATION_ONLY,
        PUBLIC
    }

    /* loaded from: input_file:org/ametys/web/usermanagement/UserSignupManager$TempUser.class */
    public static class TempUser {
        protected String _site;
        protected String _email;
        protected Date _subscriptionDate;
        protected String _token;
        protected String _population;
        protected String _userDirectoryId;
        protected String _lastname;
        protected String _firstname;
        protected TempUserOrigin _origin;

        /* loaded from: input_file:org/ametys/web/usermanagement/UserSignupManager$TempUser$TempUserOrigin.class */
        public enum TempUserOrigin {
            INVITATION,
            USER_REQUEST,
            UNKNWON
        }

        public TempUser(String str, String str2, Date date, String str3, String str4, String str5, String str6, String str7, String str8) {
            this._site = str;
            this._email = str2;
            this._subscriptionDate = date;
            this._token = str3;
            this._population = str4;
            this._userDirectoryId = str5;
            this._lastname = str6;
            this._firstname = str7;
            this._origin = StringUtils.isNotBlank(str8) ? TempUserOrigin.valueOf(str8) : TempUserOrigin.UNKNWON;
        }

        public String getSite() {
            return this._site;
        }

        public void setSite(String str) {
            this._site = str;
        }

        public String getEmail() {
            return this._email;
        }

        public void setEmail(String str) {
            this._email = str;
        }

        public Date getSubscriptionDate() {
            return this._subscriptionDate;
        }

        public void setSubscriptionDate(Date date) {
            this._subscriptionDate = date;
        }

        public String getToken() {
            return this._token;
        }

        public void setToken(String str) {
            this._token = str;
        }

        public String getPopulation() {
            return this._population;
        }

        public void setPopulation(String str) {
            this._population = str;
        }

        public String getUserDirectoryId() {
            return this._userDirectoryId;
        }

        public void setUserDirectoryIndex(String str) {
            this._userDirectoryId = str;
        }

        public String getFirstname() {
            return this._firstname;
        }

        public void setFirstname(String str) {
            this._firstname = str;
        }

        public String getLastname() {
            return this._lastname;
        }

        public void setLastname(String str) {
            this._lastname = str;
        }

        public TempUserOrigin getOrigin() {
            return this._origin;
        }

        public void setOrigin(TempUserOrigin tempUserOrigin) {
            this._origin = tempUserOrigin;
        }
    }

    public void service(ServiceManager serviceManager) throws ServiceException {
        super.service(serviceManager);
        this._userManager = (UserManager) serviceManager.lookup(UserManager.ROLE);
        this._userPopulationDAO = (UserPopulationDAO) serviceManager.lookup(UserPopulationDAO.ROLE);
        this._siteManager = (SiteManager) serviceManager.lookup(SiteManager.ROLE);
        this._siteConf = (SiteConfigurationExtensionPoint) serviceManager.lookup(SiteConfigurationExtensionPoint.ROLE);
        this._resolver = (AmetysObjectResolver) serviceManager.lookup(AmetysObjectResolver.ROLE);
        this._i18nUtils = (I18nUtils) serviceManager.lookup(I18nUtils.ROLE);
        this._userSignUpConfiguration = (UserSignUpConfiguration) serviceManager.lookup(UserSignUpConfiguration.ROLE);
        this._populationContextHelper = (PopulationContextHelper) serviceManager.lookup(PopulationContextHelper.ROLE);
        this._renderingContextHandler = (RenderingContextHandler) serviceManager.lookup(RenderingContextHandler.ROLE);
        this._userDirectoryFactory = (UserDirectoryFactory) serviceManager.lookup(UserDirectoryFactory.ROLE);
        this._currentUserProvider = (CurrentUserProvider) serviceManager.lookup(CurrentUserProvider.ROLE);
        this._rightManager = (RightManager) serviceManager.lookup(RightManager.ROLE);
    }

    public void configure(Configuration configuration) throws ConfigurationException {
        super.configure(configuration);
        this._tempUsersTable = configuration.getChild("temp-users-table").getValue();
        this._pwdChangeTable = configuration.getChild("pwd-change-table").getValue();
    }

    public SignupType getSignupType(String str) {
        return SignupType.valueOf(((String) this._siteManager.getSite(str).getValue(SITE_PARAM_SIGNUP_TYPE, false, SignupType.UNAUTHORIZED.name())).toUpperCase());
    }

    public boolean isPublicSignupAllowed(String str) {
        return getSignupType(str) == SignupType.PUBLIC;
    }

    public boolean isSignupAllowed(String str) {
        SignupType signupType = getSignupType(str);
        return signupType == SignupType.PUBLIC || signupType == SignupType.INVITATION_ONLY;
    }

    public Page getSignupPage(String str, String str2) {
        return getSignupPage(str, str2, null, null);
    }

    public Page getSignupPage(String str, String str2, String str3, String str4) {
        List<Page> signupPages = getSignupPages(str, str2, str3, str4);
        if (signupPages.isEmpty()) {
            return null;
        }
        return signupPages.get(0);
    }

    public boolean isSignupPage(Page page) {
        return _checkPageService(page, SIGNUP_PAGE_SERVICE_ID);
    }

    public List<Page> getSignupPages(String str, String str2) {
        return getSignupPages(str, str2, null, null);
    }

    public List<Page> getSignupPages(String str, String str2, String str3, String str4) {
        return (List) this._resolver.query(PageQueryHelper.getPageXPathQuery(str, str2, null, new TagExpression(Expression.Operator.EQ, SIGNUP_PAGE_TAG_NAME), null)).stream().filter(page -> {
            return _checkSignupPage(page, str3, str4);
        }).collect(Collectors.toList());
    }

    private boolean _checkPageService(Page page, String str) {
        AmetysObjectIterator it = page.getZones().iterator();
        while (it.hasNext()) {
            AmetysObjectIterable<? extends ZoneItem> zoneItems = ((Zone) it.next()).getZoneItems();
            try {
                AmetysObjectIterator it2 = zoneItems.iterator();
                while (it2.hasNext()) {
                    ZoneItem zoneItem = (ZoneItem) it2.next();
                    if (zoneItem.getType() == ZoneItem.ZoneType.SERVICE && str.equals(zoneItem.getServiceId())) {
                        if (zoneItems != null) {
                            zoneItems.close();
                        }
                        return true;
                    }
                }
                if (zoneItems != null) {
                    zoneItems.close();
                }
            } catch (Throwable th) {
                if (zoneItems != null) {
                    try {
                        zoneItems.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
        return false;
    }

