package pl.edu.icm.unity.oauth.as.webauthz;

import com.google.common.base.Strings;
import com.google.common.collect.Lists;
import com.nimbusds.oauth2.sdk.AuthorizationErrorResponse;
import com.nimbusds.oauth2.sdk.OAuth2Error;
import com.nimbusds.oauth2.sdk.client.ClientType;
import com.vaadin.flow.component.Component;
import com.vaadin.flow.component.HtmlComponent;
import com.vaadin.flow.component.checkbox.Checkbox;
import com.vaadin.flow.component.html.Div;
import com.vaadin.flow.component.html.Image;
import com.vaadin.flow.component.html.Span;
import com.vaadin.flow.component.orderedlayout.FlexComponent;
import com.vaadin.flow.component.orderedlayout.VerticalLayout;
import com.vaadin.flow.server.StreamResource;
import io.imunity.vaadin.endpoint.common.VaadinWebLogoutHandler;
import io.imunity.vaadin.endpoint.common.consent_utils.ExposedAttributesComponent;
import io.imunity.vaadin.endpoint.common.consent_utils.IdPButtonsBar;
import io.imunity.vaadin.endpoint.common.consent_utils.IdentitySelectorComponent;
import io.imunity.vaadin.endpoint.common.consent_utils.SPInfoComponent;
import io.imunity.vaadin.endpoint.common.consent_utils.URIPresentationHelper;
import io.imunity.vaadin.endpoint.common.plugins.attributes.AttributeHandlerRegistry;
import java.io.ByteArrayInputStream;
import java.lang.invoke.SerializedLambda;
import java.time.Instant;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
import java.util.function.BiConsumer;
import org.apache.logging.log4j.Logger;
import pl.edu.icm.unity.base.attribute.Attribute;
import pl.edu.icm.unity.base.attribute.image.UnityImage;
import pl.edu.icm.unity.base.endpoint.idp.IdpStatistic;
import pl.edu.icm.unity.base.exceptions.EngineException;
import pl.edu.icm.unity.base.identity.IdentityParam;
import pl.edu.icm.unity.base.message.MessageSource;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.PreferencesManagement;
import pl.edu.icm.unity.engine.api.attributes.AttributeTypeSupport;
import pl.edu.icm.unity.engine.api.attributes.DynamicAttribute;
import pl.edu.icm.unity.engine.api.identity.IdentityTypeSupport;
import pl.edu.icm.unity.oauth.as.OAuthAuthzContext;
import pl.edu.icm.unity.oauth.as.OAuthScope;
import pl.edu.icm.unity.oauth.as.preferences.OAuthPreferences;
import pl.edu.icm.unity.oauth.as.token.OAuthTokenEndpoint;

/* loaded from: input_file:pl/edu/icm/unity/oauth/as/webauthz/OAuthConsentScreen.class */
class OAuthConsentScreen extends VerticalLayout {
    private static final Logger log = Log.getLogger("unity.server.oauth", OAuthConsentScreen.class);
    private final MessageSource msg;
    private final AttributeHandlerRegistry handlersRegistry;
    private final PreferencesManagement preferencesMan;
    private final VaadinWebLogoutHandler authnProcessor;
    private final OAuthResponseHandler oauthResponseHandler;
    private final IdentityTypeSupport idTypeSupport;
    private final AttributeTypeSupport aTypeSupport;
    private final IdentityParam identity;
    private final Collection<DynamicAttribute> attributes;
    private final Runnable declineHandler;
    private final BiConsumer<IdentityParam, Collection<DynamicAttribute>> acceptHandler;
    private IdentitySelectorComponent idSelector;
    private ExposedAttributesComponent attrsPresenter;
    private Checkbox rememberCB;

    /* loaded from: input_file:pl/edu/icm/unity/oauth/as/webauthz/OAuthConsentScreen$AudienceInfoComponent.class */
    public static class AudienceInfoComponent extends VerticalLayout {
        private final MessageSource msg;

        public AudienceInfoComponent(MessageSource messageSource, List<String> list, String str) {
            this.msg = messageSource;
            init(list, str);
        }

        private void init(List<String> list, String str) {
            setMargin(false);
            setPadding(false);
            add(new Component[]{new Span(this.msg.getMessage("AudienceInfoComponent.infoHeader", new Object[]{str}))});
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                add(new Component[]{new Span("● " + URIPresentationHelper.getHumanReadableDomain(it.next()))});
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OAuthConsentScreen(MessageSource messageSource, AttributeHandlerRegistry attributeHandlerRegistry, PreferencesManagement preferencesManagement, VaadinWebLogoutHandler vaadinWebLogoutHandler, IdentityTypeSupport identityTypeSupport, AttributeTypeSupport attributeTypeSupport, IdentityParam identityParam, Collection<DynamicAttribute> collection, Runnable runnable, BiConsumer<IdentityParam, Collection<DynamicAttribute>> biConsumer, OAuthResponseHandler oAuthResponseHandler) {
        this.msg = messageSource;
        this.handlersRegistry = attributeHandlerRegistry;
        this.preferencesMan = preferencesManagement;
        this.authnProcessor = vaadinWebLogoutHandler;
        this.identity = identityParam;
        this.attributes = collection;
        this.idTypeSupport = identityTypeSupport;
        this.aTypeSupport = attributeTypeSupport;
        this.declineHandler = runnable;
        this.acceptHandler = biConsumer;
        this.oauthResponseHandler = oAuthResponseHandler;
        initUI();
    }

