package fr.inra.agrosyst.services.security;

import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import com.google.common.collect.Maps;
import fr.inra.agrosyst.api.entities.security.AgrosystUser;
import fr.inra.agrosyst.api.entities.security.AgrosystUserTopiaDao;
import fr.inra.agrosyst.api.entities.security.StoredToken;
import fr.inra.agrosyst.api.entities.security.StoredTokenTopiaDao;
import fr.inra.agrosyst.api.services.security.AuthenticationService;
import fr.inra.agrosyst.api.services.security.AuthorizationService;
import fr.inra.agrosyst.api.services.users.UserDto;
import fr.inra.agrosyst.services.AbstractAgrosystService;
import fr.inra.agrosyst.services.users.UserServiceImpl;
import java.util.Map;
import java.util.UUID;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/agrosyst-services-0.10.1.jar:fr/inra/agrosyst/services/security/AuthenticationServiceImpl.class */
public class AuthenticationServiceImpl extends AbstractAgrosystService implements AuthenticationService {
    private static final Log log = LogFactory.getLog(AuthenticationServiceImpl.class);
    protected static final Map<String, String> USER_TOKENS = Maps.newConcurrentMap();
    protected AuthorizationService authorizationService;
    protected StoredTokenTopiaDao storedTokenDao;
    protected AgrosystUserTopiaDao agrosystUserDao;

    public void setAuthorizationService(AuthorizationService authorizationService) {
        this.authorizationService = authorizationService;
    }

    public void setStoredTokenDao(StoredTokenTopiaDao storedTokenTopiaDao) {
        this.storedTokenDao = storedTokenTopiaDao;
    }

    public void setAgrosystUserDao(AgrosystUserTopiaDao agrosystUserTopiaDao) {
        this.agrosystUserDao = agrosystUserTopiaDao;
    }

    private void saveToken(String str, String str2) {
        Preconditions.checkArgument(!Strings.isNullOrEmpty(str));
        Preconditions.checkArgument(!Strings.isNullOrEmpty(str2));
        if (!getConfig().isTokenStorageEnabled()) {
            USER_TOKENS.put(str, str2);
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug("Token will be stored directly in database");
        }
        this.storedTokenDao.create("token", str, "userId", str2);
        getTransaction().commit();
    }

    private String getTokenUserId(String str) {
        String str2 = null;
        if (getConfig().isTokenStorageEnabled()) {
            StoredToken storedToken = (StoredToken) this.storedTokenDao.forTokenEquals(str).findAnyOrNull();
            if (storedToken != null) {
                str2 = storedToken.getUserId();
            }
        } else {
            str2 = USER_TOKENS.get(str);
        }
        return str2;
    }

    private void dropToken(String str) {
        if (!getConfig().isTokenStorageEnabled()) {
            USER_TOKENS.remove(str);
            return;
        }
        StoredToken storedToken = (StoredToken) this.storedTokenDao.forTokenEquals(str).findAnyOrNull();
        if (storedToken != null) {
            this.storedTokenDao.delete((StoredTokenTopiaDao) storedToken);
            getTransaction().commit();
        }
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthenticationService
    public UserDto login(String str, String str2) {
        Preconditions.checkArgument(!Strings.isNullOrEmpty(str), "email cannot be empty");
        if (log.isInfoEnabled()) {
            log.info(String.format("Check user authentication with email: '%s'", str));
        }
        AgrosystUser agrosystUser = (AgrosystUser) this.agrosystUserDao.forProperties(AgrosystUser.PROPERTY_EMAIL, (Object) str.toLowerCase(), "password", UserServiceImpl.hashPassword(str2), "active", true).findAnyOrNull();
        UserDto userDto = null;
        if (agrosystUser != null) {
            userDto = UserServiceImpl.TO_USER_DTO.apply(agrosystUser);
        } else if (log.isWarnEnabled()) {
            log.warn(String.format("Could not authenticate user with email: '%s' and the given password", str));
        }
        if (userDto != null) {
            String uuid = UUID.randomUUID().toString();
            userDto.setAuthenticationToken(uuid);
            saveToken(uuid, userDto.getTopiaId());
        }
        return userDto;
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthenticationService
    public void logout(String str) {
        if (Strings.isNullOrEmpty(str)) {
            return;
        }
        if (!Strings.isNullOrEmpty(getTokenUserId(str))) {
            this.authorizationService.dropComputedPermissions(str);
        }
        dropToken(str);
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthenticationService
    public String getAuthenticatedUserId(String str) {
        Preconditions.checkArgument(!Strings.isNullOrEmpty(str), "token cannot be empty");
        return getTokenUserId(str);
    }

    @Override // fr.inra.agrosyst.api.services.security.AuthenticationService
    public UserDto getAuthenticatedUser(String str) {
        String authenticatedUserId = getAuthenticatedUserId(str);
        UserDto userDto = null;
        if (authenticatedUserId != null) {
            userDto = UserServiceImpl.TO_USER_DTO.apply((AgrosystUser) this.agrosystUserDao.findByTopiaId(authenticatedUserId));
        }
        return userDto;
    }
}
