package systems.dmx.signup;

import com.sun.jersey.api.view.Viewable;
import com.sun.jersey.core.util.Base64;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Locale;
import java.util.Properties;
import java.util.ResourceBundle;
import java.util.UUID;
import java.util.concurrent.Callable;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.ws.rs.CookieParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
import org.thymeleaf.context.AbstractContext;
import systems.dmx.accesscontrol.AccessControlService;
import systems.dmx.core.Assoc;
import systems.dmx.core.RelatedTopic;
import systems.dmx.core.Topic;
import systems.dmx.core.model.SimpleValue;
import systems.dmx.core.model.TopicModel;
import systems.dmx.core.service.ChangeReport;
import systems.dmx.core.service.DMXEvent;
import systems.dmx.core.service.EventListener;
import systems.dmx.core.service.Inject;
import systems.dmx.core.service.Transactional;
import systems.dmx.core.service.accesscontrol.AccessControlException;
import systems.dmx.core.service.accesscontrol.Credentials;
import systems.dmx.core.service.event.PostUpdateTopic;
import systems.dmx.core.storage.spi.DMXTransaction;
import systems.dmx.facets.FacetsService;
import systems.dmx.ldap.service.LDAPPluginService;
import systems.dmx.sendmail.SendmailService;
import systems.dmx.signup.configuration.AccountCreation;
import systems.dmx.signup.configuration.ModuleConfiguration;
import systems.dmx.signup.configuration.SignUpConfigOptions;
import systems.dmx.signup.events.SignupResourceRequestedListener;
import systems.dmx.thymeleaf.ThymeleafPlugin;
import systems.dmx.workspaces.WorkspacesService;

@Path("/sign-up")
/* loaded from: input_file:systems/dmx/signup/SignupPlugin.class */
public class SignupPlugin extends ThymeleafPlugin implements SignupService, PostUpdateTopic {

    @Inject
    private AccessControlService accesscontrol;

    @Inject
    private FacetsService facets;

    @Inject
    private SendmailService sendmail;

    @Inject
    private WorkspacesService workspaces;
    private OptionalService<LDAPPluginService> ldapPluginService;

    @Context
    UriInfo uri;
    private static Logger log = Logger.getLogger(SignupPlugin.class.getName());
    static DMXEvent USER_ACCOUNT_CREATE_LISTENER = new DMXEvent(UserAccountCreateListener.class) { // from class: systems.dmx.signup.SignupPlugin.1
        public void dispatch(EventListener eventListener, Object... objArr) {
            ((UserAccountCreateListener) eventListener).userAccountCreated((Topic) objArr[0]);
        }
    };
    static DMXEvent SIGNUP_RESOURCE_REQUESTED = new DMXEvent(SignupResourceRequestedListener.class) { // from class: systems.dmx.signup.SignupPlugin.2
        public void dispatch(EventListener eventListener, Object... objArr) {
            ((SignupResourceRequestedListener) eventListener).signupResourceRequested((AbstractContext) objArr[0], (String) objArr[1]);
        }
    };
    private ModuleConfiguration activeModuleConfiguration = null;
    private Topic customWorkspaceAssignmentTopic = null;
    private String systemEmailContact = null;
    private ResourceBundle rb = null;
    HashMap<String, JSONObject> token = new HashMap<>();
    HashMap<String, JSONObject> pwToken = new HashMap<>();

    public void init() {
        initOptionalServices();
        initTemplateEngine();
        loadPluginLanguageProperty();
        reloadAssociatedSignupConfiguration();
        log.info("\n  dmx.signup.account_creation: " + SignUpConfigOptions.CONFIG_ACCOUNT_CREATION + "\n  dmx.signup.account_creation_password_handling: " + SignUpConfigOptions.CONFIG_ACCOUNT_CREATION_PASSWORD_HANDLING + "\n  dmx.signup.confirm_email_address: " + SignUpConfigOptions.CONFIG_EMAIL_CONFIRMATION + "\n  dmx.signup.admin_mailbox: " + SignUpConfigOptions.CONFIG_ADMIN_MAILBOX + "\n  dmx.signup.system_mailbox: " + SignUpConfigOptions.CONFIG_FROM_MAILBOX + "\n  dmx.signup.ldap_account_creation: " + SignUpConfigOptions.CONFIG_CREATE_LDAP_ACCOUNTS + "\n  dmx.signup.account_creation_auth_ws_uri: " + SignUpConfigOptions.CONFIG_ACCOUNT_CREATION_AUTH_WS_URI + "\n  dmx.signup.restrict_auth_methods: " + SignUpConfigOptions.CONFIG_RESTRICT_AUTH_METHODS + "\n  dmx.signup.token_expiration_time: " + SignUpConfigOptions.CONFIG_TOKEN_EXPIRATION_DURATION.toHours() + "\n");
        log.info("Available auth methods and order:" + getAuthorizationMethods() + "\n");
        if (!SignUpConfigOptions.CONFIG_CREATE_LDAP_ACCOUNTS || isLdapPluginAvailable()) {
            return;
        }
        log.warning("LDAP Account creation configured but respective plugin not available!");
    }

    private void initOptionalServices() {
        this.ldapPluginService = new OptionalService<>(getBundleContext(), () -> {
            return LDAPPluginService.class;
        });
    }

    public void stop(BundleContext bundleContext) {
        this.ldapPluginService.release();
        super.stop(bundleContext);
    }

    @GET
    @Produces({"application/json"})
    @Path("/translation/{locale}")
    public String getTranslationTable(@PathParam("locale") String str) {
        if (str.isEmpty()) {
            return null;
        }
        ResourceBundle bundle = ResourceBundle.getBundle("SignupMessages", new Locale(str));
        Enumeration<String> keys = bundle.getKeys();
        JSONObject jSONObject = new JSONObject();
        while (keys.hasMoreElements()) {
            try {
                String nextElement = keys.nextElement();
                jSONObject.put(nextElement, bundle.getString(nextElement));
            } catch (JSONException e) {
                Logger.getLogger(SignupPlugin.class.getName()).log(Level.SEVERE, (String) null, e);
            }
        }
        return jSONObject.toString();
    }

    @Override // systems.dmx.signup.SignupService
    @GET
    @Produces({"application/json"})
    @Path("/check/{username}")
    public String getUsernameAvailability(@PathParam("username") String str) {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("isAvailable", true);
            if (isUsernameTaken(str)) {
                jSONObject.put("isAvailable", false);
            }
            return jSONObject.toString();
        } catch (JSONException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    @Override // systems.dmx.signup.SignupService
    @GET
    @Path("/display-name/{username}")
    public String getDisplayName(@PathParam("username") String str) {
        RelatedTopic facet;
        try {
            Topic usernameTopic = this.accesscontrol.getUsernameTopic(str);
            if (usernameTopic == null || (facet = this.facets.getFacet(usernameTopic, Constants.DISPLAY_NAME_FACET)) == null) {
                return null;
            }
            return facet.getSimpleValue().toString();
        } catch (Exception e) {
            throw new RuntimeException("Fetching display name of user \"" + str + "\" failed", e);
        }
    }

