package otoroshi.actions;

import akka.http.scaladsl.model.Uri$;
import akka.http.scaladsl.model.Uri$Path$Empty$;
import akka.http.scaladsl.util.FastFuture$;
import otoroshi.auth.GenericOauth2Module$;
import otoroshi.controllers.routes;
import otoroshi.env.Env;
import otoroshi.events.Alerts$;
import otoroshi.events.BlackListedBackOfficeUserAlert;
import otoroshi.events.BlackListedBackOfficeUserAlert$;
import otoroshi.gateway.Errors$;
import otoroshi.models.BackOfficeUser;
import otoroshi.models.ServiceDescriptor;
import otoroshi.utils.TypedMap;
import otoroshi.utils.TypedMap$;
import otoroshi.utils.http.RequestImplicits$;
import otoroshi.utils.http.RequestImplicits$EnhancedRequestHeader$;
import otoroshi.views.html.oto.error$;
import play.api.http.ContentTypeOf$;
import play.api.http.Writeable$;
import play.api.mvc.Action;
import play.api.mvc.ActionBuilder;
import play.api.mvc.ActionFunction;
import play.api.mvc.AnyContent;
import play.api.mvc.BodyParser;
import play.api.mvc.Codec$;
import play.api.mvc.Request;
import play.api.mvc.Result;
import play.api.mvc.Results;
import play.api.mvc.Results$;
import scala.Function0;
import scala.Function1;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Some;
import scala.Tuple2;
import scala.concurrent.ExecutionContext;
import scala.concurrent.Future;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxesRunTime;

/* compiled from: backoffice.scala */
@ScalaSignature(bytes = "\u0006\u0001\u00114A\u0001C\u0005\u0001\u001d!AA\u0006\u0001BC\u0002\u0013\u0005Q\u0006\u0003\u00052\u0001\t\u0005\t\u0015!\u0003/\u0011!\u0011\u0004A!A!\u0002\u0017\u0019\u0004\"\u0002\u001d\u0001\t\u0003I\u0004\u0002\u0003 \u0001\u0011\u000b\u0007I1A \t\u000b\u0019\u0003A\u0011I$\t\u000b\r\u0004A\u0011K \u0003)\t\u000b7m[(gM&\u001cW-Q2uS>t\u0017)\u001e;i\u0015\tQ1\"A\u0004bGRLwN\\:\u000b\u00031\t\u0001b\u001c;pe>\u001c\b.[\u0002\u0001'\u0011\u0001q\"\u0006\u0014\u0011\u0005A\u0019R\"A\t\u000b\u0003I\tQa]2bY\u0006L!\u0001F\t\u0003\r\u0005s\u0017PU3g!\u00111RdH\u0012\u000e\u0003]Q!\u0001G\r\u0002\u0007548M\u0003\u0002\u001b7\u0005\u0019\u0011\r]5\u000b\u0003q\tA\u0001\u001d7bs&\u0011ad\u0006\u0002\u000e\u0003\u000e$\u0018n\u001c8Ck&dG-\u001a:\u0011\u0005\u0001\nS\"A\u0005\n\u0005\tJ!a\u0007\"bG.|eMZ5dK\u0006\u001bG/[8o\u0007>tG/\u001a=u\u0003V$\b\u000e\u0005\u0002\u0017I%\u0011Qe\u0006\u0002\u000b\u0003:L8i\u001c8uK:$\b\u0003\u0002\f(S}I!\u0001K\f\u0003\u001d\u0005\u001bG/[8o\rVt7\r^5p]B\u0011aCK\u0005\u0003W]\u0011qAU3rk\u0016\u001cH/\u0001\u0004qCJ\u001cXM]\u000b\u0002]A\u0019acL\u0012\n\u0005A:\"A\u0003\"pIf\u0004\u0016M]:fe\u00069\u0001/\u0019:tKJ\u0004\u0013aA3omB\u0011AGN\u0007\u0002k)\u0011!gC\u0005\u0003oU\u00121!\u00128w\u0003\u0019a\u0014N\\5u}Q\u0011!(\u0010\u000b\u0003wq\u0002\"\u0001\t\u0001\t\u000bI\"\u00019A\u001a\t\u000b1\"\u0001\u0019\u0001\u0018\u0002\u0005\u0015\u001cW#\u0001!\u0011\u0005\u0005#U\"\u0001\"\u000b\u0005\r\u000b\u0012AC2p]\u000e,(O]3oi&\u0011QI\u0011\u0002\u0011\u000bb,7-\u001e;j_:\u001cuN\u001c;fqR\f1\"\u001b8w_.,'\t\\8dWV\u0011\u0001\n\u0016\u000b\u0004\u0013>k\u0006cA!K\u0019&\u00111J\u0011\u0002\u0007\rV$XO]3\u0011\u0005Yi\u0015B\u0001(\u0018\u0005\u0019\u0011Vm];mi\")\u0001K\u0002a\u0001#\u00069!/Z9vKN$\bc\u0001\f+%B\u00111\u000b\u0016\u0007\u0001\t\u0015)fA1\u0001W\u0005\u0005\t\u0015CA,[!\t\u0001\u0002,\u0003\u0002Z#\t9aj\u001c;iS:<\u0007C\u0001\t\\\u0013\ta\u0016CA\u0002B]fDQA\u0018\u0004A\u0002}\u000bQA\u00197pG.\u0004B\u0001\u00051c\u0013&\u0011\u0011-\u0005\u0002\n\rVt7\r^5p]F\u00022\u0001I\u0011S\u0003A)\u00070Z2vi&|gnQ8oi\u0016DH\u000f")
/* loaded from: input_file:otoroshi/actions/BackOfficeActionAuth.class */
public class BackOfficeActionAuth implements ActionBuilder<BackOfficeActionContextAuth, AnyContent> {
    private ExecutionContext ec;
    private final BodyParser<AnyContent> parser;
    private final Env env;
    private volatile boolean bitmap$0;

