package de.adorsys.opba.protocol.xs2a.service.xs2a.oauth2;

import de.adorsys.opba.protocol.api.common.Approach;
import de.adorsys.opba.protocol.api.common.CurrentBankProfile;
import de.adorsys.opba.protocol.bpmnshared.dto.DtoMapper;
import de.adorsys.opba.protocol.bpmnshared.service.context.ContextUtil;
import de.adorsys.opba.protocol.bpmnshared.service.exec.ValidatedExecution;
import de.adorsys.opba.protocol.xs2a.constant.GlobalConst;
import de.adorsys.opba.protocol.xs2a.context.Xs2aContext;
import de.adorsys.opba.protocol.xs2a.service.dto.ValidatedHeadersBody;
import de.adorsys.opba.protocol.xs2a.service.mapper.HeadersBodyMapperTemplate;
import de.adorsys.opba.protocol.xs2a.service.xs2a.authenticate.embedded.AuthorizationPossibleErrorHandler;
import de.adorsys.opba.protocol.xs2a.service.xs2a.dto.authenticate.embedded.ProvidePsuIdAndPsuPasswordBody;
import de.adorsys.opba.protocol.xs2a.service.xs2a.dto.oauth2.Xs2aOauth2Headers;
import de.adorsys.opba.protocol.xs2a.service.xs2a.validation.Xs2aValidator;
import de.adorsys.opba.protocol.xs2a.util.logresolver.Xs2aLogResolver;
import de.adorsys.xs2a.adapter.api.EmbeddedPreAuthorisationService;
import de.adorsys.xs2a.adapter.api.model.EmbeddedPreAuthorisationRequest;
import de.adorsys.xs2a.adapter.api.model.TokenResponse;
import java.beans.ConstructorProperties;
import lombok.Generated;
import org.flowable.engine.delegate.DelegateExecution;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
import org.mapstruct.Mappings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service("xs2aEmbeddedExchangePasswordToToken")
/* loaded from: input_file:de/adorsys/opba/protocol/xs2a/service/xs2a/oauth2/Xs2aEmbeddedPreAuthorization.class */
public class Xs2aEmbeddedPreAuthorization extends ValidatedExecution<Xs2aContext> {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(Xs2aEmbeddedPreAuthorization.class);
    private final Extractor extractor;
    private final Xs2aValidator validator;
    private final AuthorizationPossibleErrorHandler errorSink;
    private final EmbeddedPreAuthorisationService embeddedPreAuthorisationService;
    private final Xs2aLogResolver logResolver = new Xs2aLogResolver(getClass());

    @Service
    /* loaded from: input_file:de/adorsys/opba/protocol/xs2a/service/xs2a/oauth2/Xs2aEmbeddedPreAuthorization$Extractor.class */
    public static class Extractor extends HeadersBodyMapperTemplate<Xs2aContext, Xs2aOauth2Headers, ProvidePsuIdAndPsuPasswordBody, EmbeddedPreAuthorisationRequest> {
        public Extractor(DtoMapper<ProvidePsuIdAndPsuPasswordBody, EmbeddedPreAuthorisationRequest> dtoMapper, DtoMapper<Xs2aContext, Xs2aOauth2Headers> dtoMapper2, DtoMapper<Xs2aContext, ProvidePsuIdAndPsuPasswordBody> dtoMapper3) {
            super(dtoMapper3, dtoMapper, dtoMapper2);
        }
    }

    @Mapper(componentModel = GlobalConst.SPRING_KEYWORD, implementationPackage = GlobalConst.XS2A_MAPPERS_PACKAGE)
    /* loaded from: input_file:de/adorsys/opba/protocol/xs2a/service/xs2a/oauth2/Xs2aEmbeddedPreAuthorization$FromCtx.class */
    public interface FromCtx extends DtoMapper<Xs2aContext, ProvidePsuIdAndPsuPasswordBody> {
        @Override // 
        ProvidePsuIdAndPsuPasswordBody map(Xs2aContext xs2aContext);
    }

