package pl.edu.icm.unity.engine.confirmation;

import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Calendar;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Optional;
import java.util.UUID;
import net.sf.ehcache.Cache;
import net.sf.ehcache.Ehcache;
import net.sf.ehcache.Element;
import net.sf.ehcache.config.CacheConfiguration;
import net.sf.ehcache.config.PersistenceConfiguration;
import net.sf.ehcache.config.Searchable;
import net.sf.ehcache.search.Query;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.MessageSource;
import pl.edu.icm.unity.base.token.Token;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.attributes.AttributeValueSyntax;
import pl.edu.icm.unity.engine.api.config.UnityServerConfiguration;
import pl.edu.icm.unity.engine.api.confirmation.EmailConfirmationManager;
import pl.edu.icm.unity.engine.api.confirmation.EmailConfirmationRedirectURLBuilder;
import pl.edu.icm.unity.engine.api.confirmation.states.BaseEmailConfirmationState;
import pl.edu.icm.unity.engine.api.confirmation.states.EmailAttribiuteConfirmationState;
import pl.edu.icm.unity.engine.api.confirmation.states.EmailIdentityConfirmationState;
import pl.edu.icm.unity.engine.api.finalization.WorkflowFinalizationConfiguration;
import pl.edu.icm.unity.engine.api.identity.EntityResolver;
import pl.edu.icm.unity.engine.api.notification.NotificationProducer;
import pl.edu.icm.unity.engine.api.server.AdvertisedAddressProvider;
import pl.edu.icm.unity.engine.api.token.TokensManagement;
import pl.edu.icm.unity.engine.api.utils.CacheProvider;
import pl.edu.icm.unity.engine.attribute.AttributeTypeHelper;
import pl.edu.icm.unity.engine.identity.IdentityTypeHelper;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.exceptions.InternalException;
import pl.edu.icm.unity.store.api.generic.MessageTemplateDB;
import pl.edu.icm.unity.store.api.tx.TransactionalRunner;
import pl.edu.icm.unity.types.basic.Attribute;
import pl.edu.icm.unity.types.basic.EntityParam;
import pl.edu.icm.unity.types.basic.Identity;
import pl.edu.icm.unity.types.basic.MessageTemplate;
import pl.edu.icm.unity.types.confirmation.ConfirmationInfo;
import pl.edu.icm.unity.types.confirmation.EmailConfirmationConfiguration;
import pl.edu.icm.unity.types.confirmation.VerifiableElement;

@Component
/* loaded from: input_file:pl/edu/icm/unity/engine/confirmation/EmailConfirmationManagerImpl.class */
public class EmailConfirmationManagerImpl implements EmailConfirmationManager {
    private static final Logger log = Log.getLogger("unity.server", EmailConfirmationManagerImpl.class);
    private static final String CACHE_ID = "EmailConfirmationCache";
    private IdentityTypeHelper idTypeHelper;
    private AttributeTypeHelper atTypeHelper;
    private TokensManagement tokensMan;
    private NotificationProducer notificationProducer;
    private EmailConfirmationFacilitiesRegistry confirmationFacilitiesRegistry;
    private MessageTemplateDB mtDB;
    private URL advertisedAddress;
    private MessageSource msg;
    private EntityResolver idResolver;
    private Ehcache confirmationReqCache;
    private int requestLimit;
    private String defaultRedirectURL;
    private TransactionalRunner tx;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: pl.edu.icm.unity.engine.confirmation.EmailConfirmationManagerImpl$1TokenAndFlag, reason: invalid class name */
    /* loaded from: input_file:pl/edu/icm/unity/engine/confirmation/EmailConfirmationManagerImpl$1TokenAndFlag.class */
    public class C1TokenAndFlag {
        private String token;
        private boolean hasDuplicate;

        public C1TokenAndFlag(String str, boolean z) {
            this.token = str;
            this.hasDuplicate = z;
        }
    }