    private boolean _checkSignupPage(Page page, String str, String str2) {
        AmetysObjectIterator it = page.getZones().iterator();
        while (it.hasNext()) {
            AmetysObjectIterable<? extends ZoneItem> zoneItems = ((Zone) it.next()).getZoneItems();
            try {
                AmetysObjectIterator it2 = zoneItems.iterator();
                while (it2.hasNext()) {
                    ZoneItem zoneItem = (ZoneItem) it2.next();
                    if (zoneItem.getType() == ZoneItem.ZoneType.SERVICE && SIGNUP_PAGE_SERVICE_ID.equals(zoneItem.getServiceId())) {
                        if (StringUtils.isEmpty(str) && StringUtils.isEmpty(str2)) {
                            if (zoneItems != null) {
                                zoneItems.close();
                            }
                            return true;
                        }
                        UserDirectory userDirectory = getUserDirectory(zoneItem);
                        if (userDirectory != null && userDirectory.getId().equals(str2) && userDirectory.getPopulationId().equals(str)) {
                            if (zoneItems != null) {
                                zoneItems.close();
                            }
                            return true;
                        }
                    }
                }
                if (zoneItems != null) {
                    zoneItems.close();
                }
            } catch (Throwable th) {
                if (zoneItems != null) {
                    try {
                        zoneItems.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
        return false;
    }

    public Page getPwdChangePage(String str, String str2) {
        List<Page> pwdChangePages = getPwdChangePages(str, str2);
        if (pwdChangePages.isEmpty()) {
            return null;
        }
        return pwdChangePages.get(0);
    }

    public Page getGTUPage(ZoneItem zoneItem) {
        Page page = null;
        try {
            if ("PAGE".equals((String) zoneItem.mo177getServiceParameters().getValue("terms-of-service-mode"))) {
                String str = (String) zoneItem.mo177getServiceParameters().getValue("terms-of-service-page");
                if (StringUtils.isNotEmpty(str)) {
                    page = (Page) this._resolver.resolveById(str);
                }
            }
        } catch (AmetysRepositoryException e) {
        }
        return page;
    }

    public UserDirectory getUserDirectory(ZoneItem zoneItem) {
        try {
            String[] split = ((String) zoneItem.mo177getServiceParameters().getValue(SIGNUP_SERVICE_PARAMETER_USERDIRECTORY)).split("#", 2);
            String str = split[0];
            String str2 = split[1];
            UserPopulation userPopulation = this._userPopulationDAO.getUserPopulation(str);
            if (userPopulation != null) {
                return userPopulation.getUserDirectory(str2);
            }
            getLogger().error("The user population with id '{}' configured into service parameters of '{}' does not exist.", str, zoneItem.getId());
            return null;
        } catch (AmetysRepositoryException e) {
            getLogger().error("Failed to get user directory from service parameters of '{}'", zoneItem.getId(), e);
            return null;
        }
    }

    public Content getGTUContent(ZoneItem zoneItem) {
        Content content = null;
        try {
            if ("CONTENT".equals((String) zoneItem.mo177getServiceParameters().getValue("terms-of-service-mode"))) {
                String str = (String) zoneItem.mo177getServiceParameters().getValue("terms-of-service-content");
                if (StringUtils.isNotEmpty(str)) {
                    content = (Content) this._resolver.resolveById(str);
                }
            }
        } catch (AmetysRepositoryException e) {
        }
        return content;
    }

    public Page getSuccessPage(ZoneItem zoneItem) {
        Page page = null;
        try {
            if ("PAGE".equals((String) zoneItem.mo177getServiceParameters().getValue("success-mode"))) {
                String str = (String) zoneItem.mo177getServiceParameters().getValue("success-page");
                if (StringUtils.isNotEmpty(str)) {
                    page = (Page) this._resolver.resolveById(str);
                }
            }
        } catch (AmetysRepositoryException e) {
        }
        return page;
    }

    public Content getSuccessContent(ZoneItem zoneItem) {
        Content content = null;
        try {
            if ("CONTENT".equals((String) zoneItem.mo177getServiceParameters().getValue("success-mode"))) {
                String str = (String) zoneItem.mo177getServiceParameters().getValue("success-content");
                if (StringUtils.isNotEmpty(str)) {
                    content = (Content) this._resolver.resolveById(str);
                }
            }
        } catch (AmetysRepositoryException e) {
        }
        return content;
    }

    public List<Page> getPwdChangePages(String str, String str2) {
        return (List) this._resolver.query(PageQueryHelper.getPageXPathQuery(str, str2, null, new TagExpression(Expression.Operator.EQ, CHANGE_PASSWORD_PAGE_TAG_NAME), null)).stream().filter(page -> {
            return _checkPageService(page, CHANGE_PASSWORD_PAGE_SERVICE_ID);
        }).collect(Collectors.toList());
    }

    public boolean isPwdChangePage(Page page) {
        return _checkPageService(page, CHANGE_PASSWORD_PAGE_SERVICE_ID);
    }

    public Optional<User> getUserIfHeExists(String str, String str2) throws UserManagementException, NotUniqueUserException {
        for (String str3 : this._populationContextHelper.getUserPopulationsOnContexts(Arrays.asList("/sites/" + str2, "/sites-fo/" + str2), false, false)) {
            User user = this._userManager.getUser(str3, str);
            if (user != null) {
                return Optional.of(user);
            }
            User userByEmail = this._userManager.getUserByEmail(str3, str);
            if (userByEmail != null) {
                return Optional.of(userByEmail);
            }
        }
        return Optional.empty();
    }

    public boolean userExists(String str, String str2) throws UserManagementException {
        try {
            return getUserIfHeExists(str, str2).isPresent();
        } catch (NotUniqueUserException e) {
            return true;
        }
    }

    public Map<String, List<I18nizableText>> validate(String str, String str2, Map<String, String> map) throws UserManagementException {
        HashMap hashMap = new HashMap();
        hashMap.putAll(map);
        hashMap.put("login", str2);
        hashMap.put("email", str2);
        hashMap.put("password", "password");
        HashMap hashMap2 = new HashMap(new HashMap());
        if (hashMap2.containsKey("login")) {
            if (!hashMap2.containsKey("email")) {
                hashMap2.put("email", (List) hashMap2.get("login"));
            }
            hashMap2.remove("login");
        }
        return hashMap2;
    }

    public List<I18nizableText> validatePassword(String str, String str2, String str3, String str4) throws UserManagementException {
        HashMap hashMap = new HashMap();
        hashMap.put("password", str2);
        ModifiableUserDirectory userDirectory = this._userManager.getUserDirectory(str4, str3);
        if (!(userDirectory instanceof ModifiableUserDirectory)) {
            throw new UserManagementException("The user subscription feature can't be used, as the UserDirectory is not modifiable.", UserManagementException.StatusError.UNMODIFIABLE_USER_DIRECTORY);
        }
        Map validate = userDirectory.validate(hashMap);
        ArrayList arrayList = new ArrayList();
        if (validate.containsKey("password")) {
            arrayList.addAll((Collection) validate.get("password"));
        }
        return arrayList;
    }

