package eu.eudml.ui.security.spring;

import eu.eudml.service.usercatalog.EudmlUserCatalog;
import eu.eudml.ui.security.EudmlSessionManager;
import eu.eudml.ui.security.UserAttributes;
import eu.eudml.ui.security.impl.EudmlDefaultUser;
import eu.eudml.ui.security.spring.authentication.token.EudmlAuthentication;
import eu.eudml.ui.security.spring.authentication.token.RandomPasswordGenerator;
import eu.eudml.ui.security.spring.authentication.token.WebAuthentication;
import eu.eudml.ui.security.spring.helper.TimeStringConverter;
import eu.eudml.ui.security.spring.helper.UserDataWrapper;
import eu.eudml.ui.security.spring.service.accessors.SecurityAccessor;
import eu.eudml.ui.security.spring.transformers.Transformer;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import pl.edu.icm.yadda.service2.user.exception.CredentialNotFoundException;
import pl.edu.icm.yadda.service2.user.exception.TokenVerificationException;
import pl.edu.icm.yadda.service2.user.exception.UserNotFoundException;
import pl.edu.icm.yadda.service2.user.model.UserData;
import pl.edu.icm.yadda.service2.user.token.LoginPasswordToken;
import pl.edu.icm.yadda.service2.user.token.OpenIdToken;

/* loaded from: input_file:WEB-INF/classes/eu/eudml/ui/security/spring/UserSecurityService.class */
public class UserSecurityService {
    protected Logger logger = LoggerFactory.getLogger(UserSecurityService.class);
    private EudmlUserCatalog eudmlUserCatalog;
    private TimeStringConverter timeStringConverter;
    private AuthenticationManager reauthenticationManager;
    private LogoutHandler logoutHandler;
    private SecurityAccessor securityAccessor;
    private Transformer<UserDataWrapper, EudmlDefaultUser> userDataWrapperToEudmlDefaultUsertransformer;
    private EudmlSessionManager sessionManager;
    private RandomPasswordGenerator randomPasswordGenerator;

    public UserDataWrapper verifyToken(LoginPasswordToken loginPasswordToken) throws TokenVerificationException {
        UserDataWrapper userDataWrapper = new UserDataWrapper(this.eudmlUserCatalog.loadUser(this.eudmlUserCatalog.verifyToken(loginPasswordToken), Domain.EUDML.DOMAIN, UserData.UserDataParts.EFFECTIVE_ROLES, UserData.UserDataParts.SAFE_SENSITIVE_DATA));
        if (!userDataWrapper.accountNotExists() && !userDataWrapper.notMatchesAttr("email", loginPasswordToken.getLogin())) {
            return userDataWrapper;
        }
        this.logger.debug("login is different than userEmail, login: {}", loginPasswordToken.getLogin());
        throw new TokenVerificationException(TokenVerificationException.REASONS.TOKEN_INVALID);
    }

    public String verifyToken(OpenIdToken openIdToken) {
        try {
            return this.eudmlUserCatalog.verifyToken(openIdToken);
        } catch (TokenVerificationException e) {
            return null;
        }
    }

    public void updateRememberMeToken(UserDataWrapper userDataWrapper) throws UserNotFoundException {
        userDataWrapper.addAttr(UserAttributes.ATTRIBUTE_REMEMBER_ME_TOKEN, this.randomPasswordGenerator.generateRandomPassword());
        this.eudmlUserCatalog.updateUser(userDataWrapper.getUser());
    }

    public void reauthenticate() {
        Authentication currentAuthentication = this.securityAccessor.getCurrentAuthentication();
        if (currentAuthentication instanceof WebAuthentication) {
            reauthenticate(currentAuthentication);
        }
    }

    public void reauthenticateUsingCredential(Object obj) {
        EudmlAuthentication currentEudmlAuthentication = this.securityAccessor.getCurrentEudmlAuthentication();
        currentEudmlAuthentication.setCredential(obj.toString());
        reauthenticate(currentEudmlAuthentication);
    }

    private void reauthenticate(Authentication authentication) {
        Authentication authenticate = this.reauthenticationManager.authenticate(authentication);
        SecurityContextHolder.getContext().setAuthentication(authenticate);
        saveLoginTimeAndInsertUserDataToSessionManager(authenticate.getName());
    }

