package pl.edu.icm.yadda.service2.user.hibernate.token;

import org.apache.commons.lang.StringUtils;
import pl.edu.icm.yadda.service2.user.exception.TokenVerificationException;
import pl.edu.icm.yadda.service2.user.hibernate.dao.HibernateCredentialDao;
import pl.edu.icm.yadda.service2.user.hibernate.model.HibernateCredential;
import pl.edu.icm.yadda.service2.user.hibernate.model.HibernateOpenIdCredential;
import pl.edu.icm.yadda.service2.user.hibernate.model.HibernateUser;
import pl.edu.icm.yadda.service2.user.token.OpenIdToken;
import pl.edu.icm.yadda.service2.user.token.SecurityToken;
import pl.edu.icm.yadda.service2.user.token.TokenVerificationAdapter;

/* loaded from: input_file:WEB-INF/lib/yadda-user-1.11.3.jar:pl/edu/icm/yadda/service2/user/hibernate/token/HibernateOpenIdTokenVerificationAdapter.class */
public class HibernateOpenIdTokenVerificationAdapter implements TokenVerificationAdapter {
    private HibernateCredentialDao credentialDao;

    @Override // pl.edu.icm.yadda.service2.user.token.TokenVerificationAdapter
    public boolean isApplicable(SecurityToken securityToken) {
        return securityToken instanceof OpenIdToken;
    }

    @Override // pl.edu.icm.yadda.service2.user.token.TokenVerificationAdapter
    public String verifyToken(SecurityToken securityToken) throws TokenVerificationException {
        if (!(securityToken instanceof OpenIdToken)) {
            throw new TokenVerificationException(TokenVerificationException.REASONS.TOKEN_INVALID);
        }
        OpenIdToken openIdToken = (OpenIdToken) securityToken;
        if (StringUtils.isBlank(openIdToken.getOpenIdIdentifier())) {
            throw new TokenVerificationException(TokenVerificationException.REASONS.TOKEN_INVALID);
        }
        HibernateOpenIdCredential hibernateOpenIdCredential = new HibernateOpenIdCredential();
        hibernateOpenIdCredential.setOpenIdIdentifier(openIdToken.getOpenIdIdentifier());
        HibernateCredential loadOneByExample = this.credentialDao.loadOneByExample(hibernateOpenIdCredential);
        if (loadOneByExample == null) {
            throw new TokenVerificationException(TokenVerificationException.REASONS.NOT_FOUND);
        }
        HibernateUser user = loadOneByExample.getUser();
        if (user == null || !user.getDomain().equals(openIdToken.getDomain())) {
            throw new TokenVerificationException(TokenVerificationException.REASONS.TOKEN_INVALID);
        }
        return user.getId();
    }

    public void setCredentialDao(HibernateCredentialDao hibernateCredentialDao) {
        this.credentialDao = hibernateCredentialDao;
    }
}