    public String getOrCreateToken(String str, String str2, String str3, String str4, String str5) throws UserManagementException {
        String token = getToken(str, str3, str4, str5);
        if (token == null) {
            temporarySignup(str, str2, str3, str4, str5, false);
            token = getToken(str, str3, str4, str5);
        }
        return token;
    }

    public void temporarySignup(String str, String str2, String str3, String str4, String str5) throws UserManagementException {
        temporarySignup(str, str2, str3, str4, str5, true);
    }

    public void temporarySignup(String str, String str2, String str3, String str4, String str5, boolean z) throws UserManagementException {
        checkPublicSignup(str);
        if (getLogger().isDebugEnabled()) {
            getLogger().debug("A user is requesting a sign-up: " + str3);
        }
        _temporarySignup(str, str2, str3, str4, str5, null, null, TempUser.TempUserOrigin.USER_REQUEST, z, false);
    }

    public void inviteToSignup(String str, String str2, String str3, String str4, String str5, String str6, String str7) throws UserManagementException {
        inviteToSignup(str, str2, str3, str4, str5, str6, str7, true, true, true);
    }

    public void inviteToSignup(String str, String str2, String str3, String str4, String str5, String str6, String str7, boolean z, boolean z2, boolean z3) throws UserManagementException {
        checkSignupAllowed(str);
        if (z3) {
            checkUserAllowedForInvitation(str, str4);
        }
        if (getLogger().isDebugEnabled()) {
            getLogger().debug("A user is invited to sign-up: " + str3);
        }
        _temporarySignup(str, str2, str3, str4, str5, str6, str7, TempUser.TempUserOrigin.INVITATION, z, z2);
    }

    private void _temporarySignup(String str, String str2, String str3, String str4, String str5, String str6, String str7, TempUser.TempUserOrigin tempUserOrigin, boolean z, boolean z2) throws UserManagementException {
        if (userExists(str3, str)) {
            throw new UserManagementException("User with email " + str3 + " already exists", UserManagementException.StatusError.USER_ALREADY_EXISTS);
        }
        String replace = UUID.randomUUID().toString().replace("-", "");
        try {
            addTemporaryUser(str, str3, replace, str4, str5, str6, str7, tempUserOrigin);
            if (z) {
                sendSignupConfirmMail(getTempUser(str, str3, str4, str5), str2);
            }
            ForensicLogger.info(__EVENT_ACCOUNT_TEMP_SIGNUP, Map.of("site", str, "email", str3, "population", str4, "userDirectory", str5), (UserIdentity) null);
        } catch (UserManagementException e) {
            if (e.getStatusError() == UserManagementException.StatusError.TEMP_USER_ALREADY_EXISTS && z2) {
                resendInvitation(str, str3, str4, str5);
            } else {
                removeTempUser(str, str3, replace, str4, str5);
                throw e;
            }
        }
    }

    public String getToken(String str, String str2, String str3, String str4) throws UserManagementException {
        TempUser tempUser = getTempUser(str, str2, str3, str4);
        if (tempUser != null) {
            return tempUser.getToken();
        }
        return null;
    }

    public void resendInvitation(String str, String str2, String str3, String str4) throws UserManagementException {
        checkSignupAllowed(str);
        checkUserAllowedForInvitation(str, str3);
        if (getTempUser(str, str2, str3, str4).getOrigin() != TempUser.TempUserOrigin.INVITATION) {
            throw new UserManagementException("Can not resend invitation. The subscription request is a user request", UserManagementException.StatusError.UNMODIFIABLE_SIGNUP_REQUEST);
        }
        resetTempSignup(str, null, str2, null, str3, str4);
    }

    public void resetTempSignup(String str, String str2, String str3, String str4, String str5) throws UserManagementException {
        checkPublicSignup(str);
        String replace = UUID.randomUUID().toString().replace("-", "");
        if (getLogger().isDebugEnabled()) {
            getLogger().debug("Resetting temporary signup for email: " + str3 + " in site " + str);
        }
        resetTempSignup(str, str2, str3, replace, str4, str5);
    }

    protected void resetTempSignup(String str, String str2, String str3, String str4, String str5, String str6) throws UserManagementException {
        TempUser tempUser = getTempUser(str, str3, str5, str6);
        if (tempUser == null) {
            throw new UserManagementException("Found no subscription request with email '" + str3 + "' for site '" + str + "'", UserManagementException.StatusError.UNKNOWN_EMAIL);
        }
        String str7 = str4;
        if (str7 == null) {
            str7 = tempUser.getToken();
        }
        updateTempToken(str, str3, str7, str5, str6);
        sendSignupConfirmMail(getTempUser(str, str3, str5, str6), str2);
    }

    public void signup(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, Multimap<String, I18nizableText> multimap) throws UserManagementException {
        checkSignupAllowed(str);
        HashMap hashMap = new HashMap();
        if (getTempUser(str, str5, str6, str8, str9) == null) {
            throw new UserManagementException("Provided token is unknown", UserManagementException.StatusError.TOKEN_UNKNOWN);
        }
        String randomNumeric = RandomStringUtils.randomNumeric(10);
        hashMap.put("login", randomNumeric);
        hashMap.put("email", str5);
        hashMap.put("firstname", str3);
        hashMap.put("lastname", str4);
        hashMap.put("password", str7);
        try {
            validationBeforeSignup(multimap);
            if (!multimap.isEmpty()) {
                throw new UserManagementException("Unable to signup user");
            }
            this._userPopulationDAO.getUserPopulation(str8).getUserDirectory(str9).add(hashMap, User.UserCreationOrigin.USER_SIGNUP);
            removeTempUser(str, str5, str6, str8, str9);
            User userByDirectory = this._userManager.getUserByDirectory(str8, str9, randomNumeric);
            additionalSignupOperations(userByDirectory, multimap);
            if (multimap.isEmpty()) {
                sendSignupValidatedMail(str, str2, userByDirectory);
                ForensicLogger.info(__EVENT_ACCOUNT_CREATED, Map.of("site", str, "user", userByDirectory, "population", str8, "userDirectory", str9), userByDirectory.getIdentity());
            }
        } catch (InvalidModificationException e) {
            throw new UserManagementException("An error occurred signing up the user.", UserManagementException.StatusError.INVALID_MODIFICATION, e);
        }
    }

