package pl.edu.icm.unity.webui.authn;

import com.vaadin.annotations.Theme;
import com.vaadin.server.Page;
import com.vaadin.server.Resource;
import com.vaadin.server.VaadinRequest;
import com.vaadin.server.VaadinSession;
import com.vaadin.server.WrappedSession;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.Properties;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.ObjectFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.MessageSource;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.EntityManagement;
import pl.edu.icm.unity.engine.api.authn.AuthenticationFlow;
import pl.edu.icm.unity.engine.api.authn.InteractiveAuthenticationProcessor;
import pl.edu.icm.unity.engine.api.authn.LoginSession;
import pl.edu.icm.unity.engine.api.translation.in.InputTranslationEngine;
import pl.edu.icm.unity.engine.api.utils.ExecutorsService;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.types.endpoint.ResolvedEndpoint;
import pl.edu.icm.unity.types.registration.RegistrationContext;
import pl.edu.icm.unity.types.registration.RegistrationForm;
import pl.edu.icm.unity.webui.EndpointRegistrationConfiguration;
import pl.edu.icm.unity.webui.UnityUIBase;
import pl.edu.icm.unity.webui.UnityWebUI;
import pl.edu.icm.unity.webui.VaadinEndpointProperties;
import pl.edu.icm.unity.webui.authn.CredentialResetLauncher;
import pl.edu.icm.unity.webui.authn.column.ColumnInstantAuthenticationScreen;
import pl.edu.icm.unity.webui.authn.outdated.CredentialChangeConfiguration;
import pl.edu.icm.unity.webui.authn.outdated.OutdatedCredentialController;
import pl.edu.icm.unity.webui.authn.remote.RemoteRedirectedAuthnResponseProcessingFilter;
import pl.edu.icm.unity.webui.common.NotificationPopup;
import pl.edu.icm.unity.webui.common.file.ImageAccessService;
import pl.edu.icm.unity.webui.forms.reg.InsecureRegistrationFormLauncher;
import pl.edu.icm.unity.webui.forms.reg.StandaloneRegistrationView;

@Theme("unityThemeValo")
@Scope("prototype")
@Component("AuthenticationUI")
/* loaded from: input_file:pl/edu/icm/unity/webui/authn/AuthenticationUI.class */
public class AuthenticationUI extends UnityUIBase implements UnityWebUI {
    private static final Logger LOG = Log.getLogger("unity.server.web", AuthenticationUI.class);
    private ImageAccessService imageAccessService;
    private LocaleChoiceComponent localeChoice;
    private StandardWebLogoutHandler authnProcessor;
    private RegistrationFormsLayoutController registrationFormController;
    private InsecureRegistrationFormLauncher formLauncher;
    private ExecutorsService execService;
    private EntityManagement idsMan;
    private InputTranslationEngine inputTranslationEngine;
    private ObjectFactory<OutdatedCredentialController> outdatedCredentialDialogFactory;
    private List<AuthenticationFlow> authnFlows;
    private AuthenticationScreen authenticationUI;
    private final InteractiveAuthenticationProcessor interactiveAuthnProcessor;

    /* loaded from: input_file:pl/edu/icm/unity/webui/authn/AuthenticationUI$CredentialResetLauncherImpl.class */
    private class CredentialResetLauncherImpl implements CredentialResetLauncher {
        private CredentialResetLauncherImpl() {
        }

        @Override // pl.edu.icm.unity.webui.authn.CredentialResetLauncher
        public void startCredentialReset(com.vaadin.ui.Component component) {
            AuthenticationUI.this.setContent(component);
        }

