package de.adorsys.opba.tppauthapi.controller;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.collect.ImmutableMap;
import de.adorsys.opba.api.security.internal.config.AuthorizationSessionKeyConfig;
import de.adorsys.opba.api.security.internal.config.CookieProperties;
import de.adorsys.opba.api.security.internal.config.TppTokenProperties;
import de.adorsys.opba.api.security.internal.service.CookieBuilderTemplate;
import de.adorsys.opba.api.security.internal.service.TokenBasedAuthService;
import de.adorsys.opba.protocol.facade.config.auth.FacadeAuthConfig;
import de.adorsys.opba.protocol.facade.services.authorization.PsuLoginForAisService;
import de.adorsys.opba.protocol.facade.services.psu.PsuAuthService;
import de.adorsys.opba.tppauthapi.model.generated.LoginResponse;
import de.adorsys.opba.tppauthapi.model.generated.PsuAuthBody;
import de.adorsys.opba.tppauthapi.resource.generated.PsuAuthenticationAndConsentApprovalApi;
import de.adorsys.opba.tppauthapi.resource.generated.PsuAuthenticationApi;
import java.beans.ConstructorProperties;
import java.time.Duration;
import java.util.Base64;
import java.util.Optional;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import lombok.Generated;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.util.UriComponentsBuilder;

@RestController
@CrossOrigin(origins = {"*"})
/* loaded from: input_file:de/adorsys/opba/tppauthapi/controller/PsuAuthController.class */
public class PsuAuthController implements PsuAuthenticationApi, PsuAuthenticationAndConsentApprovalApi {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(PsuAuthController.class);
    public static final Base64.Encoder ENCODER = Base64.getEncoder();
    private final PsuLoginForAisService aisService;
    private final PsuAuthService psuAuthService;
    private final TokenBasedAuthService authService;
    private final FacadeAuthConfig authConfig;
    private final AuthorizationSessionKeyConfig.AuthorizationSessionKeyFromHttpRequest authorizationKeyFromHttpRequest;
    private final CookieBuilderTemplate cookieBuilderTemplate;
    private final CookieProperties cookieProperties;
    private final TppTokenProperties tppTokenProperties;

    public ResponseEntity<LoginResponse> login(PsuAuthBody psuAuthBody, UUID uuid) {
        String generateToken = this.authService.generateToken(this.psuAuthService.tryAuthenticateUser(psuAuthBody.getLogin(), psuAuthBody.getPassword()).getLogin(), this.tppTokenProperties.getTokenValidityDuration());
        String responseCookie = this.cookieBuilderTemplate.builder(generateToken).build().toString();
        String l = Long.toString(this.cookieProperties.getMaxAge().getSeconds());
        LoginResponse loginResponse = new LoginResponse();
        loginResponse.setXsrfToken(ENCODER.encodeToString(generateToken.getBytes()));
        return ResponseEntity.status(HttpStatus.ACCEPTED).header("X-Request-ID", new String[]{uuid.toString()}).header("Cookie-TTL", new String[]{l}).header("Set-Cookie", new String[]{responseCookie}).body(loginResponse);
    }

    public ResponseEntity<LoginResponse> loginForApproval(PsuAuthBody psuAuthBody, UUID uuid, String str, UUID uuid2) {
        return createResponseWithSecretKeyInCookieOnAllPaths(uuid, uuid2, this.aisService.loginInPsuScopeAndAssociateAuthSession(psuAuthBody.getLogin(), psuAuthBody.getPassword(), uuid2, str));
    }

    public ResponseEntity<LoginResponse> loginForPaymentApproval(PsuAuthBody psuAuthBody, UUID uuid, String str, UUID uuid2) {
        return loginForApproval(psuAuthBody, uuid, str, uuid2);
    }

    public ResponseEntity<LoginResponse> loginForAnonymousPaymentApproval(UUID uuid, UUID uuid2, String str) {
        return createResponseWithSecretKeyInCookieOnAllPaths(uuid, uuid2, this.aisService.anonymousPsuAssociateAuthSession(uuid2, str));
    }

