package dev.graffa.springsecurityjpa.user;

import dev.graffa.springsecurityjpa.authority.JpaAuthority;
import dev.graffa.springsecurityjpa.authority.JpaAuthorityRepository;
import java.util.Optional;
import org.springframework.context.annotation.Bean;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.UserDetailsManager;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:dev/graffa/springsecurityjpa/user/JpaUserService.class */
public class JpaUserService implements UserDetailsManager {
    protected final JpaUserRepository userRepository;
    protected final JpaAuthorityRepository authorityRepository;
    protected final PasswordEncoder passwordEncoder;

    public JpaUserService(JpaUserRepository jpaUserRepository, JpaAuthorityRepository jpaAuthorityRepository, PasswordEncoder passwordEncoder) {
        this.userRepository = jpaUserRepository;
        this.authorityRepository = jpaAuthorityRepository;
        this.passwordEncoder = passwordEncoder;
    }

    @Bean
    public AuthenticationManager authenticationManager() {
        AuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
        daoAuthenticationProvider.setUserDetailsService(this);
        daoAuthenticationProvider.setPasswordEncoder(this.passwordEncoder);
        return new ProviderManager(new AuthenticationProvider[]{daoAuthenticationProvider});
    }

    /* JADX WARN: Type inference failed for: r1v2, types: [dev.graffa.springsecurityjpa.user.JpaUser$JpaUserBuilder] */
    public void createUser(UserDetails userDetails) {
        String username = userDetails.getUsername();
        if (userExists(username)) {
            throw new IllegalArgumentException("Username " + username + " already present");
        }
        JpaUser jpaUser = (JpaUser) this.userRepository.save(JpaUser.builder().username(username).password(this.passwordEncoder.encode(userDetails.getPassword())).enabled(userDetails.isEnabled()).accountNonExpired(userDetails.isAccountNonExpired()).credentialsNonExpired(userDetails.isCredentialsNonExpired()).build());
        jpaUser.setAuthorities(userDetails.getAuthorities().stream().map(grantedAuthority -> {
            return (JpaAuthority) this.authorityRepository.findById(grantedAuthority.getAuthority()).orElse((JpaAuthority) this.authorityRepository.save(JpaAuthority.builder().authority(grantedAuthority.getAuthority()).build()));
        }).toList());
        this.userRepository.save(jpaUser);
    }

    public void updateUser(UserDetails userDetails) {
        Optional findById = this.userRepository.findById(userDetails.getUsername());
        if (findById.isEmpty()) {
            throw new UserNotFoundException(userDetails.getUsername());
        }
        JpaUser jpaUser = (JpaUser) findById.get();
        jpaUser.setEnabled(userDetails.isEnabled());
        jpaUser.setPassword(this.passwordEncoder.encode(userDetails.getPassword()));
        jpaUser.setAccountNonExpired(userDetails.isAccountNonExpired());
        jpaUser.setCredentialsNonExpired(userDetails.isCredentialsNonExpired());
        jpaUser.setAccountNonLocked(userDetails.isAccountNonLocked());
        jpaUser.setAuthorities(userDetails.getAuthorities().stream().map(grantedAuthority -> {
            return (JpaAuthority) this.authorityRepository.findById(grantedAuthority.getAuthority()).orElse((JpaAuthority) this.authorityRepository.save(JpaAuthority.builder().authority(grantedAuthority.getAuthority()).build()));
        }).toList());
        this.userRepository.save(jpaUser);
    }

    public void deleteUser(String str) {
        Optional findById = this.userRepository.findById(str);
        if (findById.isEmpty()) {
            throw new UserNotFoundException(str);
        }
        this.userRepository.delete((JpaUser) findById.get());
    }

    public void changePassword(String str, String str2) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            throw new AccessDeniedException("Can't change password as no Authentication object found in context for current user.");
        }
        String name = authentication.getName();
        authenticationManager().authenticate(UsernamePasswordAuthenticationToken.unauthenticated(name, str));
        Optional findById = this.userRepository.findById(name);
        if (findById.isEmpty()) {
            throw new UserNotFoundException(name);
        }
        JpaUser jpaUser = (JpaUser) findById.get();
        jpaUser.setPassword(this.passwordEncoder.encode(str2));
        this.userRepository.save(jpaUser);
        SecurityContextHolder.getContext().getAuthentication().setAuthenticated(false);
    }

    public boolean userExists(String str) {
        return this.userRepository.findById(str).isPresent();
    }

    public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException {
        Optional findById = this.userRepository.findById(str);
        if (findById.isEmpty()) {
            throw new UserNotFoundException(str);
        }
        return (UserDetails) findById.get();
    }
}
