package de.adorsys.ledgers.middleware.rest.security;

import de.adorsys.ledgers.middleware.api.domain.um.AccessTokenTO;
import de.adorsys.ledgers.middleware.api.domain.um.AccessTypeTO;
import de.adorsys.ledgers.middleware.api.domain.um.AccountAccessTO;
import de.adorsys.ledgers.middleware.api.domain.um.AisAccountAccessInfoTO;
import de.adorsys.ledgers.middleware.api.domain.um.AisConsentTO;
import de.adorsys.ledgers.middleware.api.domain.um.BearerTokenTO;
import de.adorsys.ledgers.middleware.api.domain.um.TokenUsageTO;
import de.adorsys.ledgers.middleware.api.domain.um.UserRoleTO;
import java.time.LocalDate;
import java.util.Collection;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;

/* loaded from: input_file:de/adorsys/ledgers/middleware/rest/security/MiddlewareAuthentication.class */
public class MiddlewareAuthentication extends UsernamePasswordAuthenticationToken {
    private static final long serialVersionUID = -778888356552035882L;

    public MiddlewareAuthentication(Object obj, Object obj2) {
        super(obj, obj2);
    }

    public MiddlewareAuthentication(Object obj, BearerTokenTO bearerTokenTO, Collection<? extends GrantedAuthority> collection) {
        super(obj, bearerTokenTO, collection);
    }

    public BearerTokenTO getBearerToken() {
        return (BearerTokenTO) getCredentials();
    }

    public boolean checkAccountInfoAccess(String str) {
        BearerTokenTO bearerToken = getBearerToken();
        if (bearerToken == null) {
            return false;
        }
        AccessTokenTO accessTokenObject = bearerToken.getAccessTokenObject();
        if (UserRoleTO.STAFF == accessTokenObject.getRole() || UserRoleTO.SYSTEM == accessTokenObject.getRole()) {
            return true;
        }
        if (UserRoleTO.CUSTOMER == accessTokenObject.getRole()) {
            return (accessTokenObject.getAccountAccesses() != null && accessTokenObject.getAccountAccesses().stream().filter(accountAccessTO -> {
                return StringUtils.equalsIgnoreCase(str, accountAccessTO.getIban());
            }).findAny().isPresent()) || checkCosentAccess(accessTokenObject, str);
        }
        return false;
    }

    private boolean checkCosentAccess(AccessTokenTO accessTokenTO, String str) {
        return validConsent(accessTokenTO.getConsent()) && checkConsentAccess(str, accessTokenTO.getConsent().getAccess());
    }

    private boolean validConsent(AisConsentTO aisConsentTO) {
        return aisConsentTO != null && (aisConsentTO.getValidUntil() == null || aisConsentTO.getValidUntil().isAfter(LocalDate.now()));
    }

    private boolean checkConsentAccess(String str, AisAccountAccessInfoTO aisAccountAccessInfoTO) {
        return (aisAccountAccessInfoTO == null || (aisAccountAccessInfoTO.getAvailableAccounts() == null && aisAccountAccessInfoTO.getAllPsd2() == null && ((aisAccountAccessInfoTO.getAccounts() == null || !aisAccountAccessInfoTO.getAccounts().contains(str)) && ((aisAccountAccessInfoTO.getBalances() == null || !aisAccountAccessInfoTO.getBalances().contains(str)) && (aisAccountAccessInfoTO.getTransactions() == null || !aisAccountAccessInfoTO.getTransactions().contains(str)))))) ? false : true;
    }

    public boolean checkPaymentInitAccess(String str) {
        AccessTokenTO accessTokenObject = getBearerToken().getAccessTokenObject();
        return UserRoleTO.CUSTOMER == accessTokenObject.getRole() && accessTokenObject.getAccountAccesses() != null && accessTokenObject.getAccountAccesses().stream().filter(accountAccessTO -> {
            return paymentAccess(accountAccessTO, str);
        }).findAny().isPresent();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean paymentAccess(AccountAccessTO accountAccessTO, String str) {
        return StringUtils.equalsIgnoreCase(str, accountAccessTO.getIban()) && (AccessTypeTO.OWNER.equals(accountAccessTO.getAccessType()) || AccessTypeTO.DISPOSE.equals(accountAccessTO.getAccessType()));
    }

    public boolean checkTokenUsage(String str) {
        return getBearerToken().getAccessTokenObject().getTokenUsage() != null && getBearerToken().getAccessTokenObject().getTokenUsage().name().equals(str);
    }

    public boolean checkLoginToken(String str, String str2) {
        return checkTokenUsage(TokenUsageTO.LOGIN.name()) && str.equals(getBearerToken().getAccessTokenObject().getScaId()) && str2.equals(getBearerToken().getAccessTokenObject().getAuthorisationId());
    }
}
