package io.mosip.authentication.common.service.facade;

import io.mosip.authentication.common.service.builder.AuthResponseBuilder;
import io.mosip.authentication.common.service.builder.AuthTransactionBuilder;
import io.mosip.authentication.common.service.entity.AutnTxn;
import io.mosip.authentication.common.service.helper.AuditHelper;
import io.mosip.authentication.common.service.helper.AuthTransactionHelper;
import io.mosip.authentication.common.service.impl.match.BioAuthType;
import io.mosip.authentication.common.service.integration.TokenIdManager;
import io.mosip.authentication.common.service.transaction.manager.IdAuthSecurityManager;
import io.mosip.authentication.core.authtype.dto.AuthtypeStatus;
import io.mosip.authentication.core.constant.AuditEvents;
import io.mosip.authentication.core.constant.AuditModules;
import io.mosip.authentication.core.constant.AuthTokenType;
import io.mosip.authentication.core.constant.IdAuthenticationErrorConstants;
import io.mosip.authentication.core.constant.RequestType;
import io.mosip.authentication.core.dto.ObjectWithMetadata;
import io.mosip.authentication.core.exception.IdAuthenticationBusinessException;
import io.mosip.authentication.core.indauth.dto.AuthRequestDTO;
import io.mosip.authentication.core.indauth.dto.AuthResponseDTO;
import io.mosip.authentication.core.indauth.dto.AuthStatusInfo;
import io.mosip.authentication.core.indauth.dto.IdType;
import io.mosip.authentication.core.indauth.dto.IdentityInfoDTO;
import io.mosip.authentication.core.logger.IdaLogger;
import io.mosip.authentication.core.spi.authtype.status.service.AuthtypeStatusService;
import io.mosip.authentication.core.spi.id.service.IdService;
import io.mosip.authentication.core.spi.indauth.facade.AuthFacade;
import io.mosip.authentication.core.spi.indauth.match.AuthType;
import io.mosip.authentication.core.spi.indauth.match.IdInfoFetcher;
import io.mosip.authentication.core.spi.indauth.match.MatchType;
import io.mosip.authentication.core.spi.indauth.service.BioAuthService;
import io.mosip.authentication.core.spi.indauth.service.DemoAuthService;
import io.mosip.authentication.core.spi.indauth.service.OTPAuthService;
import io.mosip.authentication.core.spi.indauth.service.PinAuthService;
import io.mosip.authentication.core.spi.notification.service.NotificationService;
import io.mosip.authentication.core.spi.partner.service.PartnerService;
import io.mosip.kernel.core.logger.spi.Logger;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Stream;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:io/mosip/authentication/common/service/facade/AuthFacadeImpl.class */
public class AuthFacadeImpl implements AuthFacade {
    private static final String AUTH_FACADE = "AuthFacade";
    private static Logger logger = IdaLogger.getLogger(AuthFacadeImpl.class);

    @Autowired
    private OTPAuthService otpAuthService;

    @Autowired
    private IdService<AutnTxn> idService;

    @Autowired
    private AuditHelper auditHelper;

    @Autowired
    private Environment env;

    @Autowired
    private DemoAuthService demoAuthService;

    @Autowired
    private BioAuthService bioAuthService;

    @Autowired
    private NotificationService notificationService;

    @Autowired
    private PinAuthService pinAuthService;

    @Autowired
    private TokenIdManager tokenIdManager;

    @Autowired
    private AuthtypeStatusService authTypeStatusService;

    @Autowired
    private IdAuthSecurityManager securityManager;

    @Autowired
    private PartnerService partnerService;

    @Autowired
    private IdInfoFetcher idInfoFetcher;