    @Mapper(componentModel = GlobalConst.SPRING_KEYWORD, implementationPackage = GlobalConst.XS2A_MAPPERS_PACKAGE)
    /* loaded from: input_file:de/adorsys/opba/protocol/xs2a/service/xs2a/oauth2/Xs2aEmbeddedPreAuthorization$ToXs2aApi.class */
    public interface ToXs2aApi extends DtoMapper<ProvidePsuIdAndPsuPasswordBody, EmbeddedPreAuthorisationRequest> {
        @Override // 
        @Mappings({@Mapping(target = "password", source = "psuPassword"), @Mapping(target = "username", source = "psuId")})
        EmbeddedPreAuthorisationRequest map(ProvidePsuIdAndPsuPasswordBody providePsuIdAndPsuPasswordBody);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doRealExecution(DelegateExecution delegateExecution, Xs2aContext xs2aContext) {
        this.logResolver.log("doRealExecution: execution ({}) with context ({})", delegateExecution, xs2aContext);
        ValidatedHeadersBody<Xs2aOauth2Headers, EmbeddedPreAuthorisationRequest> forExecution = this.extractor.forExecution(xs2aContext);
        this.errorSink.handlePossibleAuthorizationError(() -> {
            getOauthEmbeddedTokenWithPassword(delegateExecution, xs2aContext.aspspProfile(), forExecution);
        }, errorResponseException -> {
            onWrongPassword(delegateExecution);
        });
    }

    private void onWrongPassword(DelegateExecution delegateExecution) {
        ContextUtil.getAndUpdateContext(delegateExecution, xs2aContext -> {
            log.warn("Request {} of {} has provided incorrect password", xs2aContext.getRequestId(), xs2aContext.getSagaId());
            xs2aContext.setWrongAuthCredentials(true);
        });
    }

    private void getOauthEmbeddedTokenWithPassword(DelegateExecution delegateExecution, CurrentBankProfile currentBankProfile, ValidatedHeadersBody<Xs2aOauth2Headers, EmbeddedPreAuthorisationRequest> validatedHeadersBody) {
        TokenResponse token = this.embeddedPreAuthorisationService.getToken(validatedHeadersBody.getBody(), validatedHeadersBody.getHeaders().toHeaders());
        if (token.getTokenType() == null) {
            token.setTokenType(GlobalConst.BEARER_TOKEN_TYPE);
        }
        this.logResolver.log("getToken response: {}", token);
        ContextUtil.getAndUpdateContext(delegateExecution, xs2aContext -> {
            xs2aContext.setWrongAuthCredentials(false);
            xs2aContext.setOauth2Token(token);
            xs2aContext.setEmbeddedPreAuthNeeded(false);
            xs2aContext.setEmbeddedPreAuthDone(true);
            xs2aContext.setAspspScaApproach(null != currentBankProfile.getPreferredApproach() ? currentBankProfile.getPreferredApproach().name() : Approach.EMBEDDED.name());
            log.info("aspsp sca approach: {}", xs2aContext.getAspspScaApproach());
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doValidate(DelegateExecution delegateExecution, Xs2aContext xs2aContext) {
        this.logResolver.log("doValidate: execution ({}) with context ({})", delegateExecution, xs2aContext);
        this.validator.validate(delegateExecution, xs2aContext, getClass(), this.extractor.forValidation(xs2aContext));
    }

    @Generated
    @ConstructorProperties({"extractor", "validator", "errorSink", "embeddedPreAuthorisationService"})
    public Xs2aEmbeddedPreAuthorization(Extractor extractor, Xs2aValidator xs2aValidator, AuthorizationPossibleErrorHandler authorizationPossibleErrorHandler, EmbeddedPreAuthorisationService embeddedPreAuthorisationService) {
        this.extractor = extractor;
        this.validator = xs2aValidator;
        this.errorSink = authorizationPossibleErrorHandler;
        this.embeddedPreAuthorisationService = embeddedPreAuthorisationService;
    }
}
