package crmdna.member;

import com.microtripit.mandrillapp.lutung.model.MandrillApiError;
import crmdna.client.Client;
import crmdna.common.AssertUtils;
import crmdna.common.EmailConfig;
import crmdna.common.OfyService;
import crmdna.common.Utils;
import crmdna.common.api.APIException;
import crmdna.common.api.APIResponse;
import crmdna.common.api.RequestInfo;
import crmdna.encryption.Encryption;
import crmdna.group.Group;
import crmdna.mail2.Mail;
import crmdna.mail2.MailContent;
import crmdna.mail2.MailContentEntity;
import crmdna.mail2.MailMap;
import crmdna.mail2.MailSendInput;
import crmdna.member.Member;
import crmdna.user.User;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Random;

/* loaded from: input_file:WEB-INF/classes/crmdna/member/Account.class */
public class Account {
    public static final int MAX_PASSWORD_LENGTH = 50;
    public static final int MIN_PASSWORD_LENGTH = 3;

    /* loaded from: input_file:WEB-INF/classes/crmdna/member/Account$EmailVerificationResult.class */
    public enum EmailVerificationResult {
        SUCCESS,
        EMAIL_NOT_A_VALID_ACCOUNT,
        WRONG_VERIFICATION_CODE,
        ALREADY_VERIFIED
    }

    /* loaded from: input_file:WEB-INF/classes/crmdna/member/Account$LoginResult.class */
    public enum LoginResult {
        SUCCESS,
        EMAIL_DOES_NOT_EXIST,
        EMAIL_NOT_A_VALID_ACCOUNT,
        EMAIL_NOT_VERIFIED,
        WRONG_CREDENTIAL,
        ACCOUNT_DISABLED
    }

    public static MemberProp createAccount(String str, long j, long j2, String str2) throws NoSuchAlgorithmException, InvalidKeySpecException, MandrillApiError, IOException {
        Client.ensureValid(str);
        MemberEntity safeGet = MemberLoader.safeGet(str, j2, User.SUPER_USER);
        Utils.ensureValidEmail(safeGet.email);
        ensureValidPassword(str2);
        String lowerCase = safeGet.email.toLowerCase();
        if (!OfyService.ofy(str).load().type(MemberEntity.class).filter("email", safeGet.email).filter("hasAccount", true).keys().list().isEmpty()) {
            throw new APIException("There is already an account for email [" + lowerCase + "]").status(APIResponse.Status.ERROR_RESOURCE_ALREADY_EXISTS);
        }
        ensureVerificationEmailIsSetUp(str, j);
        byte[] generateRandomSalt = Encryption.generateRandomSalt();
        AssertUtils.ensure(generateRandomSalt != null, "salt is null");
        AssertUtils.ensure(generateRandomSalt.length > 0, "salt has length 0");
        safeGet.salt = generateRandomSalt;
        byte[] encryptedPassword = Encryption.getEncryptedPassword(str2, generateRandomSalt);
        AssertUtils.ensure(encryptedPassword != null, "encryptedPassword is null");
        AssertUtils.ensure(encryptedPassword.length > 0, "encryptedPassword has length 0");
        safeGet.encryptedPwd = encryptedPassword;
        safeGet.isEmailVerified = false;
        safeGet.verificationCode = new Random().nextInt(1000000);
        safeGet.hasAccount = true;
        safeGet.accountType = Member.AccountType.FEDERATED;
        OfyService.ofy(str).save().entity(safeGet).now();
        sendVerificationEmail(str, j, j2, User.SUPER_USER);
        return safeGet.toProp();
    }

    public static void sendVerificationEmail(String str, long j, long j2, String str2) throws MandrillApiError, IOException {
        Client.ensureValid(str);
        User.ensureValidUser(str, str2);
        MemberEntity safeGet = MemberLoader.safeGet(str, j2, User.SUPER_USER);
        MemberProp prop = safeGet.toProp();
        Utils.ensureValidEmail(prop.contact.email);
        if (safeGet.isEmailVerified) {
            throw new APIException("Email is already verified").status(APIResponse.Status.ERROR_PRECONDITION_FAILED);
        }
        AssertUtils.ensure(safeGet.verificationCode != 0, "Verification code not set in memberEntity [" + j2 + "]");
        String str3 = prop.contact.email;
        MailMap mailMap = new MailMap();
        mailMap.add(str3, prop.contact.firstName != null ? prop.contact.firstName : "Member", "N.A");
        mailMap.setMergeVar(str3, MailMap.MergeVarID.VERIFICATION_CODE, safeGet.verificationCode + "");
        long j3 = MailContent.getByName(str, MailContent.ReservedMailContentName.RESERVED_EMAIL_VERIFICATION.toString(), 0L).toProp().mailContentId;
        EmailConfig emailConfig = Group.getEmailConfig(str, j, str2);
        MailSendInput mailSendInput = new MailSendInput();
        mailSendInput.createMember = false;
        mailSendInput.groupId = Long.valueOf(j);
        mailSendInput.isTransactionEmail = true;
        mailSendInput.mailContentId = j3;
        mailSendInput.senderEmail = emailConfig.contactEmail;
        mailSendInput.suppressIfAlreadySent = false;
        Mail.send(str, mailSendInput, mailMap, str2);
    }