    private void initUI() {
        OAuthAuthzContext vaadinContext = OAuthSessionService.getVaadinContext();
        setMargin(false);
        setSpacing(false);
        setAlignItems(FlexComponent.Alignment.CENTER);
        VerticalLayout verticalLayout = new VerticalLayout();
        verticalLayout.addClassName("u-consentMainColumn");
        verticalLayout.setAlignItems(FlexComponent.Alignment.CENTER);
        add(new Component[]{verticalLayout});
        String clientName = vaadinContext.getClientName();
        if (clientName == null) {
            clientName = vaadinContext.getRequest().getClientID().getValue();
        }
        createInfoPart(vaadinContext, clientName, verticalLayout);
        createExposedDataPart(vaadinContext, clientName, verticalLayout, this.attributes, this.identity);
        createButtonsPart(verticalLayout);
        loadPreferences(vaadinContext);
    }

    private void createInfoPart(OAuthAuthzContext oAuthAuthzContext, String str, VerticalLayout verticalLayout) {
        String aSCIIString = oAuthAuthzContext.getReturnURI().toASCIIString();
        Image image = null;
        Attribute clientLogo = oAuthAuthzContext.getClientLogo();
        if (clientLogo != null && "image".equals(clientLogo.getValueSyntax())) {
            UnityImage convertFromString = this.aTypeSupport.getSyntax(clientLogo).convertFromString((String) clientLogo.getValues().get(0));
            image = new Image(new StreamResource(UUID.randomUUID() + "." + convertFromString.getType().toExt(), () -> {
                return new ByteArrayInputStream(convertFromString.getImage());
            }), OAuthTokenEndpoint.PATH);
        }
        verticalLayout.add(new Component[]{new SPInfoComponent(this.msg, image, str, aSCIIString)});
    }

    private void createExposedDataPart(OAuthAuthzContext oAuthAuthzContext, String str, VerticalLayout verticalLayout, Collection<DynamicAttribute> collection, IdentityParam identityParam) {
        Component div = new Div();
        div.setClassName("u-consent-screen");
        verticalLayout.add(new Component[]{div});
        Component verticalLayout2 = new VerticalLayout();
        verticalLayout2.setWidthFull();
        div.add(new Component[]{verticalLayout2});
        for (OAuthScope oAuthScope : oAuthAuthzContext.getEffectiveRequestedScopes()) {
            verticalLayout2.add(new Component[]{new Span("● " + (Strings.isNullOrEmpty(oAuthScope.description) ? oAuthScope.name : oAuthScope.description))});
        }
        verticalLayout2.add(new Component[]{new HtmlComponent("br")});
        if (!oAuthAuthzContext.getAdditionalAudience().isEmpty()) {
            verticalLayout2.add(new Component[]{new AudienceInfoComponent(this.msg, oAuthAuthzContext.getAdditionalAudience(), str)});
            verticalLayout2.add(new Component[]{new HtmlComponent("br")});
        }
        createIdentityPart(identityParam);
        this.attrsPresenter = new ExposedAttributesComponent(this.msg, this.idTypeSupport, this.handlersRegistry, collection, Optional.of(identityParam));
        verticalLayout2.add(new Component[]{this.attrsPresenter});
        this.rememberCB = new Checkbox(this.msg.getMessage("OAuthAuthzUI.rememberSettings", new Object[0]));
        verticalLayout.add(new Component[]{this.rememberCB});
        this.rememberCB.addClassName("u-consent-screen-checkbox");
        this.rememberCB.setVisible((oAuthAuthzContext.getClientType() == ClientType.PUBLIC || oAuthAuthzContext.getPrompts().contains(OAuthAuthzContext.Prompt.CONSENT)) ? false : true);
    }

    private void createIdentityPart(IdentityParam identityParam) {
        this.idSelector = new IdentitySelectorComponent(this.msg, this.idTypeSupport, Lists.newArrayList(new IdentityParam[]{identityParam}));
    }

