package systems.dennis.shared.auth_client.client;

import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.stereotype.Service;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.RestTemplate;
import systems.dennis.shared.auth_client.controller.AuthorizeResponse;
import systems.dennis.shared.auth_client.exception.NeedAuthorizationException;
import systems.dennis.shared.auth_client.form.LoginPassword;
import systems.dennis.shared.auth_client.form.UserTokenDTO;
import systems.dennis.shared.config.WebContext;
import systems.dennis.shared.exceptions.AccessDeniedException;
import systems.dennis.shared.exceptions.AuthorizationFailedException;
import systems.dennis.shared.exceptions.StandardException;
import systems.dennis.shared.servers.beans.ServerRequest;
import systems.dennis.shared.servers.model.ServerConfig;
import systems.dennis.shared.servers.providers.ServerTypeProvider;
import systems.dennis.shared.servers.service.ServerConfigService;

@Service
@ConditionalOnExpression("${global.auth.client.enabled:false}")
/* loaded from: input_file:systems/dennis/shared/auth_client/client/AuthClient.class */
public class AuthClient {
    private final RestTemplate restTemplate;
    private final WebContext context;

    public AuthClient(RestTemplate restTemplate, WebContext webContext) {
        this.restTemplate = restTemplate;
        this.context = webContext;
    }

    public String login() {
        UserTokenDTO virtualToken = getVirtualToken();
        if (virtualToken == null) {
            throw new AccessDeniedException("user_login_password_is_incorrect");
        }
        return virtualToken.getToken();
    }

    public String login(String str, String str2, String str3) {
        UserTokenDTO token = getToken(str, str2, str3);
        if (token == null) {
            throw new NeedAuthorizationException("auth.client.authorization.failed");
        }
        return token.getToken();
    }

    public UserTokenDTO getVirtualToken() {
        try {
            LoginPassword loginPassword = new LoginPassword();
            loginPassword.setPassword(getServerPassword());
            loginPassword.setLogin(getServerLogin());
            return ((AuthorizeResponse) new ServerRequest(this.restTemplate, this.context).virtualAuth().server(ServerTypeProvider.VIRTUAL_AUTH).scope().uri("api/v3/auth/login").onErrorStatusError(403, obj -> {
                throw new AccessDeniedException("user_has_no_permission_for this");
            }).onErrorStatusError(401, obj2 -> {
                throw new AuthorizationFailedException("user_login_password_is_incorrect");
            }).onAnyErrorStatusError(obj3 -> {
                throw new StandardException("not_able_to_get_result_status", String.valueOf(obj3));
            }).executePost(loginPassword, AuthorizeResponse.class)).getDto();
        } catch (HttpClientErrorException.Forbidden e) {
            throw new AccessDeniedException("user_login_password_is_incorrect");
        }
    }

    private UserTokenDTO getToken(String str, String str2, String str3) {
        try {
            LoginPassword loginPassword = new LoginPassword();
            loginPassword.setPassword(str2);
            loginPassword.setLogin(str);
            loginPassword.setTwoFactorCode(str3);
            return ((AuthorizeResponse) new ServerRequest(this.restTemplate, this.context).defaultAuthType().server(ServerTypeProvider.VIRTUAL_AUTH).scope().uri("api/v3/auth/login").onErrorStatusError(403, obj -> {
                throw new AccessDeniedException("user_has_no_permission_for this");
            }).onErrorStatusError(401, obj2 -> {
                throw new AuthorizationFailedException("user_login_password_is_incorrect");
            }).onAnyErrorStatusError(obj3 -> {
                throw new StandardException("not_able_to_get_result_status", String.valueOf(obj3));
            }).executePost(loginPassword, AuthorizeResponse.class)).getDto();
        } catch (HttpClientErrorException.Forbidden e) {
            throw new AccessDeniedException("user_login_password_is_incorrect");
        }
    }

    private String getServerLogin() {
        ServerConfig findServer = findServer(ServerTypeProvider.VIRTUAL_AUTH);
        return findServer != null ? findServer.getUserName() : (String) this.context.getEnv("servers.central.user");
    }

    private ServerConfig findServer(Long l) {
        return ((ServerConfigService) this.context.getBean(ServerConfigService.class)).findByType(l, true);
    }

    private String getServerPassword() {
        ServerConfig findByType = ((ServerConfigService) this.context.getBean(ServerConfigService.class)).findByType(ServerTypeProvider.VIRTUAL_AUTH, true);
        return findByType != null ? findByType.getPassword() : (String) this.context.getEnv("servers.central.password");
    }

    private String getRegisterLink() {
        return (String) this.context.getEnv("pages.auth.register_link", "/register/add");
    }

    private String getRestoreLink() {
        return (String) this.context.getEnv("pages.auth.restore_link", "/auth/profile/restore");
    }

    private String getAuthPath() {
        ServerConfig findByType = ((ServerConfigService) this.context.getBean(ServerConfigService.class)).findByType(ServerTypeProvider.VIRTUAL_AUTH, true);
        return findByType != null ? findByType.getHost() + "/" + ((String) this.context.getEnv("servers.auth.request_path", "api/v3/auth")) : (String) this.context.getEnv("servers.auth.path");
    }

    private String getScopeId() {
        return this.context.getEnv("dennis.systems.security.scope.id").toString();
    }
}