    @Autowired
    public EmailConfirmationManagerImpl(IdentityTypeHelper identityTypeHelper, AttributeTypeHelper attributeTypeHelper, TokensManagement tokensManagement, NotificationProducer notificationProducer, EmailConfirmationFacilitiesRegistry emailConfirmationFacilitiesRegistry, MessageTemplateDB messageTemplateDB, AdvertisedAddressProvider advertisedAddressProvider, MessageSource messageSource, EntityResolver entityResolver, TransactionalRunner transactionalRunner, CacheProvider cacheProvider, UnityServerConfiguration unityServerConfiguration) {
        this.idTypeHelper = identityTypeHelper;
        this.atTypeHelper = attributeTypeHelper;
        this.tokensMan = tokensManagement;
        this.notificationProducer = notificationProducer;
        this.confirmationFacilitiesRegistry = emailConfirmationFacilitiesRegistry;
        this.mtDB = messageTemplateDB;
        this.advertisedAddress = advertisedAddressProvider.get();
        this.msg = messageSource;
        this.idResolver = entityResolver;
        this.tx = transactionalRunner;
        CacheConfiguration cacheConfiguration = new CacheConfiguration(CACHE_ID, 0);
        Searchable searchable = new Searchable();
        searchable.values(true);
        cacheConfiguration.addSearchable(searchable);
        cacheConfiguration.setTimeToIdleSeconds(86400L);
        cacheConfiguration.setTimeToLiveSeconds(86400L);
        cacheConfiguration.setEternal(false);
        PersistenceConfiguration persistenceConfiguration = new PersistenceConfiguration();
        persistenceConfiguration.setStrategy("none");
        cacheConfiguration.persistence(persistenceConfiguration);
        this.confirmationReqCache = cacheProvider.getManager().addCacheIfAbsent(new Cache(cacheConfiguration));
        this.requestLimit = unityServerConfiguration.getEmailConfirmationRequestLimit();
        this.defaultRedirectURL = unityServerConfiguration.getValue("defaultPostConfirmationReturnURL");
    }

    public void sendConfirmationRequest(BaseEmailConfirmationState baseEmailConfirmationState) throws EngineException {
        sendConfirmationRequest(baseEmailConfirmationState, false);
    }

    private void sendConfirmationRequest(BaseEmailConfirmationState baseEmailConfirmationState, boolean z) throws EngineException {
        EmailConfirmationFacility<?> emailConfirmationFacility = (EmailConfirmationFacility) this.confirmationFacilitiesRegistry.getByName(baseEmailConfirmationState.getFacilityId());
        Optional<EmailConfirmationConfiguration> configuration = getConfiguration(baseEmailConfirmationState);
        if (!configuration.isPresent()) {
            log.debug("Cannot get confirmation configuration for " + baseEmailConfirmationState.getType() + ", skiping sendig confirmation request to " + baseEmailConfirmationState.getValue());
            return;
        }
        String serializedConfiguration = baseEmailConfirmationState.getSerializedConfiguration();
        if (configuration.get().getMessageTemplate() == null) {
            log.debug("Not sending an email as there is no message template configured for {}", baseEmailConfirmationState.getValue());
            return;
        }
        if (checkSendingLimit(baseEmailConfirmationState.getValue())) {
            C1TokenAndFlag c1TokenAndFlag = (C1TokenAndFlag) this.tx.runInTransactionRetThrowing(() -> {
                return new C1TokenAndFlag(insertConfirmationToken(serializedConfiguration, ((EmailConfirmationConfiguration) configuration.get()).getValidityTime()), !getDuplicateTokens(emailConfirmationFacility, serializedConfiguration).isEmpty());
            });
            if (z || !c1TokenAndFlag.hasDuplicate) {
                sendConfirmationRequest(baseEmailConfirmationState.getValue(), configuration.get().getMessageTemplate(), emailConfirmationFacility, baseEmailConfirmationState.getLocale(), c1TokenAndFlag.token);
            } else {
                log.debug("Not sending a confirmation message to " + baseEmailConfirmationState.getValue() + " as such confirmation was already sent");
            }
            emailConfirmationFacility.processAfterSendRequest(serializedConfiguration);
        }
    }

    private boolean checkSendingLimit(String str) {
        this.confirmationReqCache.evictExpiredElements();
        if (this.confirmationReqCache.createQuery().includeValues().addCriteria(Query.VALUE.ilike(str)).execute().size() < this.requestLimit) {
            return true;
        }
        log.warn("Limit of sent confirmation requests to email " + str + " was reached. (Limit=" + this.requestLimit + "/24H)");
        return false;
    }

    private String insertConfirmationToken(String str, int i) throws EngineException {
        Date date = new Date();
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(date);
        calendar.add(12, i);
        Date time = calendar.getTime();
        String uuid = UUID.randomUUID().toString();
        try {
            this.tokensMan.addToken("Confirmation", uuid, str.getBytes(StandardCharsets.UTF_8), date, time);
            return uuid;
        } catch (Exception e) {
            log.error("Cannot add token to db", e);
            throw e;
        }
    }

