package systems.dennis.auth.service;

import jakarta.servlet.http.HttpServletRequest;
import java.util.Date;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.UUID;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Primary;
import org.springframework.stereotype.Service;
import systems.dennis.auth.client.entity.UserData;
import systems.dennis.auth.config.AuthorizationDelegator;
import systems.dennis.auth.exception.ScopeException;
import systems.dennis.auth.util.PasswordService;
import systems.dennis.shared.annotations.DataRetrieverDescription;
import systems.dennis.shared.annotations.DeleteStrategy;
import systems.dennis.shared.config.WebContext;
import systems.dennis.shared.exceptions.ItemForAddContainsIdException;
import systems.dennis.shared.exceptions.ItemNotFoundException;
import systems.dennis.shared.exceptions.UnmodifiedItemSaveAttemptException;
import systems.dennis.shared.exceptions.ValidationFailedException;
import systems.dennis.shared.pojo_form.ValidationContext;
import systems.dennis.shared.pojo_form.ValidationResult;
import systems.dennis.shared.repository.AbstractDataFilter;
import systems.dennis.shared.scopes.exception.ScopeRuleException;
import systems.dennis.shared.scopes.form.ScopeForm;
import systems.dennis.shared.scopes.model.ScopeModel;
import systems.dennis.shared.scopes.repository.ScopeRepo;
import systems.dennis.shared.scopes.service.ScopeService;

@Service
@DataRetrieverDescription(model = ScopeModel.class, form = ScopeForm.class, repo = ScopeRepo.class)
@DeleteStrategy(2)
@Primary
/* loaded from: input_file:systems/dennis/auth/service/AuthScopeService.class */
public class AuthScopeService extends ScopeService {
    private static final Logger log = LoggerFactory.getLogger(AuthScopeService.class);
    private static final int KEY_LENGTH = 100;
    private final ScopeRepo scopeRepo;

    public AuthScopeService(WebContext webContext, ScopeRepo scopeRepo) {
        super(webContext);
        this.scopeRepo = scopeRepo;
    }

    public ScopeModel preAdd(ScopeModel scopeModel) throws ItemForAddContainsIdException {
        setScopeToken(scopeModel);
        if (findByName(scopeModel.getName(), (Long) getCurrentUser(), true) != null) {
            throw new ValidationFailedException(createValidationContext());
        }
        return super.preAdd(scopeModel);
    }

    public ScopeModel preEdit(ScopeModel scopeModel, ScopeModel scopeModel2) throws UnmodifiedItemSaveAttemptException, ItemNotFoundException {
        ScopeModel findByName = findByName(scopeModel.getName(), (Long) getCurrentUser(), true);
        if (findByName == null || Objects.equals(findByName.getId(), scopeModel.getId())) {
            return super.preEdit(scopeModel, scopeModel2);
        }
        throw new ValidationFailedException(createValidationContext());
    }

    ValidationContext createValidationContext() {
        ValidationContext validationContext = new ValidationContext();
        validationContext.setContainsErrors(true);
        ValidationResult validationResult = new ValidationResult();
        validationResult.setErrorMessage("global.app.exceptions.duplicated.scope_name.in_system");
        validationContext.setData(Map.of("name", List.of(validationResult)));
        return validationContext;
    }

    public ScopeModel regenerateToken(String str) {
        ScopeModel scopeModel = (ScopeModel) findById(str).orElseThrow(() -> {
            return ItemNotFoundException.fromId(str);
        });
        setScopeToken(scopeModel);
        ((ScopeRepo) getBean(ScopeRepo.class)).save(scopeModel);
        return scopeModel;
    }

    private void setScopeToken(ScopeModel scopeModel) {
        String passwordChars = getPasswordChars();
        int i = 15;
        if (scopeModel.getScopeRule() != null && passwordChars != null) {
            passwordChars = scopeModel.getScopeRule().getScopeTokenSymbols();
            try {
                if (passwordChars.contains(":")) {
                    String[] split = passwordChars.split(":");
                    i = Integer.parseInt(split[0]);
                    passwordChars = split[1];
                }
            } catch (Exception e) {
                log.info("ScopeRule token symbols has wrong format: {}", scopeModel.getScopeRule().getScopeTokenSymbols());
            }
        }
        scopeModel.setSecretKey(PasswordService.generateRandomKey(i, passwordChars));
    }