    public static void sendPasswordChangeNotificationEmail(String str, long j, long j2) throws MandrillApiError, IOException {
        Client.ensureValid(str);
        MemberEntity safeGet = MemberLoader.safeGet(str, j2, User.SUPER_USER);
        MemberProp prop = safeGet.toProp();
        Utils.ensureValidEmail(prop.contact.email);
        String str2 = prop.contact.email;
        MailMap mailMap = new MailMap();
        mailMap.add(str2, safeGet.firstName != null ? safeGet.firstName : "Member", "N.A");
        MailContentEntity byName = MailContent.getByName(str, MailContent.ReservedMailContentName.RESERVED_PASSWORD_CHANGE.toString(), 0L);
        if (byName == null) {
            throw new APIException("There is no mail content for name [" + MailContent.ReservedMailContentName.RESERVED_PASSWORD_CHANGE + "] for client [" + str + "] for group id [0]").status(APIResponse.Status.ERROR_INVALID_SETUP);
        }
        AssertUtils.ensureNotNull(byName.toProp().body, "Body for verification email is null");
        EmailConfig emailConfig = Group.getEmailConfig(str, j, User.SUPER_USER);
        MailSendInput mailSendInput = new MailSendInput();
        mailSendInput.createMember = false;
        mailSendInput.groupId = Long.valueOf(j);
        mailSendInput.isTransactionEmail = true;
        mailSendInput.mailContentId = byName.toProp().mailContentId;
        mailSendInput.senderEmail = emailConfig.contactEmail;
        mailSendInput.suppressIfAlreadySent = false;
        Mail.send(str, mailSendInput, mailMap, User.SUPER_USER);
    }

    public static void sendPasswordResetEmail(String str, long j, long j2, String str2) throws MandrillApiError, IOException {
        Client.ensureValid(str);
        MemberEntity safeGet = MemberLoader.safeGet(str, j2, User.SUPER_USER);
        MemberProp prop = safeGet.toProp();
        Utils.ensureValidEmail(prop.contact.email);
        String str3 = prop.contact.email;
        MailMap mailMap = new MailMap();
        mailMap.add(str3, safeGet.firstName != null ? safeGet.firstName : "Member", "N.A");
        mailMap.setMergeVar(str3, MailMap.MergeVarID.PASSWORD, str2);
        MailContentEntity byName = MailContent.getByName(str, MailContent.ReservedMailContentName.RESERVED_PASSWORD_RESET.toString(), 0L);
        if (byName == null) {
            throw new APIException("There is no mail content for name [" + MailContent.ReservedMailContentName.RESERVED_PASSWORD_RESET + "] for client [" + str + "], group id [0]").status(APIResponse.Status.ERROR_INVALID_SETUP);
        }
        EmailConfig emailConfig = Group.getEmailConfig(str, j, User.SUPER_USER);
        MailSendInput mailSendInput = new MailSendInput();
        mailSendInput.createMember = false;
        mailSendInput.groupId = Long.valueOf(j);
        mailSendInput.isTransactionEmail = true;
        mailSendInput.mailContentId = byName.toProp().mailContentId;
        mailSendInput.senderEmail = emailConfig.contactEmail;
        mailSendInput.suppressIfAlreadySent = false;
        Mail.send(str, mailSendInput, mailMap, User.SUPER_USER);
    }