    @Override // systems.dmx.signup.SignupService
    @Path("/display-name/{username}")
    @PUT
    @Transactional
    public void updateDisplayName(@PathParam("username") String str, @QueryParam("displayName") String str2) {
        try {
            this.dmx.getPrivilegedAccess().runInWorkspaceContext(getDisplayNamesWorkspaceId(), () -> {
                Topic usernameTopic = this.accesscontrol.getUsernameTopic(str);
                if (usernameTopic == null) {
                    return null;
                }
                this.facets.updateFacet(usernameTopic, Constants.DISPLAY_NAME_FACET, this.mf.newFacetValueModel(Constants.DISPLAY_NAME).set(str2));
                return null;
            });
        } catch (Exception e) {
            throw new RuntimeException("Updating display name of user \"" + str + "\" failed, displayName=\"" + str2 + "\"", e);
        }
    }

    @GET
    @Produces({"application/json"})
    @Path("/check/mailbox/{email}")
    public String getMailboxAvailability(@PathParam("email") String str) {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("isAvailable", true);
            if (isMailboxTaken(str)) {
                jSONObject.put("isAvailable", false);
            }
            return jSONObject.toString();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    @Override // systems.dmx.signup.SignupService
    @GET
    @Produces({"text/html"})
    @Path("/password-token/{email}")
    public Response initiatePasswordReset(@PathParam("email") String str) throws URISyntaxException {
        log.info("Password reset requested for user with Email: \"" + str + "\"");
        return initiatePasswordResetWithName(str, null);
    }

    @Override // systems.dmx.signup.SignupService
    @GET
    @Produces({"text/html"})
    @Path("/password-token/{email}/{name}")
    public Response initiatePasswordResetWithName(@PathParam("email") String str, @PathParam("name") String str2) throws URISyntaxException {
        String trim;
        log.info("Password reset requested for user with Email: \"" + str + "\" and Name: \"" + str2 + "\"");
        try {
            trim = str.toLowerCase().trim();
        } catch (URISyntaxException e) {
            Logger.getLogger(SignupPlugin.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
        }
        if (!this.dmx.getPrivilegedAccess().emailAddressExists(trim)) {
            log.info("Email based password reset workflow not do'able, Email Address does NOT EXIST => " + trim);
            return Response.temporaryRedirect(new URI("/sign-up/error")).build();
        }
        log.info("Email based password reset workflow do'able, sending out passwort reset mail.");
        sendPasswordResetToken(trim, str2, null);
        return Response.temporaryRedirect(new URI("/sign-up/token-info")).build();
    }

    @Override // systems.dmx.signup.SignupService
    @GET
    @Produces({"application/json"})
    @Path("/password-token/{email}/{redirectUrl}")
    public Response initiateRedirectPasswordReset(@PathParam("email") String str, @PathParam("redirectUrl") String str2) throws URISyntaxException {
        log.info("Password reset requested for user with Email: \"" + str + "\" wishing to redirect to: \"" + str2 + "\"");
        String trim = str.toLowerCase().trim();
        if (!this.dmx.getPrivilegedAccess().emailAddressExists(trim)) {
            log.warning("Email based password reset workflow not do'able, Email Address does NOT EXIST => " + trim);
            return Response.serverError().build();
        }
        log.info("Email based password reset workflow do'able, sending out passwort reset mail.");
        sendPasswordResetToken(trim, null, str2);
        return Response.ok().build();
    }

    @GET
    @Produces({"application/json"})
    @Path("/self-registration-active")
    public Response getSelfRegistrationStatus() {
        return Response.ok("" + isSelfRegistrationEnabled()).build();
    }

    @GET
    @Produces({"application/xhtml+xml"})
    @Path("/password-reset/{token}")
    public Viewable handlePasswordResetRequest(@CookieParam("last_authorization_method") String str, @PathParam("token") String str2) {
        try {
            if (!this.pwToken.containsKey(str2)) {
                viewData("message", this.rb.getString("link_invalid"));
            }
            JSONObject jSONObject = this.pwToken.get(str2);
            viewData("token", str2);
            if (jSONObject == null || jSONObject.getLong("expiration") <= new Date().getTime()) {
                log.warning("Sorry the link to reset the password for ... has expired.");
                viewData("message", this.rb.getString("reset_link_expired"));
                return getFailureView("updated");
            }
            Object string = jSONObject.getString("username");
            String string2 = jSONObject.getString("mailbox");
            log.info("Handling password reset request for Email: \"" + string2);
            viewData("mailbox", string2);
            viewData("requested_username", string);
            viewData("requested_display_name", jSONObject.has("name") ? jSONObject.getString("name") : "");
            viewData("password_requested_title", this.rb.getString("password_requested_title"));
            viewData("password_requested_button", this.rb.getString("password_requested_button"));
            if (jSONObject.has("redirectUrl")) {
                viewData("redirect_url", jSONObject.getString("redirectUrl"));
            }
            prepareSignupPage("password-reset", str);
            return view("password-reset");
        } catch (JSONException e) {
            log.severe("Sorry, an error occured during retriving your token. Please try again. " + e.getMessage());
            viewData("message", this.rb.getString("reset_link_error"));
            return getFailureView("updated");
        }
    }

    @GET
    @Path("/password-reset/{token}/{password}")
    @Produces({"application/xhtml+xml"})
    @Transactional
    public Viewable processPasswordUpdateRequest(@CookieParam("last_authorization_method") String str, @PathParam("token") String str2, @PathParam("password") String str3) {
        log.info("Processing Password Update Request Token... ");
        try {
            JSONObject jSONObject = this.pwToken.get(str2);
            if (jSONObject == null) {
                viewData("message", this.rb.getString("reset_password_error"));
                return getFailureView("updated");
            }
            Credentials credentials = new Credentials("dummy", "pass");
            credentials.username = jSONObject.getString("username").trim();
            if (isLdapAccountCreationEnabled()) {
                String base64Decode = Base64.base64Decode(str3);
                log.info("Change password attempt for \"" + credentials.username + "\". password-value string provided by client \"" + str3 + "\", plaintextPassword: \"" + base64Decode + "\"");
                credentials.plaintextPassword = base64Decode;
                credentials.password = str3;
                if (this.ldapPluginService.get().changePassword(credentials) == null) {
                    log.severe("Credentials for user " + credentials.username + " COULD NOT be changed succesfully.");
                    viewData("message", this.rb.getString("reset_password_error"));
                    return getFailureView("updated");
                }
                log.info("If no previous errors are reported here or in the LDAP-service log, the credentials for user " + credentials.username + " should now have been changed succesfully.");
            } else {
                credentials.password = str3;
                this.dmx.getPrivilegedAccess().changePassword(credentials);
                log.info("Credentials for user " + credentials.username + " were changed succesfully.");
            }
            this.pwToken.remove(str2);
            viewData("message", this.rb.getString("reset_password_ok"));
            prepareSignupPage("password-ok", str);
            return view("password-ok");
        } catch (JSONException e) {
            Logger.getLogger(SignupPlugin.class.getName()).log(Level.SEVERE, (String) null, e);
            viewData("message", this.rb.getString("reset_password_error"));
            return getFailureView("updated");
        }
    }

