package com.tokera.ate.security;

import com.tokera.ate.common.UUIDTools;
import com.tokera.ate.dao.IRights;
import com.tokera.ate.dao.base.BaseDao;
import com.tokera.ate.dao.enumerations.RiskRole;
import com.tokera.ate.dao.enumerations.UserRole;
import com.tokera.ate.delegates.AteDelegate;
import com.tokera.ate.dto.PrivateKeyWithSeedDto;
import com.tokera.ate.dto.TokenDto;
import com.tokera.ate.io.api.IPartitionKey;
import com.tokera.ate.providers.PartitionKeySerializer;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;

/* loaded from: input_file:com/tokera/ate/security/TokenBuilder.class */
public class TokenBuilder {
    private String company;
    private String username;
    private final Map<String, List<String>> claims = new TreeMap();
    private Integer expiresMins = null;
    private boolean partitionKeySet = false;
    private boolean riskRoleSet = false;
    private boolean userRoleSet = false;
    private boolean shouldPublish = false;

    public TokenBuilder withUsername(String str) {
        this.username = str;
        return this;
    }

    public TokenBuilder withExpiresMins(int i) {
        this.expiresMins = Integer.valueOf(i);
        return this;
    }

    /* JADX WARN: Code restructure failed: missing block: B:15:0x005a, code lost:
    
        return r4;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.tokera.ate.security.TokenBuilder withRiskRole(com.tokera.ate.dao.enumerations.RiskRole r5) {
        /*
            r4 = this;
            r0 = r4
            boolean r0 = r0.riskRoleSet
            r1 = 1
            if (r0 != r1) goto L12
            java.lang.RuntimeException r0 = new java.lang.RuntimeException
            r1 = r0
            java.lang.String r2 = "The risk role was already set earlier in the builder."
            r1.<init>(r2)
            throw r0
        L12:
            r0 = r4
            r1 = 1
            r0.riskRoleSet = r1
            r0 = r5
            r6 = r0
        L19:
            r0 = r4
            java.util.Map<java.lang.String, java.util.List<java.lang.String>> r0 = r0.claims
            java.lang.String r1 = "rsk"
            r2 = r6
            java.lang.String r2 = r2.name()
            com.tokera.ate.security.TokenSecurity.addClaim(r0, r1, r2)
            int[] r0 = com.tokera.ate.security.TokenBuilder.AnonymousClass1.$SwitchMap$com$tokera$ate$dao$enumerations$RiskRole
            r1 = r6
            int r1 = r1.ordinal()
            r0 = r0[r1]
            switch(r0) {
                case 1: goto L48;
                case 2: goto L4f;
                default: goto L56;
            }
        L48:
            com.tokera.ate.dao.enumerations.RiskRole r0 = com.tokera.ate.dao.enumerations.RiskRole.MEDIUM
            r6 = r0
            goto L19
        L4f:
            com.tokera.ate.dao.enumerations.RiskRole r0 = com.tokera.ate.dao.enumerations.RiskRole.LOW
            r6 = r0
            goto L19
        L56:
            goto L59
        L59:
            r0 = r4
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.tokera.ate.security.TokenBuilder.withRiskRole(com.tokera.ate.dao.enumerations.RiskRole):com.tokera.ate.security.TokenBuilder");
    }

    public TokenBuilder withUserRole(UserRole userRole) {
        if (this.userRoleSet) {
            throw new RuntimeException("The risk role was already set earlier in the builder.");
        }
        this.userRoleSet = true;
        TokenSecurity.addClaim(this.claims, TokenDto.SECURITY_CLAIM_USER_ROLE, userRole.name());
        return this;
    }

    public TokenBuilder withPartitionKeyFromRights(IRights iRights) {
        return withPartitionkey(AteDelegate.get().io.partitionResolver().resolveOrThrow(iRights));
    }

    public TokenBuilder withPartitionkeyFromDao(BaseDao baseDao) {
        return withPartitionkey(baseDao.partitionKey(true));
    }

    public TokenBuilder withPartitionkey(IPartitionKey iPartitionKey) {
        if (this.partitionKeySet) {
            TokenSecurity.clearClaims(this.claims, TokenDto.SECURITY_CLAIM_PARTITION_KEY);
        }
        this.partitionKeySet = true;
        TokenSecurity.addClaim(this.claims, TokenDto.SECURITY_CLAIM_PARTITION_KEY, new PartitionKeySerializer().write(iPartitionKey));
        return this;
    }

    public TokenBuilder addClaim(String str, String str2) {
        TokenSecurity.addClaim(this.claims, str, str2);
        return this;
    }

    public TokenBuilder addReadKey(PrivateKeyWithSeedDto privateKeyWithSeedDto) {
        TokenSecurity.addClaim(this.claims, TokenDto.SECURITY_CLAIM_READ_KEY, privateKeyWithSeedDto.serialize(false));
        return this;
    }

    public TokenBuilder addReadKey(PrivateKeyWithSeedDto privateKeyWithSeedDto, String str) {
        return addReadKey(new PrivateKeyWithSeedDto(privateKeyWithSeedDto, str));
    }

    public TokenBuilder addReadKeys(Iterable<PrivateKeyWithSeedDto> iterable) {
        Iterator<PrivateKeyWithSeedDto> it = iterable.iterator();
        while (it.hasNext()) {
            addReadKey(it.next());
        }
        return this;
    }

    public TokenBuilder addWriteKey(PrivateKeyWithSeedDto privateKeyWithSeedDto) {
        TokenSecurity.addClaim(this.claims, TokenDto.SECURITY_CLAIM_WRITE_KEY, privateKeyWithSeedDto.serialize(false));
        return this;
    }

    public TokenBuilder addWriteKey(PrivateKeyWithSeedDto privateKeyWithSeedDto, String str) {
        return addWriteKey(new PrivateKeyWithSeedDto(privateKeyWithSeedDto, str));
    }

    public TokenBuilder addWriteKeys(Iterable<PrivateKeyWithSeedDto> iterable) {
        Iterator<PrivateKeyWithSeedDto> it = iterable.iterator();
        while (it.hasNext()) {
            addWriteKey(it.next());
        }
        return this;
    }

    public TokenBuilder shouldPublish(boolean z) {
        this.shouldPublish = z;
        return this;
    }

    private void reconcileClaims() {
        AteDelegate.get();
        if (this.username != null) {
            if (!this.claims.containsKey(TokenDto.SECURITY_CLAIM_USERNAME)) {
                TokenSecurity.addClaim(this.claims, TokenDto.SECURITY_CLAIM_USERNAME, this.username);
            }
            if (!this.claims.containsKey(TokenDto.SECURITY_CLAIM_USER_ID)) {
                TokenSecurity.addClaim(this.claims, TokenDto.SECURITY_CLAIM_USER_ID, UUIDTools.generateUUID("user://" + this.username).toString());
            }
        }
        if (!this.riskRoleSet) {
            withRiskRole(RiskRole.NONE);
        }
        if (this.userRoleSet) {
            return;
        }
        withUserRole(UserRole.ANYTHING);
    }

    public TokenDto build() {
        if (this.username == null) {
            throw new RuntimeException("You must supply a username for token.");
        }
        reconcileClaims();
        TokenDto generateToken = TokenSecurity.generateToken(this.claims, this.expiresMins != null ? this.expiresMins.intValue() : AteDelegate.get().bootstrapConfig.getSecurityLevel().tokenExpiresMins);
        if (this.shouldPublish) {
            AteDelegate.get().currentToken.publishToken(generateToken);
        }
        return generateToken;
    }
}
