package io.imunity.vaadin.auth;

import com.vaadin.flow.component.Component;
import com.vaadin.flow.component.UI;
import com.vaadin.flow.router.BeforeEnterEvent;
import com.vaadin.flow.router.BeforeEnterObserver;
import com.vaadin.flow.router.Route;
import com.vaadin.flow.server.VaadinService;
import com.vaadin.flow.server.VaadinServlet;
import com.vaadin.flow.server.VaadinSession;
import com.vaadin.flow.server.WrappedSession;
import io.imunity.vaadin.auth.CredentialResetLauncher;
import io.imunity.vaadin.auth.outdated.CredentialChangeConfiguration;
import io.imunity.vaadin.auth.outdated.OutdatedCredentialController;
import io.imunity.vaadin.auth.server.AuthenticationFilter;
import io.imunity.vaadin.auth.server.SecureVaadin2XEndpoint;
import io.imunity.vaadin.elements.CssClassNames;
import io.imunity.vaadin.elements.NotificationPresenter;
import io.imunity.vaadin.elements.UnityViewComponent;
import io.imunity.vaadin.endpoint.common.LocaleChoiceComponent;
import io.imunity.vaadin.endpoint.common.RemoteRedirectedAuthnResponseProcessingFilter;
import io.imunity.vaadin.endpoint.common.Vaadin2XWebAppContext;
import io.imunity.vaadin.endpoint.common.VaadinEndpointProperties;
import io.imunity.vaadin.endpoint.common.VaadinWebLogoutHandler;
import io.imunity.vaadin.endpoint.common.api.AssociationAccountWizardProvider;
import io.imunity.vaadin.endpoint.common.api.RegistrationFormDialogProvider;
import io.imunity.vaadin.endpoint.common.api.RegistrationFormsService;
import io.imunity.vaadin.endpoint.common.file.LocalOrRemoteResource;
import io.imunity.vaadin.endpoint.common.forms.VaadinLogoImageLoader;
import io.imunity.vaadin.endpoint.common.layout.AuthenticationLayout;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.ObjectFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import pl.edu.icm.unity.base.endpoint.ResolvedEndpoint;
import pl.edu.icm.unity.base.exceptions.EngineException;
import pl.edu.icm.unity.base.message.MessageSource;
import pl.edu.icm.unity.base.registration.RegistrationContext;
import pl.edu.icm.unity.base.registration.RegistrationForm;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.EntityManagement;
import pl.edu.icm.unity.engine.api.authn.AuthenticationFlow;
import pl.edu.icm.unity.engine.api.authn.InteractiveAuthenticationProcessor;
import pl.edu.icm.unity.engine.api.authn.LoginSession;
import pl.edu.icm.unity.engine.api.config.UnityServerConfiguration;
import pl.edu.icm.unity.engine.api.utils.ExecutorsService;

@Route(value = SecureVaadin2XEndpoint.AUTHENTICATION_PATH, layout = AuthenticationLayout.class)
/* loaded from: input_file:io/imunity/vaadin/auth/AuthenticationView.class */
public class AuthenticationView extends UnityViewComponent implements BeforeEnterObserver {
    private static final Logger LOG = Log.getLogger("unity.server.web", AuthenticationView.class);
    private final MessageSource msg;
    private final VaadinLogoImageLoader imageAccessService;
    private final LocaleChoiceComponent localeChoice;
    private final VaadinWebLogoutHandler authnProcessor;
    private final ExecutorsService execService;
    private final EntityManagement idsMan;
    private final ObjectFactory<OutdatedCredentialController> outdatedCredentialDialogFactory;
    private final RegistrationFormsService registrationFormsService;
    private final NotificationPresenter notificationPresenter;
    private final AssociationAccountWizardProvider associationAccountWizardProvider;
    private final RegistrationFormDialogProvider formLauncher;
    private ColumnInstantAuthenticationScreen authenticationUI;
    private final InteractiveAuthenticationProcessor interactiveAuthnProcessor;
    private final ResolvedEndpoint endpointDescription = Vaadin2XWebAppContext.getCurrentWebAppResolvedEndpoint();
    private final VaadinEndpointProperties config = Vaadin2XWebAppContext.getCurrentWebAppVaadinProperties();
    private final List<AuthenticationFlow> authnFlows = List.copyOf(Vaadin2XWebAppContext.getCurrentWebAppAuthenticationFlows());

