package de.adorsys.opba.protocol.facade.services;

import com.google.common.collect.ImmutableMap;
import de.adorsys.opba.db.domain.entity.BankAction;
import de.adorsys.opba.db.domain.entity.fintech.Fintech;
import de.adorsys.opba.db.domain.entity.fintech.FintechUser;
import de.adorsys.opba.db.domain.entity.sessions.AuthSession;
import de.adorsys.opba.db.domain.entity.sessions.ServiceSession;
import de.adorsys.opba.db.repository.jpa.AuthorizationSessionRepository;
import de.adorsys.opba.db.repository.jpa.BankActionRepository;
import de.adorsys.opba.db.repository.jpa.fintech.FintechRepository;
import de.adorsys.opba.db.repository.jpa.fintech.FintechUserRepository;
import de.adorsys.opba.protocol.api.common.ProtocolAction;
import de.adorsys.opba.protocol.api.dto.context.ServiceContext;
import de.adorsys.opba.protocol.api.dto.request.FacadeServiceableRequest;
import de.adorsys.opba.protocol.api.dto.request.payments.InitiateSinglePaymentRequest;
import de.adorsys.opba.protocol.facade.config.auth.FacadeAuthConfig;
import de.adorsys.opba.protocol.facade.config.auth.UriExpandConst;
import de.adorsys.opba.protocol.facade.config.encryption.SecretKeyWithIv;
import de.adorsys.opba.protocol.facade.config.encryption.impl.fintech.FintechConsentSpecSecureStorage;
import de.adorsys.opba.protocol.facade.dto.result.torest.redirectable.FacadeResultRedirectable;
import de.adorsys.opba.protocol.facade.services.EncryptionKeySerde;
import de.adorsys.opba.protocol.facade.services.password.FintechUserPasswordGenerator;
import java.beans.ConstructorProperties;
import java.util.UUID;
import javax.persistence.EntityManager;
import lombok.Generated;
import org.jetbrains.annotations.NotNull;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.util.UriComponentsBuilder;

@Service
/* loaded from: input_file:BOOT-INF/lib/opba-banking-protocol-facade-0.20.0.2-RC1.jar:de/adorsys/opba/protocol/facade/services/AuthSessionHandler.class */
public class AuthSessionHandler {
    private final FacadeAuthConfig facadeAuthConfig;
    private final BankActionRepository bankActionRepository;
    private final FintechUserPasswordGenerator passwordGenerator;
    private final FintechRepository fintechs;
    private final FintechUserRepository fintechUsers;
    private final FintechConsentSpecSecureStorage fintechUserVault;
    private final AuthorizationSessionRepository authenticationSessions;
    private final EntityManager entityManager;

    @Transactional
    @NotNull
    public <O> AuthSession createNewAuthSessionAndEnhanceResult(FacadeServiceableRequest facadeServiceableRequest, SecretKeyWithIv secretKeyWithIv, ServiceContext serviceContext, FacadeResultRedirectable<O, ?> facadeResultRedirectable) {
        return fillAuthSessionData(facadeServiceableRequest, serviceContext, secretKeyWithIv, facadeResultRedirectable);
    }

    @Transactional
    @NotNull
    public <O> AuthSession reuseAuthSessionAndEnhanceResult(AuthSession authSession, SecretKeyWithIv secretKeyWithIv, ServiceContext serviceContext, FacadeResultRedirectable<O, ?> facadeResultRedirectable) {
        return fillAuthSessionData(authSession, serviceContext, secretKeyWithIv, facadeResultRedirectable);
    }

    private <O> AuthSession fillAuthSessionData(FacadeServiceableRequest facadeServiceableRequest, ServiceContext serviceContext, SecretKeyWithIv secretKeyWithIv, FacadeResultRedirectable<O, ?> facadeResultRedirectable) {
        BankAction orElseThrow = this.bankActionRepository.findByBankProfileUuidAndAction(serviceContext.getBankId(), ProtocolAction.AUTHORIZATION).orElseThrow(() -> {
            return new IllegalStateException("Missing update authorization handler for " + serviceContext.getBankId());
        });
        Fintech orElseThrow2 = this.fintechs.findByGlobalId(facadeServiceableRequest.getAuthorization()).orElseThrow(() -> {
            return new IllegalStateException("No registered FinTech: " + facadeServiceableRequest.getAuthorization());
        });
        String generate = this.passwordGenerator.generate();
        FintechUser fintechUser = (FintechUser) this.fintechUsers.save(FintechUser.builder().psuFintechId(facadeServiceableRequest.getFintechUserId()).fintech(orElseThrow2).build());
        FintechConsentSpecSecureStorage fintechConsentSpecSecureStorage = this.fintechUserVault;
        generate.getClass();
        fintechConsentSpecSecureStorage.registerFintechUser(fintechUser, generate::toCharArray);
        return createInboxDataAndUpdateAuthSession(serviceContext, secretKeyWithIv, facadeResultRedirectable, (AuthSession) this.authenticationSessions.save(AuthSession.builder().parent((ServiceSession) this.entityManager.find(ServiceSession.class, serviceContext.getServiceSessionId())).action(orElseThrow).fintechUser(fintechUser).psuAnonymous(facadeServiceableRequest.isAnonymousPsuAllowed()).redirectCode(serviceContext.getFutureRedirectCode().toString()).build()), generate);
    }