    @Autowired
    private AuthTransactionHelper authTransactionHelper;

    public AuthResponseDTO authenticateIndividual(AuthRequestDTO authRequestDTO, boolean z, String str, String str2, boolean z2) throws IdAuthenticationBusinessException {
        String individualId = authRequestDTO.getIndividualId();
        String iDTypeStrOrDefault = IdType.getIDTypeStrOrDefault(authRequestDTO.getIndividualIdType());
        logger.debug("sessionId", "AuthFacedImpl", "authenticateIndividual: ", iDTypeStrOrDefault + "-" + individualId);
        Map processIdType = this.idService.processIdType(iDTypeStrOrDefault, individualId, authRequestDTO.getRequestedAuth().isBio(), z2);
        String token = this.idService.getToken(processIdType);
        validateAuthTypeStatus(authRequestDTO, token);
        AuthResponseBuilder newInstance = AuthResponseBuilder.newInstance(this.env.getProperty("datetime.pattern"));
        String str3 = null;
        Boolean bool = (Boolean) this.env.getProperty("static.token.enable", Boolean.class);
        AuthTransactionBuilder authTransactionBuilder = (AuthTransactionBuilder) authRequestDTO.getMetadata().get(AuthTransactionBuilder.class.getSimpleName());
        authTransactionBuilder.withToken(token);
        try {
            Map<String, List<IdentityInfoDTO>> idInfo = IdInfoFetcher.getIdInfo(processIdType);
            newInstance.setTxnID(authRequestDTO.getTransactionID());
            str3 = (bool.booleanValue() && z) ? getToken(authRequestDTO, str, str2, individualId, token) : null;
            Stream<AuthStatusInfo> filter = processAuthType(authRequestDTO, idInfo, token, z, str3, str, authTransactionBuilder).stream().filter((v0) -> {
                return Objects.nonNull(v0);
            });
            Objects.requireNonNull(newInstance);
            filter.forEach(newInstance::addAuthStatusInfo);
            AuthResponseDTO build = bool.booleanValue() ? newInstance.build(str3) : newInstance.build(null);
            authTransactionBuilder.withStatus(build.getResponse().isAuthStatus());
            authTransactionBuilder.withAuthToken(str3);
            build.putMetadata("IDENTITY_DATA", processIdType);
            this.authTransactionHelper.setAuthTransactionEntityMetadata((ObjectWithMetadata) build, authTransactionBuilder);
            logger.info("sessionId", this.env.getProperty("application.id"), AUTH_FACADE, "authenticateApplicant status : " + build.getResponse().isAuthStatus());
            if (idInfo != null && individualId != null) {
                this.notificationService.sendAuthNotification(authRequestDTO, individualId, build, idInfo, z);
            }
            return build;
        } catch (Throwable th) {
            AuthResponseDTO build2 = bool.booleanValue() ? newInstance.build(str3) : newInstance.build(null);
            authTransactionBuilder.withStatus(build2.getResponse().isAuthStatus());
            authTransactionBuilder.withAuthToken(str3);
            build2.putMetadata("IDENTITY_DATA", processIdType);
            this.authTransactionHelper.setAuthTransactionEntityMetadata((ObjectWithMetadata) build2, authTransactionBuilder);
            logger.info("sessionId", this.env.getProperty("application.id"), AUTH_FACADE, "authenticateApplicant status : " + build2.getResponse().isAuthStatus());
            throw th;
        }
    }

    private String getToken(AuthRequestDTO authRequestDTO, String str, String str2, String str3, String str4) throws IdAuthenticationBusinessException {
        Optional policyForPartner = this.partnerService.getPolicyForPartner(str, str2, authRequestDTO.getMetadata());
        Optional map = policyForPartner.map((v0) -> {
            return v0.getPolicy();
        }).map((v0) -> {
            return v0.getAuthTokenType();
        });
        if (map.isPresent()) {
            String str5 = (String) map.get();
            if (str5.equalsIgnoreCase(AuthTokenType.RANDOM.getType())) {
                return createRandomToken(authRequestDTO.getTransactionID());
            }
            if (str5.equalsIgnoreCase(AuthTokenType.PARTNER.getType())) {
                return this.tokenIdManager.generateTokenId(str4, str);
            }
            if (str5.equalsIgnoreCase(AuthTokenType.POLICY.getType())) {
                Optional map2 = policyForPartner.map((v0) -> {
                    return v0.getPolicyId();
                });
                if (map2.isPresent()) {
                    return this.tokenIdManager.generateTokenId(str4, (String) map2.get());
                }
            } else if (str5.equalsIgnoreCase(AuthTokenType.POLICY_GROUP.getType())) {
            }
        }
        return createRandomToken(authRequestDTO.getTransactionID());
    }