    public final <A> ActionBuilder<BackOfficeActionContextAuth, A> apply(BodyParser<A> bodyParser) {
        return ActionBuilder.apply$(this, bodyParser);
    }

    public final Action<AnyContent> apply(Function1<BackOfficeActionContextAuth<AnyContent>, Result> function1) {
        return ActionBuilder.apply$(this, function1);
    }

    public final Action<AnyContent> apply(Function0<Result> function0) {
        return ActionBuilder.apply$(this, function0);
    }

    public final Action<AnyContent> async(Function0<Future<Result>> function0) {
        return ActionBuilder.async$(this, function0);
    }

    public final Action<AnyContent> async(Function1<BackOfficeActionContextAuth<AnyContent>, Future<Result>> function1) {
        return ActionBuilder.async$(this, function1);
    }

    public final <A> Action<A> async(BodyParser<A> bodyParser, Function1<BackOfficeActionContextAuth<A>, Future<Result>> function1) {
        return ActionBuilder.async$(this, bodyParser, function1);
    }

    public <A> BodyParser<A> composeParser(BodyParser<A> bodyParser) {
        return ActionBuilder.composeParser$(this, bodyParser);
    }

    public <A> Action<A> composeAction(Action<A> action) {
        return ActionBuilder.composeAction$(this, action);
    }

    /* renamed from: andThen, reason: merged with bridge method [inline-methods] */
    public <Q> ActionBuilder<Q, AnyContent> m9andThen(ActionFunction<BackOfficeActionContextAuth, Q> actionFunction) {
        return ActionBuilder.andThen$(this, actionFunction);
    }

    public <Q> ActionFunction<Q, BackOfficeActionContextAuth> compose(ActionFunction<Q, Request> actionFunction) {
        return ActionFunction.compose$(this, actionFunction);
    }

    public <B> ActionBuilder<BackOfficeActionContextAuth, B> compose(ActionBuilder<Request, B> actionBuilder) {
        return ActionFunction.compose$(this, actionBuilder);
    }

    public BodyParser<AnyContent> parser() {
        return this.parser;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0 */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v8, types: [otoroshi.actions.BackOfficeActionAuth] */
    private ExecutionContext ec$lzycompute() {
        ?? r0 = this;
        synchronized (r0) {
            if (!this.bitmap$0) {
                this.ec = this.env.otoroshiExecutionContext();
                r0 = this;
                r0.bitmap$0 = true;
            }
        }
        return this.ec;
    }

    public ExecutionContext ec() {
        return !this.bitmap$0 ? ec$lzycompute() : this.ec;
    }

