package org.gcube.common.authorizationservice;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import javax.annotation.ManagedBean;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.validation.constraints.NotNull;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.eclipse.persistence.jpa.rs.ReservedWords;
import org.eclipse.persistence.sdo.SDOConstants;
import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.ExternalServiceList;
import org.gcube.common.authorization.library.provider.CalledMethodProvider;
import org.gcube.common.authorization.library.provider.ContainerInfo;
import org.gcube.common.authorization.library.provider.ExternalServiceInfo;
import org.gcube.common.authorization.library.provider.ServiceInfo;
import org.gcube.common.authorization.library.provider.UserInfo;
import org.gcube.common.authorization.library.utils.AuthorizationEntryList;
import org.gcube.common.authorization.library.utils.ListMapper;
import org.gcube.common.authorization.library.utils.MultiServiceTokenRequest;
import org.gcube.common.authorizationservice.filters.AuthorizedCallFilter;
import org.gcube.common.authorizationservice.util.Constants;
import org.gcube.common.authorizationservice.util.TokenPersistence;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path(SDOConstants.TOKEN)
@ManagedBean
/* loaded from: input_file:WEB-INF/classes/org/gcube/common/authorizationservice/TokenManager.class */
public class TokenManager {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) TokenManager.class);

    @Inject
    TokenPersistence persistence;

    @GET
    @Produces({MediaType.APPLICATION_XML})
    @Path("{token}")
    public AuthorizationEntry retrieveToken(@NotNull @PathParam("token") String str) {
        CalledMethodProvider.instance.set("retrieve");
        log.info("token retreiver called with token {}", str);
        AuthorizationEntry authorizationEntry = this.persistence.getAuthorizationEntry(str);
        log.info("info retrieved {}", authorizationEntry);
        if (authorizationEntry == null) {
            log.error("token {} not found ", str);
            throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).entity("token " + str + " not found").type(MediaType.TEXT_PLAIN).build());
        }
        log.debug("returning info {}", authorizationEntry);
        return authorizationEntry;
    }

    @GET
    @Produces({MediaType.APPLICATION_XML})
    @Path("bunch")
    public AuthorizationEntryList retrieveTokenBunch(@NotNull @QueryParam("token") List<String> list) {
        CalledMethodProvider.instance.set("retrieve");
        log.info("token retreiver called with tokens {}", list);
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            try {
                arrayList.add(this.persistence.getAuthorizationEntry(it.next()));
            } catch (Exception e) {
            }
        }
        log.info("info retrieved {}", arrayList);
        if (!arrayList.isEmpty()) {
            return new AuthorizationEntryList(arrayList);
        }
        log.error("no tokens poassed have been found ");
        throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).entity("no tokens poassed have been found ").type(MediaType.TEXT_PLAIN).build());
    }

    @GET
    @Path("resolve/{user}")
    public String getTokenByUserAndContext(@NotNull @PathParam("user") String str, @QueryParam("context") String str2) {
        CalledMethodProvider.instance.set("retrieve");
        log.info("resolving token for user {} in context {}", str, str2);
        if (str2 == null) {
            log.error("null context found");
            throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).entity("null context found").type(MediaType.TEXT_PLAIN).build());
        }
        String existingToken = this.persistence.getExistingToken(str, str2, Constants.DEFAULT_TOKEN_QUALIFIER);
        if (existingToken != null) {
            return existingToken;
        }
        log.error("token {} not found ", existingToken);
        throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).entity("token for user " + str + " in context " + str2 + " not found").type(MediaType.TEXT_PLAIN).build());
    }

    @Path("user")
    @PUT
    @Consumes({MediaType.APPLICATION_XML})
    public String generateUserToken(UserInfo userInfo, @NotNull @QueryParam("context") String str) {
        CalledMethodProvider.instance.set("generate");
        try {
            log.info("generator called with user {} in context {} ", userInfo, str);
            if (userInfo.getId().split(":").length > 1) {
                throw new Exception("invalid user id: " + userInfo.getId());
            }
            String existingToken = this.persistence.getExistingToken(userInfo.getId(), str, Constants.DEFAULT_TOKEN_QUALIFIER);
            if (existingToken == null) {
                existingToken = UUID.randomUUID().toString();
                this.persistence.saveAuthorizationEntry(existingToken, str, userInfo, Constants.DEFAULT_TOKEN_QUALIFIER, null);
            }
            return existingToken;
        } catch (Exception e) {
            log.error("error generating token ", (Throwable) e);
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Error Generating Token: " + e.getMessage()).type(MediaType.TEXT_PLAIN).build());
        }
    }