    private String createRandomToken(String str) throws IdAuthenticationBusinessException {
        return this.securityManager.createRandomToken(str.getBytes());
    }

    private void validateAuthTypeStatus(AuthRequestDTO authRequestDTO, String str) throws IdAuthenticationBusinessException {
        List fetchAuthtypeStatus = this.authTypeStatusService.fetchAuthtypeStatus(str);
        if (!Objects.nonNull(fetchAuthtypeStatus) || fetchAuthtypeStatus.isEmpty()) {
            return;
        }
        Iterator it = fetchAuthtypeStatus.iterator();
        while (it.hasNext()) {
            validateAuthTypeStatus(authRequestDTO, (AuthtypeStatus) it.next());
        }
    }

    private void validateAuthTypeStatus(AuthRequestDTO authRequestDTO, AuthtypeStatus authtypeStatus) throws IdAuthenticationBusinessException {
        if (authtypeStatus.getLocked().booleanValue()) {
            if (authRequestDTO.getRequestedAuth().isDemo() && authtypeStatus.getAuthType().equalsIgnoreCase(MatchType.Category.DEMO.getType())) {
                throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.AUTH_TYPE_LOCKED.getErrorCode(), String.format(IdAuthenticationErrorConstants.AUTH_TYPE_LOCKED.getErrorMessage(), MatchType.Category.DEMO.getType()));
            }
            if (!authRequestDTO.getRequestedAuth().isBio() || !authtypeStatus.getAuthType().equalsIgnoreCase(MatchType.Category.BIO.getType())) {
                if (authRequestDTO.getRequestedAuth().isOtp() && authtypeStatus.getAuthType().equalsIgnoreCase(MatchType.Category.OTP.getType())) {
                    throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.AUTH_TYPE_LOCKED.getErrorCode(), String.format(IdAuthenticationErrorConstants.AUTH_TYPE_LOCKED.getErrorMessage(), MatchType.Category.OTP.getType()));
                }
                if (authRequestDTO.getRequestedAuth().isPin() && authtypeStatus.getAuthType().equalsIgnoreCase(MatchType.Category.SPIN.getType())) {
                    throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.AUTH_TYPE_LOCKED.getErrorCode(), String.format(IdAuthenticationErrorConstants.AUTH_TYPE_LOCKED.getErrorMessage(), MatchType.Category.SPIN.getType()));
                }
                return;
            }
            for (AuthType authType : (AuthType[]) BioAuthType.getSingleBioAuthTypes().toArray(i -> {
                return new AuthType[i];
            })) {
                if (authType.getType().equalsIgnoreCase(authtypeStatus.getAuthSubType())) {
                    if (authType.isAuthTypeEnabled(authRequestDTO, this.idInfoFetcher)) {
                        throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.AUTH_TYPE_LOCKED.getErrorCode(), String.format(IdAuthenticationErrorConstants.AUTH_TYPE_LOCKED.getErrorMessage(), MatchType.Category.BIO.getType() + "-" + authType.getType()));
                    }
                    return;
                }
            }
        }
    }