    public <A> Future<Result> invokeBlock(Request<A> request, Function1<BackOfficeActionContextAuth<A>, Future<Result>> function1) {
        String theDomain$extension = RequestImplicits$EnhancedRequestHeader$.MODULE$.theDomain$extension(RequestImplicits$.MODULE$.EnhancedRequestHeader(request), this.env);
        String backOfficeHost = this.env.backOfficeHost();
        if (backOfficeHost != null ? backOfficeHost.equals(theDomain$extension) : theDomain$extension == null) {
            return perform$2(request, function1, request);
        }
        if (this.env.backofficeDomains().contains(theDomain$extension)) {
            return perform$2(request, function1, request);
        }
        Results.Status Status = Results$.MODULE$.Status(404);
        Option<ServiceDescriptor> option = None$.MODULE$;
        Option<String> some = new Some<>("errors.not.found");
        TypedMap empty = TypedMap$.MODULE$.empty();
        return Errors$.MODULE$.craftResponseResult("Not found", Status, request, option, some, Errors$.MODULE$.craftResponseResult$default$6(), Errors$.MODULE$.craftResponseResult$default$7(), Errors$.MODULE$.craftResponseResult$default$8(), Errors$.MODULE$.craftResponseResult$default$9(), Errors$.MODULE$.craftResponseResult$default$10(), Errors$.MODULE$.craftResponseResult$default$11(), empty, Errors$.MODULE$.craftResponseResult$default$13(), ec(), this.env);
    }

    public ExecutionContext executionContext() {
        return ec();
    }

    public static final /* synthetic */ Future $anonfun$invokeBlock$6(BackOfficeActionAuth backOfficeActionAuth, BackOfficeUser backOfficeUser, Request request, Function1 function1, boolean z) {
        if (true == z) {
            Alerts$.MODULE$.send(new BlackListedBackOfficeUserAlert(backOfficeActionAuth.env.snowflakeGenerator().nextIdStr(), backOfficeActionAuth.env.env(), backOfficeUser, RequestImplicits$EnhancedRequestHeader$.MODULE$.theIpAddress$extension(RequestImplicits$.MODULE$.EnhancedRequestHeader(request), backOfficeActionAuth.env), RequestImplicits$EnhancedRequestHeader$.MODULE$.theUserAgent$extension(RequestImplicits$.MODULE$.EnhancedRequestHeader(request)), BlackListedBackOfficeUserAlert$.MODULE$.apply$default$6()), backOfficeActionAuth.env);
            return (Future) FastFuture$.MODULE$.successful().apply(Results$.MODULE$.NotFound().apply(error$.MODULE$.apply("Error", backOfficeActionAuth.env, error$.MODULE$.apply$default$3(), error$.MODULE$.apply$default$4()), Writeable$.MODULE$.writeableOf_Content(Codec$.MODULE$.utf_8(), ContentTypeOf$.MODULE$.contentTypeOf_Html(Codec$.MODULE$.utf_8()))).removingFromSession(Predef$.MODULE$.wrapRefArray(new String[]{"bousr"}), request));
        }
        if (false != z) {
            throw new MatchError(BoxesRunTime.boxToBoolean(z));
        }
        backOfficeUser.withAuthModuleConfig(authModuleConfig -> {
            return GenericOauth2Module$.MODULE$.handleTokenRefresh(authModuleConfig, backOfficeUser, backOfficeActionAuth.ec(), backOfficeActionAuth.env);
        }, backOfficeActionAuth.ec(), backOfficeActionAuth.env);
        return (Future) function1.apply(new BackOfficeActionContextAuth(request, backOfficeUser));
    }

    private final Future callAction$1(Request request, Function1 function1, Request request2) {
        String sb = new StringBuilder(0).append(this.env.rootScheme()).append(RequestImplicits$EnhancedRequestHeader$.MODULE$.theHost$extension(RequestImplicits$.MODULE$.EnhancedRequestHeader(request), this.env)).append(routes.BackOfficeController.index().url()).toString();
        return (Future) request.session().get("bousr").map(str -> {
            return this.env.datastores().backOfficeUserDataStore().findById(str, this.ec(), this.env).flatMap(option -> {
                if (option instanceof Some) {
                    BackOfficeUser backOfficeUser = (BackOfficeUser) ((Some) option).value();
                    return this.env.datastores().backOfficeUserDataStore().blacklisted(backOfficeUser.email(), this.ec(), this.env).flatMap(obj -> {
                        return $anonfun$invokeBlock$6(this, backOfficeUser, request, function1, BoxesRunTime.unboxToBoolean(obj));
                    }, this.ec());
                }
                if (None$.MODULE$.equals(option)) {
                    return (Future) FastFuture$.MODULE$.successful().apply(Results$.MODULE$.Redirect(sb, Results$.MODULE$.Redirect$default$2(), Results$.MODULE$.Redirect$default$3()).addingToSession(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("bo-redirect-after-login"), new StringBuilder(0).append(this.env.rootScheme()).append(RequestImplicits$EnhancedRequestHeader$.MODULE$.theHost$extension(RequestImplicits$.MODULE$.EnhancedRequestHeader(request), this.env)).append(RequestImplicits$EnhancedRequestHeader$.MODULE$.relativeUri$extension(RequestImplicits$.MODULE$.EnhancedRequestHeader(request))).toString())}), request2));
                }
                throw new MatchError(option);
            }, this.ec());
        }).getOrElse(() -> {
            return (Future) FastFuture$.MODULE$.successful().apply(Results$.MODULE$.Redirect(sb, Results$.MODULE$.Redirect$default$2(), Results$.MODULE$.Redirect$default$3()).addingToSession(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("bo-redirect-after-login"), new StringBuilder(0).append(this.env.rootScheme()).append(RequestImplicits$EnhancedRequestHeader$.MODULE$.theHost$extension(RequestImplicits$.MODULE$.EnhancedRequestHeader(request), this.env)).append(RequestImplicits$EnhancedRequestHeader$.MODULE$.relativeUri$extension(RequestImplicits$.MODULE$.EnhancedRequestHeader(request))).toString())}), request2));
        });
    }