        @Override // pl.edu.icm.unity.webui.authn.CredentialResetLauncher
        public CredentialResetLauncher.CredentialResetUIConfig getConfiguration() {
            return new CredentialResetLauncher.CredentialResetUIConfig(getLogo(), () -> {
                AuthenticationUI.this.resetToFreshAuthenticationScreen();
            }, AuthenticationUI.this.getFirstColumnWidth() * 2.0f, AuthenticationUI.this.getFirstColumnWidth(), AuthenticationUI.this.config.getBooleanValue(VaadinEndpointProperties.CRED_RESET_COMPACT).booleanValue());
        }

        private Optional<Resource> getLogo() {
            return AuthenticationUI.this.imageAccessService.getConfiguredImageResourceFromNullableUri(AuthenticationUI.this.config.getValue(VaadinEndpointProperties.AUTHN_LOGO));
        }
    }

    @Autowired
    public AuthenticationUI(MessageSource messageSource, ImageAccessService imageAccessService, LocaleChoiceComponent localeChoiceComponent, StandardWebLogoutHandler standardWebLogoutHandler, InteractiveAuthenticationProcessor interactiveAuthenticationProcessor, RegistrationFormsLayoutController registrationFormsLayoutController, InsecureRegistrationFormLauncher insecureRegistrationFormLauncher, ExecutorsService executorsService, @Qualifier("insecure") EntityManagement entityManagement, InputTranslationEngine inputTranslationEngine, ObjectFactory<OutdatedCredentialController> objectFactory) {
        super(messageSource);
        this.localeChoice = localeChoiceComponent;
        this.authnProcessor = standardWebLogoutHandler;
        this.interactiveAuthnProcessor = interactiveAuthenticationProcessor;
        this.registrationFormController = registrationFormsLayoutController;
        this.formLauncher = insecureRegistrationFormLauncher;
        this.execService = executorsService;
        this.idsMan = entityManagement;
        this.inputTranslationEngine = inputTranslationEngine;
        this.outdatedCredentialDialogFactory = objectFactory;
        this.imageAccessService = imageAccessService;
    }

    @Override // pl.edu.icm.unity.webui.UnityUIBase, pl.edu.icm.unity.webui.UnityWebUI
    public void configure(ResolvedEndpoint resolvedEndpoint, List<AuthenticationFlow> list, EndpointRegistrationConfiguration endpointRegistrationConfiguration, Properties properties) {
        super.configure(resolvedEndpoint, list, endpointRegistrationConfiguration, properties);
        this.authnFlows = new ArrayList(list);
        this.registrationFormController.configure(endpointRegistrationConfiguration);
    }

    @Override // pl.edu.icm.unity.webui.UnityUIBase
    protected void appInit(VaadinRequest vaadinRequest) {
        this.authenticationUI = ColumnInstantAuthenticationScreen.getInstance(this.msg, this.imageAccessService, this.config, this.endpointDescription, this::showOutdatedCredentialDialog, new CredentialResetLauncherImpl(), this::showRegistration, this.cancelHandler, this.idsMan, this.execService, isRegistrationEnabled(), unknownRemotePrincipalResult -> {
            return new UnknownUserDialog(this.msg, unknownRemotePrincipalResult, this.formLauncher, this.sandboxRouter, this.inputTranslationEngine, getSandboxServletURLForAssociation());
        }, this.localeChoice, this.authnFlows, this.interactiveAuthnProcessor);
        loadInitialState();
        setSizeFull();
    }

    private void loadInitialState() {
        WrappedSession session = VaadinSession.getCurrent().getSession();
        RemoteRedirectedAuthnResponseProcessingFilter.PostAuthenticationDecissionWithContext postAuthenticationDecissionWithContext = (RemoteRedirectedAuthnResponseProcessingFilter.PostAuthenticationDecissionWithContext) session.getAttribute(RemoteRedirectedAuthnResponseProcessingFilter.DECISION_SESSION_ATTRIBUTE);
        if (postAuthenticationDecissionWithContext == null) {
            setContent(this.authenticationUI);
            return;
        }
        LOG.debug("Remote authentication result found in session, triggering its processing");
        if (postAuthenticationDecissionWithContext.triggeringContext.isRegistrationTriggered()) {
            formSelected(postAuthenticationDecissionWithContext.triggeringContext.form);
            return;
        }
        session.removeAttribute(RemoteRedirectedAuthnResponseProcessingFilter.DECISION_SESSION_ATTRIBUTE);
        this.authenticationUI.initializeAfterReturnFromExternalAuthn(postAuthenticationDecissionWithContext.decision);
        setContent(this.authenticationUI);
    }