    @GET
    @Path("/password-reset/{token}/{password}")
    @Produces({"application/json"})
    @Transactional
    public Response processAjaxPasswordUpdateRequest(@PathParam("token") String str, @PathParam("password") String str2) {
        log.info("Processing Password Update Request Token... ");
        try {
            JSONObject jSONObject = this.pwToken.get(str);
            if (jSONObject == null) {
                return Response.serverError().build();
            }
            Credentials credentials = new Credentials("dummy", "pass");
            credentials.username = jSONObject.getString("username").trim();
            if (isLdapAccountCreationEnabled()) {
                String base64Decode = Base64.base64Decode(str2);
                log.info("Change password attempt for \"" + credentials.username + "\". password-value string provided by client \"" + str2 + "\", plaintextPassword: \"" + base64Decode + "\"");
                credentials.plaintextPassword = base64Decode;
                credentials.password = str2;
                if (this.ldapPluginService.get().changePassword(credentials) == null) {
                    log.severe("Credentials for user " + credentials.username + " COULD NOT be changed succesfully.");
                    return Response.serverError().build();
                }
                log.info("If no previous errors are reported here or in the LDAP-service log, the credentials for user " + credentials.username + " should now have been changed succesfully.");
            } else {
                credentials.password = str2;
                this.dmx.getPrivilegedAccess().changePassword(credentials);
                log.info("Credentials for user " + credentials.username + " were changed succesfully.");
            }
            this.pwToken.remove(str);
            return Response.ok().build();
        } catch (JSONException e) {
            Logger.getLogger(SignupPlugin.class.getName()).log(Level.SEVERE, (String) null, e);
            return Response.serverError().build();
        }
    }

    @Override // systems.dmx.signup.SignupService
    @GET
    @Path("/handle/{username}/{pass-one}/{mailbox}/{skipConfirmation}")
    @Produces({"application/xhtml+xml"})
    @Transactional
    public Viewable handleSignupRequest(@PathParam("username") String str, @PathParam("pass-one") String str2, @PathParam("mailbox") String str3, @PathParam("skipConfirmation") boolean z) {
        if (SignUpConfigOptions.CONFIG_ACCOUNT_CREATION == AccountCreation.DISABLED || !hasAccountCreationPrivilege()) {
            throw new WebApplicationException(Response.noContent().build());
        }
        try {
            if (SignUpConfigOptions.CONFIG_EMAIL_CONFIRMATION) {
                handleSignupRequestWithEmailConfirmation(str, str2, str3, z);
            } else {
                handleSignupRequestWithDirectAccountCreation(str, str2, str3);
            }
        } catch (URISyntaxException e) {
            log.log(Level.SEVERE, "Could not build response URI while handling sign-up request", (Throwable) e);
        }
        return getFailureView("created");
    }

    private void handleSignupRequestWithDirectAccountCreation(String str, String str2, String str3) throws URISyntaxException {
        if (!isSelfRegistrationEnabled() && !hasAccountCreationPrivilege()) {
            throw new WebApplicationException(Response.noContent().build());
        }
        createSimpleUserAccount(str, str2, str3);
        handleAccountCreatedRedirect(str);
    }

    private void handleSignupRequestWithEmailConfirmation(String str, String str2, String str3, boolean z) throws URISyntaxException {
        if (!z || !hasAccountCreationPrivilege()) {
            log.info("Sign-up Configuration: Email based confirmation workflow active, send out confirmation mail.");
            sendUserValidationToken(str, str2, str3);
            throw new WebApplicationException(Response.temporaryRedirect(new URI("/sign-up/token-info")).build());
        }
        if (SignUpConfigOptions.CONFIG_ACCOUNT_CREATION != AccountCreation.ADMIN) {
            throw new WebApplicationException(Response.noContent().build());
        }
        log.info("Sign-up Configuration: Email based confirmation workflow active, Administrator skipping confirmation mail.");
        createSimpleUserAccount(str, str2, str3);
        handleAccountCreatedRedirect(str);
    }

    @Override // systems.dmx.signup.SignupService
    @GET
    @Produces({"text/html"})
    @Path("/handle/{username}/{pass-one}/{mailbox}")
    public Viewable handleSignupRequest(@PathParam("username") String str, @PathParam("pass-one") String str2, @PathParam("mailbox") String str3) {
        return handleSignupRequest(str, str2, str3, false);
    }

    @GET
    @Produces({"application/xhtml+xml"})
    @Path("/custom-handle/{mailbox}/{displayname}/{password}")
    public Viewable handleCustomSignupRequest(@PathParam("mailbox") String str, @PathParam("displayname") String str2, @PathParam("password") String str3) throws URISyntaxException {
        if (hasAccountCreationPrivilege() || isSelfRegistrationEnabled()) {
            transactional(() -> {
                createCustomUserAccount(str, str2, str3);
            });
            log.info("Created new user account for user with display \"" + str2 + "\" and mailbox " + str);
            handleAccountCreatedRedirect(str);
        }
        return getFailureView("created");
    }

    @GET
    @Path("/custom-handle/{mailbox}/{displayname}/{password}")
    @Produces({"application/json"})
    @Transactional
    public Topic handleCustomAJAXSignupRequest(@PathParam("mailbox") String str, @PathParam("displayname") String str2, @PathParam("password") String str3) throws URISyntaxException {
        checkAccountCreation();
        Topic createCustomUserAccount = createCustomUserAccount(str, str2, str3);
        log.info("Created new user account for user with display \"" + str2 + "\" and mailbox " + str);
        return createCustomUserAccount;
    }

    private Topic createCustomUserAccount(String str, String str2, String str3) {
        try {
            final String createSimpleUserAccount = createSimpleUserAccount(str.trim(), str3, str.trim());
            final String trim = str2.trim();
            Topic usernameTopic = this.accesscontrol.getUsernameTopic(createSimpleUserAccount);
            final long id = usernameTopic.getId();
            final long displayNamesWorkspaceId = getDisplayNamesWorkspaceId();
            this.dmx.getPrivilegedAccess().runInWorkspaceContext(displayNamesWorkspaceId, new Callable<Topic>() { // from class: systems.dmx.signup.SignupPlugin.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.concurrent.Callable
                public Topic call() {
                    SignupPlugin.this.facets.addFacetTypeToTopic(id, Constants.DISPLAY_NAME_FACET);
                    SignupPlugin.this.facets.updateFacet(id, Constants.DISPLAY_NAME_FACET, SignupPlugin.this.mf.newFacetValueModel(Constants.DISPLAY_NAME).set(trim));
                    SignupPlugin.this.accesscontrol.createMembership(createSimpleUserAccount, displayNamesWorkspaceId);
                    SignupPlugin.log.info("Created membership for new user account in \"Display Names\" workspace (SharingMode.Collaborative)");
                    return SignupPlugin.this.facets.getFacet(id, Constants.DISPLAY_NAME_FACET);
                }
            });
            return usernameTopic;
        } catch (Exception e) {
            throw new RuntimeException("Creating custom user account failed, mailbox=\"" + str + "\", displayName=\"" + str2 + "\"", e);
        }
    }

    public long getDisplayNamesWorkspaceId() {
        Topic workspace = this.workspaces.getWorkspace(Constants.DISPLAY_NAME_WS_URI);
        if (workspace != null) {
            return workspace.getId();
        }
        return -1L;
    }