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/imunity/vaadin/auth/AuthenticationView$CredentialResetLauncherImpl.class */
    public class CredentialResetLauncherImpl implements CredentialResetLauncher {
        private CredentialResetLauncherImpl() {
        }

        @Override // io.imunity.vaadin.auth.CredentialResetLauncher
        public void startCredentialReset(Component component) {
            AuthenticationView.this.getContent().removeAll();
            AuthenticationView.this.getContent().add(new Component[]{component});
        }

        @Override // io.imunity.vaadin.auth.CredentialResetLauncher
        public CredentialResetLauncher.CredentialResetUIConfig getConfiguration() {
            Optional<LocalOrRemoteResource> logo = getLogo();
            AuthenticationView authenticationView = AuthenticationView.this;
            return new CredentialResetLauncher.CredentialResetUIConfig(logo, authenticationView::resetToFreshAuthenticationScreen, AuthenticationView.this.getFirstColumnWidth() * 2.0f, AuthenticationView.this.getFirstColumnWidth(), AuthenticationView.this.config.getBooleanValue("compactCredentialReset").booleanValue());
        }

        private Optional<LocalOrRemoteResource> getLogo() {
            return AuthenticationView.this.imageAccessService.loadImageFromUri(AuthenticationView.this.config.getAuthnLogo());
        }
    }

    @Autowired
    public AuthenticationView(MessageSource messageSource, VaadinLogoImageLoader vaadinLogoImageLoader, UnityServerConfiguration unityServerConfiguration, VaadinWebLogoutHandler vaadinWebLogoutHandler, InteractiveAuthenticationProcessor interactiveAuthenticationProcessor, ExecutorsService executorsService, @Qualifier("insecure") EntityManagement entityManagement, ObjectFactory<OutdatedCredentialController> objectFactory, RegistrationFormsService registrationFormsService, RegistrationFormDialogProvider registrationFormDialogProvider, NotificationPresenter notificationPresenter, AssociationAccountWizardProvider associationAccountWizardProvider) {
        this.msg = messageSource;
        this.localeChoice = new LocaleChoiceComponent(unityServerConfiguration);
        this.authnProcessor = vaadinWebLogoutHandler;
        this.interactiveAuthnProcessor = interactiveAuthenticationProcessor;
        this.execService = executorsService;
        this.idsMan = entityManagement;
        this.outdatedCredentialDialogFactory = objectFactory;
        this.imageAccessService = vaadinLogoImageLoader;
        this.registrationFormsService = registrationFormsService;
        this.notificationPresenter = notificationPresenter;
        this.formLauncher = registrationFormDialogProvider;
        this.associationAccountWizardProvider = associationAccountWizardProvider;
        this.registrationFormsService.configure(this.config.getRegistrationConfiguration());
    }

    protected void init() {
        this.authenticationUI = ColumnInstantAuthenticationScreen.getInstance(this.msg, this.imageAccessService, this.config, this.endpointDescription, new CredentialResetLauncherImpl(), this::showRegistration, Vaadin2XWebAppContext.getCurrentWebAppCancelHandler(), this.idsMan, this.execService, isRegistrationEnabled(), unknownRemotePrincipalResult -> {
            return new UnknownUserDialog(this.msg, unknownRemotePrincipalResult, this.formLauncher, this.notificationPresenter, this.associationAccountWizardProvider);
        }, Optional.of(this.localeChoice), this.authnFlows, this.interactiveAuthnProcessor, this.notificationPresenter);
        getContent().addClassName(CssClassNames.AUTHN_SCREEN.getName());
        loadInitialState();
        getContent().setSizeFull();
    }

    private void loadInitialState() {
        LOG.debug("Loading initial state of authentication UI");
        WrappedSession session = VaadinSession.getCurrent().getSession();
        RemoteRedirectedAuthnResponseProcessingFilter.PostAuthenticationDecissionWithContext postAuthenticationDecissionWithContext = (RemoteRedirectedAuthnResponseProcessingFilter.PostAuthenticationDecissionWithContext) session.getAttribute("__ff_post_authn_decision");
        if (postAuthenticationDecissionWithContext == null) {
            if (isUserAuthenticatedWithOutdatedCredential()) {
                showOutdatedCredentialDialog();
                return;
            } else {
                getContent().removeAll();
                getContent().add(new Component[]{this.authenticationUI});
                return;
            }
        }
        LOG.debug("Remote authentication result found in session, triggering its processing");
        if (postAuthenticationDecissionWithContext.triggeringContext.isRegistrationTriggered()) {
            formSelected(postAuthenticationDecissionWithContext.triggeringContext.form);
            return;
        }
        session.removeAttribute("__ff_post_authn_decision");
        this.authenticationUI.initializeAfterReturnFromExternalAuthn(postAuthenticationDecissionWithContext.decision);
        getContent().removeAll();
        getContent().add(new Component[]{this.authenticationUI});
    }