    private List<AuthStatusInfo> processAuthType(AuthRequestDTO authRequestDTO, Map<String, List<IdentityInfoDTO>> map, String str, boolean z, String str2, String str3, AuthTransactionBuilder authTransactionBuilder) throws IdAuthenticationBusinessException {
        ArrayList arrayList = new ArrayList();
        IdType iDTypeOrDefault = IdType.getIDTypeOrDefault(authRequestDTO.getIndividualIdType());
        processOTPAuth(authRequestDTO, str, z, arrayList, iDTypeOrDefault, str2, str3, authTransactionBuilder);
        if (!isMatchFailed(arrayList)) {
            processPinAuth(authRequestDTO, str, arrayList, iDTypeOrDefault, str2, z, str3, authTransactionBuilder);
        }
        if (!isMatchFailed(arrayList)) {
            processDemoAuth(authRequestDTO, map, str, z, arrayList, iDTypeOrDefault, str2, str3, authTransactionBuilder);
        }
        if (!isMatchFailed(arrayList)) {
            processBioAuth(authRequestDTO, map, str, z, arrayList, iDTypeOrDefault, str2, str3, authTransactionBuilder);
        }
        return arrayList;
    }

    private boolean isMatchFailed(List<AuthStatusInfo> list) {
        return list.stream().anyMatch(authStatusInfo -> {
            return (authStatusInfo == null || authStatusInfo.isStatus()) ? false : true;
        });
    }

    private void processPinAuth(AuthRequestDTO authRequestDTO, String str, List<AuthStatusInfo> list, IdType idType, String str2, boolean z, String str3, AuthTransactionBuilder authTransactionBuilder) throws IdAuthenticationBusinessException {
        AuthStatusInfo authStatusInfo = null;
        if (authRequestDTO.getRequestedAuth().isPin()) {
            try {
                AuthStatusInfo authenticate = this.pinAuthService.authenticate(authRequestDTO, str, Collections.emptyMap(), str3);
                list.add(authenticate);
                authStatusInfo = authenticate;
                this.auditHelper.audit(AuditModules.PIN_AUTH, AuditEvents.AUTH_REQUEST_RESPONSE, authRequestDTO.getIndividualId(), idType, "authenticateApplicant status : " + (authStatusInfo != null && authStatusInfo.isStatus()));
                logger.info("sessionId", this.env.getProperty("application.id"), AUTH_FACADE, "Pin Authentication  status :" + (authStatusInfo != null && authStatusInfo.isStatus()));
                authTransactionBuilder.addRequestType(RequestType.STATIC_PIN_AUTH);
            } catch (Throwable th) {
                logger.info("sessionId", this.env.getProperty("application.id"), AUTH_FACADE, "Pin Authentication  status :" + (authStatusInfo != null && authStatusInfo.isStatus()));
                authTransactionBuilder.addRequestType(RequestType.STATIC_PIN_AUTH);
                throw th;
            }
        }
    }

    private void processBioAuth(AuthRequestDTO authRequestDTO, Map<String, List<IdentityInfoDTO>> map, String str, boolean z, List<AuthStatusInfo> list, IdType idType, String str2, String str3, AuthTransactionBuilder authTransactionBuilder) throws IdAuthenticationBusinessException {
        AuthStatusInfo authStatusInfo = null;
        if (authRequestDTO.getRequestedAuth().isBio()) {
            try {
                AuthStatusInfo authenticate = this.bioAuthService.authenticate(authRequestDTO, str, map, str3, z);
                list.add(authenticate);
                authStatusInfo = authenticate;
                saveAndAuditBioAuthTxn(authRequestDTO, str, idType, authStatusInfo != null && authStatusInfo.isStatus(), str2, !z, str3, authTransactionBuilder);
                logger.info("sessionId", this.env.getProperty("application.id"), AUTH_FACADE, "BioMetric Authentication status :" + authStatusInfo);
            } catch (Throwable th) {
                logger.info("sessionId", this.env.getProperty("application.id"), AUTH_FACADE, "BioMetric Authentication status :" + authStatusInfo);
                throw th;
            }
        }
    }