    @Path("user/{token}/roles")
    @PUT
    @Consumes({MediaType.APPLICATION_XML})
    public String setRoles(ListMapper listMapper, @NotNull @PathParam("token") String str) {
        CalledMethodProvider.instance.set("setRoles");
        try {
            log.info("update roles called");
            this.persistence.updateAuthorizationEntry(str, listMapper.getList());
            return str;
        } catch (Exception e) {
            log.error("error setting roles to token ", (Throwable) e);
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Error setting roles to token: " + e.getMessage()).type(MediaType.TEXT_PLAIN).build());
        }
    }

    @Path("user")
    @Consumes({MediaType.APPLICATION_XML})
    @DELETE
    public void removeUserToken(@NotNull @QueryParam("client_id") String str, @NotNull @QueryParam("context") String str2) {
        CalledMethodProvider.instance.set(ReservedWords.JPARS_REL_DELETE);
        try {
            log.info("generator called with user {} in context {} ", str, str2);
            if (str.split(":").length > 1) {
                throw new Exception("invalid user id: " + str);
            }
            this.persistence.removeAllAuthorizationsEntryForClientId(str2, str);
        } catch (Exception e) {
            log.error("error generating token ", (Throwable) e);
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Error removing Token: " + e.getMessage()).type(MediaType.TEXT_PLAIN).build());
        }
    }

    @Path("service")
    @PUT
    @Consumes({MediaType.APPLICATION_XML})
    public String generateServiceToken(ServiceInfo serviceInfo, @Context HttpServletRequest httpServletRequest) {
        CalledMethodProvider.instance.set("generate");
        try {
            AuthorizationEntry authorizationEntry = (AuthorizationEntry) httpServletRequest.getAttribute(AuthorizedCallFilter.AUTH_ATTRIBUTE);
            log.info("generator called with service {} in context {} ", serviceInfo.getId(), authorizationEntry.getContext());
            return generateTokenForServiceInfo(serviceInfo, authorizationEntry);
        } catch (Exception e) {
            log.error("error generating token ", (Throwable) e);
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Error Generating Token: " + e.getMessage()).type(MediaType.TEXT_PLAIN).build());
        }
    }

    @Path("service/bunch")
    @Consumes({MediaType.APPLICATION_XML})
    @Produces({MediaType.APPLICATION_XML})
    @PUT
    public ListMapper generateServiceTokenBunch(MultiServiceTokenRequest multiServiceTokenRequest, @Context HttpServletRequest httpServletRequest) {
        CalledMethodProvider.instance.set("generate");
        log.info("calling generate service token bunch");
        try {
            AuthorizationEntry authorizationEntry = (AuthorizationEntry) httpServletRequest.getAttribute(AuthorizedCallFilter.AUTH_ATTRIBUTE);
            ArrayList arrayList = new ArrayList();
            Iterator<String> it = multiServiceTokenRequest.getContainerTokens().iterator();
            while (it.hasNext()) {
                AuthorizationEntry retrieveToken = retrieveToken(it.next());
                if (retrieveToken != null) {
                    if (retrieveToken.getClientInfo().getId().equals(authorizationEntry.getClientInfo().getId())) {
                        arrayList.add(generateTokenForServiceInfo(multiServiceTokenRequest.getInfo(), retrieveToken));
                    } else {
                        log.warn("a token with a different ContainerInfo of the caller used, skipping it");
                    }
                }
            }
            return new ListMapper(arrayList);
        } catch (Exception e) {
            log.error("error generating tokens ", (Throwable) e);
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Error Generating Token: " + e.getMessage()).type(MediaType.TEXT_PLAIN).build());
        }
    }

    @Path("external/{serviceId}")
    @PUT
    @Consumes({MediaType.APPLICATION_XML})
    public String generateExternalServiceToken(@PathParam("serviceId") String str, @Context HttpServletRequest httpServletRequest) {
        try {
            CalledMethodProvider.instance.set("generate");
            AuthorizationEntry authorizationEntry = (AuthorizationEntry) httpServletRequest.getAttribute(AuthorizedCallFilter.AUTH_ATTRIBUTE);
            log.info("generator called for external service {} in context {} ", str, authorizationEntry.getContext());
            if (str.split(":").length > 1) {
                throw new Exception("invalid external service id: " + str);
            }
            String existingToken = this.persistence.getExistingToken(str, authorizationEntry.getContext(), Constants.DEFAULT_TOKEN_QUALIFIER);
            if (existingToken == null) {
                existingToken = UUID.randomUUID().toString();
                this.persistence.saveAuthorizationEntry(existingToken, authorizationEntry.getContext(), new ExternalServiceInfo(str, authorizationEntry.getClientInfo().getId()), Constants.DEFAULT_TOKEN_QUALIFIER, authorizationEntry.getClientInfo().getId());
            }
            return existingToken;
        } catch (Exception e) {
            log.error("error generating token ", (Throwable) e);
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Error Generating Token: " + e.getMessage()).type(MediaType.TEXT_PLAIN).build());
        }
    }

