package io.mosip.authentication.common.service.helper;

import io.mosip.authentication.common.service.entity.KycTokenData;
import io.mosip.authentication.common.service.repository.KycTokenDataRepository;
import io.mosip.authentication.core.constant.IdAuthenticationErrorConstants;
import io.mosip.authentication.core.constant.KycTokenStatusType;
import io.mosip.authentication.core.exception.IdAuthenticationBusinessException;
import io.mosip.authentication.core.logger.IdaLogger;
import io.mosip.authentication.core.spi.indauth.service.KycService;
import io.mosip.kernel.core.logger.spi.Logger;
import java.util.Optional;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:io/mosip/authentication/common/service/helper/TokenValidationHelper.class */
public class TokenValidationHelper {
    private static Logger mosipLogger = IdaLogger.getLogger(TokenValidationHelper.class);

    @Autowired
    private KycService kycService;

    @Autowired
    private KycTokenDataRepository kycTokenDataRepo;

    public KycTokenData findAndValidateIssuedToken(String str, String str2, String str3, String str4) throws IdAuthenticationBusinessException {
        mosipLogger.info("sessionId", getClass().getSimpleName(), "findAndValidateIssuedToken", "Check Token Exists or not, associated with oidc client and active status.");
        Optional<KycTokenData> findByKycToken = this.kycTokenDataRepo.findByKycToken(str);
        if (!findByKycToken.isPresent()) {
            mosipLogger.error("sessionId", getClass().getSimpleName(), "findAndValidateIssuedToken", "KYC Token not found: " + str);
            throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.KYC_TOKEN_NOT_FOUND.getErrorCode(), IdAuthenticationErrorConstants.KYC_TOKEN_NOT_FOUND.getErrorMessage());
        }
        KycTokenData kycTokenData = findByKycToken.get();
        validateToken(kycTokenData, str2, str3, str4);
        return kycTokenData;
    }

    private void validateToken(KycTokenData kycTokenData, String str, String str2, String str3) throws IdAuthenticationBusinessException {
        String kycToken = kycTokenData.getKycToken();
        if (kycTokenData.getKycTokenStatus().equals(KycTokenStatusType.PROCESSED.getStatus())) {
            mosipLogger.error("sessionId", getClass().getSimpleName(), "findAndValidateIssuedToken", "KYC Token already processed: " + kycToken);
            throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.KYC_TOKEN_ALREADY_PROCESSED.getErrorCode(), IdAuthenticationErrorConstants.KYC_TOKEN_ALREADY_PROCESSED.getErrorMessage());
        }
        if (kycTokenData.getKycTokenStatus().equals(KycTokenStatusType.EXPIRED.getStatus())) {
            mosipLogger.error("sessionId", getClass().getSimpleName(), "findAndValidateIssuedToken", "KYC Token expired: " + kycToken);
            throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.KYC_TOKEN_EXPIRED.getErrorCode(), IdAuthenticationErrorConstants.KYC_TOKEN_EXPIRED.getErrorMessage());
        }
        if (!kycTokenData.getOidcClientId().equals(str)) {
            mosipLogger.error("sessionId", getClass().getSimpleName(), "findAndValidateIssuedToken", "KYC Token does not belongs to the provided OIDC Client Id: " + kycToken);
            throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.KYC_TOKEN_INVALID_OIDC_CLIENT_ID.getErrorCode(), IdAuthenticationErrorConstants.KYC_TOKEN_INVALID_OIDC_CLIENT_ID.getErrorMessage());
        }
        if (!kycTokenData.getIdVidHash().equals(str3)) {
            mosipLogger.error("sessionId", getClass().getSimpleName(), "findAndValidateIssuedToken", "KYC Token does not belongs to the provided UIN/VID: " + kycToken);
            throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.KYC_TOKEN_INVALID_UIN_VID.getErrorCode(), IdAuthenticationErrorConstants.KYC_TOKEN_INVALID_UIN_VID.getErrorMessage());
        }
        if (!kycTokenData.getRequestTransactionId().equals(str2)) {
            mosipLogger.error("sessionId", getClass().getSimpleName(), "findAndValidateIssuedToken", "KYC Auth & KYC Exchange Transaction Ids are not same: " + kycToken);
            throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.KYC_TOKEN_INVALID_TRANSACTION_ID.getErrorCode(), IdAuthenticationErrorConstants.KYC_TOKEN_INVALID_TRANSACTION_ID.getErrorMessage());
        }
        mosipLogger.info("sessionId", getClass().getSimpleName(), "findAndValidateIssuedToken", "KYC Token found, Check Token expire.");
        if (this.kycService.isKycTokenExpire(kycTokenData.getTokenIssuedDateTime(), kycToken)) {
            mosipLogger.error("sessionId", getClass().getSimpleName(), "findAndValidateIssuedToken", "KYC Token expired.");
            kycTokenData.setKycTokenStatus(KycTokenStatusType.EXPIRED.getStatus());
            this.kycTokenDataRepo.saveAndFlush(kycTokenData);
            throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.KYC_TOKEN_EXPIRED.getErrorCode(), IdAuthenticationErrorConstants.KYC_TOKEN_EXPIRED.getErrorMessage());
        }
    }
}