    private final Future perform$2(Request request, Function1 function1, Request request2) {
        boolean z = false;
        Some some = null;
        Option map = request.headers().get("Origin").map(str -> {
            return Uri$.MODULE$.apply(str);
        }).orElse(() -> {
            return request.headers().get("Referer").map(str2 -> {
                return Uri$.MODULE$.apply(str2);
            }).map(uri -> {
                return uri.copy(uri.copy$default$1(), uri.copy$default$2(), Uri$Path$Empty$.MODULE$, uri.copy$default$4(), uri.copy$default$5());
            });
        }).map(uri -> {
            return uri.authority().copy(uri.authority().copy$default$1(), 0, uri.authority().copy$default$3()).toString();
        });
        if (map instanceof Some) {
            z = true;
            some = (Some) map;
            String str2 = (String) some.value();
            String backOfficeHost = this.env.backOfficeHost();
            if (str2 != null ? str2.equals(backOfficeHost) : backOfficeHost == null) {
                if (RequestImplicits$EnhancedRequestHeader$.MODULE$.thePath$extension(RequestImplicits$.MODULE$.EnhancedRequestHeader(request2)).startsWith("/bo/api/") && this.env.datastores().globalConfigDataStore().latest(ec(), this.env).apiReadOnly()) {
                    String method = request2.method();
                    if (method != null ? !method.equals("GET") : "GET" != 0) {
                        return Errors$.MODULE$.craftResponseResult("You're not authorized", Results$.MODULE$.Status(401), request, None$.MODULE$, new Some<>("errors.not.authorized"), Errors$.MODULE$.craftResponseResult$default$6(), Errors$.MODULE$.craftResponseResult$default$7(), Errors$.MODULE$.craftResponseResult$default$8(), Errors$.MODULE$.craftResponseResult$default$9(), Errors$.MODULE$.craftResponseResult$default$10(), Errors$.MODULE$.craftResponseResult$default$11(), TypedMap$.MODULE$.empty(), Errors$.MODULE$.craftResponseResult$default$13(), ec(), this.env);
                    }
                }
                return callAction$1(request, function1, request2);
            }
        }
        if (z) {
            String str3 = (String) some.value();
            String backOfficeHost2 = this.env.backOfficeHost();
            if (str3 != null ? !str3.equals(backOfficeHost2) : backOfficeHost2 != null) {
                String lowerCase = request.method().toLowerCase();
                if (lowerCase != null ? !lowerCase.equals("get") : "get" != 0) {
                    return Errors$.MODULE$.craftResponseResult("Bad origin", Results$.MODULE$.Status(417), request, None$.MODULE$, new Some<>("errors.bad.origin"), Errors$.MODULE$.craftResponseResult$default$6(), Errors$.MODULE$.craftResponseResult$default$7(), Errors$.MODULE$.craftResponseResult$default$8(), Errors$.MODULE$.craftResponseResult$default$9(), Errors$.MODULE$.craftResponseResult$default$10(), Errors$.MODULE$.craftResponseResult$default$11(), TypedMap$.MODULE$.empty(), Errors$.MODULE$.craftResponseResult$default$13(), ec(), this.env);
                }
            }
        }
        return callAction$1(request, function1, request2);
    }

    public BackOfficeActionAuth(BodyParser<AnyContent> bodyParser, Env env) {
        this.parser = bodyParser;
        this.env = env;
        ActionFunction.$init$(this);
        ActionBuilder.$init$(this);
    }
}
