package systems.dennis.usb.auth.delegations.simple;

import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import systems.dennis.shared.config.WebContext;
import systems.dennis.shared.exceptions.AuthorizationFailedException;
import systems.dennis.shared.exceptions.ItemNotFoundException;
import systems.dennis.usb.auth.client.LoginPassword;
import systems.dennis.usb.auth.client.entity.UserData;
import systems.dennis.usb.auth.config.AuthorizationDelegator;
import systems.dennis.usb.auth.config.AuthorizeResponse;
import systems.dennis.usb.auth.data_providers.ServerTypeProvider;
import systems.dennis.usb.auth.exception.UserIsBlockedException;
import systems.dennis.usb.auth.repository.ServerConfigRepo;
import systems.dennis.usb.auth.repository.UserDataRepository;
import systems.dennis.usb.auth.role_validator.TokenProvider;
import systems.dennis.usb.auth.role_validator.entity.UserTokenDTO;

/* loaded from: input_file:systems/dennis/usb/auth/delegations/simple/DefaultAuthorizationDelegator.class */
public class DefaultAuthorizationDelegator implements AuthorizationDelegator {
    private static final Logger log = LoggerFactory.getLogger(DefaultAuthorizationDelegator.class);
    public static final String AUTH_TYPE_DEFAULT = "DEFAULT";

    @Override // systems.dennis.usb.auth.config.AuthorizationDelegator
    public AuthorizeResponse authorize(HttpServletRequest httpServletRequest, LoginPassword loginPassword, WebContext.LocalWebContext localWebContext) {
        if (SecurityContextHolder.getContext().getAuthentication() != null) {
            log.debug("We have token in context, trying to validate it");
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            if (authentication instanceof UserTokenDTO) {
                validate((UserTokenDTO) authentication, localWebContext);
                log.debug("Token validation success");
                return AuthorizeResponse.of((UserTokenDTO) authentication, true);
            }
        }
        UserTokenDTO authorize = new SimpleTokenAuthorization().authorize(loginPassword, localWebContext);
        if (authorize == null) {
            log.debug("Authorization failed. We throw authorization exception");
            invokeAuthError(loginPassword);
        }
        SecurityContextHolder.getContext().setAuthentication(authorize);
        return AuthorizeResponse.of(authorize, false);
    }

    private void invokeAuthError(LoginPassword loginPassword) {
        throw new AuthorizationFailedException(loginPassword.getLogin());
    }

    @Override // systems.dennis.usb.auth.config.AuthorizationDelegator
    public boolean shouldAuthorize(HttpServletRequest httpServletRequest, WebContext.LocalWebContext localWebContext) {
        if (httpServletRequest.getHeader("AUTH-TYPE") != null && !"DEFAULT".equals(httpServletRequest.getHeader("AUTH-TYPE"))) {
            log.debug("Header AUTH-TYPE declares not to use DefaultAuthorizationDelegator");
            return false;
        }
        log.debug("Header AUTH-TYPE declares to use DefaultAuthorizationDelegator");
        if (((ServerConfigRepo) localWebContext.getBean(ServerConfigRepo.class)).findFirstByActiveIsTrueAndType(ServerTypeProvider.LDAP).isPresent()) {
            throw new AuthorizationFailedException("LDAP CONFIG is active. Default authorization is not possible");
        }
        return true;
    }

    @Override // systems.dennis.usb.auth.config.AuthorizationDelegator
    public boolean blockUser(boolean z, Long l, WebContext.LocalWebContext localWebContext) {
        UserDataRepository userDataRepository = (UserDataRepository) localWebContext.getBean(UserDataRepository.class);
        UserData userData = (UserData) userDataRepository.findById(l).orElseThrow(() -> {
            return new ItemNotFoundException(l);
        });
        userDataRepository.save(userData);
        logout(userData.getLogin(), localWebContext);
        return true;
    }

    @Override // systems.dennis.usb.auth.config.AuthorizationDelegator
    public boolean logout(String str, WebContext.LocalWebContext localWebContext) {
        SecurityContextHolder.getContext().setAuthentication((Authentication) null);
        ((TokenProvider) localWebContext.getBean(TokenProvider.class)).removeAuthToken(str, "DEFAULT");
        return true;
    }

    @Override // systems.dennis.usb.auth.config.AuthorizationDelegator
    public void validate(UserTokenDTO userTokenDTO, WebContext.LocalWebContext localWebContext) {
        userTokenDTO.validate(localWebContext);
        if (userTokenDTO.getUserData().getBlocked() == Boolean.TRUE) {
            throw new UserIsBlockedException("User is blocked");
        }
    }
}
