package com.kyleu.projectile.controllers.graphql;

import com.kyleu.projectile.controllers.AuthController;
import com.kyleu.projectile.graphql.GraphQLService;
import com.kyleu.projectile.models.Application;
import com.kyleu.projectile.models.auth.UserCredentials;
import com.kyleu.projectile.models.auth.UserCredentials$;
import com.kyleu.projectile.models.user.Role;
import com.kyleu.projectile.models.user.Role$Admin$;
import com.kyleu.projectile.models.user.SystemUser;
import com.kyleu.projectile.util.EncryptionUtils$;
import com.kyleu.projectile.util.tracing.TraceData;
import com.kyleu.projectile.views.html.graphql.graphiql$;
import com.kyleu.projectile.web.util.ControllerUtils$;
import io.circe.Decoder$;
import io.circe.Json;
import io.circe.Json$;
import javax.inject.Inject;
import javax.inject.Singleton;
import play.api.http.ContentTypeOf$;
import play.api.http.Writeable$;
import play.api.mvc.Action;
import play.api.mvc.AnyContent;
import play.api.mvc.Codec$;
import play.api.mvc.Result;
import sangria.parser.SyntaxError;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Some;
import scala.Tuple2;
import scala.collection.immutable.Map;
import scala.concurrent.ExecutionContext$Implicits$;
import scala.concurrent.Future;
import scala.concurrent.Future$;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxesRunTime;