    private void sendConfirmationRequest(String str, String str2, EmailConfirmationFacility<?> emailConfirmationFacility, String str3, String str4) throws EngineException {
        MessageTemplate messageTemplate = null;
        for (MessageTemplate messageTemplate2 : getAllTemplatesFromDB()) {
            if (messageTemplate2.getName().equals(str2)) {
                messageTemplate = messageTemplate2;
            }
        }
        if (messageTemplate == null) {
            throw new IllegalArgumentException("The message template " + str2 + " does not exists");
        }
        if (!messageTemplate.getConsumer().equals("EmailConfirmation")) {
            throw new IllegalArgumentException("Illegal type of template. Only message templates with EmailConfirmation are allowed");
        }
        String str5 = this.advertisedAddress.toExternalForm() + "/unitygw/confirmation";
        HashMap hashMap = new HashMap();
        hashMap.put("confirmationLink", str5 + "?token=" + str4);
        log.debug("Send confirmation request to " + str + " with token = " + str4);
        this.confirmationReqCache.put(new Element(str4, str));
        this.notificationProducer.sendNotification(str, str2, hashMap, str3);
    }

    public WorkflowFinalizationConfiguration processConfirmation(String str) throws EngineException {
        if (str != null) {
            return (WorkflowFinalizationConfiguration) this.tx.runInTransactionRetThrowing(() -> {
                try {
                    return processConfirmationInternal(this.tokensMan.getTokenById("Confirmation", str), true);
                } catch (IllegalArgumentException e) {
                    return WorkflowFinalizationConfiguration.basicError(this.msg.getMessage("ConfirmationStatus.invalidToken", new Object[0]), new EmailConfirmationRedirectURLBuilder(this.defaultRedirectURL, EmailConfirmationRedirectURLBuilder.Status.elementConfirmationError).setErrorCode("invalidToken").build());
                }
            });
        }
        return WorkflowFinalizationConfiguration.basicError(this.msg.getMessage("ConfirmationStatus.invalidToken", new Object[0]), new EmailConfirmationRedirectURLBuilder(this.defaultRedirectURL, EmailConfirmationRedirectURLBuilder.Status.elementConfirmationError).setErrorCode("noToken").build());
    }

    private WorkflowFinalizationConfiguration processConfirmationInternal(Token token, boolean z) throws EngineException {
        if (token.getExpires().compareTo(new Date()) < 0) {
            return WorkflowFinalizationConfiguration.basicError(this.msg.getMessage("ConfirmationStatus.expiredToken", new Object[0]), new EmailConfirmationRedirectURLBuilder(this.defaultRedirectURL, EmailConfirmationRedirectURLBuilder.Status.elementConfirmationError).setErrorCode("expiredToken").build());
        }
        String contentsString = token.getContentsString();
        EmailConfirmationFacility emailConfirmationFacility = (EmailConfirmationFacility) this.confirmationFacilitiesRegistry.getByName(new BaseEmailConfirmationState(contentsString).getFacilityId());
        this.tokensMan.removeToken("Confirmation", token.getValue());
        log.debug("Process confirmation using " + emailConfirmationFacility.getName() + " facility");
        WorkflowFinalizationConfiguration processConfirmation = emailConfirmationFacility.processConfirmation(contentsString);
        if (z) {
            for (Token token2 : getDuplicateTokens(emailConfirmationFacility, contentsString)) {
                log.debug("Found duplicte confirmation token " + token2.getValue() + " confirming it too");
                processConfirmationInternal(token2, false);
            }
        }
        return processConfirmation;
    }

    private Collection<Token> getDuplicateTokens(EmailConfirmationFacility emailConfirmationFacility, String str) {
        try {
            BaseEmailConfirmationState mo32parseState = emailConfirmationFacility.mo32parseState(str);
            HashSet hashSet = new HashSet();
            for (Token token : this.tokensMan.getAllTokens("Confirmation")) {
                if (emailConfirmationFacility.isDuplicate(mo32parseState, token.getContentsString())) {
                    hashSet.add(token);
                }
            }
            return hashSet;
        } catch (IllegalArgumentException e) {
            throw new InternalException("Bug: token can not be parsed by its own facility", e);
        }
    }