    private <O> AuthSession fillAuthSessionData(AuthSession authSession, ServiceContext serviceContext, SecretKeyWithIv secretKeyWithIv, FacadeResultRedirectable<O, ?> facadeResultRedirectable) {
        Fintech fintech = authSession.getFintechUser().getFintech();
        String generate = this.passwordGenerator.generate();
        FintechUser fintechUser = authSession.getFintechUser();
        this.fintechUsers.delete(fintechUser);
        FintechUser fintechUser2 = (FintechUser) this.fintechUsers.save(FintechUser.builder().psuFintechId(fintechUser.getPsuFintechId()).fintech(fintech).build());
        FintechConsentSpecSecureStorage fintechConsentSpecSecureStorage = this.fintechUserVault;
        generate.getClass();
        fintechConsentSpecSecureStorage.registerFintechUser(fintechUser2, generate::toCharArray);
        authSession.setFintechUser(fintechUser2);
        authSession.setRedirectCode(serviceContext.getFutureRedirectCode().toString());
        return createInboxDataAndUpdateAuthSession(serviceContext, secretKeyWithIv, facadeResultRedirectable, (AuthSession) this.authenticationSessions.save(authSession), generate);
    }

    @NotNull
    private <O> AuthSession createInboxDataAndUpdateAuthSession(ServiceContext serviceContext, SecretKeyWithIv secretKeyWithIv, FacadeResultRedirectable<O, ?> facadeResultRedirectable, AuthSession authSession, String str) {
        this.fintechUserVault.toInboxForAuth(authSession, new FintechConsentSpecSecureStorage.FinTechUserInboxData(facadeResultRedirectable.getRedirectionTo(), new EncryptionKeySerde.SecretKeyWithIvContainer(secretKeyWithIv), null));
        String forAis = this.facadeAuthConfig.getRedirect().getConsentLogin().getPage().getForAis();
        if (serviceContext.getRequest() instanceof InitiateSinglePaymentRequest) {
            forAis = ((InitiateSinglePaymentRequest) serviceContext.getRequest()).getFacadeServiceable().isAnonymousPsuAllowed() ? this.facadeAuthConfig.getRedirect().getConsentLogin().getPage().getForPisAnonymous() : this.facadeAuthConfig.getRedirect().getConsentLogin().getPage().getForPis();
        }
        facadeResultRedirectable.setRedirectionTo(UriComponentsBuilder.fromHttpUrl(forAis).buildAndExpand(ImmutableMap.of(UriExpandConst.FINTECH_USER_TEMP_PASSWORD, (UUID) str, UriExpandConst.AUTHORIZATION_SESSION_ID, authSession.getId())).toUri());
        return authSession;
    }

    @Generated
    @ConstructorProperties({"facadeAuthConfig", "bankActionRepository", "passwordGenerator", "fintechs", "fintechUsers", "fintechUserVault", "authenticationSessions", "entityManager"})
    public AuthSessionHandler(FacadeAuthConfig facadeAuthConfig, BankActionRepository bankActionRepository, FintechUserPasswordGenerator fintechUserPasswordGenerator, FintechRepository fintechRepository, FintechUserRepository fintechUserRepository, FintechConsentSpecSecureStorage fintechConsentSpecSecureStorage, AuthorizationSessionRepository authorizationSessionRepository, EntityManager entityManager) {
        this.facadeAuthConfig = facadeAuthConfig;
        this.bankActionRepository = bankActionRepository;
        this.passwordGenerator = fintechUserPasswordGenerator;
        this.fintechs = fintechRepository;
        this.fintechUsers = fintechUserRepository;
        this.fintechUserVault = fintechConsentSpecSecureStorage;
        this.authenticationSessions = authorizationSessionRepository;
        this.entityManager = entityManager;
    }
}