    public void validationBeforeSignup(Multimap<String, I18nizableText> multimap) {
    }

    public void additionalSignupOperations(User user, Multimap<String, I18nizableText> multimap) throws UserManagementException {
    }

    public void resetPassword(String str, String str2, String str3, String str4) throws UserManagementException {
        if (this._userPopulationDAO.getUserPopulation(str4) == null) {
            throw new UserManagementException("Unknown population with id '" + str4 + "'", UserManagementException.StatusError.POPULATION_UNKNOWN);
        }
        User user = this._userManager.getUser(str4, str3);
        if (user == null) {
            try {
                user = this._userManager.getUserByEmail(str4, str3);
                if (user == null) {
                    throw new UserManagementException("Unknown user with login or email '" + str3 + "' for population '" + str4 + "'", UserManagementException.StatusError.USER_UNKNOWN);
                }
            } catch (NotUniqueUserException e) {
                throw new UserManagementException("Many users match for email '" + str3 + "' and population '" + str4 + "'", UserManagementException.StatusError.NOT_UNIQUE_USER);
            }
        }
        if (!(user.getUserDirectory() instanceof ModifiableUserDirectory)) {
            throw new UserManagementException("User directory is not modifiable", UserManagementException.StatusError.UNMODIFIABLE_USER_DIRECTORY);
        }
        if (StringUtils.isEmpty(user.getEmail())) {
            throw new UserManagementException("User has no email", UserManagementException.StatusError.EMPTY_EMAIL);
        }
        String replace = UUID.randomUUID().toString().replace("-", "");
        addPasswordToken(str, user.getIdentity().getLogin(), replace, str4);
        sendResetPasswordMail(str, str2, user, replace);
        ForensicLogger.info(__EVENT_ACCOUNT_PASSWORD_RESET, Map.of("site", str, "user", user), user.getIdentity());
    }

    public void changeUserPassword(String str, String str2, String str3, String str4, String str5) throws UserManagementException {
        checkPasswordToken(str, str2, str3, str5);
        HashMap hashMap = new HashMap();
        hashMap.put("login", str2);
        hashMap.put("password", str4);
        try {
            ModifiableUserDirectory userDirectory = this._userManager.getUserDirectory(str5, str2);
            if (!(userDirectory instanceof ModifiableUserDirectory)) {
                _logPasswordChangeFailed(str, str2, str5, "unmodifiable-modification");
                throw new UserManagementException("The user's password can't be changed, as the UserDirectory is not modifiable.", UserManagementException.StatusError.UNMODIFIABLE_USER_DIRECTORY);
            }
            userDirectory.update(hashMap);
            removePasswordToken(str, str2, str3, str5);
            ForensicLogger.info(__EVENT_ACCOUNT_PASSWORD_CHANGE, Map.of("site", str, "login", str2, "population", str5), new UserIdentity(str2, str5));
        } catch (InvalidModificationException e) {
            _logPasswordChangeFailed(str, str2, str5, "invalid-modification");
            throw new UserManagementException("Invalid user inputs to change password", UserManagementException.StatusError.INVALID_MODIFICATION, e);
        }
    }

    private void _logPasswordChangeFailed(String str, String str2, String str3, String str4) {
        ForensicLogger.warn(__EVENT_ACCOUNT_PASSWORD_CHANGE_FAILED, Map.of("site", str, "login", str2, "population", str3, "error", str4), new UserIdentity(str2, str3));
    }

    public void checkToken(String str, String str2, String str3, String str4, String str5) throws UserManagementException {
        removeExpiredTokens();
        try {
            SqlSession session = getSession();
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("tempUsersTable", this._tempUsersTable);
                hashMap.put("site", str);
                hashMap.put("email", str2);
                hashMap.put("token", str3);
                hashMap.put("population", str4);
                hashMap.put("userDirectory", str5);
                Date date = (Date) session.selectOne("UserSignupManager.getSubscriptionDate", hashMap);
                if (date == null) {
                    throw new UserManagementException("Provided token is unknown", UserManagementException.StatusError.TOKEN_UNKNOWN);
                }
                if (date.toInstant().atZone(ZoneId.systemDefault()).isBefore(LocalDate.now().atStartOfDay(ZoneId.systemDefault()).minusDays(this._userSignUpConfiguration.getTokenValidity()))) {
                    throw new UserManagementException("Provided token is expired", UserManagementException.StatusError.TOKEN_EXPIRED);
                }
                if (session != null) {
                    session.close();
                }
            } finally {
            }
        } catch (Exception e) {
            if (!(e instanceof UserManagementException)) {
                throw new UserManagementException("Database error while testing the token for user [" + str2 + "]", UserManagementException.StatusError.DATABASE_ERROR, e);
            }
            throw e;
        }
    }

    public void checkPasswordToken(String str, String str2, String str3, String str4) throws UserManagementException {
        removeExpiredPasswordTokens();
        try {
            SqlSession session = getSession();
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("pwdChangeTable", this._pwdChangeTable);
                hashMap.put("site", str);
                hashMap.put("login", str2);
                hashMap.put("token", str3);
                hashMap.put("population", str4);
                Date date = (Date) session.selectOne("UserSignupManager.getRequestDate", hashMap);
                if (date == null) {
                    throw new UserManagementException("Provided token for login '" + str2 + "' and site '" + str + "' is unknown", UserManagementException.StatusError.TOKEN_UNKNOWN);
                }
                if (date.toInstant().atZone(ZoneId.systemDefault()).isBefore(LocalDate.now().atStartOfDay(ZoneId.systemDefault()).minusDays(this._userSignUpConfiguration.getTokenValidity()))) {
                    throw new UserManagementException("Provided token for login '" + str2 + "' and site '" + str + "' is expired", UserManagementException.StatusError.TOKEN_EXPIRED);
                }
                if (session != null) {
                    session.close();
                }
            } finally {
            }
        } catch (Exception e) {
            if (!(e instanceof UserManagementException)) {
                throw new UserManagementException("Database error while testing the password token for user " + str2, UserManagementException.StatusError.DATABASE_ERROR, e);
            }
            throw e;
        }
    }

    public void removeExpiredTokens() throws UserManagementException {
        removeExpiredTokens(null);
    }

    public int removeExpiredTokens(String str) throws UserManagementException {
        try {
            SqlSession session = getSession();
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("tempUsersTable", this._tempUsersTable);
                hashMap.put("threshold", Timestamp.from(LocalDate.now().atStartOfDay(ZoneId.systemDefault()).minusDays(this._userSignUpConfiguration.getTokenValidity()).toInstant()));
                if (StringUtils.isNotBlank(str)) {
                    hashMap.put("site", str);
                }
                int delete = session.delete("UserSignupManager.deleteExpiredTokens", hashMap);
                session.commit();
                if (session != null) {
                    session.close();
                }
                return delete;
            } finally {
            }
        } catch (Exception e) {
            throw new UserManagementException("Database error while removing the expired tokens.", UserManagementException.StatusError.DATABASE_ERROR, e);
        }
    }

