package org.nuxeo.ecm.restapi.server.jaxrs.usermanager;

import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Request;
import javax.ws.rs.core.Response;
import org.json.JSONException;
import org.json.JSONObject;
import org.nuxeo.ecm.core.api.NuxeoPrincipal;
import org.nuxeo.ecm.platform.usermanager.UserManager;
import org.nuxeo.ecm.webengine.model.WebObject;
import org.nuxeo.ecm.webengine.model.impl.DefaultObject;
import org.nuxeo.runtime.api.Framework;

@Produces({"application/json"})
@WebObject(type = "me")
/* loaded from: input_file:org/nuxeo/ecm/restapi/server/jaxrs/usermanager/MeObject.class */
public class MeObject extends DefaultObject {
    @GET
    public NuxeoPrincipal doGet(@Context Request request) {
        return getContext().getCoreSession().getPrincipal();
    }

    @Path("changepassword")
    @PUT
    public Object changePassword(String str) throws JSONException {
        NuxeoPrincipal principal = getContext().getCoreSession().getPrincipal();
        JSONObject jSONObject = new JSONObject(str);
        String string = jSONObject.getString("oldPassword");
        String string2 = jSONObject.getString("newPassword");
        UserManager userManager = (UserManager) Framework.getService(UserManager.class);
        if (!userManager.checkUsernamePassword(principal.getName(), string)) {
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
        principal.setPassword(string2);
        Framework.doPrivileged(() -> {
            userManager.updateUser(principal.getModel());
        });
        return principal;
    }
}