    private void sendVerification(EntityParam entityParam, Attribute attribute, boolean z) throws EngineException {
        AttributeValueSyntax<?> unconfiguredSyntax = this.atTypeHelper.getUnconfiguredSyntax(attribute.getValueSyntax());
        if (unconfiguredSyntax.isEmailVerifiable()) {
            Iterator it = attribute.getValues().iterator();
            while (it.hasNext()) {
                VerifiableElement verifiableElement = (VerifiableElement) unconfiguredSyntax.convertFromString((String) it.next());
                ConfirmationInfo confirmationInfo = verifiableElement.getConfirmationInfo();
                if (!confirmationInfo.isConfirmed() && (z || confirmationInfo.getSentRequestAmount() == 0)) {
                    sendConfirmationRequest(new EmailAttribiuteConfirmationState(resolveEntityId(entityParam), attribute.getName(), verifiableElement.getValue(), this.msg.getDefaultLocaleCode(), attribute.getGroupPath()), z);
                }
            }
        }
    }

    private long resolveEntityId(EntityParam entityParam) throws EngineException {
        return entityParam.getEntityId() != null ? entityParam.getEntityId().longValue() : ((Long) this.tx.runInTransactionRetThrowing(() -> {
            return Long.valueOf(this.idResolver.getEntityId(entityParam));
        })).longValue();
    }

    public void sendVerificationQuietNoTx(EntityParam entityParam, Attribute attribute, boolean z) {
        try {
            sendVerification(entityParam, attribute, z);
        } catch (Exception e) {
            log.warn("Can not send a confirmation for the verificable attribute being added " + attribute.getName(), e);
        }
    }

    public void sendVerificationsQuietNoTx(EntityParam entityParam, Collection<? extends Attribute> collection, boolean z) {
        Iterator<? extends Attribute> it = collection.iterator();
        while (it.hasNext()) {
            sendVerificationQuietNoTx(entityParam, it.next(), z);
        }
    }

    public void sendVerificationNoTx(EntityParam entityParam, Identity identity, boolean z) throws EngineException {
        if (this.idTypeHelper.getTypeDefinition(identity.getTypeId()).isEmailVerifiable() && !identity.isConfirmed()) {
            if (z || identity.getConfirmationInfo().getSentRequestAmount() <= 0) {
                sendConfirmationRequest(new EmailIdentityConfirmationState(identity.getEntityId(), identity.getTypeId(), identity.getValue(), this.msg.getDefaultLocaleCode()), z);
            }
        }
    }

    public void sendVerificationQuietNoTx(EntityParam entityParam, Identity identity, boolean z) {
        try {
            sendVerificationNoTx(entityParam, identity, z);
        } catch (Exception e) {
            log.warn("Can not send a confirmation for the verificable identity being added " + identity.getValue(), e);
        }
    }

    private Optional<EmailConfirmationConfiguration> getConfiguration(BaseEmailConfirmationState baseEmailConfirmationState) {
        String facilityId = baseEmailConfirmationState.getFacilityId();
        try {
            return (facilityId.equals("AttributeFacility") || facilityId.equals("RegistrationReqAttributeFacility")) ? getConfirmationConfigurationForAttribute(baseEmailConfirmationState.getType()) : Optional.ofNullable(this.idTypeHelper.getIdentityType(baseEmailConfirmationState.getType()).getEmailConfirmationConfiguration());
        } catch (Exception e) {
            log.error("Cannot get confirmation configuration", e);
            return Optional.empty();
        }
    }

    private Collection<MessageTemplate> getAllTemplatesFromDB() throws EngineException {
        return (Collection) this.tx.runInTransactionRet(() -> {
            return this.mtDB.getAllAsMap().values();
        });
    }

    public <T> void sendVerification(EntityParam entityParam, Attribute attribute) throws EngineException {
        this.tx.runInTransactionThrowing(() -> {
            sendVerification(entityParam, attribute, true);
        });
    }

    public void sendVerification(EntityParam entityParam, Identity identity) throws EngineException {
        this.tx.runInTransactionThrowing(() -> {
            sendVerificationNoTx(entityParam, identity, true);
        });
    }

    public Optional<EmailConfirmationConfiguration> getConfirmationConfigurationForAttribute(String str) {
        try {
            AttributeValueSyntax<?> syntax = this.atTypeHelper.getSyntax(this.atTypeHelper.getTypeForAttributeName(str));
            if (syntax.isEmailVerifiable()) {
                return syntax.getEmailConfirmationConfiguration();
            }
            throw new IllegalArgumentException("Unsupported attribute type: " + str + " for email confirmation");
        } catch (Exception e) {
            log.debug("Cannot get confirmation configuration for attribute " + str, e);
            return Optional.empty();
        }
    }
}