    public void removeExpiredPasswordTokens() throws UserManagementException {
        try {
            SqlSession session = getSession();
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("pwdChangeTable", this._pwdChangeTable);
                hashMap.put("threshold", Timestamp.from(LocalDate.now().atStartOfDay(ZoneId.systemDefault()).minusDays(this._userSignUpConfiguration.getTokenValidity()).toInstant()));
                session.delete("UserSignupManager.deleteExpiredPasswordTokens", hashMap);
                session.commit();
                if (session != null) {
                    session.close();
                }
            } finally {
            }
        } catch (Exception e) {
            throw new UserManagementException("Database error while removing the expired tokens.", UserManagementException.StatusError.DATABASE_ERROR, e);
        }
    }

    protected void checkPublicSignup(String str) throws UserManagementException {
        if (!isPublicSignupAllowed(str)) {
            throw new UserManagementException("Public signup is disabled for this site.", UserManagementException.StatusError.PUBLIC_SIGNUP_NOT_ALLOWED);
        }
    }

    protected void checkSignupAllowed(String str) throws UserManagementException {
        if (!isSignupAllowed(str)) {
            throw new UserManagementException("Signup is disabled for this site.", UserManagementException.StatusError.SIGNUP_NOT_ALLOWED);
        }
    }

    protected void addTemporaryUser(String str, String str2, String str3, String str4, String str5, String str6, String str7, TempUser.TempUserOrigin tempUserOrigin) throws UserManagementException {
        try {
            SqlSession session = getSession();
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("tempUsersTable", this._tempUsersTable);
                hashMap.put("site", str);
                hashMap.put("email", str2);
                if (!session.selectList("UserSignupManager.tempEmailExists", hashMap).isEmpty()) {
                    throw new UserManagementException("Temporary user with email '" + str2 + "' and site name '" + str + "' already exists", UserManagementException.StatusError.TEMP_USER_ALREADY_EXISTS);
                }
                HashMap hashMap2 = new HashMap();
                hashMap2.put("tempUsersTable", this._tempUsersTable);
                Timestamp timestamp = new Timestamp(System.currentTimeMillis());
                hashMap2.put("site", str);
                hashMap2.put("email", str2);
                hashMap2.put("population", str4);
                hashMap2.put("userDirectory", str5);
                hashMap2.put("subscription_date", timestamp);
                hashMap2.put("token", str3);
                hashMap2.put("lastname", str6);
                hashMap2.put("firstname", str7);
                hashMap2.put("origin", tempUserOrigin.name());
                session.insert("UserSignupManager.addTempUser", hashMap2);
                session.commit();
                if (session != null) {
                    session.close();
                }
            } finally {
            }
        } catch (Exception e) {
            if (!(e instanceof UserManagementException)) {
                throw new UserManagementException("Database error while signing up a new user [" + str2 + "]", UserManagementException.StatusError.DATABASE_ERROR, e);
            }
            throw e;
        }
    }

    protected void sendSignupConfirmMail(TempUser tempUser, String str) throws UserManagementException {
        String str2;
        String build;
        String email = tempUser.getEmail();
        String site = tempUser.getSite();
        String population = tempUser.getPopulation();
        String userDirectoryId = tempUser.getUserDirectoryId();
        String token = tempUser.getToken();
        String lastname = tempUser.getLastname();
        String firstname = tempUser.getFirstname();
        String str3 = (StringUtils.isEmpty(firstname) ? "" : " " + firstname) + (StringUtils.isEmpty(lastname) ? "" : " " + lastname);
        boolean z = tempUser.getOrigin() == TempUser.TempUserOrigin.INVITATION;
        if (getLogger().isDebugEnabled()) {
            getLogger().debug("Sending signup confirmation e-mail to " + email);
        }
        Site site2 = this._siteManager.getSite(site);
        String str4 = (String) site2.getValue("site-mail-from");
        if (!SendMailHelper.EMAIL_VALIDATION.matcher(StringUtils.trimToEmpty(email)).matches()) {
            throw new UserManagementException("Cannot send signup email. The email is invalid [" + email + "]", UserManagementException.StatusError.INVALID_EMAIL);
        }
        HashMap hashMap = new HashMap();
        hashMap.put("siteName", new I18nizableText(site));
        hashMap.put("email", new I18nizableText(email));
        hashMap.put("fullName", new I18nizableText(str3));
        hashMap.put("token", new I18nizableText(tempUser.getToken()));
        hashMap.put("tokenValidity", new I18nizableText(String.valueOf(this._userSignUpConfiguration.getTokenValidity())));
        Page signupPage = getSignupPage(site, str, population, userDirectoryId);
        if (signupPage == null) {
            throw new UserManagementException("No signup page found for site " + site + " and language " + str, UserManagementException.StatusError.NO_SIGNUP_PAGE);
        }
        RenderingContext renderingContext = this._renderingContextHandler.getRenderingContext();
        try {
            this._renderingContextHandler.setRenderingContext(RenderingContext.FRONT);
            String str5 = ResolveURIComponent.resolve("page", signupPage.getId(), false, true) + "?email=" + URIUtils.encodeParameter(email) + "&token=" + token;
            if (StringUtils.isNotEmpty(lastname)) {
                str5 = str5 + "&lastname=" + URIUtils.encodeParameter(lastname);
            }
            if (StringUtils.isNotEmpty(firstname)) {
                str5 = str5 + "&firstname=" + URIUtils.encodeParameter(firstname);
            }
            hashMap.put("confirmUri", new I18nizableText(str5));
            this._renderingContextHandler.setRenderingContext(renderingContext);
            hashMap.put("siteTitle", new I18nizableText(site2.getTitle()));
            hashMap.put("siteUrl", new I18nizableText(site2.getUrl()));
            String subjectForInvitationToSignUpEmail = z ? this._userSignUpConfiguration.getSubjectForInvitationToSignUpEmail(hashMap, str) : this._userSignUpConfiguration.getSubjectForSignUpEmail(hashMap, str);
            String textBodyForInvitationToSignUpEmail = z ? this._userSignUpConfiguration.getTextBodyForInvitationToSignUpEmail(hashMap, str) : this._userSignUpConfiguration.getTextBodyForSignUpEmail(hashMap, str);
            String htmlBodyForInvitationToSignUpEmail = z ? this._userSignUpConfiguration.getHtmlBodyForInvitationToSignUpEmail(hashMap, str) : this._userSignUpConfiguration.getHtmlBodyForSignUpEmail(hashMap, str);
            try {
                ArrayList arrayList = new ArrayList();
                if (htmlBodyForInvitationToSignUpEmail != null) {
                    try {
                        build = StandardMailBodyHelper.newHTMLBody().withTitle(subjectForInvitationToSignUpEmail).withMessage(htmlBodyForInvitationToSignUpEmail).withLink(site2.getUrl(), new I18nizableText("plugin.web", "PLUGINS_WEB_USER_SIGNUP_SITE_LINK_TITLE")).build();
                    } catch (IOException e) {
                        str2 = htmlBodyForInvitationToSignUpEmail;
                        getLogger().warn("Failed to build wrapped HTML body for signup up email", e);
                    }
                } else {
                    build = null;
                }
                str2 = build;
                SendMailHelper.newMail().withSubject(subjectForInvitationToSignUpEmail).withHTMLBody(str2).withTextBody(textBodyForInvitationToSignUpEmail).withSender(str4).withRecipient(email).withErrorReport(arrayList).sendMail();
                if (arrayList.contains(email)) {
                    throw new UserManagementException("Error sending the sign-up confirmation mail.", UserManagementException.StatusError.MAIL_ERROR);
                }
            } catch (MessagingException | IOException e2) {
                throw new UserManagementException("Error sending the sign-up confirmation mail.", UserManagementException.StatusError.MAIL_ERROR, e2);
            }
        } catch (Throwable th) {
            this._renderingContextHandler.setRenderingContext(renderingContext);
            throw th;
        }
    }

