package es.prodevelop.pui9.login;

import es.prodevelop.pui9.common.enums.PuiVariableValues;
import es.prodevelop.pui9.common.exceptions.PuiCommonAnonymousNotAllowedException;
import es.prodevelop.pui9.common.exceptions.PuiCommonIncorrectLoginException;
import es.prodevelop.pui9.common.exceptions.PuiCommonIncorrectUserPasswordException;
import es.prodevelop.pui9.common.exceptions.PuiCommonNoSessionException;
import es.prodevelop.pui9.common.exceptions.PuiCommonUserDisabledException;
import es.prodevelop.pui9.common.exceptions.PuiCommonUserNotExistsException;
import es.prodevelop.pui9.common.exceptions.PuiCommonUserSessionTimeoutException;
import es.prodevelop.pui9.common.service.interfaces.IPuiVariableService;
import es.prodevelop.pui9.eventlistener.EventLauncher;
import es.prodevelop.pui9.eventlistener.event.SessionCreatedEvent;
import es.prodevelop.pui9.threads.PuiBackgroundExecutors;
import es.prodevelop.pui9.utils.PuiDateUtil;
import io.jsonwebtoken.Jwt;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.impl.DefaultClaims;
import java.time.Instant;
import java.time.ZoneId;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
import javax.annotation.PostConstruct;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.mapping.NullAuthoritiesMapper;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

@Component
/* loaded from: input_file:es/prodevelop/pui9/login/PuiLogin.class */
public class PuiLogin implements IPuiLogin {
    private static final String TOKEN_BEARER_PREFIX = "Bearer ";
    private static final String JWT_ISSUER = "PUI9_SERVER";
    private static final String JWT_CLAIM_PERSISTENT = "persistent";
    private static final String JWT_CLAIM_IP = "ip";
    private static final String JWT_CLAIM_TIMEZONE = "timezone";
    private static final String JWT_CLAIM_USER_AGENT = "useragent";
    private static final String JWT_CLAIM_CLIENT = "client";
    private static final Integer REFRESH_SESSIONS_TIMER_MINUTES = 30;

    @Autowired
    private IPuiVariableService variableService;

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private EventLauncher eventLauncher;
    private Map<String, SessionData> sessionsCache = new HashMap();
    private Map<String, SessionData> killedSessions = new HashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:es/prodevelop/pui9/login/PuiLogin$SessionData.class */
    public class SessionData {
        Authentication authentication;
        Instant expiration;
        Instant lastUse;
        boolean persistent;

        public SessionData(Authentication authentication, Instant instant, Instant instant2, boolean z) {
            this.authentication = authentication;
            this.expiration = instant;
            this.lastUse = instant2;
            this.persistent = z;
        }
    }

    @PostConstruct
    private void postConstruct() {
        PuiBackgroundExecutors.getSingleton().registerNewExecutor("RemoveExpiredSessions", true, REFRESH_SESSIONS_TIMER_MINUTES.intValue(), REFRESH_SESSIONS_TIMER_MINUTES.intValue(), TimeUnit.MINUTES, () -> {
            Instant now = Instant.now();
            this.sessionsCache.keySet().removeIf(str -> {
                return !this.sessionsCache.get(str).persistent && now.isAfter(this.sessionsCache.get(str).expiration);
            });
            this.killedSessions.keySet().removeIf(str2 -> {
                return !this.killedSessions.get(str2).persistent && now.isAfter(this.killedSessions.get(str2).expiration);
            });
        });
    }

    @Override // es.prodevelop.pui9.login.IPuiLogin
    public PuiUserInfo loginUser(LoginData loginData) throws PuiCommonIncorrectUserPasswordException, PuiCommonIncorrectLoginException, PuiCommonAnonymousNotAllowedException, PuiCommonUserNotExistsException, PuiCommonUserDisabledException {
        if (StringUtils.isEmpty(loginData.getUsr())) {
            throw new PuiCommonIncorrectUserPasswordException();
        }
        return buildUserInfo(loginData, doUserValidation(loginData));
    }

