package de.uniba.minf.registry.controller.user;

import de.uniba.minf.auth.profile.AuthProfile;
import de.uniba.minf.core.rest.exception.ApiInsufficientPermissionsException;
import de.uniba.minf.core.rest.exception.ApiItemNotFoundException;
import de.uniba.minf.core.rest.exception.ApiRuntimeException;
import de.uniba.minf.core.rest.model.RestItemResponse;
import de.uniba.minf.core.rest.model.RestItemsResponse;
import de.uniba.minf.core.rest.model.RestResponse;
import de.uniba.minf.registry.model.PersistedUser;
import de.uniba.minf.registry.model.RegistryAccessToken;
import de.uniba.minf.registry.repository.AccessTokenRepository;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.servlet.http.HttpServletRequest;
import java.time.Instant;
import java.util.List;
import java.util.Locale;
import java.util.Optional;
import org.pac4j.core.profile.ProfileManager;
import org.pac4j.core.profile.UserProfile;
import org.pac4j.jwt.profile.JwtGenerator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/api/v1/tokens/{userUID}"})
@Tag(name = "Access Token", description = "API methods for user access tokens")
@RestController
/* loaded from: input_file:BOOT-INF/classes/de/uniba/minf/registry/controller/user/AccessTokenController.class */
public class AccessTokenController extends BaseUserRestController<RegistryAccessToken> {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) AccessTokenController.class);

    @Autowired
    private ProfileManager profileManager;

    @Autowired
    private JwtGenerator jwtGenerator;
    private static final String ITEM_TYPE = "accessToken";

    @Autowired
    private AccessTokenRepository accessTokenRepo;

    public AccessTokenController() {
        super("/api/v1/tokens");
    }

    @GetMapping
    public RestItemsResponse getUserAccessTokens(@PathVariable("userUID") String str, HttpServletRequest httpServletRequest, Locale locale) throws ApiInsufficientPermissionsException, ApiItemNotFoundException {
        PersistedUser checkCanAccessUser = checkCanAccessUser(this.authInfoHelper.getAuth(), str);
        RestItemsResponse restItemsResponse = new RestItemsResponse();
        List<RegistryAccessToken> findByUserId = this.accessTokenRepo.findByUserId(checkCanAccessUser.getUniqueId());
        findByUserId.stream().forEach(registryAccessToken -> {
            registryAccessToken.setUniqueId(null);
        });
        restItemsResponse.setSize(findByUserId.size());
        restItemsResponse.setItems(getItems(findByUserId));
        restItemsResponse.setLinks(getLinks(httpServletRequest.getRequestURL().toString()));
        return restItemsResponse;
    }

    @GetMapping({"/{tokenUID}"})
    public RestItemResponse getUserAccessToken(@PathVariable("userUID") String str, @PathVariable("tokenUID") String str2, HttpServletRequest httpServletRequest, Locale locale) throws ApiInsufficientPermissionsException, ApiItemNotFoundException {
        RegistryAccessToken token = getToken(str, str2);
        token.setUniqueId(null);
        return getItemResponse(token, httpServletRequest, RestResponse.ApiActions.GET);
    }

    @DeleteMapping({"/{tokenUID}"})
    public RestItemResponse deleteUserAccessToken(@PathVariable("userUID") String str, @PathVariable("tokenUID") String str2, HttpServletRequest httpServletRequest, Locale locale) throws ApiInsufficientPermissionsException, ApiItemNotFoundException {
        RegistryAccessToken token = getToken(str, str2);
        this.accessTokenRepo.deleteById(token.getId());
        token.setUniqueId(null);
        return getItemResponse(token, httpServletRequest, RestResponse.ApiActions.DELETED);
    }

    @PostMapping({"/{tokenUID}"})
    public RestItemResponse updateUserAccessToken(@PathVariable("userUID") String str, @PathVariable("tokenUID") String str2, @RequestBody RegistryAccessToken registryAccessToken, HttpServletRequest httpServletRequest, Locale locale) throws ApiInsufficientPermissionsException, ApiItemNotFoundException {
        RegistryAccessToken token = getToken(str, str2);
        fillToken(token, registryAccessToken);
        this.accessTokenRepo.save(token);
        token.setUniqueId(null);
        return getItemResponse(token, httpServletRequest, RestResponse.ApiActions.UPDATED);
    }

    @PostMapping
    public RestItemResponse saveNewUserAccessToken(@PathVariable("userUID") String str, @RequestBody(required = false) RegistryAccessToken registryAccessToken, HttpServletRequest httpServletRequest, Locale locale) throws ApiRuntimeException {
        PersistedUser checkCanAccessUser = checkCanAccessUser(this.authInfoHelper.getAuth(), str);
        RegistryAccessToken registryAccessToken2 = new RegistryAccessToken();
        fillToken(registryAccessToken2, registryAccessToken);
        registryAccessToken2.setUserId(checkCanAccessUser.getUniqueId());
        Optional<UserProfile> profile = this.profileManager.getProfile();
        if (!profile.isPresent()) {
            throw new ApiRuntimeException("Failed to generate JWT token");
        }
        registryAccessToken2.setUniqueId(this.jwtGenerator.generate(((AuthProfile) AuthProfile.class.cast(profile.get())).getClaims()));
        registryAccessToken2.setCreationInstant(Instant.now());
        this.accessTokenRepo.save(registryAccessToken2);
        return getItemResponse(registryAccessToken2, httpServletRequest, RestResponse.ApiActions.CREATED);
    }

    private RegistryAccessToken getToken(String str, String str2) throws ApiItemNotFoundException, ApiInsufficientPermissionsException {
        RegistryAccessToken findByIdAndUserId = this.accessTokenRepo.findByIdAndUserId(str2, checkCanAccessUser(this.authInfoHelper.getAuth(), str).getUniqueId());
        if (findByIdAndUserId == null) {
            throw new ApiItemNotFoundException(ITEM_TYPE, str2);
        }
        return findByIdAndUserId;
    }

    private void fillToken(RegistryAccessToken registryAccessToken, RegistryAccessToken registryAccessToken2) {
        if (registryAccessToken2 != null) {
            registryAccessToken.setExpires(registryAccessToken2.getExpires());
            registryAccessToken.setName(registryAccessToken2.getName());
        }
    }
}
