package pl.edu.icm.unity.webui.authn.credreset.password;

import com.vaadin.ui.Component;
import java.util.Optional;
import org.apache.logging.log4j.Logger;
import pl.edu.icm.unity.JsonUtil;
import pl.edu.icm.unity.MessageSource;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.authn.AuthenticationSubject;
import pl.edu.icm.unity.engine.api.authn.CredentialReset;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.exceptions.IllegalIdentityValueException;
import pl.edu.icm.unity.exceptions.TooManyAttempts;
import pl.edu.icm.unity.exceptions.WrongArgumentException;
import pl.edu.icm.unity.stdext.credential.pass.PasswordCredentialResetSettings;
import pl.edu.icm.unity.webui.authn.CredentialResetLauncher;
import pl.edu.icm.unity.webui.authn.credreset.CredentialResetFinalMessage;
import pl.edu.icm.unity.webui.authn.credreset.CredentialResetFlowConfig;
import pl.edu.icm.unity.webui.authn.credreset.CredentialResetScreen;
import pl.edu.icm.unity.webui.authn.credreset.CredentialResetStateVariable;
import pl.edu.icm.unity.webui.common.NotificationPopup;
import pl.edu.icm.unity.webui.common.credentials.CredentialEditor;

/* loaded from: input_file:pl/edu/icm/unity/webui/authn/credreset/password/PasswordCredentialResetController.class */
public class PasswordCredentialResetController {
    private static final Logger log = Log.getLogger("unity.server.web", PasswordCredentialResetController.class);
    private MessageSource msg;
    private CredentialReset backend;
    private CredentialEditor credEditor;
    private Runnable finishHandler;
    private PasswordCredentialResetSettings settings;
    private CredentialResetScreen mainWrapper;
    private CredentialResetFlowConfig credResetUIConfig;
    private Optional<AuthenticationSubject> presetEntity;

    @FunctionalInterface
    /* loaded from: input_file:pl/edu/icm/unity/webui/authn/credreset/password/PasswordCredentialResetController$AnswerConsumer.class */
    public interface AnswerConsumer {
        void acceptAnswer(String str) throws TooManyAttempts, WrongArgumentException, IllegalIdentityValueException;
    }

    @FunctionalInterface
    /* loaded from: input_file:pl/edu/icm/unity/webui/authn/credreset/password/PasswordCredentialResetController$CodeConsumer.class */
    public interface CodeConsumer {
        void acceptCode(String str) throws TooManyAttempts, WrongArgumentException;
    }

    @FunctionalInterface
    /* loaded from: input_file:pl/edu/icm/unity/webui/authn/credreset/password/PasswordCredentialResetController$CodeSender.class */
    public interface CodeSender {
        void resendCode() throws TooManyAttempts;
    }

    @FunctionalInterface
    /* loaded from: input_file:pl/edu/icm/unity/webui/authn/credreset/password/PasswordCredentialResetController$NewCredentialConsumer.class */
    public interface NewCredentialConsumer {
        void acceptNewCredential(String str) throws EngineException;
    }

    /* loaded from: input_file:pl/edu/icm/unity/webui/authn/credreset/password/PasswordCredentialResetController$VerificationMethod.class */
    public enum VerificationMethod {
        Email,
        Mobile
    }

    public PasswordCredentialResetController(MessageSource messageSource, CredentialReset credentialReset, CredentialEditor credentialEditor, CredentialResetLauncher.CredentialResetUIConfig credentialResetUIConfig) {
        this.msg = messageSource;
        this.backend = credentialReset;
        this.credEditor = credentialEditor;
        this.finishHandler = credentialResetUIConfig.finishCallback;
        this.credResetUIConfig = new CredentialResetFlowConfig(credentialResetUIConfig.logo, messageSource, this::onCancel, credentialResetUIConfig.infoWidth, credentialResetUIConfig.contentsWidth, credentialResetUIConfig.compactLayout);
    }

