package org.keycloak.authentication.bankaccount.rest;

import java.io.IOException;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.Consumes;
import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import net.interus.keycloak.phone.UserPhoneNumberAttributes;
import net.interus.keycloak.tokencode.TokenCodeService;
import net.interus.keycloak.tokencode.TokenCodeType;
import net.interus.keycloak.tokencode.exception.SendingFailure;
import net.interus.keycloak.tokencode.exception.ValidatingFailure;
import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.keycloak.authentication.bankaccount.credentials.BankAccountCredentialModel;
import org.keycloak.authentication.bankaccount.credentials.data.BankAccountArsCredentialData;
import org.keycloak.authentication.bankaccount.credentials.data.BankAccountArsSecretData;
import org.keycloak.authentication.bankaccount.credentials.data.BankAccountHolderNameCredentialData;
import org.keycloak.authentication.bankaccount.integrated.FirmBankingBankAccountArsTokenCodeDelegator;
import org.keycloak.authentication.bankaccount.integrated.FirmBankingBankAccountHolderNameVerifier;
import org.keycloak.authentication.identification.credentials.PhoneIdentificationCredentialModel;
import org.keycloak.authentication.identification.credentials.PhoneIdentificationCredentialProviderFactory;
import org.keycloak.authentication.identification.credentials.data.PhoneIdentificationOtpCredentialData;
import org.keycloak.credential.CredentialProvider;
import org.keycloak.models.KeycloakSession;
import org.keycloak.services.managers.AppAuthManager;
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.validation.Validation;
import org.keycloak.util.JsonSerialization;

/* loaded from: input_file:org/keycloak/authentication/bankaccount/rest/BankAccountResource.class */
public class BankAccountResource {
    private static final Logger logger = Logger.getLogger(BankAccountResource.class);
    private final KeycloakSession session;
    private final AuthenticationManager.AuthResult auth;

    public BankAccountResource(KeycloakSession keycloakSession) {
        this.session = keycloakSession;
        this.auth = new AppAuthManager.BearerTokenAuthenticator(keycloakSession).authenticate();
    }

    @NoCache
    @Path("holder-name")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public Response verifyHolderName(BankAccountHolderNameCredentialData bankAccountHolderNameCredentialData) {
        if (bankAccountHolderNameCredentialData == null) {
            throw new BadRequestException("Wrong parameters");
        }
        if (Validation.isEmpty(bankAccountHolderNameCredentialData.getBankCode())) {
            throw new BadRequestException("Must inform a bank code");
        }
        if (Validation.isEmpty(bankAccountHolderNameCredentialData.getBankAccountCode())) {
            throw new BadRequestException("Must inform a bank account code");
        }
        if (Validation.isEmpty(bankAccountHolderNameCredentialData.getHolderName())) {
            throw new BadRequestException("Must inform a holder name");
        }
        if (this.auth == null || this.auth.getUser() == null) {
            throw new NotAuthorizedException("Must set a access token", new Object[0]);
        }
        String verifiedPhoneNumber = UserPhoneNumberAttributes.getVerifiedPhoneNumber(this.auth.getUser());
        if (verifiedPhoneNumber == null) {
            throw new BadRequestException("Must has phone number");
        }
        bankAccountHolderNameCredentialData.setPhoneNumber(verifiedPhoneNumber);
        boolean z = false;
        try {
            z = new FirmBankingBankAccountHolderNameVerifier().verify(bankAccountHolderNameCredentialData, bankAccountHolderNameCredentialData.getHolderName());
        } catch (ValidatingFailure e) {
            e.printStackTrace();
            Response.serverError();
        }
        return Response.ok(String.format("{\"verified\":%s}", Boolean.valueOf(z)), MediaType.APPLICATION_JSON_TYPE).build();
    }

