package pl.edu.icm.synat.logic.services.user.impl;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.Set;
import org.apache.commons.collections.CollectionUtils;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import pl.edu.icm.synat.api.services.profile.ProfilePart;
import pl.edu.icm.synat.api.services.profile.ProfileService;
import pl.edu.icm.synat.api.services.usercatalog.UserCatalog;
import pl.edu.icm.synat.api.services.usercatalog.credential.Credential;
import pl.edu.icm.synat.api.services.usercatalog.credential.LoginPasswordCredential;
import pl.edu.icm.synat.api.services.usercatalog.exception.TokenVerificationException;
import pl.edu.icm.synat.api.services.usercatalog.exception.UserNotFoundException;
import pl.edu.icm.synat.api.services.usercatalog.model.User;
import pl.edu.icm.synat.api.services.usercatalog.model.UserData;
import pl.edu.icm.synat.api.services.usercatalog.token.LoginPasswordToken;
import pl.edu.icm.synat.application.exception.GeneralBusinessException;
import pl.edu.icm.synat.logic.model.user.LoggedUserData;
import pl.edu.icm.synat.logic.model.user.UserProfile;
import pl.edu.icm.synat.logic.model.user.UserProfileTransformer;
import pl.edu.icm.synat.logic.services.user.UserAuthenticationService;
import pl.edu.icm.synat.logic.services.user.model.PortalUserDetails;

/* loaded from: input_file:pl/edu/icm/synat/logic/services/user/impl/PortalUserAuthenticationService.class */
public class PortalUserAuthenticationService implements UserAuthenticationService {
    protected String securityDomain;
    protected UserCatalog userCatalog;
    protected ProfileService profileService;
    protected String loginPrefix;
    private Set<String> anonymousRoles;

    public PortalUserDetails getUserData(String str) {
        String identification = getIdentification(str);
        UserData loadUser = this.userCatalog.loadUser(identification, this.securityDomain, new UserData.UserDataParts[]{UserData.UserDataParts.SENSITIVE_DATA});
        if (loadUser == null) {
            throw new UserNotFoundException(identification, this.securityDomain);
        }
        boolean z = !loadUser.getUser().getFlags().contains("DELETED");
        boolean z2 = true;
        String str2 = "";
        for (LoginPasswordCredential loginPasswordCredential : loadUser.getCredentials()) {
            boolean equals = loginPasswordCredential.getStatus().equals(Credential.STATUS.ACTIVE);
            boolean z3 = !loginPasswordCredential.getStatus().equals(Credential.STATUS.EXPIRED);
            z &= equals;
            z2 &= z3;
            if (equals && z3 && (loginPasswordCredential instanceof LoginPasswordCredential)) {
                str2 = loginPasswordCredential.getPassword();
            }
        }
        User user = loadUser.getUser();
        boolean z4 = !user.getFlags().contains("INACTIVE");
        ArrayList arrayList = new ArrayList();
        Iterator it = user.getRoles().iterator();
        while (it.hasNext()) {
            arrayList.add(new GrantedAuthorityImpl((String) it.next()));
        }
        PortalUserDetails portalUserDetails = new PortalUserDetails(str, str2, loadUser.getId(), z, true, z2, z4, arrayList);
        UserProfile userProfile = getUserProfile(str);
        portalUserDetails.setName((String) userProfile.getName().getValue());
        portalUserDetails.setSurname((String) userProfile.getSurname().getValue());
        return portalUserDetails;
    }

    public boolean authenticate(String str, String str2) {
        LoginPasswordToken loginPasswordToken = new LoginPasswordToken();
        loginPasswordToken.setLogin(getIdentification(str));
        loginPasswordToken.setPassword(str2);
        loginPasswordToken.setDomain(this.securityDomain);
        try {
            this.userCatalog.verifyToken(loginPasswordToken);
            return true;
        } catch (TokenVerificationException e) {
            return false;
        }
    }

    public void logoutUser() {
        SecurityContextHolder.clearContext();
    }

    public LoggedUserData getCurrentCredentials() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            return LoggedUserData.anonymous("");
        }
        String remoteAddress = authentication.getDetails() instanceof WebAuthenticationDetails ? ((WebAuthenticationDetails) authentication.getDetails()).getRemoteAddress() : "";
        if (authentication instanceof AnonymousAuthenticationToken) {
            return LoggedUserData.anonymous(remoteAddress);
        }
        Object principal = authentication.getPrincipal();
        if (!(principal instanceof UserDetails)) {
            throw new GeneralBusinessException("Invalid principal {}.", new Object[]{principal});
        }
        if (CollectionUtils.isNotEmpty(this.anonymousRoles)) {
            Iterator it = ((UserDetails) principal).getAuthorities().iterator();
            while (it.hasNext()) {
                if (this.anonymousRoles.contains(((GrantedAuthority) it.next()).getAuthority())) {
                    return LoggedUserData.anonymous(remoteAddress);
                }
            }
        }
        if (principal instanceof PortalUserDetails) {
            return LoggedUserData.logged(((UserDetails) principal).getUsername(), ((PortalUserDetails) principal).getUserId(), remoteAddress);
        }
        throw new GeneralBusinessException("Problem .", new Object[]{principal});
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getIdentification(String str) {
        return str.startsWith(this.loginPrefix) ? str : this.loginPrefix + str;
    }

    public UserProfile getUserProfile(String str) {
        return getUserProfile(getIdentification(str), false);
    }

    public UserProfile getUserProfileById(String str) {
        return getUserProfile(str, false);
    }

    private UserProfile getUserProfile(String str, boolean z) {
        UserCatalog userCatalog = this.userCatalog;
        String str2 = this.securityDomain;
        UserData.UserDataParts[] userDataPartsArr = new UserData.UserDataParts[1];
        userDataPartsArr[0] = z ? UserData.UserDataParts.SAFE_SENSITIVE_DATA : UserData.UserDataParts.ALL;
        UserData loadUser = userCatalog.loadUser(str, str2, userDataPartsArr);
        if (loadUser == null) {
            throw new UserNotFoundException(str, this.securityDomain);
        }
        ProfilePart profilePart = this.profileService.getProfilePart(loadUser.getId(), "profile");
        return profilePart != null ? UserProfileTransformer.deserializeUserProfile(new String(profilePart.getContent())) : UserProfileTransformer.transformUserToUserProfile(loadUser.getUser());
    }

    @Required
    public void setSecurityDomain(String str) {
        this.securityDomain = str;
    }

    @Required
    public void setUserCatalog(UserCatalog userCatalog) {
        this.userCatalog = userCatalog;
    }

    @Required
    public void setProfileService(ProfileService profileService) {
        this.profileService = profileService;
    }

    @Required
    public void setLoginPrefix(String str) {
        this.loginPrefix = str;
    }

    public void setAnonymousRoles(Set<String> set) {
        this.anonymousRoles = set;
    }
}