    protected PuiUserInfo buildUserInfo(LoginData loginData, Authentication authentication) {
        PuiUserSession puiUserSession = (PuiUserSession) authentication.getPrincipal();
        puiUserSession.setIp(loginData.getIp());
        puiUserSession.setUserAgent(loginData.getUserAgent());
        puiUserSession.setTimezone(loginData.getJavaTimezone());
        puiUserSession.setPersistent(loginData.isPersistent());
        puiUserSession.setClient(loginData.getClient());
        buildJwt(puiUserSession);
        this.sessionsCache.put(puiUserSession.getJwt(), new SessionData(authentication, puiUserSession.getExpiration(), puiUserSession.getCreation(), puiUserSession.isPersistent()));
        try {
            setSession(puiUserSession.getJwt(), true);
        } catch (PuiCommonNoSessionException | PuiCommonUserSessionTimeoutException e) {
        }
        PuiUserInfo puiUserInfo = new PuiUserInfo(puiUserSession.getUsr(), puiUserSession.getName(), puiUserSession.getLanguage().getIsocode(), puiUserSession.getEmail(), puiUserSession.getDateformat(), TOKEN_BEARER_PREFIX + puiUserSession.getJwt(), puiUserSession.getLastLoginTime(), puiUserSession.getLastLoginIp(), puiUserSession.getProfiles(), puiUserSession.getFunctionalities());
        Map properties = puiUserSession.getProperties();
        puiUserInfo.getClass();
        properties.forEach(puiUserInfo::addProperty);
        return puiUserInfo;
    }

    protected Authentication doUserValidation(LoginData loginData) throws PuiCommonUserNotExistsException, PuiCommonIncorrectLoginException, PuiCommonUserDisabledException, PuiCommonAnonymousNotAllowedException, PuiCommonIncorrectUserPasswordException {
        try {
            return this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(loginData.getUsr(), loginData.getPassword()));
        } catch (LockedException e) {
            throw new PuiCommonAnonymousNotAllowedException();
        } catch (AuthenticationException e2) {
            throw new PuiCommonIncorrectLoginException(e2);
        } catch (BadCredentialsException e3) {
            throw new PuiCommonIncorrectUserPasswordException();
        } catch (DisabledException e4) {
            throw new PuiCommonUserDisabledException(loginData.getUsr());
        } catch (UsernameNotFoundException e5) {
            throw new PuiCommonUserNotExistsException(loginData.getUsr());
        }
    }

    @Override // es.prodevelop.pui9.login.IPuiLogin
    public PuiUserSession logoutUser(String str) throws PuiCommonNoSessionException {
        if (StringUtils.isEmpty(str)) {
            throw new PuiCommonNoSessionException();
        }
        String replace = str.replace(TOKEN_BEARER_PREFIX, "");
        SessionData remove = this.sessionsCache.remove(replace);
        this.killedSessions.put(replace, remove);
        removeSession();
        if (remove != null) {
            return (PuiUserSession) remove.authentication.getPrincipal();
        }
        return null;
    }

    @Override // es.prodevelop.pui9.login.IPuiLogin
    public void setSession(String str, boolean z) throws PuiCommonNoSessionException, PuiCommonUserSessionTimeoutException {
        if (StringUtils.isEmpty(str)) {
            throw new PuiCommonNoSessionException();
        }
        String replace = str.replace(TOKEN_BEARER_PREFIX, "");
        SessionData sessionData = this.sessionsCache.get(replace);
        boolean z2 = false;
        if (sessionData == null) {
            sessionData = tryRecoverySession(replace);
            if (sessionData == null) {
                throw new PuiCommonNoSessionException();
            }
            z2 = true;
        }
        checkExpirationTime(replace);
        SecurityContextHolder.getContext().setAuthentication(sessionData.authentication);
        if (z2 || z) {
            this.eventLauncher.fireSync(new SessionCreatedEvent((PuiUserSession) sessionData.authentication.getPrincipal()));
        }
    }