    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        this.logoutHandler.logout(httpServletRequest, httpServletResponse, this.securityAccessor.getCurrentAuthentication());
    }

    public void saveLoginTimeAndInsertUserDataToSessionManager(String str) {
        UserDataWrapper userDataWrapper = new UserDataWrapper(this.eudmlUserCatalog.loadUser(str, Domain.EUDML.DOMAIN, UserData.UserDataParts.EFFECTIVE_ROLES));
        if (userDataWrapper.accountNotExists()) {
            return;
        }
        saveLoginTime(userDataWrapper);
        insertUserDataToSessionManager(userDataWrapper);
    }

    private void saveLoginTime(UserDataWrapper userDataWrapper) {
        userDataWrapper.addAttr(UserAttributes.ATTRIBUTE_LOGIN_TIME, this.timeStringConverter.getCurrentTimeAsString());
        try {
            this.eudmlUserCatalog.updateUser(userDataWrapper.getUser());
        } catch (UserNotFoundException e) {
            this.logger.debug("failered add login time for: {}", userDataWrapper.getUserId());
        }
    }

    private void insertUserDataToSessionManager(UserDataWrapper userDataWrapper) {
        try {
            this.sessionManager.init(this.userDataWrapperToEudmlDefaultUsertransformer.transform(userDataWrapper));
        } catch (Exception e) {
            this.logger.debug("failed inserting userData to sessionManager", (Throwable) e);
        }
    }

    public boolean loginUsingOpenId() {
        Authentication currentAuthentication = this.securityAccessor.getCurrentAuthentication();
        if (currentAuthentication instanceof EudmlAuthentication) {
            return ((EudmlAuthentication) currentAuthentication).isLoginUsingOpenId();
        }
        return true;
    }

    public boolean haveLoginPasswordCredential() {
        WebUser currentWebUser = this.securityAccessor.getCurrentWebUser();
        if (currentWebUser == null) {
            return false;
        }
        return currentWebUser.getHaveLoginPasswordCredential();
    }

    public boolean userCurrentlyLogIn() {
        return this.securityAccessor.getCurrentEudmlAuthentication() != null;
    }

    public void deleteCredentials(List<String> list) {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            try {
                this.eudmlUserCatalog.deleteCredential(it.next());
            } catch (CredentialNotFoundException e) {
                this.logger.debug("exception deleting credential", (Throwable) e);
            }
        }
    }

    @Required
    public void setEudmlUserCatalog(EudmlUserCatalog eudmlUserCatalog) {
        this.eudmlUserCatalog = eudmlUserCatalog;
    }

    @Required
    public void setReauthenticationManager(AuthenticationManager authenticationManager) {
        this.reauthenticationManager = authenticationManager;
    }

    @Required
    public void setSecurityAccessor(SecurityAccessor securityAccessor) {
        this.securityAccessor = securityAccessor;
    }

    @Required
    public void setTimeStringConverter(TimeStringConverter timeStringConverter) {
        this.timeStringConverter = timeStringConverter;
    }

    @Required
    public void setLogoutHandler(LogoutHandler logoutHandler) {
        this.logoutHandler = logoutHandler;
    }

    @Required
    public void setUserDataWrapperToEudmlDefaultUsertransformer(Transformer<UserDataWrapper, EudmlDefaultUser> transformer) {
        this.userDataWrapperToEudmlDefaultUsertransformer = transformer;
    }

    @Required
    public void setSessionManager(EudmlSessionManager eudmlSessionManager) {
        this.sessionManager = eudmlSessionManager;
    }

    @Required
    public void setRandomPasswordGenerator(RandomPasswordGenerator randomPasswordGenerator) {
        this.randomPasswordGenerator = randomPasswordGenerator;
    }
}