    @GET
    @Path("/confirm/{token}")
    @Produces({"application/xhtml+xml"})
    @Transactional
    public Viewable processSignupRequest(@CookieParam("last_authorization_method") String str, @PathParam("token") String str2) {
        if (!this.token.containsKey(str2)) {
            viewData("username", null);
            viewData("message", this.rb.getString("link_invalid"));
            return getFailureView("created");
        }
        JSONObject jSONObject = this.token.get(str2);
        this.token.remove(str2);
        try {
            String string = jSONObject.getString("username");
            if (jSONObject.getLong("expiration") <= new Date().getTime()) {
                viewData("username", null);
                viewData("message", this.rb.getString("link_expired"));
                return getFailureView("created");
            }
            log.log(Level.INFO, "Trying to create user account for {0}", jSONObject.getString("mailbox"));
            createSimpleUserAccount(string, jSONObject.getString("password"), jSONObject.getString("mailbox"));
            log.log(Level.INFO, "Account succesfully created for username: {0}", string);
            viewData("message", this.rb.getString("account_created"));
            if (SignUpConfigOptions.DMX_ACCOUNTS_ENABLED) {
                return getAccountCreationOKView(str, string);
            }
            log.log(Level.INFO, "> Account activation by an administrator remains PENDING ");
            return getAccountCreationPendingView(str);
        } catch (JSONException e) {
            Logger.getLogger(SignupPlugin.class.getName()).log(Level.SEVERE, (String) null, e);
            viewData("message", this.rb.getString("internal_error"));
            log.log(Level.SEVERE, "Account creation failed due to {0} caused by {1}", new Object[]{e.getMessage(), e.getCause().toString()});
            return getFailureView("created");
        }
    }

    @Override // systems.dmx.signup.SignupService
    @POST
    @Path("/confirm/membership/custom")
    @Transactional
    public String createAPIWorkspaceMembershipRequest() {
        Topic topicByUri = this.dmx.getTopicByUri("dmx.signup.api_membership_requests");
        if (topicByUri == null || this.accesscontrol.getUsername() == null) {
            return "{ \"membership_created\" : false}";
        }
        Topic usernameTopic = this.accesscontrol.getUsernameTopic();
        createApiWorkspaceMembership(usernameTopic);
        if (getDefaultAssociation(usernameTopic.getId(), topicByUri.getId()) == null) {
            createApiMembershipRequestNoteAssociation(usernameTopic, topicByUri);
            return "{ \"membership_created\" : true}";
        }
        log.info("Revoke Request for API Workspace Membership by user \"" + usernameTopic.getSimpleValue().toString() + "\"");
        sendSystemMailboxNotification("API Usage Revoked", "<br>Hi admin,<br><br>" + usernameTopic.getSimpleValue().toString() + " just revoked his/her acceptance to your Terms of Service for API-Usage.<br><br>Just wanted to let you know.<br>Cheers!");
        return "{ \"membership_created\" : true}";
    }

    public void postUpdateTopic(Topic topic, ChangeReport changeReport, TopicModel topicModel) {
        if (topic.getTypeUri().equals(Constants.SIGN_UP_CONFIG_TYPE_URI)) {
            reloadAssociatedSignupConfiguration();
            return;
        }
        if (topic.getTypeUri().equals("dmx.accesscontrol.login_enabled")) {
            boolean parseBoolean = Boolean.parseBoolean(topic.getSimpleValue().toString());
            RelatedTopic relatedTopic = topic.getRelatedTopic("dmx.config.configuration", (String) null, (String) null, "dmx.accesscontrol.username");
            if (!parseBoolean || SignUpConfigOptions.DMX_ACCOUNTS_ENABLED) {
                return;
            }
            log.info("Sign-up Notification: User Account \"" + relatedTopic.getSimpleValue() + "\" is now ENABLED!");
            String webAppTitle = this.activeModuleConfiguration.getWebAppTitle();
            RelatedTopic relatedTopic2 = relatedTopic.getRelatedTopic(Constants.USER_MAILBOX_EDGE_TYPE, (String) null, (String) null, Constants.USER_MAILBOX_TYPE_URI);
            if (relatedTopic2 != null) {
                String simpleValue = relatedTopic2.getSimpleValue().toString();
                sendSystemMail("Your account on " + webAppTitle + " is now active", this.rb.getString("mail_hello") + " " + relatedTopic.getSimpleValue() + ",<br><br>your account on <a href=\"" + SignUpConfigOptions.DMX_HOST_URL + "\">" + webAppTitle + "</a> is now active.<br><br>" + this.rb.getString("mail_ciao"), simpleValue);
                log.info("Send system notification mail to " + simpleValue + " - The account is now active!");
            }
        }
    }

    @GET
    @Produces({"application/xhtml+xml"})
    public Viewable getSignupFormView(@CookieParam("last_authorization_method") String str) throws URISyntaxException {
        String str2 = null;
        switch (SignUpConfigOptions.CONFIG_ACCOUNT_CREATION) {
            case DISABLED:
                str2 = isLoggedIn().booleanValue() ? "logout" : "login";
                break;
            case ADMIN:
                str2 = isLoggedIn().booleanValue() ? hasAccountCreationPrivilege() ? "sign-up" : "logout" : "login";
                break;
            case PUBLIC:
                str2 = (!isLoggedIn().booleanValue() || hasAccountCreationPrivilege()) ? "sign-up" : "logout";
                break;
        }
        prepareSignupPage(str2, str);
        return view(str2);
    }

    private Boolean isLoggedIn() {
        return Boolean.valueOf(this.accesscontrol.getUsername() != null);
    }

    @GET
    @Produces({"application/xhtml+xml"})
    @Path("/login")
    public Viewable getLoginView(@CookieParam("last_authorization_method") String str) {
        if (this.accesscontrol.getUsername() != null) {
            prepareSignupPage("logout", str);
            return view("logout");
        }
        prepareSignupPage("login", str);
        return view("login");
    }

    @GET
    @Produces({"application/xhtml+xml"})
    @Path("/request-password")
    public Viewable getPasswordResetView(@CookieParam("last_authorization_method") String str) {
        prepareSignupPage("request-password", str);
        return view("request-password");
    }

    @GET
    @Produces({"application/xhtml+xml"})
    @Path("/{username}/ok")
    public Viewable getAccountCreationOKView(@CookieParam("last_authorization_method") String str, @PathParam("username") String str2) {
        prepareSignupPage("ok", str);
        viewData("requested_username", str2);
        return view("ok");
    }

    @GET
    @Produces({"application/xhtml+xml"})
    @Path("/pending")
    public Viewable getAccountCreationPendingView(@CookieParam("last_authorization_method") String str) {
        prepareSignupPage("pending", str);
        return view("pending");
    }