    protected void sendSignupValidatedMail(String str, String str2, User user) throws UserManagementException {
        String str3;
        String build;
        Site site = this._siteManager.getSite(str);
        String str4 = (String) site.getValue("site-mail-from");
        String email = user.getEmail();
        if (getLogger().isDebugEnabled()) {
            getLogger().debug("Sending signup validation e-mail to " + email);
        }
        HashMap hashMap = new HashMap();
        hashMap.put("siteName", new I18nizableText(str));
        hashMap.put("fullName", new I18nizableText(user.getFullName()));
        hashMap.put("email", new I18nizableText(user.getEmail()));
        hashMap.put("login", new I18nizableText(user.getIdentity().getLogin()));
        hashMap.put("siteTitle", new I18nizableText(site.getTitle()));
        hashMap.put("siteUrl", new I18nizableText(site.getUrl()));
        String subjectForSignUpValidatedEmail = this._userSignUpConfiguration.getSubjectForSignUpValidatedEmail(hashMap, str2);
        String textBodyForSignUpValidatedEmail = this._userSignUpConfiguration.getTextBodyForSignUpValidatedEmail(hashMap, str2);
        String htmlBodyForSignUpValidatedEmail = this._userSignUpConfiguration.getHtmlBodyForSignUpValidatedEmail(hashMap, str2);
        if (htmlBodyForSignUpValidatedEmail != null) {
            try {
                try {
                    build = StandardMailBodyHelper.newHTMLBody().withTitle(subjectForSignUpValidatedEmail).withMessage(htmlBodyForSignUpValidatedEmail).withLink(site.getUrl(), new I18nizableText("plugin.web", "PLUGINS_WEB_USER_SIGNUP_SITE_LINK_TITLE")).build();
                } catch (IOException e) {
                    str3 = htmlBodyForSignUpValidatedEmail;
                    getLogger().warn("Failed to build wrapped HTML body for signup up validation email", e);
                }
            } catch (MessagingException | IOException e2) {
                throw new UserManagementException("Error sending the sign-up validation mail.", UserManagementException.StatusError.MAIL_ERROR, e2);
            }
        } else {
            build = null;
        }
        str3 = build;
        SendMailHelper.newMail().withSubject(subjectForSignUpValidatedEmail).withHTMLBody(str3).withTextBody(textBodyForSignUpValidatedEmail).withSender(str4).withRecipient(email).sendMail();
    }

    protected void updateTempToken(String str, String str2, String str3, String str4, String str5) throws UserManagementException {
        try {
            SqlSession session = getSession();
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("tempUsersTable", this._tempUsersTable);
                hashMap.put("subscription_date", new Timestamp(System.currentTimeMillis()));
                hashMap.put("token", str3);
                hashMap.put("site", str);
                hashMap.put("email", str2);
                hashMap.put("population", str4);
                hashMap.put("userDirectory", str5);
                session.update("UserSignupManager.updateTempToken", hashMap);
                session.commit();
                if (session != null) {
                    session.close();
                }
            } finally {
            }
        } catch (Exception e) {
            throw new UserManagementException("Database error while resetting the subscription for user [" + str2 + "]", UserManagementException.StatusError.DATABASE_ERROR, e);
        }
    }

    public void addPasswordToken(String str, String str2, String str3, String str4) throws UserManagementException {
        try {
            SqlSession session = getSession();
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("pwdChangeTable", this._pwdChangeTable);
                hashMap.put("site", str);
                hashMap.put("login", str2);
                hashMap.put("population", str4);
                if (session.selectList("UserSignupManager.hasToken", hashMap).isEmpty()) {
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put("pwdChangeTable", this._pwdChangeTable);
                    Timestamp timestamp = new Timestamp(System.currentTimeMillis());
                    hashMap2.put("site", str);
                    hashMap2.put("login", str2);
                    hashMap2.put("request_date", timestamp);
                    hashMap2.put("token", str3);
                    hashMap2.put("population", str4);
                    session.insert("UserSignupManager.addPasswordToken", hashMap2);
                } else {
                    HashMap hashMap3 = new HashMap();
                    hashMap3.put("pwdChangeTable", this._pwdChangeTable);
                    hashMap3.put("request_date", new Timestamp(System.currentTimeMillis()));
                    hashMap3.put("token", str3);
                    hashMap3.put("site", str);
                    hashMap3.put("login", str2);
                    hashMap3.put("population", str4);
                    session.update("UserSignupManager.updatePasswordToken", hashMap3);
                }
                session.commit();
                if (session != null) {
                    session.close();
                }
            } finally {
            }
        } catch (Exception e) {
            throw new UserManagementException("Database error while inserting a password change token for " + str2, UserManagementException.StatusError.DATABASE_ERROR, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public TempUser getTempUser(String str, String str2, String str3, String str4) throws UserManagementException {
        return getTempUser(str, str2, null, str3, str4);
    }

