package eu.eudml.ui.security.spring.service;

import com.google.common.collect.Iterables;
import eu.eudml.service.usercatalog.EudmlUserCatalog;
import eu.eudml.ui.security.UserAttributes;
import eu.eudml.ui.security.spring.Domain;
import eu.eudml.ui.security.spring.authentication.token.MailTokenGenerator;
import eu.eudml.ui.security.spring.helper.UserDataWrapper;
import java.util.Locale;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;
import pl.edu.icm.yadda.service2.user.credential.Credential;
import pl.edu.icm.yadda.service2.user.credential.OpenIdCredential;
import pl.edu.icm.yadda.service2.user.exception.UserNotFoundException;
import pl.edu.icm.yadda.service2.user.model.UserData;

/* loaded from: input_file:WEB-INF/classes/eu/eudml/ui/security/spring/service/BindAccountService.class */
public class BindAccountService {
    public static final String CONFIRM_EXTERNAL_IDENTITY_BINDING = "/confirmExternalIdentityBinding";
    Logger logger = LoggerFactory.getLogger(BindAccountService.class);
    private EudmlUserCatalog eudmlUserCatalog;
    private NotificationUIService notificationUIService;
    private MailTokenGenerator mailTokenGenerator;
    private MailConfirmationService mailConfirmationService;

    /* loaded from: input_file:WEB-INF/classes/eu/eudml/ui/security/spring/service/BindAccountService$MessageConstant.class */
    private static class MessageConstant {
        public static final String MESSAGE_ACCOUNT_NOT_EXISTS = "msg.account.not.exists";
        public static final String MESSAGE_FAILED_BIND_ACCOUNT = "msg.failed.bind.account";

        private MessageConstant() {
        }
    }

    public boolean bindToLocal(String str, String str2, Locale locale) {
        UserDataWrapper userDataWrapper = new UserDataWrapper(this.eudmlUserCatalog.loadUser(str, Domain.EUDML.DOMAIN, UserData.UserDataParts.EFFECTIVE_ROLES, UserData.UserDataParts.SAFE_SENSITIVE_DATA));
        if (userDataWrapper.accountNotExists()) {
            this.logger.debug("account not exists for email: {}", str);
            this.notificationUIService.notifyUIaboutError(MessageConstant.MESSAGE_ACCOUNT_NOT_EXISTS, new Object[0]);
            return false;
        }
        String generateTokenWithSuffix = this.mailTokenGenerator.generateTokenWithSuffix(str2, str, new String[0]);
        userDataWrapper.addAttr(UserAttributes.ATTRIBUTE_COM_EXTERNAL_IDENTIFIER_URL, str2);
        userDataWrapper.addAttr(UserAttributes.ATTRIBUTE_COM_BIND_TO_LOCAL_TOKEN, generateTokenWithSuffix);
        try {
            this.eudmlUserCatalog.updateUser(userDataWrapper.getUser());
            this.mailConfirmationService.notifyAboutExternalIdentityBinding(userDataWrapper.getAttr("firstName"), userDataWrapper.getAttr("lastName"), locale, str, generateTokenWithSuffix, str2, CONFIRM_EXTERNAL_IDENTITY_BINDING);
            return true;
        } catch (UserNotFoundException e) {
            this.logger.debug("failed update user ", (Throwable) e);
            this.notificationUIService.notifyUIaboutError(MessageConstant.MESSAGE_ACCOUNT_NOT_EXISTS, new Object[0]);
            return false;
        }
    }

