package org.opendaylight.aaa.cli.dmstore;

import org.apache.karaf.shell.api.action.Action;
import org.apache.karaf.shell.api.action.Command;
import org.apache.karaf.shell.api.action.Option;
import org.apache.karaf.shell.api.action.lifecycle.Reference;
import org.apache.karaf.shell.api.action.lifecycle.Service;
import org.opendaylight.aaa.api.IIDMStore;
import org.opendaylight.aaa.api.model.User;
import org.opendaylight.aaa.api.password.service.PasswordHashService;

@Service
@Command(name = "change-user-pwd", scope = "aaa", description = "Change the user password.")
/* loaded from: input_file:org/opendaylight/aaa/cli/dmstore/ChangeUserPassword.class */
public class ChangeUserPassword implements Action {
    public static final String CHANGE_PASSWORD_FAIL = "Wrong username or current password";

    @Reference
    private IIDMStore identityStore;

    @Option(name = "-user", aliases = {"--userName"}, description = "The user name", required = true, multiValued = false)
    private String userName;

    @Option(name = "-pass", description = "User's Current Password", required = true, censor = true, multiValued = false)
    private String currentPwd;

    @Option(name = "-newPass", description = "New Password", required = true, censor = true, multiValued = false)
    private String newPwd;

    @Reference
    private PasswordHashService passwordService;

    public Object execute() throws Exception {
        if (this.identityStore == null) {
            return "Failed to access the users data store";
        }
        for (User user : this.identityStore.getUsers().getUsers()) {
            if (user.getName().equals(this.userName) && this.passwordService.passwordsMatch(this.currentPwd, user.getPassword(), user.getSalt())) {
                user.setPassword(this.newPwd);
                this.identityStore.updateUser(user);
                return this.userName + "'s password has been changed";
            }
        }
        return CHANGE_PASSWORD_FAIL;
    }
}