    private void processDemoAuth(AuthRequestDTO authRequestDTO, Map<String, List<IdentityInfoDTO>> map, String str, boolean z, List<AuthStatusInfo> list, IdType idType, String str2, String str3, AuthTransactionBuilder authTransactionBuilder) throws IdAuthenticationBusinessException {
        AuthStatusInfo authStatusInfo = null;
        if (authRequestDTO.getRequestedAuth().isDemo()) {
            try {
                AuthStatusInfo authenticate = this.demoAuthService.authenticate(authRequestDTO, str, map, str3);
                list.add(authenticate);
                authStatusInfo = authenticate;
                this.auditHelper.audit(AuditModules.DEMO_AUTH, getAuditEvent(z), authRequestDTO.getIndividualId(), idType, "authenticateApplicant status : " + (authStatusInfo != null && authStatusInfo.isStatus()));
                logger.info("sessionId", this.env.getProperty("application.id"), AUTH_FACADE, "Demographic Authentication status : " + (authStatusInfo != null && authStatusInfo.isStatus()));
                authTransactionBuilder.addRequestType(RequestType.DEMO_AUTH);
            } catch (Throwable th) {
                logger.info("sessionId", this.env.getProperty("application.id"), AUTH_FACADE, "Demographic Authentication status : " + (authStatusInfo != null && authStatusInfo.isStatus()));
                authTransactionBuilder.addRequestType(RequestType.DEMO_AUTH);
                throw th;
            }
        }
    }

    private void processOTPAuth(AuthRequestDTO authRequestDTO, String str, boolean z, List<AuthStatusInfo> list, IdType idType, String str2, String str3, AuthTransactionBuilder authTransactionBuilder) throws IdAuthenticationBusinessException {
        if (authRequestDTO.getRequestedAuth().isOtp()) {
            AuthStatusInfo authStatusInfo = null;
            try {
                authStatusInfo = this.otpAuthService.authenticate(authRequestDTO, str, Collections.emptyMap(), str3);
                list.add(authStatusInfo);
                this.auditHelper.audit(AuditModules.OTP_AUTH, getAuditEvent(z), authRequestDTO.getIndividualId(), idType, "authenticateApplicant status : " + (authStatusInfo != null && authStatusInfo.isStatus()));
                logger.info("sessionId", this.env.getProperty("application.id"), AUTH_FACADE, "OTP Authentication status : " + (authStatusInfo != null && authStatusInfo.isStatus()));
                authTransactionBuilder.addRequestType(RequestType.OTP_AUTH);
            } catch (Throwable th) {
                logger.info("sessionId", this.env.getProperty("application.id"), AUTH_FACADE, "OTP Authentication status : " + (authStatusInfo != null && authStatusInfo.isStatus()));
                authTransactionBuilder.addRequestType(RequestType.OTP_AUTH);
                throw th;
            }
        }
    }

    private AuditEvents getAuditEvent(boolean z) {
        return z ? AuditEvents.AUTH_REQUEST_RESPONSE : AuditEvents.INTERNAL_REQUEST_RESPONSE;
    }

    private void saveAndAuditBioAuthTxn(AuthRequestDTO authRequestDTO, String str, IdType idType, boolean z, String str2, boolean z2, String str3, AuthTransactionBuilder authTransactionBuilder) throws IdAuthenticationBusinessException {
        String str4 = "authenticateApplicant status : " + z;
        if (AuthTransactionHelper.isFingerAuth(authRequestDTO, this.env)) {
            this.auditHelper.audit(AuditModules.FINGERPRINT_AUTH, getAuditEvent(!z2), authRequestDTO.getIndividualId(), idType, str4);
            authTransactionBuilder.addRequestType(RequestType.FINGER_AUTH);
        }
        if (AuthTransactionHelper.isIrisAuth(authRequestDTO, this.env)) {
            this.auditHelper.audit(AuditModules.IRIS_AUTH, getAuditEvent(!z2), authRequestDTO.getIndividualId(), idType, str4);
            authTransactionBuilder.addRequestType(RequestType.IRIS_AUTH);
        }
        if (AuthTransactionHelper.isFaceAuth(authRequestDTO, this.env)) {
            this.auditHelper.audit(AuditModules.FACE_AUTH, getAuditEvent(!z2), authRequestDTO.getIndividualId(), idType, str4);
            authTransactionBuilder.addRequestType(RequestType.FACE_AUTH);
        }
    }
}