    private void createButtonsPart(VerticalLayout verticalLayout) {
        Component idPButtonsBar = new IdPButtonsBar(this.msg, this.authnProcessor, OAuthAuthzWebEndpoint.OAUTH_CONSENT_DECIDER_SERVLET_PATH, action -> {
            if (IdPButtonsBar.Action.ACCEPT == action) {
                confirm();
            } else if (IdPButtonsBar.Action.DENY == action) {
                decline();
            }
        });
        verticalLayout.add(new Component[]{idPButtonsBar});
        idPButtonsBar.setClassName("u-consent-screen-buttons");
        idPButtonsBar.setAlignItems(FlexComponent.Alignment.CENTER);
    }

    private void loadPreferences(OAuthAuthzContext oAuthAuthzContext) {
        try {
            updateUIFromPreferences(OAuthPreferences.getPreferences(this.preferencesMan).getSPSettings(oAuthAuthzContext.getRequest().getClientID().getValue()), oAuthAuthzContext);
        } catch (Exception e) {
            log.error("Engine problem when processing stored preferences", e);
            this.oauthResponseHandler.returnOauthResponseNotThrowingAndReportStatistic(new AuthorizationErrorResponse(oAuthAuthzContext.getReturnURI(), OAuth2Error.SERVER_ERROR, oAuthAuthzContext.getRequest().getState(), oAuthAuthzContext.getRequest().impliedResponseMode()), true, oAuthAuthzContext, IdpStatistic.Status.FAILED);
        }
    }

    private void updateUIFromPreferences(OAuthPreferences.OAuthClientSettings oAuthClientSettings, OAuthAuthzContext oAuthAuthzContext) {
        if (oAuthClientSettings == null) {
            return;
        }
        this.idSelector.setSelected(oAuthClientSettings.getSelectedIdentity());
        if (oAuthClientSettings.isDoNotAsk() && oAuthAuthzContext.getClientType() != ClientType.PUBLIC && oAuthClientSettings.getEffectiveRequestedScopes().containsAll(Arrays.asList(oAuthAuthzContext.getEffectiveRequestedScopesList())) && oAuthClientSettings.getAudience().containsAll(oAuthAuthzContext.getAdditionalAudience()) && !oAuthAuthzContext.getPrompts().contains(OAuthAuthzContext.Prompt.CONSENT)) {
            if (oAuthClientSettings.isDefaultAccept()) {
                confirm();
            } else {
                decline();
            }
        }
    }

    private void updatePreferencesFromUI(OAuthPreferences oAuthPreferences, OAuthAuthzContext oAuthAuthzContext, boolean z) throws EngineException {
        if (((Boolean) this.rememberCB.getValue()).booleanValue()) {
            String value = oAuthAuthzContext.getRequest().getClientID().getValue();
            OAuthPreferences.OAuthClientSettings sPSettings = oAuthPreferences.getSPSettings(value);
            sPSettings.setDefaultAccept(z);
            sPSettings.setDoNotAsk(true);
            sPSettings.setEffectiveRequestedScopes(new HashSet(Arrays.asList(oAuthAuthzContext.getEffectiveRequestedScopesList())));
            String selectedIdentityForPreferences = this.idSelector.getSelectedIdentityForPreferences();
            if (selectedIdentityForPreferences != null) {
                sPSettings.setSelectedIdentity(selectedIdentityForPreferences);
            }
            sPSettings.setAudience(new HashSet(oAuthAuthzContext.getAdditionalAudience()));
            sPSettings.setTimestamp(Instant.now());
            oAuthPreferences.setSPSettings(value, sPSettings);
        }
    }

    private void storePreferences(boolean z) {
        try {
            OAuthAuthzContext vaadinContext = OAuthSessionService.getVaadinContext();
            OAuthPreferences preferences = OAuthPreferences.getPreferences(this.preferencesMan);
            updatePreferencesFromUI(preferences, vaadinContext, z);
            OAuthPreferences.savePreferences(this.preferencesMan, preferences);
        } catch (EngineException e) {
            log.error("Unable to store user's preferences", e);
        }
    }

    private void decline() {
        storePreferences(false);
        this.declineHandler.run();
    }

    private void confirm() {
        storePreferences(true);
        List userFilteredAttributes = this.attrsPresenter.getUserFilteredAttributes();
        this.acceptHandler.accept(this.idSelector.getSelectedIdentity(), userFilteredAttributes);
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -381024971:
                if (implMethodName.equals("lambda$createInfoPart$3a1b6841$1")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/flow/server/InputStreamFactory") && serializedLambda.getFunctionalInterfaceMethodName().equals("createInputStream") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/io/InputStream;") && serializedLambda.getImplClass().equals("pl/edu/icm/unity/oauth/as/webauthz/OAuthConsentScreen") && serializedLambda.getImplMethodSignature().equals("(Lpl/edu/icm/unity/base/attribute/image/UnityImage;)Ljava/io/InputStream;")) {
                    UnityImage unityImage = (UnityImage) serializedLambda.getCapturedArg(0);
                    return () -> {
                        return new ByteArrayInputStream(unityImage.getImage());
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