    private static void ensureVerificationEmailIsSetUp(String str, long j) {
        MailContentEntity byName = MailContent.getByName(str, MailContent.ReservedMailContentName.RESERVED_EMAIL_VERIFICATION.toString(), 0L);
        if (byName == null) {
            String str2 = "There is no mail content for name [" + MailContent.ReservedMailContentName.RESERVED_EMAIL_VERIFICATION + "] for client [" + str + "]";
            Utils.sendAlertEmailToDevTeam(new RuntimeException(str2), new RequestInfo().client(str));
            throw new APIException(str2).status(APIResponse.Status.ERROR_RESOURCE_NOT_FOUND);
        }
        AssertUtils.ensureNotNull(byName.toProp().body, "Body for verification email is null");
        EmailConfig emailConfig = Group.getEmailConfig(str, j, User.SUPER_USER);
        AssertUtils.ensureNotNull(emailConfig.contactEmail, "contactEmail is null for group [" + j + "]");
        AssertUtils.ensureNotNull(emailConfig.contactName, "contactName is null for group [" + j + "]");
        Utils.ensureValidEmail(emailConfig.contactEmail);
    }

    private static void ensureValidPassword(String str) {
        AssertUtils.ensureNotNull(str, "Password is null");
        AssertUtils.ensure(!str.isEmpty(), "Password is empty");
        AssertUtils.ensure(str.length() > 3, "Password should be greater than [3] characters");
        AssertUtils.ensure(str.length() < 50, "Password should be lesser than [50] characters");
    }

    public static MemberProp changePassword(String str, long j, long j2, String str2, String str3) throws NoSuchAlgorithmException, InvalidKeySpecException, MandrillApiError, IOException {
        Client.ensureValid(str);
        MemberEntity safeGet = MemberLoader.safeGet(str, j2, User.SUPER_USER);
        if (!safeGet.hasAccount) {
            throw new APIException("There is no account for member [" + j2 + "]").status(APIResponse.Status.ERROR_OPERATION_NOT_ALLOWED);
        }
        if (safeGet.accountDisabled) {
            throw new APIException("Account is disabled for member [" + j2 + "]").status(APIResponse.Status.ERROR_OPERATION_NOT_ALLOWED);
        }
        LoginResult loginResult = getLoginResult(str, safeGet.email, str2);
        if (loginResult != LoginResult.SUCCESS) {
            throw new APIException("Unable to change password - " + loginResult).status(APIResponse.Status.ERROR_AUTH_FAILURE);
        }
        AssertUtils.ensure(!str2.equals(str3), "Password cannot be the same");
        ensureValidPassword(str3);
        AssertUtils.ensureNotNull(safeGet.salt, "salt is null");
        safeGet.encryptedPwd = Encryption.getEncryptedPassword(str3, safeGet.salt);
        OfyService.ofy(str).save().entity(safeGet).now();
        sendPasswordChangeNotificationEmail(str, j, j2);
        return safeGet.toProp();
    }

    public static String resetPassword(String str, long j, long j2) throws NoSuchAlgorithmException, InvalidKeySpecException, MandrillApiError, IOException {
        Client.ensureValid(str);
        MemberEntity safeGet = MemberLoader.safeGet(str, j2, User.SUPER_USER);
        if (!safeGet.hasAccount) {
            throw new APIException("There is no account for member [" + j2 + "]").status(APIResponse.Status.ERROR_OPERATION_NOT_ALLOWED);
        }
        if (safeGet.accountDisabled) {
            throw new APIException("Account is disabled for member [" + j2 + "]").status(APIResponse.Status.ERROR_OPERATION_NOT_ALLOWED);
        }
        String randomAlphaNumericString = Utils.getRandomAlphaNumericString(6);
        safeGet.encryptedPwd = Encryption.getEncryptedPassword(randomAlphaNumericString, safeGet.salt);
        OfyService.ofy(str).save().entity(safeGet).now();
        sendPasswordResetEmail(str, j, j2, randomAlphaNumericString);
        return randomAlphaNumericString;
    }

