package systems.dennis.usb.auth.client.remote;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.RestTemplate;
import systems.dennis.shared.config.WebContext;
import systems.dennis.shared.exceptions.AccessDeniedException;
import systems.dennis.usb.auth.client.LoginPassword;
import systems.dennis.usb.auth.exception.NeedAuthorizationException;
import systems.dennis.usb.auth.role_validator.entity.UserTokenDTO;

@Service
@ConditionalOnExpression("${global.auth.client.enabled:false}")
/* loaded from: input_file:systems/dennis/usb/auth/client/remote/AuthClient.class */
public class AuthClient {
    private final RestTemplate restTemplate;
    private final WebContext context;

    @Value("${servers.central.user:}")
    private String serverLogin;

    @Value("${servers.central.password:}")
    private String serverPassword;

    @Value("${pages.auth.register_link:/register/add}")
    private String registerLink;

    @Value("${pages.auth.restore_link:/auth/profile/restore}")
    private String restoreLink;

    @Value("${servers.auth.path}")
    private String authPath;

    public AuthClient(RestTemplate restTemplate, WebContext webContext) {
        this.restTemplate = restTemplate;
        this.context = webContext;
    }

    public String login() {
        UserTokenDTO virtualToken = getVirtualToken(this.serverLogin, this.serverPassword);
        if (virtualToken == null) {
            throw new AccessDeniedException("User login password is incorrect");
        }
        return virtualToken.getToken();
    }

    public String login(String str, String str2, String str3) {
        UserTokenDTO token = getToken(str, str2, str3);
        if (token == null) {
            throw new NeedAuthorizationException();
        }
        return token.getToken();
    }

    private UserTokenDTO getVirtualToken(String str, String str2) {
        try {
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            if (authentication != null && !(authentication instanceof AnonymousAuthenticationToken)) {
                return (UserTokenDTO) authentication;
            }
            LoginPassword loginPassword = new LoginPassword();
            loginPassword.setPassword(str2);
            loginPassword.setLogin(str);
            ResponseEntity postForEntity = this.restTemplate.postForEntity(this.authPath + "/authorize_virtual_user", loginPassword, UserTokenDTO.class, new Object[0]);
            if (postForEntity.getStatusCode() == HttpStatus.FORBIDDEN) {
                throw new AccessDeniedException("User login password is incorrect");
            }
            if (postForEntity.getBody() == null) {
                throw new RuntimeException("not able to get ->  result status: " + postForEntity.getStatusCode());
            }
            SecurityContextHolder.getContext().setAuthentication((Authentication) postForEntity.getBody());
            return (UserTokenDTO) postForEntity.getBody();
        } catch (HttpClientErrorException.Forbidden e) {
            throw new AccessDeniedException("User login password is incorrect");
        }
    }

    private UserTokenDTO getToken(String str, String str2, String str3) {
        try {
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            if (authentication != null && !(authentication instanceof AnonymousAuthenticationToken)) {
                return (UserTokenDTO) authentication;
            }
            LoginPassword loginPassword = new LoginPassword();
            loginPassword.setPassword(str2);
            loginPassword.setLogin(str);
            loginPassword.setTwoFactorCode(str3);
            ResponseEntity postForEntity = this.restTemplate.postForEntity(this.authPath + "/login", loginPassword, UserTokenDTO.class, new Object[0]);
            if (postForEntity.getStatusCode() == HttpStatus.FORBIDDEN) {
                throw new AccessDeniedException("User login password is incorrect");
            }
            if (postForEntity.getBody() == null) {
                throw new RuntimeException("not able to get ->  result status: " + postForEntity.getStatusCode());
            }
            SecurityContextHolder.getContext().setAuthentication((Authentication) postForEntity.getBody());
            return (UserTokenDTO) postForEntity.getBody();
        } catch (HttpClientErrorException.Forbidden e) {
            throw new AccessDeniedException("User login password is incorrect");
        }
    }

    public String getRegisterLink() {
        return this.registerLink;
    }

    public String getRestoreLink() {
        return this.restoreLink;
    }

    public String getAuthPath() {
        return this.authPath;
    }
}
