package org.restheart.signup;

import com.google.gson.JsonObject;
import com.mongodb.client.MongoClient;
import com.mongodb.client.MongoCollection;
import com.mongodb.client.model.Filters;
import com.mongodb.client.model.Updates;
import java.util.Deque;
import java.util.Map;
import org.bson.BsonArray;
import org.bson.BsonDocument;
import org.bson.BsonString;
import org.bson.conversions.Bson;
import org.restheart.exchange.JsonRequest;
import org.restheart.exchange.JsonResponse;
import org.restheart.plugins.Inject;
import org.restheart.plugins.JsonService;
import org.restheart.plugins.RegisterPlugin;

@RegisterPlugin(name = "userVerifier", description = "verifies user", defaultURI = "/verify")
/* loaded from: input_file:org/restheart/signup/UserVerifier.class */
public class UserVerifier implements JsonService {

    @Inject("mclient")
    private MongoClient mclient;
    private final String userDb = "restheart";
    private final String usersCollection = "users";
    private final String propId = "_id";
    private final String rolesProperty = "roles";

    public void handle(JsonRequest jsonRequest, JsonResponse jsonResponse) throws Exception {
        if (jsonRequest.isOptions()) {
            handleOptions(jsonRequest);
            return;
        }
        if (!jsonRequest.isGet() || !checkRequest(jsonRequest)) {
            jsonResponse.setStatusCode(501);
            return;
        }
        Map queryParameters = jsonRequest.getQueryParameters();
        if (!queryParameters.containsKey("username") || ((Deque) queryParameters.get("username")).isEmpty() || !queryParameters.containsKey("code") || ((Deque) queryParameters.get("code")).isEmpty()) {
            JsonObject jsonObject = new JsonObject();
            jsonObject.addProperty("status", "error, missing verification code");
            jsonResponse.setContent(jsonObject);
            jsonResponse.setStatusCode(400);
            return;
        }
        String str = (String) ((Deque) queryParameters.get("username")).getFirst();
        if (!verify(str, (String) ((Deque) queryParameters.get("code")).getFirst())) {
            JsonObject jsonObject2 = new JsonObject();
            jsonObject2.addProperty("status", "error, wrong verification code");
            jsonResponse.setContent(jsonObject2);
            jsonResponse.setStatusCode(403);
            return;
        }
        unlock(str);
        JsonObject jsonObject3 = new JsonObject();
        jsonObject3.addProperty("status", "verified");
        jsonResponse.setContent(jsonObject3);
        jsonResponse.setStatusCode(200);
    }

    private boolean checkRequest(JsonRequest jsonRequest) {
        Map queryParameters = jsonRequest.getQueryParameters();
        return queryParameters.containsKey("username") && !((Deque) queryParameters.get("username")).isEmpty() && queryParameters.containsKey("code") && !((Deque) queryParameters.get("code")).isEmpty();
    }

    private boolean verify(String str, String str2) {
        return this.mclient.getDatabase("restheart").getCollection("users", BsonDocument.class).find(Filters.and(new Bson[]{Filters.eq("_id", new BsonString(str)), Filters.eq("code", new BsonString(str2)), Filters.eq("roles", new BsonString("UNVERIFIED"))})).first() != null;
    }

    private void unlock(String str) {
        MongoCollection collection = this.mclient.getDatabase("restheart").getCollection("users", BsonDocument.class);
        BsonArray bsonArray = new BsonArray();
        bsonArray.add(new BsonString("USER"));
        collection.findOneAndUpdate(Filters.eq("_id", new BsonString(str)), Updates.set("roles", bsonArray));
    }
}