    public Component getInitialUI(Optional<AuthenticationSubject> optional) {
        this.presetEntity = optional;
        CredentialResetStateVariable.reset();
        this.mainWrapper = new CredentialResetScreen();
        this.mainWrapper.setContents(new PasswordResetStep1Captcha(this.credResetUIConfig, this::onUsernameCollected));
        return this.mainWrapper;
    }

    private void onCancel() {
        CredentialResetStateVariable.reset();
        this.finishHandler.run();
    }

    private void onUsernameCollected(String str) {
        this.backend.setSubject(this.presetEntity.orElse(AuthenticationSubject.identityBased(str)));
        this.settings = new PasswordCredentialResetSettings(JsonUtil.parse(this.backend.getSettings()));
        PasswordCredentialResetSettings passwordCredentialResetSettings = new PasswordCredentialResetSettings(JsonUtil.parse(this.backend.getSettings()));
        CredentialResetStateVariable.record(CredentialResetStateVariable.ResetPrerequisite.CAPTCHA_PROVIDED);
        if (passwordCredentialResetSettings.isRequireSecurityQuestion()) {
            this.mainWrapper.setContents(new PasswordResetStep2Question(this.credResetUIConfig, this.backend.getSecurityQuestion(), this::onSecurityAnswerCollected));
            return;
        }
        CredentialResetStateVariable.record(CredentialResetStateVariable.ResetPrerequisite.STATIC_CHECK_PASSED);
        if (passwordCredentialResetSettings.isRequireEmailConfirmation()) {
            gotoVerifyEmailCode();
        } else if (passwordCredentialResetSettings.isRequireMobileConfirmation()) {
            gotoVerifyMobileCode();
        } else {
            gotoVerificationMethodChoice();
        }
    }

    private void onSecurityAnswerCollected(String str) throws TooManyAttempts, WrongArgumentException, IllegalIdentityValueException {
        CredentialResetStateVariable.assertFullfilled(CredentialResetStateVariable.ResetPrerequisite.CAPTCHA_PROVIDED);
        this.backend.verifyStaticData(str);
        CredentialResetStateVariable.record(CredentialResetStateVariable.ResetPrerequisite.STATIC_CHECK_PASSED);
        if (this.settings.isRequireEmailConfirmation()) {
            gotoVerifyEmailCode();
            return;
        }
        if (this.settings.isRequireMobileConfirmation()) {
            gotoVerifyMobileCode();
        } else if (this.settings.getConfirmationMode().equals(PasswordCredentialResetSettings.ConfirmationMode.RequireEmailOrMobile)) {
            gotoVerificationMethodChoice();
        } else {
            CredentialResetStateVariable.record(CredentialResetStateVariable.ResetPrerequisite.CODE_PROVIDED);
            gotoNewPasswordCollection();
        }
    }

    private void onConfirmationModeSelected(VerificationMethod verificationMethod) {
        CredentialResetStateVariable.assertFullfilled(CredentialResetStateVariable.ResetPrerequisite.CAPTCHA_PROVIDED, CredentialResetStateVariable.ResetPrerequisite.STATIC_CHECK_PASSED);
        if (verificationMethod.equals(VerificationMethod.Email)) {
            gotoVerifyEmailCode();
        } else {
            gotoVerifyMobileCode();
        }
    }

    private void onCodeConfirmedByEmail(String str) throws WrongArgumentException, TooManyAttempts {
        CredentialResetStateVariable.assertFullfilled(CredentialResetStateVariable.ResetPrerequisite.CAPTCHA_PROVIDED, CredentialResetStateVariable.ResetPrerequisite.STATIC_CHECK_PASSED);
        this.backend.verifyDynamicData(str);
        if (this.settings.isRequireMobileConfirmation()) {
            gotoVerifyMobileCode();
        } else {
            CredentialResetStateVariable.record(CredentialResetStateVariable.ResetPrerequisite.CODE_PROVIDED);
            gotoNewPasswordCollection();
        }
    }