    @Callable
    public Map<String, Object> getTempUsersProperties(List<String> list, String str) throws UserManagementException {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (String str2 : list) {
            TempUser tempUser = getTempUser(str, str2, null, null);
            if (tempUser != null) {
                arrayList.add(_tempUser2json(tempUser, false, true));
            } else {
                arrayList2.add(str2);
            }
        }
        return Map.of("tempusers", arrayList, "unknownTempusers", arrayList2);
    }

    @Callable
    public Map<String, Object> searchTempUsers(String str, Map<String, Object> map, int i, int i2, List<Map<String, String>> list) throws UserManagementException {
        removeExpiredTokens();
        HashMap hashMap = new HashMap();
        List list2 = (List) getTempUsers(str, map, i, i2, list).stream().map(tempUser -> {
            return _tempUser2json(tempUser, true, false);
        }).collect(Collectors.toList());
        int totalCount = getTotalCount(str, map);
        hashMap.put("users", list2);
        hashMap.put("total", Integer.valueOf(totalCount));
        return hashMap;
    }

    private Map<String, Object> _tempUser2json(TempUser tempUser, boolean z, boolean z2) {
        UserPopulation userPopulation;
        HashMap hashMap = new HashMap();
        String population = tempUser.getPopulation();
        hashMap.put("population", population);
        String userDirectoryId = tempUser.getUserDirectoryId();
        hashMap.put("userDirectory", userDirectoryId);
        if (z && (userPopulation = this._userPopulationDAO.getUserPopulation(population)) != null) {
            hashMap.put("populationLabel", userPopulation.getLabel());
            UserDirectory userDirectory = userPopulation.getUserDirectory(userDirectoryId);
            if (userDirectory != null) {
                String label = userDirectory.getLabel();
                if (StringUtils.isEmpty(label)) {
                    hashMap.put("userDirectoryLabel", this._userDirectoryFactory.getExtension(userDirectory.getUserDirectoryModelId()).getLabel());
                } else {
                    hashMap.put("userDirectoryLabel", label);
                }
            }
        }
        hashMap.put("email", tempUser.getEmail());
        hashMap.put("firstname", tempUser.getFirstname());
        hashMap.put("lastname", tempUser.getLastname());
        hashMap.put("origin", tempUser.getOrigin().name());
        hashMap.put("siteName", tempUser.getSite());
        ZonedDateTime atZone = tempUser.getSubscriptionDate().toInstant().atZone(ZoneId.systemDefault());
        ZonedDateTime plusDays = atZone.toLocalDate().atStartOfDay(ZoneId.systemDefault()).plusDays(this._userSignUpConfiguration.getTokenValidity());
        hashMap.put("subscriptionDate", atZone);
        hashMap.put("expirationDate", plusDays);
        hashMap.put("expired", Boolean.valueOf(plusDays.toLocalDate().isBefore(LocalDate.now())));
        if (z2) {
            hashMap.put("canHandle", Boolean.valueOf(tempUser.getOrigin() == TempUser.TempUserOrigin.INVITATION && getAllowedUserPopulationForInvitation(tempUser.getSite()).contains(tempUser.getPopulation())));
        }
        return hashMap;
    }

    protected void checkUserAllowedForInvitation(String str, String str2) throws UserManagementException {
        UserIdentity user = this._currentUserProvider.getUser();
        if (!(this._rightManager.hasRight(user, "Web_Rights_HandleInvitations", "/cms") == RightManager.RightResult.RIGHT_ALLOW || (this._rightManager.hasRight(user, "Web_Rights_HandleInvitations_OwnPopulation", "/cms") == RightManager.RightResult.RIGHT_ALLOW && user.getPopulationId().equals(str2)))) {
            throw new UserManagementException("User is not allowed to handle invitations for population '" + str2 + "' and site name '" + str + "'", UserManagementException.StatusError.USER_NOT_ALLOWED);
        }
    }

    public Set<String> getAllowedUserPopulationForInvitation(String str) {
        UserIdentity user = this._currentUserProvider.getUser();
        boolean z = this._rightManager.hasRight(user, "Web_Rights_HandleInvitations", "/cms") == RightManager.RightResult.RIGHT_ALLOW;
        return (Set) this._populationContextHelper.getUserPopulationsOnContexts(List.of("/sites/" + str, "/sites-fo/" + str), false).stream().filter(str2 -> {
            return z || (this._rightManager.hasRight(user, "Web_Rights_HandleInvitations_OwnPopulation", "/cms") == RightManager.RightResult.RIGHT_ALLOW && user.getPopulationId().equals(str2));
        }).collect(Collectors.toSet());
    }

    public List<TempUser> getTempUsers(String str, Map<String, Object> map, int i, int i2, List<Map<String, String>> list) throws UserManagementException {
        try {
            SqlSession session = getSession();
            try {
                Connection connection = session.getConnection();
                try {
                    HashMap hashMap = new HashMap();
                    hashMap.put("tempUsersTable", this._tempUsersTable);
                    hashMap.put("databaseType", ConnectionHelper.getDatabaseType(connection));
                    hashMap.put("site", str);
                    if (list == null || list.isEmpty()) {
                        hashMap.put("sorts", List.of(Map.of("property", "email", "direction", "ASC")));
                    } else {
                        hashMap.put("sorts", list);
                    }
                    for (Map.Entry<String, Object> entry : map.entrySet()) {
                        String key = entry.getKey();
                        Object value = entry.getValue();
                        if ((value != null && !(value instanceof String)) || ((value instanceof String) && StringUtils.isNotEmpty((String) value))) {
                            hashMap.put(key, "pattern".equals(key) ? StringUtils.lowerCase((String) value) : value);
                        }
                    }
                    List<TempUser> selectList = session.selectList("UserSignupManager.searchTempUsers", hashMap, new RowBounds(i, i2));
                    if (connection != null) {
                        connection.close();
                    }
                    if (session != null) {
                        session.close();
                    }
                    return selectList;
                } catch (Throwable th) {
                    if (connection != null) {
                        try {
                            connection.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
            }
        } catch (Exception e) {
            throw new UserManagementException("Database error while getting temporay users for site '" + str + "'", UserManagementException.StatusError.DATABASE_ERROR, e);
        }
    }

