package de.adorsys.opba.protocol.xs2a.service.xs2a.authenticate;

import de.adorsys.opba.protocol.api.common.Approach;
import de.adorsys.opba.protocol.api.common.CurrentBankProfile;
import de.adorsys.opba.protocol.bpmnshared.dto.DtoMapper;
import de.adorsys.opba.protocol.bpmnshared.service.context.ContextUtil;
import de.adorsys.opba.protocol.bpmnshared.service.exec.ValidatedExecution;
import de.adorsys.opba.protocol.xs2a.constant.GlobalConst;
import de.adorsys.opba.protocol.xs2a.context.Xs2aContext;
import de.adorsys.opba.protocol.xs2a.domain.dto.forms.ScaMethod;
import de.adorsys.opba.protocol.xs2a.service.dto.ValidatedPathHeadersBody;
import de.adorsys.opba.protocol.xs2a.service.mapper.PathHeadersBodyMapperTemplate;
import de.adorsys.opba.protocol.xs2a.service.xs2a.authenticate.embedded.AuthorizationPossibleErrorHandler;
import de.adorsys.opba.protocol.xs2a.service.xs2a.dto.Xs2aInitialConsentParameters;
import de.adorsys.opba.protocol.xs2a.service.xs2a.dto.Xs2aStandardHeaders;
import de.adorsys.opba.protocol.xs2a.service.xs2a.dto.authenticate.embedded.ProvidePsuPasswordBody;
import de.adorsys.opba.protocol.xs2a.service.xs2a.validation.Xs2aValidator;
import de.adorsys.opba.protocol.xs2a.util.logresolver.Xs2aLogResolver;
import de.adorsys.xs2a.adapter.api.AccountInformationService;
import de.adorsys.xs2a.adapter.api.Response;
import de.adorsys.xs2a.adapter.api.model.HrefType;
import de.adorsys.xs2a.adapter.api.model.ScaStatus;
import de.adorsys.xs2a.adapter.api.model.StartScaprocessResponse;
import de.adorsys.xs2a.adapter.api.model.UpdatePsuAuthentication;
import java.beans.ConstructorProperties;
import java.util.List;
import java.util.Objects;
import java.util.UUID;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.flowable.engine.delegate.DelegateExecution;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service("xs2aStartConsentAuthorizationWithPin")
/* loaded from: input_file:de/adorsys/opba/protocol/xs2a/service/xs2a/authenticate/StartConsentAuthorizationWithPin.class */
public class StartConsentAuthorizationWithPin extends ValidatedExecution<Xs2aContext> {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(StartConsentAuthorizationWithPin.class);
    private final Extractor extractor;
    private final Xs2aValidator validator;
    private final AccountInformationService ais;
    private final TppRedirectPreferredResolver tppRedirectPreferredResolver;
    private final Xs2aLogResolver logResolver = new Xs2aLogResolver(getClass());
    private final AuthorizationPossibleErrorHandler errorSink;

    @Service
    /* loaded from: input_file:de/adorsys/opba/protocol/xs2a/service/xs2a/authenticate/StartConsentAuthorizationWithPin$Extractor.class */
    public static class Extractor extends PathHeadersBodyMapperTemplate<Xs2aContext, Xs2aInitialConsentParameters, Xs2aStandardHeaders, ProvidePsuPasswordBody, UpdatePsuAuthentication> {
        public Extractor(DtoMapper<Xs2aContext, ProvidePsuPasswordBody> dtoMapper, DtoMapper<ProvidePsuPasswordBody, UpdatePsuAuthentication> dtoMapper2, DtoMapper<Xs2aContext, Xs2aStandardHeaders> dtoMapper3, DtoMapper<Xs2aContext, Xs2aInitialConsentParameters> dtoMapper4) {
            super(dtoMapper, dtoMapper2, dtoMapper3, dtoMapper4);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doValidate(DelegateExecution delegateExecution, Xs2aContext xs2aContext) {
        this.logResolver.log("doValidate: execution ({}) with context ({})", delegateExecution, xs2aContext);
        this.validator.validate(delegateExecution, xs2aContext, getClass(), this.extractor.forValidation(xs2aContext));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doMockedExecution(DelegateExecution delegateExecution, Xs2aContext xs2aContext) {
        this.logResolver.log("doMockedExecution: execution ({}) with context ({})", delegateExecution, xs2aContext);
        CurrentBankProfile aspspProfile = xs2aContext.aspspProfile();
        ContextUtil.getAndUpdateContext(delegateExecution, xs2aContext2 -> {
            xs2aContext2.setAspspScaApproach(null != aspspProfile.getPreferredApproach() ? aspspProfile.getPreferredApproach().name() : Approach.REDIRECT.name());
            xs2aContext2.setSelectedScaDecoupled(Approach.DECOUPLED.name().equals(xs2aContext2.getAspspScaApproach()));
            xs2aContext2.setAuthorizationId(UUID.randomUUID().toString());
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doRealExecution(DelegateExecution delegateExecution, Xs2aContext xs2aContext) {
        this.logResolver.log("doRealExecution: execution ({}) with context ({})", delegateExecution, xs2aContext);
        ValidatedPathHeadersBody<Xs2aInitialConsentParameters, Xs2aStandardHeaders, UpdatePsuAuthentication> forExecution = this.extractor.forExecution(xs2aContext);
        this.errorSink.handlePossibleAuthorizationError(() -> {
            startAuthorizationWithPin(delegateExecution, xs2aContext, forExecution);
        }, errorResponseException -> {
            aisOnWrongPassword(delegateExecution);
        });
    }