    @NoCache
    @Path("ars-call")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public Response requestArsCall(BankAccountArsCredentialData bankAccountArsCredentialData) {
        if (bankAccountArsCredentialData == null) {
            throw new BadRequestException("Wrong parameters");
        }
        if (Validation.isEmpty(bankAccountArsCredentialData.getBankCode())) {
            throw new BadRequestException("Must inform a bank code");
        }
        if (Validation.isEmpty(bankAccountArsCredentialData.getBankAccountCode())) {
            throw new BadRequestException("Must inform a bank account code");
        }
        if (Validation.isEmpty(bankAccountArsCredentialData.getHolderName())) {
            throw new BadRequestException("Must inform a holder name");
        }
        if (this.auth == null || this.auth.getUser() == null) {
            throw new NotAuthorizedException("Must set a access token", new Object[0]);
        }
        String verifiedPhoneNumber = UserPhoneNumberAttributes.getVerifiedPhoneNumber(this.auth.getUser());
        if (verifiedPhoneNumber == null) {
            throw new BadRequestException("Must has phone number");
        }
        bankAccountArsCredentialData.setPhoneNumber(verifiedPhoneNumber);
        PhoneIdentificationCredentialModel credential = this.session.getProvider(CredentialProvider.class, PhoneIdentificationCredentialProviderFactory.PROVIDER_ID).getCredential(this.session.getContext().getRealm(), this.auth.getUser());
        if (credential == null || credential.getCredentialData() == null) {
            throw new BadRequestException("Must has phone identification credential");
        }
        try {
            PhoneIdentificationOtpCredentialData valueOf = PhoneIdentificationOtpCredentialData.valueOf(credential.getCredentialData());
            if (valueOf.getNationalIdentificationNumber() == null) {
                throw new BadRequestException("Must has national identification number");
            }
            if (valueOf.getNationalIdentificationNumber().length() < 6) {
                throw new BadRequestException("National identification number format is wrong");
            }
            bankAccountArsCredentialData.setNationalIdentificationNumber(valueOf.getNationalIdentificationNumber().substring(0, 6));
            logger.info(String.format("Request otp sending %s code to %s", TokenCodeType.OTP.getLabel(), JsonSerialization.writeValueAsString(bankAccountArsCredentialData)));
            return Response.ok(String.format("{\"expiresIn\":%s}", Integer.valueOf(this.session.getProvider(TokenCodeService.class).sendCode(bankAccountArsCredentialData.getPhoneNumber(), TokenCodeType.OTP, BankAccountCredentialModel.TYPE, JsonSerialization.writeValueAsString(bankAccountArsCredentialData), new FirmBankingBankAccountArsTokenCodeDelegator()))), MediaType.APPLICATION_JSON_TYPE).build();
        } catch (IOException e) {
            e.printStackTrace();
            return Response.serverError().build();
        } catch (SendingFailure e2) {
            e2.printStackTrace();
            return Response.status(e2.getStatusCode().intValue(), e2.getErrorMessage()).build();
        }
    }

    @NoCache
    @Path("ars-call")
    @Consumes({"application/json"})
    @Produces({"application/json"})
    @PUT
    public Response validateArsCall() {
        if (this.auth == null || this.auth.getUser() == null) {
            throw new NotAuthorizedException("Must set a access token", new Object[0]);
        }
        String verifiedPhoneNumber = UserPhoneNumberAttributes.getVerifiedPhoneNumber(this.auth.getUser());
        if (verifiedPhoneNumber == null) {
            throw new BadRequestException("Must has phone number");
        }
        BankAccountArsSecretData build = BankAccountArsSecretData.builder().build();
        try {
            logger.info(String.format("Requested otp validation %s code to %s", TokenCodeType.OTP.getLabel(), JsonSerialization.writeValueAsString(build)));
            return Response.ok(String.format("{\"validated\":%s}", Boolean.valueOf(this.session.getProvider(TokenCodeService.class).validateCode(verifiedPhoneNumber, "no_code", TokenCodeType.OTP, BankAccountCredentialModel.TYPE, JsonSerialization.writeValueAsString(build), this.auth.getUser(), new FirmBankingBankAccountArsTokenCodeDelegator()))), MediaType.APPLICATION_JSON_TYPE).build();
        } catch (ValidatingFailure e) {
            e.printStackTrace();
            return Response.status(e.getStatusCode().intValue(), e.getErrorMessage()).build();
        } catch (IOException e2) {
            e2.printStackTrace();
            return Response.serverError().build();
        }
    }
}