    private boolean isUserAuthenticatedWithOutdatedCredential() {
        LoginSession loginSession = (LoginSession) VaadinSession.getCurrent().getSession().getAttribute("pl.edu.icm.unity.web.WebSession");
        return loginSession != null && loginSession.isUsedOutdatedCredential();
    }

    private void showOutdatedCredentialDialog() {
        CredentialChangeConfiguration credentialChangeConfiguration = new CredentialChangeConfiguration(this.config.getAuthnLogo(), getFirstColumnWidth(), this.config.getBooleanValue("compactCredentialReset").booleanValue());
        OutdatedCredentialController outdatedCredentialController = (OutdatedCredentialController) this.outdatedCredentialDialogFactory.getObject();
        outdatedCredentialController.init(credentialChangeConfiguration, this.authnProcessor, this::resetToFreshAuthenticationScreen);
        getContent().removeAll();
        getContent().add(new Component[]{outdatedCredentialController.getComponent()});
    }

    private float getFirstColumnWidth() {
        Iterator it = this.config.getStructuredListKeys("authnScreenColumn.").iterator();
        if (it.hasNext()) {
            return (float) this.config.getDoubleValue(((String) it.next()) + "columnWidth").doubleValue();
        }
        return 15.0f;
    }

    private void resetToFreshAuthenticationScreen() {
        getContent().removeAll();
        getContent().add(new Component[]{this.authenticationUI});
        this.authenticationUI.reset();
    }

    private boolean isRegistrationEnabled() {
        try {
            return this.registrationFormsService.isRegistrationEnabled();
        } catch (EngineException e) {
            LOG.error("Failed to determine whether registration is enabled or not on authentication screen.", e);
            return false;
        }
    }

    private void showRegistration() {
        if (!this.config.getRegistrationConfiguration().getExternalRegistrationURL().isPresent()) {
            showRegistrationLayout();
        } else {
            UI.getCurrent().getPage().open((String) this.config.getRegistrationConfiguration().getExternalRegistrationURL().get(), (String) null);
        }
    }

    private void showRegistrationLayout() {
        try {
            List displayedForms = this.registrationFormsService.getDisplayedForms();
            if (displayedForms.isEmpty()) {
                this.notificationPresenter.showError(this.msg.getMessage("error", new Object[0]), this.msg.getMessage("RegistrationFormsChooserComponent.noFormsInfo", new Object[0]));
            } else if (displayedForms.size() == 1) {
                formSelected((RegistrationForm) displayedForms.get(0));
            } else {
                Component registrationFormsChooserComponent = new RegistrationFormsChooserComponent(displayedForms, this::formSelected, this::resetToFreshAuthenticationScreen, this.msg);
                getContent().removeAll();
                getContent().add(new Component[]{registrationFormsChooserComponent});
            }
        } catch (EngineException e) {
            LOG.error("Failed to get displayed forms", e);
            this.notificationPresenter.showError(this.msg.getMessage("error", new Object[0]), this.msg.getMessage("AuthenticationUI.registrationFormInitError", new Object[0]));
        }
    }

    private void formSelected(RegistrationForm registrationForm) {
        Component createRegistrationView = this.registrationFormsService.createRegistrationView(registrationForm, RegistrationContext.TriggeringMode.manualAtLogin, this::resetToFreshAuthenticationScreen, (Runnable) null, () -> {
            UI.getCurrent().getPage().reload();
        });
        getContent().removeAll();
        getContent().add(new Component[]{createRegistrationView});
    }

    public void beforeEnter(BeforeEnterEvent beforeEnterEvent) {
        if (VaadinService.getCurrentRequest().isUserInRole(AuthenticationFilter.VAADIN_ROLE)) {
            UI.getCurrent().getPage().setLocation(VaadinServlet.getCurrent().getServletContext().getContextPath());
        } else {
            init();
        }
    }

    public String getPageTitle() {
        return this.authenticationUI != null ? this.authenticationUI.getTitle() : Vaadin2XWebAppContext.getCurrentWebAppDisplayedName();
    }
}
