package de.adorsys.opba.protocol.facade.services.authorization;

import de.adorsys.opba.db.domain.entity.sessions.AuthSession;
import de.adorsys.opba.db.repository.jpa.AuthorizationSessionRepository;
import de.adorsys.opba.db.repository.jpa.psu.PsuRepository;
import de.adorsys.opba.protocol.facade.config.encryption.impl.fintech.FintechConsentSpecSecureStorage;
import de.adorsys.opba.protocol.facade.services.EncryptionKeySerde;
import de.adorsys.opba.protocol.facade.services.authorization.internal.psuauth.PsuFintechAssociationService;
import java.beans.ConstructorProperties;
import java.net.URI;
import java.util.UUID;
import lombok.Generated;
import lombok.NonNull;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Service
/* loaded from: input_file:BOOT-INF/lib/opba-banking-protocol-facade-0.20.0.2-RC1.jar:de/adorsys/opba/protocol/facade/services/authorization/PsuLoginForAisService.class */
public class PsuLoginForAisService {
    private final EncryptionKeySerde serde;
    private final PsuRepository psus;
    private final PsuFintechAssociationService associationService;
    private final AuthorizationSessionRepository authRepository;

    /* loaded from: input_file:BOOT-INF/lib/opba-banking-protocol-facade-0.20.0.2-RC1.jar:de/adorsys/opba/protocol/facade/services/authorization/PsuLoginForAisService$Outcome.class */
    public static class Outcome {

        @NonNull
        private final String key;

        @NonNull
        private final URI redirectLocation;

        @NonNull
        @Generated
        public String getKey() {
            return this.key;
        }

        @NonNull
        @Generated
        public URI getRedirectLocation() {
            return this.redirectLocation;
        }

        @Generated
        @ConstructorProperties({"key", "redirectLocation"})
        public Outcome(@NonNull String str, @NonNull URI uri) {
            if (str == null) {
                throw new NullPointerException("key is marked non-null but is null");
            }
            if (uri == null) {
                throw new NullPointerException("redirectLocation is marked non-null but is null");
            }
            this.key = str;
            this.redirectLocation = uri;
        }
    }

    @Transactional
    public Outcome loginInPsuScopeAndAssociateAuthSession(String str, String str2, UUID uuid, String str3) {
        AuthSession orElseThrow = this.authRepository.findById(uuid).orElseThrow(() -> {
            return new IllegalStateException("Missing authorization session: " + uuid);
        });
        orElseThrow.setPsu(this.psus.findByLogin(str).orElseThrow(() -> {
            return new IllegalStateException("No PSU found: " + str);
        }));
        this.associationService.sharePsuAspspSecretKeyWithFintech(str2, orElseThrow);
        FintechConsentSpecSecureStorage.FinTechUserInboxData readInboxFromFinTech = this.associationService.readInboxFromFinTech(orElseThrow, str3);
        this.authRepository.save(orElseThrow);
        return new Outcome(this.serde.asString(readInboxFromFinTech.getProtocolKey().asKey()), readInboxFromFinTech.getAfterPsuIdentifiedRedirectTo());
    }

    @Transactional
    public Outcome anonymousPsuAssociateAuthSession(UUID uuid, String str) {
        AuthSession orElseThrow = this.authRepository.findById(uuid).orElseThrow(() -> {
            return new IllegalStateException("Missing authorization session: " + uuid);
        });
        if (!orElseThrow.isPsuAnonymous()) {
            throw new IllegalStateException("Session does not support anonymous PSU: " + uuid);
        }
        FintechConsentSpecSecureStorage.FinTechUserInboxData readInboxFromFinTech = this.associationService.readInboxFromFinTech(orElseThrow, str);
        this.authRepository.save(orElseThrow);
        return new Outcome(this.serde.asString(readInboxFromFinTech.getProtocolKey().asKey()), readInboxFromFinTech.getAfterPsuIdentifiedRedirectTo());
    }

    @Generated
    @ConstructorProperties({"serde", "psus", "associationService", "authRepository"})
    public PsuLoginForAisService(EncryptionKeySerde encryptionKeySerde, PsuRepository psuRepository, PsuFintechAssociationService psuFintechAssociationService, AuthorizationSessionRepository authorizationSessionRepository) {
        this.serde = encryptionKeySerde;
        this.psus = psuRepository;
        this.associationService = psuFintechAssociationService;
        this.authRepository = authorizationSessionRepository;
    }
}