/* compiled from: GraphQLController.scala */
@Singleton
@ScalaSignature(bytes = "\u0006\u0001\u0005Mb\u0001B\u0005\u000b\u0001UA\u0001B\u0007\u0001\u0003\u0006\u0004%\te\u0007\u0005\tE\u0001\u0011\t\u0011)A\u00059!A1\u0005\u0001B\u0001B\u0003%A\u0005C\u0003*\u0001\u0011\u0005!\u0006\u0003\u00049\u0001\u0001\u0006I!\u000f\u0005\u0006\u0017\u0001!\t!\u0011\u0005\u0006G\u0002!\t\u0001\u001a\u0005\u0007K\u0002\u0001K\u0011\u00024\u0003#\u001d\u0013\u0018\r\u001d5R\u0019\u000e{g\u000e\u001e:pY2,'O\u0003\u0002\f\u0019\u00059qM]1qQFd'BA\u0007\u000f\u0003-\u0019wN\u001c;s_2dWM]:\u000b\u0005=\u0001\u0012A\u00039s_*,7\r^5mK*\u0011\u0011CE\u0001\u0006WfdW-\u001e\u0006\u0002'\u0005\u00191m\\7\u0004\u0001M\u0011\u0001A\u0006\t\u0003/ai\u0011\u0001D\u0005\u000331\u0011a\"Q;uQ\u000e{g\u000e\u001e:pY2,'/A\u0002baB,\u0012\u0001\b\t\u0003;\u0001j\u0011A\b\u0006\u0003?9\ta!\\8eK2\u001c\u0018BA\u0011\u001f\u0005-\t\u0005\u000f\u001d7jG\u0006$\u0018n\u001c8\u0002\t\u0005\u0004\b\u000fI\u0001\u000fOJ\f\u0007\u000f[)M'\u0016\u0014h/[2f!\t)s%D\u0001'\u0015\tYa\"\u0003\u0002)M\tqqI]1qQFc5+\u001a:wS\u000e,\u0017A\u0002\u001fj]&$h\bF\u0002,[9\u0002\"\u0001\f\u0001\u000e\u0003)AQA\u0007\u0003A\u0002qAQa\t\u0003A\u0002\u0011B#\u0001\u0002\u0019\u0011\u0005E2T\"\u0001\u001a\u000b\u0005M\"\u0014AB5oU\u0016\u001cGOC\u00016\u0003\u0015Q\u0017M^1y\u0013\t9$G\u0001\u0004J]*,7\r^\u0001\ng\u0016\u001c'/\u001a;LKf\u0004\"AO \u000e\u0003mR!\u0001P\u001f\u0002\t1\fgn\u001a\u0006\u0002}\u0005!!.\u0019<b\u0013\t\u00015H\u0001\u0004TiJLgn\u001a\u000b\u0004\u0005>\u000b\u0007cA\"K\u00196\tAI\u0003\u0002F\r\u0006\u0019QN^2\u000b\u0005\u001dC\u0015aA1qS*\t\u0011*\u0001\u0003qY\u0006L\u0018BA&E\u0005\u0019\t5\r^5p]B\u00111)T\u0005\u0003\u001d\u0012\u0013!\"\u00118z\u0007>tG/\u001a8u\u0011\u0015\u0001f\u00011\u0001R\u0003\u0015\tX/\u001a:z!\r\u0011VkV\u0007\u0002'*\tA+A\u0003tG\u0006d\u0017-\u0003\u0002W'\n1q\n\u001d;j_:\u0004\"\u0001W0\u000f\u0005ek\u0006C\u0001.T\u001b\u0005Y&B\u0001/\u0015\u0003\u0019a$o\\8u}%\u0011alU\u0001\u0007!J,G-\u001a4\n\u0005\u0001\u0003'B\u00010T\u0011\u0015\u0011g\u00011\u0001R\u0003%1\u0018M]5bE2,7/A\u0006he\u0006\u0004\b.\u001d7C_\u0012LX#\u0001\"\u0002\u0019\u0015DXmY;uKF+XM]=\u0015\u0013\u001d\\H0!\u0004\u0002\u0012\u0005\u0005BC\u00015r!\rIGN\\\u0007\u0002U*\u00111nU\u0001\u000bG>t7-\u001e:sK:$\u0018BA7k\u0005\u00191U\u000f^;sKB\u00111i\\\u0005\u0003a\u0012\u0013aAU3tk2$\b\"\u0002:\t\u0001\b\u0019\u0018\u0001\u00023bi\u0006\u0004\"\u0001^=\u000e\u0003UT!A^<\u0002\u000fQ\u0014\u0018mY5oO*\u0011\u0001PD\u0001\u0005kRLG.\u0003\u0002{k\nIAK]1dK\u0012\u000bG/\u0019\u0005\u0006!\"\u0001\ra\u0016\u0005\u0006E\"\u0001\r! \t\u0004%Vs\bcA@\u0002\n5\u0011\u0011\u0011\u0001\u0006\u0005\u0003\u0007\t)!A\u0003dSJ\u001cWM\u0003\u0002\u0002\b\u0005\u0011\u0011n\\\u0005\u0005\u0003\u0017\t\tA\u0001\u0003Kg>t\u0007BBA\b\u0011\u0001\u0007\u0011+A\u0005pa\u0016\u0014\u0018\r^5p]\"9\u00111\u0003\u0005A\u0002\u0005U\u0011!B2sK\u0012\u001c\b\u0003BA\f\u0003;i!!!\u0007\u000b\u0007\u0005ma$\u0001\u0003bkRD\u0017\u0002BA\u0010\u00033\u0011q\"V:fe\u000e\u0013X\rZ3oi&\fGn\u001d\u0005\b\u0003GA\u0001\u0019AA\u0013\u0003\u0015!WMY;h!\r\u0011\u0016qE\u0005\u0004\u0003S\u0019&a\u0002\"p_2,\u0017M\u001c\u0015\u0004\u0001\u00055\u0002cA\u0019\u00020%\u0019\u0011\u0011\u0007\u001a\u0003\u0013MKgn\u001a7fi>t\u0007")
/* loaded from: input_file:com/kyleu/projectile/controllers/graphql/GraphQLController.class */
public class GraphQLController extends AuthController {
    private final Application app;
    private final GraphQLService graphQLService;
    private final String secretKey;
    private volatile boolean bitmap$init$0;

    public Application app() {
        return this.app;
    }

    public Action<AnyContent> graphql(Option<String> option, Option<String> option2) {
        return withSession("graphql.ui", true, securedRequest -> {
            return traceData -> {
                return Future$.MODULE$.successful(this.Ok().apply(graphiql$.MODULE$.apply(this.app().actions(), securedRequest, this.request2session(securedRequest), this.request2flash(securedRequest), traceData), Writeable$.MODULE$.writeableOf_Content(Codec$.MODULE$.utf_8(), ContentTypeOf$.MODULE$.contentTypeOf_Html(Codec$.MODULE$.utf_8()))));
            };
        }, ExecutionContext$Implicits$.MODULE$.global());
    }