    public boolean activateExternalIdentityBinding(String str) {
        String[] strArr = (String[]) Iterables.toArray(MailTokenGenerator.SPLITTER.split(str), String.class);
        if (strArr.length != 2) {
            this.logger.debug("invalid token: {}", str);
            this.notificationUIService.notifyUIaboutError(MessageConstant.MESSAGE_FAILED_BIND_ACCOUNT, new Object[0]);
            return false;
        }
        UserDataWrapper userDataWrapper = new UserDataWrapper(this.eudmlUserCatalog.loadUser(strArr[1], Domain.EUDML.DOMAIN, UserData.UserDataParts.EFFECTIVE_ROLES));
        if (userDataWrapper.accountNotExists()) {
            this.logger.debug("account not exists, token : {}", str);
            this.notificationUIService.notifyUIaboutError(MessageConstant.MESSAGE_FAILED_BIND_ACCOUNT, new Object[0]);
            return false;
        }
        if (userDataWrapper.notMatchesAttr(UserAttributes.ATTRIBUTE_COM_BIND_TO_LOCAL_TOKEN, str)) {
            this.logger.debug("failed bind account wrong token : {}", str);
            this.notificationUIService.notifyUIaboutError(MessageConstant.MESSAGE_FAILED_BIND_ACCOUNT, new Object[0]);
            return false;
        }
        OpenIdCredential createOpenIdCredential = createOpenIdCredential(userDataWrapper.getUserId(), userDataWrapper.getAttr(UserAttributes.ATTRIBUTE_COM_EXTERNAL_IDENTIFIER_URL));
        userDataWrapper.removeAttr(UserAttributes.ATTRIBUTE_COM_EXTERNAL_IDENTIFIER_URL);
        userDataWrapper.removeAttr(UserAttributes.ATTRIBUTE_COM_BIND_TO_LOCAL_TOKEN);
        try {
            this.eudmlUserCatalog.updateUser(userDataWrapper.getUser());
            this.eudmlUserCatalog.addCredential(createOpenIdCredential);
            return true;
        } catch (Exception e) {
            this.logger.debug("failed bind account ", (Throwable) e);
            this.notificationUIService.notifyUIaboutError(MessageConstant.MESSAGE_FAILED_BIND_ACCOUNT, new Object[0]);
            return false;
        }
    }

    private OpenIdCredential createOpenIdCredential(String str, String str2) {
        OpenIdCredential openIdCredential = new OpenIdCredential();
        openIdCredential.setOpenIdIdentifier(str2);
        openIdCredential.setUserId(str);
        openIdCredential.setExpireDate(0L);
        openIdCredential.setStatus(Credential.STATUS.ACTIVE);
        return openIdCredential;
    }

    public void bindToLocalUserIdentity(String str, String str2) {
        UserDataWrapper userDataWrapper = new UserDataWrapper(this.eudmlUserCatalog.loadUser(str2, Domain.EUDML.DOMAIN, UserData.UserDataParts.EFFECTIVE_ROLES));
        if (userDataWrapper.accountExists() && userDataWrapper.haveCredentialWithId(str2)) {
            this.logger.debug("identity already bind into some local account, identity: {}", str2);
            return;
        }
        UserDataWrapper userDataWrapper2 = new UserDataWrapper(this.eudmlUserCatalog.loadUser(str, Domain.EUDML.DOMAIN, UserData.UserDataParts.EFFECTIVE_ROLES));
        OpenIdCredential createOpenIdCredential = createOpenIdCredential(userDataWrapper2.getUserId(), str2);
        userDataWrapper2.addIdentifier(str2);
        try {
            this.eudmlUserCatalog.addCredential(createOpenIdCredential);
            this.eudmlUserCatalog.updateUser(userDataWrapper2.getUser());
            this.logger.debug("identity : {}, successfully bind into account, account email : {}", str2, str);
        } catch (Exception e) {
            this.logger.debug("shouldn't happend ", (Throwable) e);
        }
    }

    @Required
    public void setEudmlUserCatalog(EudmlUserCatalog eudmlUserCatalog) {
        this.eudmlUserCatalog = eudmlUserCatalog;
    }

    @Required
    public void setNotificationUIService(NotificationUIService notificationUIService) {
        this.notificationUIService = notificationUIService;
    }

    @Required
    public void setMailTokenGenerator(MailTokenGenerator mailTokenGenerator) {
        this.mailTokenGenerator = mailTokenGenerator;
    }

    @Required
    public void setMailConfirmationService(MailConfirmationService mailConfirmationService) {
        this.mailConfirmationService = mailConfirmationService;
    }
}