    private String getPasswordChars() {
        return (String) getContext().getEnv("global.auth.password.chars", "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!@#$%&+_&:-(*)'[{}]/\\\\}");
    }

    public ScopeModel afterAdd(ScopeModel scopeModel) {
        addCreatorToScope(scopeModel);
        assignAdminRole(scopeModel);
        return super.afterAdd(scopeModel);
    }

    public ScopeModel getScopeFromRequest(HttpServletRequest httpServletRequest, Long l, boolean z) {
        if (httpServletRequest == null) {
            throw new ScopeException("global.exceptions.failed_determine_scope");
        }
        String header = httpServletRequest.getHeader(AuthorizationDelegator.AUTH_SCOPE_HEADER);
        if (header == null) {
            throw new ScopeException("global.exceptions.failed_determine_scope");
        }
        return findByName(header, l, z);
    }

    private void addCreatorToScope(ScopeModel scopeModel) {
        ((UserInScopeService) getBean(UserInScopeService.class)).generateAndSave(((ProfilePageService) getBean(ProfilePageService.class)).findByIdOrThrow(scopeModel.getUserDataId()), scopeModel);
    }

    private void assignAdminRole(ScopeModel scopeModel) {
        ((RoleToUserService) getBean(RoleToUserService.class)).applyRole(((RoleServiceImpl) getBean(RoleServiceImpl.class)).generateAdminRole(scopeModel), ((LoginPasswordService) getBean(LoginPasswordService.class)).findUserByLogin(((ProfilePageService) getBean(ProfilePageService.class)).findByIdOrThrow(scopeModel.getUserDataId()).getEmail()).orElseThrow());
    }

    public AbstractDataFilter<ScopeModel> addSelfSpecWithUserScopes(Long l) {
        return addScopeSpecification(getSelfCreatedItems(l), l);
    }

    public AbstractDataFilter<ScopeModel> getAdditionalSpecification() {
        return addScopeSpecification(getSelfCreatedItems(getCurrentUser()), (Long) getCurrentUser()).and(super.getAdditionalSpecification());
    }

    public void generateAndSaveUserScope(UserData userData) {
        ScopeModel scopeModel = new ScopeModel();
        scopeModel.setName(userData.getId() + "_" + String.valueOf(UUID.randomUUID()));
        scopeModel.setUserDataId(userData.getId());
        scopeModel.setDate(new Date());
        setScopeToken(scopeModel);
        ScopeModel scopeModel2 = (ScopeModel) ((ScopeRepo) getBean(ScopeRepo.class)).save(scopeModel);
        addCreatorToScope(scopeModel2);
        assignAdminRole(scopeModel2);
    }

    public void checkRegistrationAllowed(ScopeModel scopeModel) {
        if (Objects.nonNull(scopeModel.getScopeRule()) && !scopeModel.getScopeRule().getRegistrationAllowed().booleanValue()) {
            throw new ScopeRuleException("global.exceptions.registration_not_allowed");
        }
    }

    private AbstractDataFilter<ScopeModel> addScopeSpecification(AbstractDataFilter<ScopeModel> abstractDataFilter, Long l) {
        AbstractDataFilter<ScopeModel> iN = getFilterImpl().iN("id", (List) ((UserInScopeService) getBean(UserInScopeService.class)).getByUser(l).stream().filter(userInScopeModel -> {
            return userInScopeModel.getScope() != null;
        }).map(userInScopeModel2 -> {
            return userInScopeModel2.getScope().getId();
        }).collect(Collectors.toList()));
        return abstractDataFilter != null ? abstractDataFilter.or(iN) : iN;
    }
}