    @GET
    @Produces({"application/xhtml+xml"})
    @Path("/error")
    public Viewable getFailureView(@CookieParam("last_authorization_method") String str) {
        return getFailureView(null, str);
    }

    private Viewable getFailureView(String str, String str2) {
        if (str == null || !str.equals("created")) {
            viewData("status_label", this.rb.getString("status_label_updated"));
        } else {
            viewData("status_label", this.rb.getString("status_label_created"));
        }
        viewData("account_failure_message", this.rb.getString("account_failure_message"));
        viewData("please_try_1", this.rb.getString("please_try_1"));
        viewData("please_try_2", this.rb.getString("please_try_2"));
        viewData("please_try_3", this.rb.getString("please_try_3"));
        prepareSignupPage("failure", str2);
        return view("failure");
    }

    @GET
    @Produces({"application/xhtml+xml"})
    @Path("/token-info")
    public Viewable getConfirmationInfoView(@CookieParam("last_authorization_method") String str) {
        prepareSignupPage("account-confirmation", str);
        return view("account-confirmation");
    }

    @GET
    @Produces({"application/xhtml+xml"})
    @Path("/edit")
    public Viewable getAccountDetailsView(@CookieParam("last_authorization_method") String str) {
        prepareSignupPage("account-edit", str);
        prepareAccountEditPage();
        return view("account-edit");
    }

    @Override // systems.dmx.signup.SignupService
    public void sendSystemMailboxNotification(String str, String str2) {
        if (SignUpConfigOptions.CONFIG_ADMIN_MAILBOX.isEmpty()) {
            log.info("Did not send notification mail to System Mailbox - Admin Mailbox Empty");
            return;
        }
        try {
            sendSystemMail(str, str2, SignUpConfigOptions.CONFIG_ADMIN_MAILBOX);
        } catch (Exception e) {
            log.severe("There seems to be an issue with your mail (SMTP) setup, we FAILED sending out a notification mail to the \"System Mailbox\", caused by: " + e.getMessage());
        }
    }

    @Override // systems.dmx.signup.SignupService
    public void sendUserMailboxNotification(String str, String str2, String str3) {
        try {
            sendSystemMail(str2, str3, str);
        } catch (Exception e) {
            log.severe("There seems to be an issue with your mail (SMTP) setup, we FAILED sending out a notification mail to User \"" + str + "\", caused by: " + e.getMessage());
        }
    }

    private boolean isLdapPluginAvailable() {
        try {
            return this.ldapPluginService.get() != null;
        } catch (NoClassDefFoundError e) {
            return false;
        }
    }

    private boolean isLdapAccountCreationEnabled() {
        return SignUpConfigOptions.CONFIG_CREATE_LDAP_ACCOUNTS && isLdapPluginAvailable();
    }

    private boolean isAccountCreationPasswordEditable() {
        return SignUpConfigOptions.CONFIG_ACCOUNT_CREATION_PASSWORD_HANDLING == AccountCreation.PasswordHandling.EDITABLE;
    }

    private Topic createUsername(Credentials credentials) throws Exception {
        return isLdapAccountCreationEnabled() ? this.ldapPluginService.get().createUser(credentials) : this.accesscontrol._createUserAccount(credentials);
    }

    @Override // systems.dmx.signup.SignupService
    public String createSimpleUserAccount(String str, String str2, final String str3) {
        Credentials credentials;
        try {
            if (isUsernameTaken(str)) {
                throw new RuntimeException("Username was already registered and confirmed!");
            }
            if (isLdapAccountCreationEnabled()) {
                String base64Decode = Base64.base64Decode(str2);
                credentials = new Credentials(str.trim(), base64Decode);
                credentials.plaintextPassword = base64Decode;
            } else {
                credentials = new Credentials(new JSONObject().put("username", str.trim()).put("password", str2.trim()));
            }
            final Topic createUsername = createUsername(credentials);
            this.dmx.getPrivilegedAccess().runInWorkspaceContext(this.dmx.getPrivilegedAccess().getSystemWorkspaceId(), new Callable<Topic>() { // from class: systems.dmx.signup.SignupPlugin.4
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.concurrent.Callable
                public Topic call() {
                    Topic createTopic = SignupPlugin.this.dmx.createTopic(SignupPlugin.this.mf.newTopicModel(Constants.USER_MAILBOX_TYPE_URI, new SimpleValue(str3)));
                    SignupPlugin.this.dmx.fireEvent(SignupPlugin.USER_ACCOUNT_CREATE_LISTENER, new Object[]{createUsername});
                    SignupPlugin.this.dmx.createAssoc(SignupPlugin.this.mf.newAssocModel(Constants.USER_MAILBOX_EDGE_TYPE, SignupPlugin.this.mf.newTopicPlayerModel(createTopic.getId(), "dmx.core.child"), SignupPlugin.this.mf.newTopicPlayerModel(createUsername.getId(), "dmx.core.parent")));
                    if (SignupPlugin.this.customWorkspaceAssignmentTopic != null) {
                        SignupPlugin.this.accesscontrol.createMembership(createUsername.getSimpleValue().toString(), SignupPlugin.this.customWorkspaceAssignmentTopic.getId());
                        SignupPlugin.log.info("Created new Membership for " + createUsername.getSimpleValue().toString() + " in workspace=" + SignupPlugin.this.customWorkspaceAssignmentTopic.getSimpleValue().toString());
                    }
                    return createTopic;
                }
            });
            log.info("Created new user account for user \"" + str + "\" and " + str3);
            sendNotificationMail(str, str3.trim());
            return str;
        } catch (Exception e) {
            throw new RuntimeException("Creating simple user account failed, username=\"" + str + "\", mailbox=\"" + str3 + "\"", e);
        }
    }

    @Override // systems.dmx.signup.SignupService
    public boolean isMailboxTaken(String str) {
        return this.dmx.getPrivilegedAccess().emailAddressExists(str.toLowerCase().trim());
    }

    @Override // systems.dmx.signup.SignupService
    public boolean isUsernameTaken(String str) {
        return this.accesscontrol.getUsernameTopic(str.trim()) != null;
    }

    @Override // systems.dmx.signup.SignupService
    public boolean isValidEmailAddress(String str) {
        return true;
    }

    private void handleAccountCreatedRedirect(String str) throws URISyntaxException {
        if (SignUpConfigOptions.DMX_ACCOUNTS_ENABLED) {
            log.info("DMX Config: The new account is now ENABLED, redirecting to OK page.");
            throw new WebApplicationException(Response.temporaryRedirect(new URI("/sign-up/" + str + "/ok")).build());
        }
        log.info("DMX Config: The new account is now DISABLED, redirecting to PENDING page.");
        throw new WebApplicationException(Response.temporaryRedirect(new URI("/sign-up/pending")).build());
    }

    private boolean isSelfRegistrationEnabled() {
        return SignUpConfigOptions.CONFIG_ACCOUNT_CREATION == AccountCreation.PUBLIC;
    }

    private boolean hasAccountCreationPrivilege() {
        try {
            checkAccountCreation();
            return true;
        } catch (AccessControlException e) {
            return false;
        } catch (RuntimeException e2) {
            return false;
        }
    }