    private synchronized SessionData tryRecoverySession(String str) {
        if (this.killedSessions.containsKey(str)) {
            return null;
        }
        SessionData sessionData = this.sessionsCache.get(str);
        if (sessionData != null) {
            return sessionData;
        }
        try {
            Jwt parse = Jwts.parser().setSigningKey(this.variableService.getVariable(PuiVariableValues.SESSION_JWT_SECRET.name())).parse(str);
            PuiUserSession loadUserByUsername = this.userDetailsService.loadUserByUsername(((DefaultClaims) parse.getBody()).getSubject());
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loadUserByUsername, (Object) null, new NullAuthoritiesMapper().mapAuthorities(loadUserByUsername.getAuthorities()));
            if (((DefaultClaims) parse.getBody()).containsKey(JWT_CLAIM_TIMEZONE)) {
                loadUserByUsername.setTimezone(ZoneId.of((String) ((DefaultClaims) parse.getBody()).get(JWT_CLAIM_TIMEZONE, String.class)));
            }
            if (((DefaultClaims) parse.getBody()).containsKey(JWT_CLAIM_PERSISTENT)) {
                loadUserByUsername.setPersistent(((Boolean) ((DefaultClaims) parse.getBody()).get(JWT_CLAIM_PERSISTENT, Boolean.class)).booleanValue());
            }
            if (((DefaultClaims) parse.getBody()).containsKey(JWT_CLAIM_IP)) {
                loadUserByUsername.setIp((String) ((DefaultClaims) parse.getBody()).get(JWT_CLAIM_IP, String.class));
            }
            if (((DefaultClaims) parse.getBody()).containsKey(JWT_CLAIM_USER_AGENT)) {
                loadUserByUsername.setUserAgent((String) ((DefaultClaims) parse.getBody()).get(JWT_CLAIM_USER_AGENT, String.class));
            }
            if (((DefaultClaims) parse.getBody()).containsKey(JWT_CLAIM_CLIENT)) {
                loadUserByUsername.setClient((String) ((DefaultClaims) parse.getBody()).get(JWT_CLAIM_CLIENT, String.class));
            }
            loadUserByUsername.setJwt(str);
            loadUserByUsername.setCreation(((DefaultClaims) parse.getBody()).getIssuedAt().toInstant());
            loadUserByUsername.setExpiration(loadUserByUsername.getCreation().plus(getTimeLogout().longValue(), (TemporalUnit) ChronoUnit.MINUTES));
            this.sessionsCache.put(str, new SessionData(usernamePasswordAuthenticationToken, loadUserByUsername.getExpiration(), loadUserByUsername.getCreation(), loadUserByUsername.isPersistent()));
            checkExpirationTime(str);
            return this.sessionsCache.get(str);
        } catch (Exception e) {
            return null;
        }
    }

    @Override // es.prodevelop.pui9.login.IPuiLogin
    public void removeSession() {
        SecurityContextHolder.getContext().setAuthentication((Authentication) null);
    }

    @Override // es.prodevelop.pui9.login.IPuiLogin
    public List<PuiUserSession> getAllSessions() {
        ArrayList arrayList = new ArrayList();
        this.sessionsCache.forEach((str, sessionData) -> {
            arrayList.add((PuiUserSession) sessionData.authentication.getPrincipal());
        });
        return arrayList;
    }

    private void buildJwt(PuiUserSession puiUserSession) {
        String variable = this.variableService.getVariable(PuiVariableValues.SESSION_JWT_SECRET.name());
        Instant now = Instant.now();
        Instant instant = null;
        if (!puiUserSession.isPersistent() && getTimeLogout() != null) {
            instant = now.plus(getTimeLogout().longValue(), (TemporalUnit) ChronoUnit.MINUTES);
        }
        JwtBuilder builder = Jwts.builder();
        builder.setIssuer(JWT_ISSUER);
        builder.setIssuedAt(PuiDateUtil.instantToDate(now));
        builder.setId(UUID.randomUUID().toString());
        builder.setSubject(puiUserSession.getUsr());
        builder.claim(JWT_CLAIM_TIMEZONE, puiUserSession.getTimezone().getId());
        builder.claim(JWT_CLAIM_PERSISTENT, Boolean.valueOf(puiUserSession.isPersistent()));
        builder.claim(JWT_CLAIM_IP, puiUserSession.getIp());
        builder.claim(JWT_CLAIM_USER_AGENT, puiUserSession.getUserAgent());
        builder.claim(JWT_CLAIM_CLIENT, puiUserSession.getClient());
        builder.signWith(SignatureAlgorithm.HS512, variable);
        puiUserSession.setJwt(builder.compact());
        puiUserSession.setCreation(now);
        puiUserSession.setExpiration(instant);
    }

    private void checkExpirationTime(String str) throws PuiCommonUserSessionTimeoutException {
        SessionData sessionData = this.sessionsCache.get(str);
        if (sessionData.persistent || sessionData.expiration == null) {
            return;
        }
        if (Instant.now().isAfter(sessionData.expiration)) {
            this.sessionsCache.remove(str);
            throw new PuiCommonUserSessionTimeoutException();
        }
        sessionData.lastUse = Instant.now();
        sessionData.expiration = getTimeLogout() != null ? sessionData.lastUse.plus(getTimeLogout().longValue(), (TemporalUnit) ChronoUnit.MINUTES) : null;
    }

    private Long getTimeLogout() {
        Long l;
        try {
            l = (Long) this.variableService.getVariable(Long.class, PuiVariableValues.SESSION_TIMEOUT.name());
        } catch (Exception e) {
            l = null;
        }
        return l;
    }
}