    public ResponseEntity<Void> registration(PsuAuthBody psuAuthBody, UUID uuid) {
        this.psuAuthService.createPsuIfNotExist(psuAuthBody.getLogin(), psuAuthBody.getPassword());
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add("Location", this.authConfig.getRedirect().getConsentLogin().getPage().getForAis());
        return new ResponseEntity<>(httpHeaders, HttpStatus.CREATED);
    }

    public Optional<ObjectMapper> getObjectMapper() {
        return Optional.empty();
    }

    public Optional<HttpServletRequest> getRequest() {
        return Optional.empty();
    }

    public ResponseEntity<Void> renewalAuthorizationSessionKey(UUID uuid, UUID uuid2) {
        String[] buildAuthorizationCookiesOnAllPaths = buildAuthorizationCookiesOnAllPaths(uuid2, this.authorizationKeyFromHttpRequest.getKey(), this.tppTokenProperties.getTokenValidityDuration());
        String l = Long.toString(this.cookieProperties.getMaxAge().getSeconds());
        log.debug("cookie is renewed for authid {} for time {}", uuid2, l);
        return ResponseEntity.status(HttpStatus.ACCEPTED).header("X-Request-ID", new String[]{uuid.toString()}).header("Cookie-TTL", new String[]{l}).header("Set-Cookie", buildAuthorizationCookiesOnAllPaths).build();
    }

    @NotNull
    private ResponseEntity<LoginResponse> createResponseWithSecretKeyInCookieOnAllPaths(UUID uuid, UUID uuid2, PsuLoginForAisService.Outcome outcome) {
        String l = Long.toString(this.cookieProperties.getMaxAge().getSeconds());
        log.debug("created new session cookie for authid {}", uuid2);
        return ResponseEntity.status(HttpStatus.ACCEPTED).header("Location", new String[]{outcome.getRedirectLocation().toASCIIString()}).header("X-Request-ID", new String[]{uuid.toString()}).header("Cookie-TTL", new String[]{l}).header("Set-Cookie", buildAuthorizationCookiesOnAllPaths(uuid2, outcome.getKey(), this.tppTokenProperties.getTokenValidityDuration())).build();
    }

    private String[] buildAuthorizationCookiesOnAllPaths(UUID uuid, String str, Duration duration) {
        String generateToken = this.authService.generateToken(str, duration);
        return (String[]) this.authConfig.getAuthorizationSessionKey().getCookie().getPathTemplates().stream().map(str2 -> {
            return cookieString(uuid, str2, generateToken);
        }).toArray(i -> {
            return new String[i];
        });
    }

    private String cookieString(UUID uuid, String str, String str2) {
        return this.cookieBuilderTemplate.builder(str2, UriComponentsBuilder.fromPath(str).buildAndExpand(ImmutableMap.of("authorizationSessionId", uuid.toString())).toUriString(), this.authConfig.getAuthorizationSessionKey().getCookie().getDomain()).build().toString();
    }

    @Generated
    @ConstructorProperties({"aisService", "psuAuthService", "authService", "authConfig", "authorizationKeyFromHttpRequest", "cookieBuilderTemplate", "cookieProperties", "tppTokenProperties"})
    public PsuAuthController(PsuLoginForAisService psuLoginForAisService, PsuAuthService psuAuthService, TokenBasedAuthService tokenBasedAuthService, FacadeAuthConfig facadeAuthConfig, AuthorizationSessionKeyConfig.AuthorizationSessionKeyFromHttpRequest authorizationSessionKeyFromHttpRequest, CookieBuilderTemplate cookieBuilderTemplate, CookieProperties cookieProperties, TppTokenProperties tppTokenProperties) {
        this.aisService = psuLoginForAisService;
        this.psuAuthService = psuAuthService;
        this.authService = tokenBasedAuthService;
        this.authConfig = facadeAuthConfig;
        this.authorizationKeyFromHttpRequest = authorizationSessionKeyFromHttpRequest;
        this.cookieBuilderTemplate = cookieBuilderTemplate;
        this.cookieProperties = cookieProperties;
        this.tppTokenProperties = tppTokenProperties;
    }
}