    private void checkAccountCreation() {
        if (!isAccountCreationWorkspaceUriConfigured()) {
            checkAdministrationWorkspaceWriteAccess();
            return;
        }
        try {
            checkAccountCreationWorkspaceWriteAccess();
        } catch (RuntimeException e) {
            checkAdministrationWorkspaceWriteAccess();
        } catch (AccessControlException e2) {
            checkAdministrationWorkspaceWriteAccess();
        }
    }

    private void checkAdministrationWorkspaceWriteAccess() {
        this.dmx.getTopic(this.dmx.getPrivilegedAccess().getAdminWorkspaceId()).checkWriteAccess();
    }

    private boolean isAccountCreationWorkspaceUriConfigured() {
        return !SignUpConfigOptions.CONFIG_ACCOUNT_CREATION_AUTH_WS_URI.isEmpty();
    }

    private void checkAccountCreationWorkspaceWriteAccess() {
        this.dmx.getTopic(this.workspaces.getWorkspace(SignUpConfigOptions.CONFIG_ACCOUNT_CREATION_AUTH_WS_URI).getId()).checkWriteAccess();
    }

    private boolean isApiWorkspaceMember() {
        String username = this.accesscontrol.getUsername();
        if (username == null) {
            return false;
        }
        String apiWorkspaceUri = this.activeModuleConfiguration.getApiWorkspaceUri();
        if (apiWorkspaceUri.isEmpty() || apiWorkspaceUri.equals("undefined")) {
            return getDefaultAssociation(this.accesscontrol.getUsernameTopic().getId(), this.dmx.getTopicByUri("dmx.signup.api_membership_requests").getId()) != null;
        }
        Topic workspace = this.dmx.getPrivilegedAccess().getWorkspace(apiWorkspaceUri);
        if (workspace != null) {
            return this.accesscontrol.isMember(username, workspace.getId());
        }
        return false;
    }

    private void sendUserValidationToken(String str, String str2, String str3) {
        sendConfirmationMail(createUserValidationToken(str, str2, str3), str, str3.trim());
    }

    private void sendPasswordResetToken(String str, String str2, String str3) {
        String username = this.dmx.getPrivilegedAccess().getUsername(str);
        sendPasswordResetMail(createPasswordResetToken(username, str, str2, str3), username, str.trim(), str2);
    }

    private String createUserValidationToken(String str, String str2, String str3) {
        try {
            String uuid = UUID.randomUUID().toString();
            long calculateTokenExpiration = calculateTokenExpiration();
            this.token.put(uuid, new JSONObject().put("username", str.trim()).put("mailbox", str3.trim()).put("password", str2).put("expiration", calculateTokenExpiration));
            log.log(Level.INFO, "Set up key {0} for {1} sending confirmation mail valid till {3}", new Object[]{uuid, str3, new Date(calculateTokenExpiration).toString()});
            return uuid;
        } catch (JSONException e) {
            Logger.getLogger(SignupPlugin.class.getName()).log(Level.SEVERE, (String) null, e);
            throw new RuntimeException(e);
        }
    }

    private long calculateTokenExpiration() {
        return Instant.now().plus((TemporalAmount) SignUpConfigOptions.CONFIG_TOKEN_EXPIRATION_DURATION).toEpochMilli();
    }

    private String createPasswordResetToken(String str, String str2, String str3, String str4) {
        try {
            String uuid = UUID.randomUUID().toString();
            long calculateTokenExpiration = calculateTokenExpiration();
            this.pwToken.put(uuid, new JSONObject().put("username", str.trim()).put("mailbox", str2.trim()).put("name", str3 != null ? str3.trim() : "").put("expiration", calculateTokenExpiration).put("redirectUrl", str4));
            log.log(Level.INFO, "Set up pwToken {0} for {1} send passwort reset mail valid till {3}", new Object[]{uuid, str2, new Date(calculateTokenExpiration).toString()});
            return uuid;
        } catch (JSONException e) {
            Logger.getLogger(SignupPlugin.class.getName()).log(Level.SEVERE, (String) null, e);
            throw new RuntimeException(e);
        }
    }

    private void createApiMembershipRequestNoteAssociation(Topic topic, Topic topic2) {
        this.dmx.getPrivilegedAccess().assignToWorkspace(this.dmx.createAssoc(this.mf.newAssocModel("dmx.core.association", this.mf.newTopicPlayerModel(topic.getId(), "dmx.core.default"), this.mf.newTopicPlayerModel(topic2.getId(), "dmx.core.default"))), this.dmx.getPrivilegedAccess().getSystemWorkspaceId());
        log.info("Request for new custom API Workspace Membership by user \"" + topic.getSimpleValue().toString() + "\"");
        sendSystemMailboxNotification("API Usage Requested", "<br>Hi admin,<br><br>" + topic.getSimpleValue().toString() + " accepted the Terms of Service for API Usage.<br><br>Just wanted to let you know.<br>Cheers!");
    }

    private void createApiWorkspaceMembership(Topic topic) {
        String apiWorkspaceUri = this.activeModuleConfiguration.getApiWorkspaceUri();
        if (apiWorkspaceUri.isEmpty() || apiWorkspaceUri.equals("undefined")) {
            log.info("No API Workspace Configured: You must enter the URI of a programmatically created workspace topic into your current \"Signup Configuration\".");
            return;
        }
        Topic workspace = this.dmx.getPrivilegedAccess().getWorkspace(apiWorkspaceUri);
        if (workspace != null) {
            log.info("Request for new custom API Workspace Membership by user \"" + topic.getSimpleValue().toString() + "\"");
            this.accesscontrol.createMembership(topic.getSimpleValue().toString(), workspace.getId());
            return;
        }
        log.info("Revoke Request for API Workspace Membership by user \"" + topic.getSimpleValue().toString() + "\"");
        if (!this.accesscontrol.isMember(topic.getSimpleValue().toString(), workspace.getId())) {
            log.info("Skipped Revoke Request for non-existent API Workspace Membership for \"" + topic.getSimpleValue().toString() + "\"");
        } else {
            this.dmx.deleteAssoc(getMembershipAssociation(topic.getId(), workspace.getId()).getId());
        }
    }

    private void reloadAssociatedSignupConfiguration() {
        this.activeModuleConfiguration = getCurrentSignupConfiguration();
        if (!this.activeModuleConfiguration.isValid()) {
            log.warning("Could not load associated Sign-up Plugin Configuration Topic during init/postUpdate");
            return;
        }
        this.activeModuleConfiguration.reload();
        this.customWorkspaceAssignmentTopic = this.activeModuleConfiguration.getCustomWorkspaceAssignmentTopic();
        if (this.customWorkspaceAssignmentTopic != null) {
            log.info("Configured Custom Sign-up Workspace => \"" + this.customWorkspaceAssignmentTopic.getSimpleValue() + "\"");
        }
        log.log(Level.INFO, "Sign-up Configuration Loaded (URI=\"{0}\"), Name=\"{1}\"", new Object[]{this.activeModuleConfiguration.getConfigurationUri(), this.activeModuleConfiguration.getConfigurationName()});
    }

