package org.gcube.common.authorizationservice;

import java.util.UUID;
import javax.annotation.ManagedBean;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.QualifiersList;
import org.gcube.common.authorization.library.provider.CalledMethodProvider;
import org.gcube.common.authorizationservice.filters.AuthorizedCallFilter;
import org.gcube.common.authorizationservice.util.Constants;
import org.gcube.common.authorizationservice.util.TokenPersistence;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("apikey")
@ManagedBean
/* loaded from: input_file:WEB-INF/classes/org/gcube/common/authorizationservice/ApiKeyManager.class */
public class ApiKeyManager {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) ApiKeyManager.class);

    @Inject
    TokenPersistence persistence;

    @PUT
    @Consumes({MediaType.APPLICATION_XML})
    public String generateApiKey(@QueryParam("qualifier") String str, @Context HttpServletRequest httpServletRequest) {
        CalledMethodProvider.instance.set("generate(APIKEY)");
        try {
            AuthorizationEntry authorizationEntry = (AuthorizationEntry) httpServletRequest.getAttribute(AuthorizedCallFilter.AUTH_ATTRIBUTE);
            if (str == null || str.isEmpty() || str.equals(Constants.DEFAULT_TOKEN_QUALIFIER)) {
                throw new IllegalArgumentException();
            }
            log.info("generator called with user {} in context {} ", authorizationEntry.getClientInfo(), authorizationEntry.getContext());
            if (authorizationEntry.getClientInfo().getId().split(":").length > 1) {
                throw new Exception("invalid user id: " + authorizationEntry.getClientInfo());
            }
            String existingToken = this.persistence.getExistingToken(authorizationEntry.getClientInfo().getId(), authorizationEntry.getContext(), str);
            if (existingToken == null) {
                existingToken = UUID.randomUUID().toString();
                this.persistence.saveAuthorizationEntry(existingToken, authorizationEntry.getContext(), authorizationEntry.getClientInfo(), str, authorizationEntry.getClientInfo().getId());
            }
            return existingToken;
        } catch (Exception e) {
            log.error("error generating apikey ", (Throwable) e);
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Error Generating ApiKey: " + e.getMessage()).type(MediaType.TEXT_PLAIN).build());
        }
    }

    @GET
    @Produces({MediaType.APPLICATION_XML})
    public QualifiersList retrieveApiKeys(@Context HttpServletRequest httpServletRequest) {
        CalledMethodProvider.instance.set("retrieve(APIKEY)");
        log.info("calling getApiKey");
        try {
            AuthorizationEntry authorizationEntry = (AuthorizationEntry) httpServletRequest.getAttribute(AuthorizedCallFilter.AUTH_ATTRIBUTE);
            return new QualifiersList(this.persistence.getExistingApiKeys(authorizationEntry.getClientInfo().getId(), authorizationEntry.getContext()));
        } catch (Exception e) {
            log.error("error retrieving apikey", (Throwable) e);
            return null;
        }
    }

    @Path("{key}")
    @DELETE
    public void removeApiKey(@PathParam("key") String str, @Context HttpServletRequest httpServletRequest) {
    }
}