    private boolean showOutdatedCredentialDialog() {
        LoginSession loginSession = (LoginSession) VaadinSession.getCurrent().getSession().getAttribute("pl.edu.icm.unity.web.WebSession");
        if (loginSession == null || !loginSession.isUsedOutdatedCredential()) {
            return false;
        }
        CredentialChangeConfiguration credentialChangeConfiguration = new CredentialChangeConfiguration(this.config.getValue(VaadinEndpointProperties.AUTHN_LOGO), getFirstColumnWidth(), this.config.getBooleanValue(VaadinEndpointProperties.CRED_RESET_COMPACT).booleanValue());
        OutdatedCredentialController outdatedCredentialController = (OutdatedCredentialController) this.outdatedCredentialDialogFactory.getObject();
        outdatedCredentialController.init(credentialChangeConfiguration, this.authnProcessor, this::resetToFreshAuthenticationScreen);
        setContent(outdatedCredentialController.getComponent());
        return true;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public float getFirstColumnWidth() {
        Iterator it = this.config.getStructuredListKeys(VaadinEndpointProperties.AUTHN_COLUMNS_PFX).iterator();
        if (it.hasNext()) {
            return (float) this.config.getDoubleValue(((String) it.next()) + VaadinEndpointProperties.AUTHN_COLUMN_WIDTH).doubleValue();
        }
        return 15.0f;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void resetToFreshAuthenticationScreen() {
        setContent(this.authenticationUI);
        this.authenticationUI.reset();
    }

    private void resetToFreshState() {
        refresh(VaadinRequest.getCurrent());
    }

    private boolean isRegistrationEnabled() {
        try {
            return this.registrationFormController.isRegistrationEnabled();
        } catch (EngineException e) {
            LOG.error("Failed to determine whether registration is enabled or not on authentication screen.", e);
            return false;
        }
    }

    private void showRegistration() {
        if (!this.config.getRegistrationConfiguration().getExternalRegistrationURL().isPresent()) {
            showRegistrationLayout();
        } else {
            Page.getCurrent().open(this.config.getRegistrationConfiguration().getExternalRegistrationURL().get(), (String) null);
        }
    }

    private void showRegistrationLayout() {
        try {
            List<RegistrationForm> displayedForms = this.registrationFormController.getDisplayedForms();
            if (displayedForms.isEmpty()) {
                NotificationPopup.showError(this.msg.getMessage("error", new Object[0]), this.msg.getMessage("RegistrationFormsChooserComponent.noFormsInfo", new Object[0]));
            } else if (displayedForms.size() == 1) {
                formSelected(displayedForms.get(0));
            } else {
                setContent(new RegistrationFormsChooserComponent(displayedForms, this::formSelected, this::resetToFreshAuthenticationScreen, this.msg));
            }
        } catch (EngineException e) {
            NotificationPopup.showError(this.msg.getMessage("error", new Object[0]), this.msg.getMessage("AuthenticationUI.registrationFormInitError", new Object[0]));
        }
    }

    private void formSelected(RegistrationForm registrationForm) {
        StandaloneRegistrationView createRegistrationView = this.registrationFormController.createRegistrationView(registrationForm);
        createRegistrationView.enter(RegistrationContext.TriggeringMode.manualAtLogin, this::resetToFreshAuthenticationScreen, this::resetToFreshState, this::resetToFreshState);
        setContent(createRegistrationView);
    }
}
