package com.atomgraph.linkeddatahub.resource.admin;

import com.atomgraph.core.MediaTypes;
import com.atomgraph.core.exception.ConfigurationException;
import com.atomgraph.linkeddatahub.apps.model.AdminApplication;
import com.atomgraph.linkeddatahub.apps.model.Application;
import com.atomgraph.linkeddatahub.client.LinkedDataClient;
import com.atomgraph.linkeddatahub.listener.EMailListener;
import com.atomgraph.linkeddatahub.model.Service;
import com.atomgraph.linkeddatahub.model.auth.Agent;
import com.atomgraph.linkeddatahub.server.model.impl.GraphStoreImpl;
import com.atomgraph.linkeddatahub.server.security.AgentContext;
import com.atomgraph.linkeddatahub.server.util.MessageBuilder;
import com.atomgraph.linkeddatahub.server.util.Skolemizer;
import com.atomgraph.linkeddatahub.vocabulary.FOAF;
import com.atomgraph.linkeddatahub.vocabulary.LACL;
import com.atomgraph.linkeddatahub.vocabulary.LDHC;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.util.GregorianCalendar;
import java.util.Optional;
import java.util.UUID;
import javax.inject.Inject;
import javax.mail.MessagingException;
import javax.servlet.ServletConfig;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.InternalServerErrorException;
import javax.ws.rs.POST;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Request;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.core.UriBuilder;
import javax.ws.rs.core.UriInfo;
import javax.ws.rs.ext.Providers;
import org.apache.jena.ontology.Ontology;
import org.apache.jena.rdf.model.Model;
import org.apache.jena.rdf.model.ResIterator;
import org.apache.jena.rdf.model.Resource;
import org.apache.jena.vocabulary.DCTerms;
import org.apache.jena.vocabulary.RDF;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atomgraph/linkeddatahub/resource/admin/RequestAccess.class */
public class RequestAccess extends GraphStoreImpl {
    private static final Logger log = LoggerFactory.getLogger(RequestAccess.class);
    private final String emailSubject;
    private final String emailText;
    private final UriBuilder authRequestContainerUriBuilder;

    @Inject
    public RequestAccess(@Context Request request, @Context UriInfo uriInfo, MediaTypes mediaTypes, Application application, Optional<Ontology> optional, Optional<Service> optional2, @Context SecurityContext securityContext, Optional<AgentContext> optional3, @Context Providers providers, com.atomgraph.linkeddatahub.Application application2, @Context ServletConfig servletConfig) {
        super(request, uriInfo, mediaTypes, application, optional, optional2, securityContext, optional3, providers, application2);
        if (log.isDebugEnabled()) {
            log.debug("Constructing {}", getClass());
        }
        if (securityContext == null || !(securityContext.getUserPrincipal() instanceof Agent)) {
            throw new IllegalStateException("Agent is not authenticated");
        }
        this.authRequestContainerUriBuilder = uriInfo.getBaseUriBuilder().path(AdminApplication.AUTHORIZATION_REQUEST_PATH);
        this.emailSubject = servletConfig.getServletContext().getInitParameter(LDHC.requestAccessEMailSubject.getURI());
        if (this.emailSubject == null) {
            throw new InternalServerErrorException(new ConfigurationException(LDHC.requestAccessEMailSubject));
        }
        this.emailText = servletConfig.getServletContext().getInitParameter(LDHC.requestAccessEMailText.getURI());
        if (this.emailText == null) {
            throw new InternalServerErrorException(new ConfigurationException(LDHC.requestAccessEMailText));
        }
    }

    @GET
    public Response get(@QueryParam("default") @DefaultValue("false") Boolean bool, @QueryParam("graph") URI uri) {
        return super.get(false, getURI());
    }

    @Override // com.atomgraph.linkeddatahub.server.model.impl.GraphStoreImpl
    @POST
    public Response post(Model model, @QueryParam("default") @DefaultValue("false") Boolean bool, @QueryParam("graph") URI uri) {
        URI build = getAuthRequestContainerUriBuilder().path(UUID.randomUUID().toString() + "/").build(new Object[0]);
        new Skolemizer(build.toString()).apply(model);
        ResIterator listResourcesWithProperty = model.listResourcesWithProperty(RDF.type, LACL.AuthorizationRequest);
        try {
            Resource resource = (Resource) listResourcesWithProperty.next();
            if (!resource.getPropertyResourceValue(LACL.requestAgent).equals(getAgentContext().get().getAgent())) {
                throw new IllegalStateException("Agent requesting access must be authenticated");
            }
            Resource maker = getApplication().getMaker();
            if (maker == null) {
                throw new IllegalStateException("Application <" + getApplication().getURI() + "> does not have a maker (foaf:maker)");
            }
            String uri2 = maker.getURI();
            resource.addLiteral(DCTerms.created, GregorianCalendar.getInstance());
            Model model2 = LinkedDataClient.create(getSystem().getClient(), getSystem().getMediaTypes()).delegation(getUriInfo().getBaseUri(), getAgentContext().orElse(null)).getModel(uri2);
            Resource resource2 = model2.getResource(uri2);
            if (!model2.containsResource(resource2)) {
                throw new IllegalStateException("Could not load agent's <" + uri2 + "> description from admin service");
            }
            super.post(model, false, build);
            try {
                sendEmail(resource2, resource);
            } catch (MessagingException | UnsupportedEncodingException e) {
                if (log.isErrorEnabled()) {
                    log.error("Could not send access request email to Agent: {}", getAgentContext().get().getAgent().getURI());
                }
            }
            Response build2 = Response.ok().entity(model).build();
            listResourcesWithProperty.close();
            return build2;
        } catch (Throwable th) {
            listResourcesWithProperty.close();
            throw th;
        }
    }

    public void sendEmail(Resource resource, Resource resource2) throws MessagingException, UnsupportedEncodingException {
        String string;
        if (resource.hasProperty(FOAF.givenName) && resource.hasProperty(FOAF.familyName)) {
            string = resource.getProperty(FOAF.givenName).getString() + " " + resource.getProperty(FOAF.familyName).getString();
        } else {
            if (!resource.hasProperty(FOAF.name)) {
                throw new IllegalStateException("Owner Agent '" + resource + "' does not have either foaf:givenName/foaf:familyName or foaf:name");
            }
            string = resource.getProperty(FOAF.name).getString();
        }
        MessageBuilder textBodyPart = getSystem().getMessageBuilder().subject(String.format(getEmailSubject(), getApplication().getProperty(DCTerms.title).getString())).to(resource.getRequiredProperty(FOAF.mbox).getResource().getURI().substring("mailto:".length()), string).textBodyPart(String.format(getEmailText(), resource2.getPropertyResourceValue(LACL.requestAgent).getURI(), resource2.getPropertyResourceValue(LACL.requestAccessTo).getURI(), resource2.getURI()));
        if (getSystem().getNotificationAddress() != null) {
            textBodyPart = textBodyPart.from(getSystem().getNotificationAddress());
        }
        EMailListener.submit(textBodyPart.build());
    }

    protected Service getAgentService() {
        return getApplication().mo17getService();
    }

    public URI getURI() {
        return getUriInfo().getAbsolutePath();
    }

    public String getEmailSubject() {
        return this.emailSubject;
    }

    public String getEmailText() {
        return this.emailText;
    }

    public UriBuilder getAuthRequestContainerUriBuilder() {
        return this.authRequestContainerUriBuilder.clone();
    }
}