    private void sendConfirmationMail(String str, String str2, String str3) {
        try {
            String webAppTitle = this.activeModuleConfiguration.getWebAppTitle();
            URL url = new URL(SignUpConfigOptions.DMX_HOST_URL);
            log.info("The confirmation mails token request URL should be:\n" + url + "sign-up/confirm/" + str);
            String str4 = this.rb.getString("mail_confirmation_subject") + " - " + webAppTitle;
            try {
                String str5 = "<a href=\"" + url + "sign-up/confirm/" + str + "\">" + this.rb.getString("mail_confirmation_link_label") + "</a>";
                if (SignUpConfigOptions.DMX_ACCOUNTS_ENABLED) {
                    sendSystemMail(str4, this.rb.getString("mail_hello") + " " + str2 + ",<br><br>" + this.rb.getString("mail_confirmation_active_body") + "<br><br>" + str5 + "<br><br>" + this.rb.getString("mail_ciao"), str3);
                } else {
                    sendSystemMail(str4, this.rb.getString("mail_hello") + " " + str2 + ",<br><br>" + this.rb.getString("mail_confirmation_proceed_1") + "<br>" + str5 + "<br><br>" + this.rb.getString("mail_confirmation_proceed_2") + "<br><br>" + this.rb.getString("mail_ciao"), str3);
                }
            } catch (Exception e) {
                log.severe("There seems to be an issue with your mail (SMTP) setup, we FAILED sending out the \"Email Confirmation\" mail, caused by: " + e.getMessage());
            }
        } catch (MalformedURLException e2) {
            throw new RuntimeException(e2);
        }
    }

    private void sendPasswordResetMail(String str, String str2, String str3, String str4) {
        try {
            String webAppTitle = this.activeModuleConfiguration.getWebAppTitle();
            URL url = new URL(SignUpConfigOptions.DMX_HOST_URL);
            log.info("The password reset mails token request URL should be:\n" + url + "sign-up/password-reset/" + str);
            String str5 = url + "sign-up/password-reset/" + str;
            if (str4 != null) {
                try {
                    if (!str4.isEmpty()) {
                    }
                } catch (Exception e) {
                    log.severe("There seems to be an issue with your mail (SMTP) setup, we FAILED sending out the \"Password Reset\" mail, caused by: " + e.getMessage());
                }
            }
            sendSystemMail(this.rb.getString("mail_pw_reset_title") + " " + webAppTitle, this.rb.getString("mail_hello") + "!<br><br>" + this.rb.getString("mail_pw_reset_body") + "<br><a href=\"" + str5 + "\">" + str5 + "</a><br><br>" + this.rb.getString("mail_cheers") + "<br>" + this.rb.getString("mail_signature"), str3);
        } catch (MalformedURLException e2) {
            throw new RuntimeException(e2);
        }
    }

    private void sendNotificationMail(String str, String str2) {
        String webAppTitle = this.activeModuleConfiguration.getWebAppTitle();
        if (SignUpConfigOptions.CONFIG_ADMIN_MAILBOX == null || SignUpConfigOptions.CONFIG_ADMIN_MAILBOX.isEmpty()) {
            log.info("ADMIN: No \"Admin Mailbox\" configured: A new user account (" + str + ") was created but no notification could be sent.");
            return;
        }
        try {
            sendSystemMail("Account registration on " + webAppTitle, "<br>A user has registered.<br><br>Username: " + str + "<br>Email: " + str2, SignUpConfigOptions.CONFIG_ADMIN_MAILBOX);
        } catch (Exception e) {
            log.severe("There seems to be an issue with your mail (SMTP) setup, we FAILED notifying the \"system mailbox\" about account creation, caused by: " + e.getMessage());
        }
    }

    private void sendSystemMail(String str, String str2, String str3) {
        String projectTitle = this.activeModuleConfiguration.getProjectTitle();
        this.sendmail.doEmailRecipientAs(SignUpConfigOptions.CONFIG_FROM_MAILBOX, projectTitle, str, str2, str3);
    }

    private Assoc getDefaultAssociation(long j, long j2) {
        return this.dmx.getAssocBetweenTopicAndTopic("dmx.core.association", j, j2, "dmx.core.default", "dmx.core.default");
    }

    private Assoc getMembershipAssociation(long j, long j2) {
        return this.dmx.getAssocBetweenTopicAndTopic("dmx.accesscontrol.membership", j, j2, "dmx.core.default", "dmx.core.default");
    }

    private void loadPluginLanguageProperty() {
        try {
            Properties properties = new Properties();
            properties.load(getStaticResource("/plugin.properties"));
            String property = properties.getProperty(Constants.SIGN_UP_LANGUAGE_PROPERTY);
            if (property == null || property.toLowerCase().equals("en")) {
                log.info("Sign-up Plugin Language option sets labels to ENGLISH");
                this.rb = ResourceBundle.getBundle("SignupMessages", Locale.ENGLISH);
            } else if (property.toLowerCase().equals("de")) {
                log.info("Sign-up Plugin Language \"" + property + "\" sets labels to GERMAN");
                this.rb = ResourceBundle.getBundle("SignupMessages", Locale.GERMAN);
            } else if (property.toLowerCase().equals("fr")) {
                log.info("Sign-up Plugin Language \"" + property + "\" sets labels to FRENCH");
                this.rb = ResourceBundle.getBundle("SignupMessages", Locale.FRENCH);
            }
        } catch (IOException e) {
            log.warning("Could not find Sign-up plugin properties - use default resource bundle for labels");
            this.rb = ResourceBundle.getBundle("SignupMessages", Locale.ENGLISH);
        }
    }

    private ModuleConfiguration getCurrentSignupConfiguration() {
        return new ModuleConfiguration(this.dmx.getTopicByUri("dmx.signup.default_configuration"));
    }

    private List<String> getAuthorizationMethods() {
        HashMap hashMap = new HashMap();
        HashSet<String> hashSet = new HashSet(this.accesscontrol.getAuthorizationMethods());
        hashSet.add("Basic");
        for (String str : hashSet) {
            hashMap.put(str.toLowerCase(), str);
        }
        ArrayList arrayList = new ArrayList();
        if (SignUpConfigOptions.CONFIG_RESTRICT_AUTH_METHODS.trim().length() > 0) {
            for (String str2 : SignUpConfigOptions.CONFIG_RESTRICT_AUTH_METHODS.split(",")) {
                String str3 = (String) hashMap.get(str2.trim().toLowerCase());
                if (str3 != null) {
                    arrayList.add(str3);
                }
            }
        } else {
            arrayList.addAll(hashSet);
        }
        return arrayList;
    }

