package pl.edu.icm.unity.engine.authn;

import com.google.common.collect.Sets;
import java.util.ArrayList;
import java.util.List;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Primary;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.AuthenticatorManagement;
import pl.edu.icm.unity.engine.api.authn.AuthenticationFlow;
import pl.edu.icm.unity.engine.api.authn.AuthenticatorInstance;
import pl.edu.icm.unity.engine.api.authn.AuthenticatorSupportService;
import pl.edu.icm.unity.engine.api.authn.CredentialVerificator;
import pl.edu.icm.unity.engine.endpoint.EndpointsUpdater;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.store.api.generic.AuthenticatorConfigurationDB;
import pl.edu.icm.unity.store.api.tx.Transactional;
import pl.edu.icm.unity.store.api.tx.TransactionalRunner;
import pl.edu.icm.unity.store.types.AuthenticatorConfiguration;
import pl.edu.icm.unity.types.authn.AuthenticationFlowDefinition;
import pl.edu.icm.unity.types.authn.AuthenticatorInfo;

@Primary
@Component
/* loaded from: input_file:pl/edu/icm/unity/engine/authn/AuthenticatorSupportServiceImpl.class */
public class AuthenticatorSupportServiceImpl implements AuthenticatorSupportService {
    private static final Logger log = Log.getLogger("unity.server", AuthenticatorSupportServiceImpl.class);
    private AuthenticatorLoader authnLoader;
    private AuthenticatorsRegistry authnRegistry;
    private AuthenticatorManagement authenticationManagement;
    private AuthenticatorConfigurationDB authenticatorDB;
    private EndpointsUpdater endpointsUpdater;
    private TransactionalRunner tx;

    @Autowired
    public AuthenticatorSupportServiceImpl(AuthenticatorLoader authenticatorLoader, AuthenticatorsRegistry authenticatorsRegistry, AuthenticatorManagement authenticatorManagement, AuthenticatorConfigurationDB authenticatorConfigurationDB, EndpointsUpdater endpointsUpdater, TransactionalRunner transactionalRunner) {
        this.authnLoader = authenticatorLoader;
        this.authnRegistry = authenticatorsRegistry;
        this.authenticationManagement = authenticatorManagement;
        this.authenticatorDB = authenticatorConfigurationDB;
        this.endpointsUpdater = endpointsUpdater;
        this.tx = transactionalRunner;
    }

    @Transactional
    public List<AuthenticationFlow> getRemoteAuthenticatorsAsFlows(String str) throws EngineException {
        ArrayList arrayList = new ArrayList();
        for (AuthenticatorInfo authenticatorInfo : this.authenticationManagement.getAuthenticators(str)) {
            if (this.authnRegistry.getCredentialVerificatorFactory(authenticatorInfo.getTypeDescription().getVerificationMethod()).newInstance().getType().equals(CredentialVerificator.VerificatorType.Remote)) {
                arrayList.add(new AuthenticationFlowDefinition(authenticatorInfo.getId(), AuthenticationFlowDefinition.Policy.NEVER, Sets.newHashSet(new String[]{authenticatorInfo.getId()})));
            }
        }
        return this.authnLoader.createAuthenticationFlows(arrayList, str);
    }

    @Transactional
    public List<AuthenticationFlow> resolveAuthenticationFlows(List<String> list, String str) {
        return this.authnLoader.resolveAuthenticationFlows(list, str);
    }

    @Transactional
    public List<AuthenticatorInstance> getRemoteAuthenticators(String str) throws EngineException {
        ArrayList arrayList = new ArrayList();
        for (AuthenticatorInstance authenticatorInstance : this.authnLoader.getAuthenticators(str)) {
            if (authenticatorInstance.getMetadata().getLocalCredentialName() == null) {
                arrayList.add(this.authnLoader.getAuthenticator(authenticatorInstance.getMetadata().getId(), str));
            }
        }
        return arrayList;
    }

    public void refreshAuthenticatorsOfCredential(String str) throws EngineException {
        this.tx.runInTransaction(() -> {
            for (AuthenticatorConfiguration authenticatorConfiguration : this.authenticatorDB.getAll()) {
                if (str.equals(authenticatorConfiguration.getLocalCredentialName())) {
                    refreshAuthenticator(authenticatorConfiguration);
                }
            }
        });
        this.endpointsUpdater.updateManual();
    }

    private void refreshAuthenticator(AuthenticatorConfiguration authenticatorConfiguration) {
        log.info("Updating authenticator {} as its local credential configuration has changed", authenticatorConfiguration.getName());
        this.authenticatorDB.update(new AuthenticatorConfiguration(authenticatorConfiguration.getName(), authenticatorConfiguration.getVerificationMethod(), authenticatorConfiguration.getConfiguration(), authenticatorConfiguration.getLocalCredentialName(), authenticatorConfiguration.getRevision() + 1));
    }
}