    public Action<AnyContent> graphqlBody() {
        return withoutSession("graphql.post", userAwareRequest -> {
            return traceData -> {
                boolean z;
                boolean z2 = false;
                boolean z3 = false;
                Some identity = userAwareRequest.identity();
                if (identity instanceof Some) {
                    z2 = true;
                    Role role = ((SystemUser) identity.value()).role();
                    Role$Admin$ role$Admin$ = Role$Admin$.MODULE$;
                    if (role != null ? role.equals(role$Admin$) : role$Admin$ == null) {
                        z = true;
                        if (z) {
                            return this.failRequest(userAwareRequest);
                        }
                        Map map = ControllerUtils$.MODULE$.jsonObject(ControllerUtils$.MODULE$.jsonBody((AnyContent) userAwareRequest.body())).toMap();
                        return this.executeQuery((String) ((Json) map.apply("query")).as(Decoder$.MODULE$.decodeString()).getOrElse(() -> {
                            return "{}";
                        }), map.get("variables").map(json -> {
                            return this.graphQLService.parseVariables(json.toString());
                        }), map.get("operationName").flatMap(json2 -> {
                            return json2.asString();
                        }), UserCredentials$.MODULE$.fromInsecureRequest(userAwareRequest), this.app().config().debug(), traceData);
                    }
                }
                if (z2) {
                    z = false;
                } else {
                    if (None$.MODULE$.equals(identity)) {
                        z3 = true;
                        if (userAwareRequest.headers().get("admin-graphql-auth").exists(str -> {
                            return BoxesRunTime.boxToBoolean($anonfun$graphqlBody$3(this, str));
                        })) {
                            z = true;
                        }
                    }
                    if (!z3) {
                        throw new MatchError(identity);
                    }
                    String encrypt = EncryptionUtils$.MODULE$.encrypt(this.secretKey);
                    this.log().warn(() -> {
                        return new StringBuilder(122).append("Invalid graphql authentication. To access the server without logging in, add the header [admin-graphql-auth] with value [").append(encrypt).append("]").toString();
                    }, traceData);
                    z = false;
                }
                if (z) {
                }
            };
        }, ExecutionContext$Implicits$.MODULE$.global());
    }

    private Future<Result> executeQuery(String str, Option<Json> option, Option<String> option2, UserCredentials userCredentials, boolean z, TraceData traceData) {
        try {
            return this.graphQLService.executeQuery(str, option, option2, userCredentials, z, traceData).map(json -> {
                return this.Ok().apply(json, this.writableOfJson(Codec$.MODULE$.utf_8(), this.writableOfJson$default$2()));
            }, ExecutionContext$Implicits$.MODULE$.global()).recover(new GraphQLController$$anonfun$executeQuery$2(this), ExecutionContext$Implicits$.MODULE$.global());
        } catch (SyntaxError e) {
            return Future$.MODULE$.successful(BadRequest().apply(Json$.MODULE$.obj(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("syntaxError"), Json$.MODULE$.fromString(e.getMessage())), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("locations"), Json$.MODULE$.arr(Predef$.MODULE$.wrapRefArray(new Json[]{Json$.MODULE$.obj(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("line"), Json$.MODULE$.fromInt(e.originalError().position().line())), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("column"), Json$.MODULE$.fromInt(e.originalError().position().column()))}))})))})), writableOfJson(Codec$.MODULE$.utf_8(), writableOfJson$default$2())));
        }
    }

    public static final /* synthetic */ boolean $anonfun$graphqlBody$3(GraphQLController graphQLController, String str) {
        String decrypt = EncryptionUtils$.MODULE$.decrypt(str, EncryptionUtils$.MODULE$.decrypt$default$2());
        String str2 = graphQLController.secretKey;
        return decrypt != null ? decrypt.equals(str2) : str2 == null;
    }

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    @Inject
    public GraphQLController(Application application, GraphQLService graphQLService) {
        super("graphql");
        this.app = application;
        this.graphQLService = graphQLService;
        this.secretKey = "GraphTastesBad";
        this.bitmap$init$0 = true;
    }
}