    private void prepareSignupPage(String str, String str2) {
        if (!this.activeModuleConfiguration.isValid()) {
            log.severe("Could not load module configuration of sign-up plugin during page preparation!");
            return;
        }
        this.dmx.fireEvent(SIGNUP_RESOURCE_REQUESTED, new Object[]{context(), str});
        viewData("authorization_methods", getAuthorizationMethods());
        viewData("last_authorization_method", str2);
        viewData("account_creation_method_is_ldap", Boolean.valueOf(isLdapAccountCreationEnabled()));
        viewData("is_account_creation_password_editable", Boolean.valueOf(isAccountCreationPasswordEditable()));
        viewData("self_registration_enabled", Boolean.valueOf(isSelfRegistrationEnabled()));
        viewData("title", this.activeModuleConfiguration.getWebAppTitle());
        viewData("logo_path", this.activeModuleConfiguration.getLogoPath());
        viewData("css_path", this.activeModuleConfiguration.getCssPath());
        viewData("project_name", this.activeModuleConfiguration.getProjectTitle());
        viewData("read_more_url", this.activeModuleConfiguration.getReadMoreUrl());
        viewData("tos_label", this.activeModuleConfiguration.getTosLabel());
        viewData("tos_details", this.activeModuleConfiguration.getTosDetails());
        viewData("pd_label", this.activeModuleConfiguration.getPdLabel());
        viewData("pd_details", this.activeModuleConfiguration.getPdDetails());
        viewData("footer", this.activeModuleConfiguration.getPagesFooter());
        viewData("custom_workspace_enabled", this.activeModuleConfiguration.getApiEnabled());
        viewData("custom_workspace_description", this.activeModuleConfiguration.getApiDescription());
        viewData("custom_workspace_details", this.activeModuleConfiguration.getApiDetails());
        viewData("custom_workspace_uri", this.activeModuleConfiguration.getApiWorkspaceUri());
        viewData("start_url", this.activeModuleConfiguration.getStartUrl());
        viewData("visit_start_url", this.rb.getString("visit_start_url"));
        viewData("home_url", this.activeModuleConfiguration.getHomeUrl());
        viewData("visit_home_url", this.rb.getString("visit_home_url"));
        viewData("loading_app_hint", this.activeModuleConfiguration.getLoadingAppHint());
        viewData("logging_out_hint", this.activeModuleConfiguration.getLoggingOutHint());
        viewData("password_length_hint", this.rb.getString("password_length_hint"));
        viewData("password_match_hint", this.rb.getString("password_match_hint"));
        viewData("check_terms_hint", this.rb.getString("check_terms_hint"));
        viewData("username_invalid_hint", this.rb.getString("username_invalid_hint"));
        viewData("username_taken_hint", this.rb.getString("username_taken_hint"));
        viewData("email_invalid_hint", this.rb.getString("email_invalid_hint"));
        viewData("email_taken_hint", this.rb.getString("email_taken_hint"));
        viewData("not_authorized_message", this.rb.getString("not_authorized_message"));
        viewData("signup_title", this.rb.getString("signup_title"));
        viewData("create_account", this.rb.getString("create_account"));
        viewData("login_title", this.rb.getString("login_title"));
        viewData("log_in_small", this.rb.getString("log_in_small"));
        viewData("login", this.rb.getString("login"));
        viewData("or_label", this.rb.getString("or_label"));
        viewData("logout", this.rb.getString("logout"));
        viewData("logged_in_as", this.rb.getString("logged_in_as"));
        viewData("label_username", this.rb.getString("label_username"));
        viewData("label_name", this.rb.getString("label_name"));
        viewData("label_email", this.rb.getString("label_email"));
        viewData("label_password", this.rb.getString("label_password"));
        viewData("label_password_repeat", this.rb.getString("label_password_repeat"));
        viewData("read_more", this.rb.getString("read_more"));
        viewData("label_forgot_password", this.rb.getString("forgot_password"));
        viewData("label_reset_password", this.rb.getString("reset_password"));
        viewData("label_reset_password_submit", this.rb.getString("reset_password_submit"));
        viewData("info_reset_password", this.rb.getString("reset_password_hint"));
        viewData("password_reset_ok_message", this.rb.getString("password_reset_success_1"));
        viewData("your_account_title", this.rb.getString("your_account_title"));
        viewData("your_account_heading", this.rb.getString("your_account_heading"));
        viewData("your_account_username_label", this.rb.getString("your_account_username_label"));
        viewData("your_account_email_label", this.rb.getString("your_account_email_label"));
        viewData("api_option_title", this.rb.getString("api_option_title"));
        viewData("api_option_descr", this.rb.getString("api_option_descr"));
        viewData("api_option_revoke", this.rb.getString("api_option_revoke"));
        viewData("api_workspace_member", Boolean.valueOf(isApiWorkspaceMember()));
        viewData("api_email_contact", this.systemEmailContact == null ? "" : this.systemEmailContact);
        viewData("api_contact_revoke", this.rb.getString("api_contact_revoke"));
        viewData("created_page_title", this.rb.getString("page_account_created_title"));
        viewData("created_page_body_1", this.rb.getString("page_account_created_body_1"));
        viewData("created_page_body_2", this.rb.getString("page_account_created_body_2"));
        viewData("created_page_body_3", this.rb.getString("page_account_created_body_3"));
        viewData("created_page_body_4", this.rb.getString("page_account_created_body_4"));
        viewData("requested_page_title", this.rb.getString("page_account_requested_title"));
        viewData("requested_page_1", this.rb.getString("page_account_requested_1"));
        viewData("requested_page_2", this.rb.getString("page_account_requested_2"));
        viewData("requested_page_3", this.rb.getString("page_account_requested_3"));
        String username = this.accesscontrol.getUsername();
        viewData("email_confirmation_active", Boolean.valueOf(SignUpConfigOptions.CONFIG_EMAIL_CONFIRMATION));
        viewData("skip_confirmation_mail_label", this.rb.getString("admin_skip_email_confirmation_mail"));
        viewData("can_create_new_account", Boolean.valueOf(hasAccountCreationPrivilege()));
        viewData("authenticated", Boolean.valueOf(username != null));
        viewData("username", username);
        viewData("template", str);
        viewData("hostUrl", SignUpConfigOptions.DMX_HOST_URL);
    }

    private void prepareAccountEditPage() {
        String username = this.accesscontrol.getUsername();
        if (username == null) {
            viewData("logged_in", false);
            viewData("username", "Not logged in");
            viewData("email", "Not logged in");
            viewData("link", "/sign-up/login");
            return;
        }
        Object obj = "None";
        try {
            obj = this.dmx.getPrivilegedAccess().getEmailAddress(username);
        } catch (Exception e) {
            log.warning("Username has no Email Address topic related via \"dmx.base.user_mailbox\"");
        }
        viewData("logged_in", true);
        viewData("username", username);
        viewData("display_name", getDisplayName(username));
        viewData("email", obj);
        viewData("link", "");
    }

    @Override // systems.dmx.signup.SignupService
    public void reinitTemplateEngine() {
        super.initTemplateEngine();
    }

    @Override // systems.dmx.signup.SignupService
    public void addTemplateResolverBundle(Bundle bundle) {
        super.addTemplateResourceBundle(bundle);
    }

    @Override // systems.dmx.signup.SignupService
    public void removeTemplateResolverBundle(Bundle bundle) {
        super.removeTemplateResourceBundle(bundle);
    }

    private void transactional(Runnable runnable) {
        DMXTransaction beginTx = this.dmx.beginTx();
        try {
            try {
                runnable.run();
                beginTx.success();
                beginTx.finish();
            } catch (Throwable th) {
                log.warning("A custom transaction failed: " + th.getLocalizedMessage());
                beginTx.failure();
                beginTx.finish();
            }
        } catch (Throwable th2) {
            beginTx.finish();
            throw th2;
        }
    }
}