    public int getTotalCount(String str, Map<String, Object> map) throws UserManagementException {
        try {
            SqlSession session = getSession();
            try {
                Connection connection = session.getConnection();
                try {
                    HashMap hashMap = new HashMap();
                    hashMap.put("tempUsersTable", this._tempUsersTable);
                    hashMap.put("databaseType", ConnectionHelper.getDatabaseType(connection));
                    hashMap.put("site", str);
                    for (Map.Entry<String, Object> entry : map.entrySet()) {
                        String key = entry.getKey();
                        Object value = entry.getValue();
                        if ((value != null && !(value instanceof String)) || ((value instanceof String) && StringUtils.isNotEmpty((String) value))) {
                            hashMap.put(key, value);
                        }
                    }
                    int intValue = ((Integer) session.selectOne("UserSignupManager.getTotalCount", hashMap)).intValue();
                    if (connection != null) {
                        connection.close();
                    }
                    if (session != null) {
                        session.close();
                    }
                    return intValue;
                } catch (Throwable th) {
                    if (connection != null) {
                        try {
                            connection.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
            }
        } catch (SQLException e) {
            throw new UserManagementException("Database error while getting temporay users for site '" + str + "'", UserManagementException.StatusError.DATABASE_ERROR, e);
        }
    }

    protected TempUser getTempUser(String str, String str2, String str3, String str4, String str5) throws UserManagementException {
        if (StringUtils.isEmpty(str2) && StringUtils.isEmpty(str3)) {
            throw new UserManagementException("Either e-mail or token must be provided.");
        }
        try {
            SqlSession session = getSession();
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("tempUsersTable", this._tempUsersTable);
                hashMap.put("site", str);
                if (StringUtils.isNotEmpty(str2)) {
                    hashMap.put("email", str2);
                    if (StringUtils.isNotEmpty(str4)) {
                        hashMap.put("population", str4);
                    }
                    if (StringUtils.isNotEmpty(str5)) {
                        hashMap.put("userDirectory", str5);
                    }
                }
                if (StringUtils.isNotEmpty(str3)) {
                    hashMap.put("token", str3);
                }
                TempUser tempUser = (TempUser) session.selectOne("UserSignupManager.getTempUser", hashMap);
                if (session != null) {
                    session.close();
                }
                return tempUser;
            } finally {
            }
        } catch (Exception e) {
            throw new UserManagementException("Database error while getting the request for user [" + str2 + "] and token [" + str3 + "]", UserManagementException.StatusError.DATABASE_ERROR, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void removeTempUser(String str, String str2, String str3, String str4, String str5) throws UserManagementException {
        try {
            SqlSession session = getSession();
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("tempUsersTable", this._tempUsersTable);
                hashMap.put("site", str);
                hashMap.put("email", str2);
                if (StringUtils.isNotBlank(str3)) {
                    hashMap.put("token", str3);
                }
                if (StringUtils.isNotBlank(str4)) {
                    hashMap.put("population", str4);
                }
                if (StringUtils.isNotBlank(str5)) {
                    hashMap.put("userDirectory", str5);
                }
                session.delete("UserSignupManager.removeTempUser", hashMap);
                session.commit();
                if (session != null) {
                    session.close();
                }
            } finally {
            }
        } catch (Exception e) {
            throw new UserManagementException("Database error while removing the token of user " + str2, UserManagementException.StatusError.DATABASE_ERROR, e);
        }
    }

    protected void removePasswordToken(String str, String str2, String str3, String str4) throws UserManagementException {
        try {
            SqlSession session = getSession();
            try {
                HashMap hashMap = new HashMap();
                hashMap.put("pwdChangeTable", this._pwdChangeTable);
                hashMap.put("site", str);
                hashMap.put("login", str2);
                hashMap.put("token", str3);
                hashMap.put("population", str4);
                session.delete("UserSignupManager.removePasswordToken", hashMap);
                session.commit();
                if (session != null) {
                    session.close();
                }
            } finally {
            }
        } catch (Exception e) {
            throw new UserManagementException("Database error while removing the token of user " + str2, UserManagementException.StatusError.DATABASE_ERROR, e);
        }
    }

    protected void sendResetPasswordMail(String str, String str2, User user, String str3) throws UserManagementException {
        String str4;
        String build;
        String login = user.getIdentity().getLogin();
        String populationId = user.getIdentity().getPopulationId();
        if (getLogger().isDebugEnabled()) {
            getLogger().debug("Sending reset password e-mail to " + login);
        }
        Site site = this._siteManager.getSite(str);
        String str5 = (String) site.getValue("site-mail-from");
        HashMap hashMap = new HashMap();
        hashMap.put("siteName", new I18nizableText(str));
        hashMap.put("login", new I18nizableText(login));
        hashMap.put("email", new I18nizableText(user.getEmail()));
        hashMap.put("fullName", new I18nizableText(user.getFullName()));
        hashMap.put("token", new I18nizableText(str3));
        Page pwdChangePage = getPwdChangePage(str, str2);
        if (pwdChangePage == null) {
            throw new UserManagementException("No password change page found for site " + str + " and language " + str2, UserManagementException.StatusError.NO_PASSWORD_CHANGE_PAGE);
        }
        hashMap.put("confirmUri", new I18nizableText(getResetPasswordUri(pwdChangePage, login, populationId, str3, true)));
        hashMap.put("siteTitle", new I18nizableText(site.getTitle()));
        hashMap.put("siteUrl", new I18nizableText(site.getUrl()));
        String subjectForResetPwdEmail = this._userSignUpConfiguration.getSubjectForResetPwdEmail(hashMap, str2);
        String textBodyForResetPwdEmail = this._userSignUpConfiguration.getTextBodyForResetPwdEmail(hashMap, str2);
        String htmlBodyForResetPwdEmail = this._userSignUpConfiguration.getHtmlBodyForResetPwdEmail(hashMap, str2);
        try {
            if (htmlBodyForResetPwdEmail != null) {
                try {
                    build = StandardMailBodyHelper.newHTMLBody().withTitle(subjectForResetPwdEmail).withMessage(htmlBodyForResetPwdEmail).withLink(site.getUrl(), new I18nizableText("plugin.web", "PLUGINS_WEB_USER_SIGNUP_SITE_LINK_TITLE")).build();
                } catch (IOException e) {
                    str4 = htmlBodyForResetPwdEmail;
                    getLogger().warn("Failed to build wrapped HTML body for reset password email", e);
                }
            } else {
                build = null;
            }
            str4 = build;
            SendMailHelper.newMail().withSubject(subjectForResetPwdEmail).withHTMLBody(str4).withTextBody(textBodyForResetPwdEmail).withSender(str5).withRecipient(user.getEmail()).sendMail();
        } catch (MessagingException | IOException e2) {
            throw new UserManagementException("Error sending a password reset e-mail.", UserManagementException.StatusError.MAIL_ERROR, e2);
        }
    }

    public String getResetPasswordUri(Page page, String str, String str2, String str3, boolean z) {
        return ResolveURIComponent.resolve("page", page.getId(), false, z) + "?login=" + URIUtils.encodeParameter(str) + "&population=" + URIUtils.encodeParameter(str2) + "&token=" + str3;
    }
}