    public static LoginResult getLoginResult(String str, String str2, String str3) throws NoSuchAlgorithmException, InvalidKeySpecException {
        Client.ensureValid(str);
        Utils.ensureValidEmail(str2);
        String lowerCase = str2.toLowerCase();
        MemberQueryCondition memberQueryCondition = new MemberQueryCondition(str, 100);
        memberQueryCondition.email = lowerCase;
        if (MemberLoader.getCount(memberQueryCondition, User.SUPER_USER) == 0) {
            return LoginResult.EMAIL_DOES_NOT_EXIST;
        }
        memberQueryCondition.hasAccount = true;
        List<MemberEntity> queryEntities = MemberLoader.queryEntities(memberQueryCondition, User.SUPER_USER);
        if (queryEntities.isEmpty()) {
            return LoginResult.EMAIL_NOT_A_VALID_ACCOUNT;
        }
        if (queryEntities.size() > 1) {
            String str4 = "Email [" + lowerCase + "] has [" + queryEntities.size() + "] accounts for client [" + str + "]";
            Utils.sendAlertEmailToDevTeam(new RuntimeException(str4), new RequestInfo().client(str));
            throw new APIException(str4).status(APIResponse.Status.ERROR_INTERNAL);
        }
        MemberEntity memberEntity = queryEntities.get(0);
        if (memberEntity.accountDisabled) {
            return LoginResult.ACCOUNT_DISABLED;
        }
        if (!memberEntity.isEmailVerified) {
            return LoginResult.EMAIL_NOT_VERIFIED;
        }
        AssertUtils.ensureNotNullNotEmpty(str3, "Supplied password is null or empty");
        AssertUtils.ensureNotNull(memberEntity.encryptedPwd, "No password stored in Member Entity");
        AssertUtils.ensureNotNull(memberEntity.salt, "No salt stored in Member Entity");
        boolean authenticate = Encryption.authenticate(str3, memberEntity.encryptedPwd, memberEntity.salt);
        LoginResult loginResult = LoginResult.WRONG_CREDENTIAL;
        if (authenticate) {
            loginResult = LoginResult.SUCCESS;
        }
        return loginResult;
    }

    public static EmailVerificationResult verifyEmail(String str, long j, long j2) {
        MemberEntity safeGet = MemberLoader.safeGet(str, j, User.SUPER_USER);
        if (!safeGet.hasAccount) {
            return EmailVerificationResult.EMAIL_NOT_A_VALID_ACCOUNT;
        }
        if (safeGet.isEmailVerified) {
            return EmailVerificationResult.ALREADY_VERIFIED;
        }
        if (safeGet.verificationCode != j2) {
            return EmailVerificationResult.WRONG_VERIFICATION_CODE;
        }
        safeGet.isEmailVerified = true;
        safeGet.accountCreatedMS = System.currentTimeMillis();
        OfyService.ofy(str).save().entity(safeGet).now();
        return EmailVerificationResult.SUCCESS;
    }

    public static MemberProp setEmailAsVerified(String str, long j, String str2) {
        Client.ensureValid(str);
        User.ensureClientLevelPrivilege(str, str2, User.ClientLevelPrivilege.VERIFY_EMAIL);
        MemberEntity safeGet = MemberLoader.safeGet(str, j, str2);
        safeGet.isEmailVerified = true;
        OfyService.ofy(str).save().entity(safeGet).now();
        return safeGet.toProp();
    }

    public static MemberProp setEmailAsUnverified(String str, long j, String str2) {
        Client.ensureValid(str);
        User.ensureClientLevelPrivilege(str, str2, User.ClientLevelPrivilege.VERIFY_EMAIL);
        MemberEntity safeGet = MemberLoader.safeGet(str, j, str2);
        safeGet.isEmailVerified = false;
        OfyService.ofy(str).save().entity(safeGet).now();
        return safeGet.toProp();
    }

    public static MemberProp disableOrEnableAccount(String str, long j, boolean z, String str2) {
        Client.ensureValid(str);
        User.ensureClientLevelPrivilege(str, str2, User.ClientLevelPrivilege.ENABLE_DISABLE_ACCOUNT);
        MemberEntity safeGet = MemberLoader.safeGet(str, j, str2);
        if (!safeGet.hasAccount) {
            throw new APIException("There is no account for member [" + j + "]").status(APIResponse.Status.ERROR_OPERATION_NOT_ALLOWED);
        }
        safeGet.accountDisabled = z;
        OfyService.ofy(str).save().entity(safeGet).now();
        return safeGet.toProp();
    }

    public static List<MemberProp> getMembersWithAccounts(String str) {
        List<T> list = OfyService.ofy(str).load().type(MemberEntity.class).filter("hasAccount", true).filter("isEmailVerified", true).list();
        ArrayList arrayList = new ArrayList();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(((MemberEntity) it.next()).toProp());
        }
        return arrayList;
    }

    public static MemberProp getMemberWithAccount(String str, String str2) {
        Utils.ensureValidEmail(str2);
        List<T> list = OfyService.ofy(str).load().type(MemberEntity.class).filter("hasAccount", true).filter("email", str2).list();
        AssertUtils.ensure(list.size() == 1, "There are [" + list.size() + "] members with email [" + str2 + "]");
        return ((MemberEntity) list.get(0)).toProp();
    }
}