    private void onCodeConfirmedByMobile(String str) throws WrongArgumentException, TooManyAttempts {
        CredentialResetStateVariable.assertFullfilled(CredentialResetStateVariable.ResetPrerequisite.CAPTCHA_PROVIDED, CredentialResetStateVariable.ResetPrerequisite.STATIC_CHECK_PASSED);
        this.backend.verifyDynamicData(str);
        CredentialResetStateVariable.record(CredentialResetStateVariable.ResetPrerequisite.CODE_PROVIDED);
        gotoNewPasswordCollection();
    }

    protected void onNewCredentialProvided(String str) throws EngineException {
        CredentialResetStateVariable.assertFullfilled(CredentialResetStateVariable.ResetPrerequisite.CAPTCHA_PROVIDED, CredentialResetStateVariable.ResetPrerequisite.STATIC_CHECK_PASSED, CredentialResetStateVariable.ResetPrerequisite.CODE_PROVIDED);
        this.backend.updateCredential(str);
        CredentialResetStateVariable.reset();
        this.mainWrapper.setContents(new CredentialResetFinalMessage(this.credResetUIConfig, this.msg.getMessage("CredentialReset.successPassword", new Object[0])));
    }

    private void gotoVerificationMethodChoice() {
        this.mainWrapper.setContents(new PasswordResetStep3VerificationChoice(this.credResetUIConfig, this::onConfirmationModeSelected));
    }

    private void gotoVerifyEmailCode() {
        if (sendCodeViaEmail()) {
            this.mainWrapper.setContents(new PasswordResetStep4EmailCode(this.credResetUIConfig, this::onCodeConfirmedByEmail, this::resendCodeViaEmail));
        }
    }

    private void gotoVerifyMobileCode() {
        if (sendCodeViaMobile()) {
            this.mainWrapper.setContents(new PasswordResetStep4MobileCode(this.credResetUIConfig, this::onCodeConfirmedByMobile, this::resendCodeViaMobile));
        }
    }

    private void gotoNewPasswordCollection() {
        this.mainWrapper.setContents(new PasswordResetStep5NewPassword(this.credResetUIConfig, this.credEditor, this::onNewCredentialProvided, this.backend.getCredentialConfiguration(), this.backend.getEntityId()));
    }

    private boolean sendCodeViaEmail() {
        try {
            this.backend.sendCode(this.settings.getEmailSecurityCodeMsgTemplate(), false);
            return true;
        } catch (Exception e) {
            log.warn("Credential reset notification failed", e);
            NotificationPopup.showError(this.msg.getMessage("error", new Object[0]), this.msg.getMessage("CredentialReset.resetNotPossible", new Object[0]));
            onCancel();
            return false;
        }
    }

    private void resendCodeViaEmail() throws TooManyAttempts {
        try {
            this.backend.sendCode(this.settings.getEmailSecurityCodeMsgTemplate(), false);
        } catch (Exception e) {
            log.warn("Credential reset notification failed", e);
            NotificationPopup.showError(this.msg.getMessage("error", new Object[0]), this.msg.getMessage("CredentialReset.resetNotPossible", new Object[0]));
            onCancel();
        } catch (TooManyAttempts e2) {
            throw e2;
        }
    }

    private boolean sendCodeViaMobile() {
        try {
            this.backend.sendCode(this.settings.getMobileSecurityCodeMsgTemplate(), true);
            return true;
        } catch (Exception e) {
            log.warn("Credential reset notification failed", e);
            NotificationPopup.showError(this.msg.getMessage("error", new Object[0]), this.msg.getMessage("CredentialReset.resetNotPossible", new Object[0]));
            onCancel();
            return false;
        }
    }

    private void resendCodeViaMobile() throws TooManyAttempts {
        try {
            this.backend.sendCode(this.settings.getMobileSecurityCodeMsgTemplate(), true);
        } catch (Exception e) {
            log.warn("Credential reset notification failed", e);
            NotificationPopup.showError(this.msg.getMessage("error", new Object[0]), this.msg.getMessage("CredentialReset.resetNotPossible", new Object[0]));
            onCancel();
        } catch (TooManyAttempts e2) {
            throw e2;
        }
    }
}