    @GET
    @Path("external")
    @Consumes({MediaType.APPLICATION_XML})
    public ExternalServiceList getExternalServiceCreated(@Context HttpServletRequest httpServletRequest) {
        CalledMethodProvider.instance.set("retrieve");
        try {
            AuthorizationEntry authorizationEntry = (AuthorizationEntry) httpServletRequest.getAttribute(AuthorizedCallFilter.AUTH_ATTRIBUTE);
            log.info("get External Service called in context {} by {} ", authorizationEntry.getContext(), authorizationEntry.getClientInfo().getId());
            return new ExternalServiceList(this.persistence.getExistingExternalServices(authorizationEntry.getClientInfo().getId(), authorizationEntry.getContext()));
        } catch (Exception e) {
            log.error("error generating token ", (Throwable) e);
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Error Generating Token: " + e.getMessage()).type(MediaType.TEXT_PLAIN).build());
        }
    }

    @Path("node")
    @PUT
    @Consumes({MediaType.APPLICATION_XML})
    public String generateContainerToken(@NotNull ContainerInfo containerInfo, @QueryParam("context") String str, @Context HttpServletRequest httpServletRequest) {
        CalledMethodProvider.instance.set("generate");
        try {
            AuthorizationEntry authorizationEntry = (AuthorizationEntry) httpServletRequest.getAttribute(AuthorizedCallFilter.AUTH_ATTRIBUTE);
            if (str != null) {
                return generateTokenForContainerInfo(containerInfo, str);
            }
            if (authorizationEntry == null) {
                throw new Exception("error trying to activate node (token and context are empty)");
            }
            log.info("generator called for node {} in context {} ", containerInfo.getId(), authorizationEntry.getContext());
            return generateTokenForContainerInfo(containerInfo, authorizationEntry);
        } catch (Exception e) {
            log.error("error generating token ", (Throwable) e);
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Error Generating Token: " + e.getMessage()).type(MediaType.TEXT_PLAIN).build());
        }
    }

    private String generateTokenForContainerInfo(ContainerInfo containerInfo, String str) throws Exception {
        if (containerInfo.getId().split(":").length != 2) {
            throw new Exception("invalid container id: " + containerInfo.getId());
        }
        String existingToken = this.persistence.getExistingToken(containerInfo.getId(), str, Constants.DEFAULT_TOKEN_QUALIFIER);
        if (existingToken == null) {
            existingToken = UUID.randomUUID().toString();
            this.persistence.saveAuthorizationEntry(existingToken, str, containerInfo, Constants.DEFAULT_TOKEN_QUALIFIER, null);
        }
        return existingToken;
    }

    private String generateTokenForContainerInfo(ContainerInfo containerInfo, AuthorizationEntry authorizationEntry) throws Exception {
        if (containerInfo.getId().split(":").length != 2) {
            throw new Exception("invalid container id: " + containerInfo.getId());
        }
        String existingToken = this.persistence.getExistingToken(containerInfo.getId(), authorizationEntry.getContext(), Constants.DEFAULT_TOKEN_QUALIFIER);
        if (existingToken == null) {
            existingToken = UUID.randomUUID().toString();
            this.persistence.saveAuthorizationEntry(existingToken, authorizationEntry.getContext(), containerInfo, Constants.DEFAULT_TOKEN_QUALIFIER, authorizationEntry.getClientInfo().getId());
        }
        return existingToken;
    }

    private String generateTokenForServiceInfo(ServiceInfo serviceInfo, AuthorizationEntry authorizationEntry) throws Exception {
        if (serviceInfo.getId().split(":").length != 3) {
            throw new Exception("invalid service id: " + serviceInfo.getId());
        }
        String existingToken = this.persistence.getExistingToken(serviceInfo.getId(), authorizationEntry.getContext(), Constants.DEFAULT_TOKEN_QUALIFIER);
        if (existingToken == null) {
            existingToken = UUID.randomUUID().toString();
            this.persistence.saveAuthorizationEntry(existingToken, authorizationEntry.getContext(), serviceInfo, Constants.DEFAULT_TOKEN_QUALIFIER, authorizationEntry.getClientInfo().getId());
        }
        return existingToken;
    }
}