    private void aisOnWrongPassword(DelegateExecution delegateExecution) {
        ContextUtil.getAndUpdateContext(delegateExecution, xs2aContext -> {
            log.warn("Request {} of {} has provided incorrect password", xs2aContext.getRequestId(), xs2aContext.getSagaId());
            xs2aContext.setWrongAuthCredentials(true);
        });
    }

    private void startAuthorizationWithPin(DelegateExecution delegateExecution, Xs2aContext xs2aContext, ValidatedPathHeadersBody<Xs2aInitialConsentParameters, Xs2aStandardHeaders, UpdatePsuAuthentication> validatedPathHeadersBody) {
        CurrentBankProfile aspspProfile = xs2aContext.aspspProfile();
        validatedPathHeadersBody.getHeaders().setTppRedirectPreferred(this.tppRedirectPreferredResolver.isRedirectApproachPreferred(aspspProfile));
        this.logResolver.log("startConsentAuthorisation with parameters: {}", validatedPathHeadersBody.getPath(), validatedPathHeadersBody.getHeaders());
        Response startConsentAuthorisation = this.ais.startConsentAuthorisation(validatedPathHeadersBody.getPath().getConsentId(), validatedPathHeadersBody.getHeaders().toHeaders(), validatedPathHeadersBody.getPath().toParameters(), validatedPathHeadersBody.getBody());
        this.logResolver.log("startConsentAuthorisation response: {}", startConsentAuthorisation);
        xs2aContext.setAuthorizationId(((StartScaprocessResponse) startConsentAuthorisation.getBody()).getAuthorisationId());
        if (xs2aContext.getAuthorizationId() == null) {
            xs2aContext.setAuthorizationId(StringUtils.substringAfterLast(((HrefType) ((StartScaprocessResponse) startConsentAuthorisation.getBody()).getLinks().get("selectAuthenticationMethod")).getHref(), "authorisations/"));
        }
        xs2aContext.setStartScaProcessResponse((StartScaprocessResponse) startConsentAuthorisation.getBody());
        String header = startConsentAuthorisation.getHeaders().getHeader("ASPSP-SCA-Approach");
        xs2aContext.setAspspScaApproach(null == header ? aspspProfile.getPreferredApproach().name() : header);
        ScaStatus scaStatus = ((StartScaprocessResponse) startConsentAuthorisation.getBody()).getScaStatus();
        ContextUtil.getAndUpdateContext(delegateExecution, xs2aContext2 -> {
            xs2aContext2.setWrongAuthCredentials(false);
            xs2aContext2.setPsuPassword(null);
            setScaAvailableMethodsIfCanBeChosen(startConsentAuthorisation, xs2aContext2);
            xs2aContext2.setScaSelected(ScaUtil.scaMethodSelected((StartScaprocessResponse) startConsentAuthorisation.getBody()));
            xs2aContext2.setAuthorizationId(xs2aContext.getAuthorizationId());
            xs2aContext2.setSelectedScaDecoupled(ScaUtil.isDecoupled(startConsentAuthorisation.getHeaders()));
            xs2aContext2.setChallengeData(((StartScaprocessResponse) startConsentAuthorisation.getBody()).getChallengeData());
            xs2aContext2.setStartScaProcessResponse((StartScaprocessResponse) startConsentAuthorisation.getBody());
            xs2aContext2.setScaStatus(null == scaStatus ? null : scaStatus.toString());
        });
        delegateExecution.setVariable(GlobalConst.CONTEXT, xs2aContext);
    }

    private void setScaAvailableMethodsIfCanBeChosen(Response<StartScaprocessResponse> response, Xs2aContext xs2aContext) {
        if (null == ((StartScaprocessResponse) response.getBody()).getScaMethods()) {
            return;
        }
        Stream stream = ((StartScaprocessResponse) response.getBody()).getScaMethods().stream();
        ScaMethod.FromAuthObject fromAuthObject = ScaMethod.FROM_AUTH;
        Objects.requireNonNull(fromAuthObject);
        xs2aContext.setAvailableSca((List) stream.map(fromAuthObject::map).collect(Collectors.toList()));
    }

    @Generated
    @ConstructorProperties({"extractor", "validator", "ais", "tppRedirectPreferredResolver", "errorSink"})
    public StartConsentAuthorizationWithPin(Extractor extractor, Xs2aValidator xs2aValidator, AccountInformationService accountInformationService, TppRedirectPreferredResolver tppRedirectPreferredResolver, AuthorizationPossibleErrorHandler authorizationPossibleErrorHandler) {
        this.extractor = extractor;
        this.validator = xs2aValidator;
        this.ais = accountInformationService;
        this.tppRedirectPreferredResolver = tppRedirectPreferredResolver;
        this.errorSink = authorizationPossibleErrorHandler;
    }
}
