package com.formkiq.server.service;

import com.formkiq.server.domain.FolderAccess;
import com.formkiq.server.domain.type.FolderPermission;
import com.formkiq.server.domain.type.UserRole;
import com.formkiq.server.util.Strings;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.stream.Collectors;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;

@Service
/* loaded from: input_file:com/formkiq/server/service/SpringSecurityService.class */
public class SpringSecurityService {

    @Autowired
    private OAuthService oauthservice;

    @Autowired
    private UserService userservice;

    public void checkBasicAuthorization(String str) {
        if (!StringUtils.isEmpty(str)) {
            String[] decode = Strings.decode(str.replaceAll("Basic ", ""), Strings.DEFAULT_DELIM);
            if (this.oauthservice.isValidClient(decode[0], decode[1])) {
                return;
            }
        }
        throw new BadCredentialsException("User does not have access to Client");
    }

    public String getClientId() {
        OAuth2Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        String str = null;
        if (authentication instanceof OAuth2Authentication) {
            str = authentication.getOAuth2Request().getClientId();
        }
        return str;
    }

    public UserDetails getUserDetails() {
        OAuth2Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication instanceof OAuth2Authentication) {
            return (UserDetails) authentication.getUserAuthentication().getPrincipal();
        }
        if (authentication instanceof UsernamePasswordAuthenticationToken) {
            return (UserDetails) ((UsernamePasswordAuthenticationToken) authentication).getPrincipal();
        }
        return null;
    }

    public UserDetails getUserDetailsByEmail(String str) {
        UserDetails userDetails = getUserDetails();
        if (isAdmin() && !StringUtils.isEmpty(str)) {
            userDetails = this.userservice.findUserByEmail(str);
        }
        return userDetails;
    }

    public String getUsername() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null) {
            return authentication.getName();
        }
        return null;
    }

    public boolean hasPermission(FolderAccess folderAccess, FolderPermission folderPermission) {
        if (folderAccess == null) {
            return false;
        }
        for (FolderPermission folderPermission2 : toPermissions(folderAccess.getPermissions())) {
            if (FolderPermission.PERM_FORM_ADMIN.equals(folderPermission2) || folderPermission.equals(folderPermission2)) {
                return true;
            }
        }
        return false;
    }

    public boolean isAdmin() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            return false;
        }
        Iterator it = authentication.getAuthorities().iterator();
        while (it.hasNext()) {
            if (UserRole.ROLE_ADMIN.name().equals(((GrantedAuthority) it.next()).getAuthority())) {
                return true;
            }
        }
        return false;
    }

    public boolean isUser(String str) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return authentication != null && str.equals(authentication.getName());
    }

    public List<FolderPermission> toPermissions(String str) {
        return toPermissions(str.split(","));
    }

    public List<FolderPermission> toPermissions(String[] strArr) {
        return (List) Arrays.asList(strArr).stream().map(str -> {
            return FolderPermission.valueOf(str.toUpperCase());
        }).collect(Collectors.toList());
    }

    public void verifyUserHasAccessToClient(String str) {
        if (!isAdmin() && !str.equals(getClientId())) {
            throw new BadCredentialsException("User does not have access to Client");
        }
    }
}
