package io.intino.amidas.web.services;

import io.intino.amidas.User;
import io.intino.amidas.core.Authentication;
import io.intino.amidas.core.Credential;
import io.intino.amidas.core.Dialog;
import io.intino.amidas.core.Form;
import io.intino.amidas.core.Parameter;
import io.intino.amidas.core.Session;
import io.intino.amidas.core.Token;
import io.intino.amidas.core.Verifier;
import io.intino.amidas.core.exceptions.CouldNotSendMail;
import io.intino.amidas.core.exceptions.CredentialNotFound;
import io.intino.amidas.core.exceptions.FormCommunicationGenerateFailure;
import io.intino.amidas.core.exceptions.FormCommunicationNotFound;
import io.intino.amidas.core.exceptions.FormGenerateFailure;
import io.intino.amidas.core.exceptions.FormsNotRemoved;
import io.intino.amidas.core.exceptions.IdentityAlreadyUsed;
import io.intino.amidas.core.exceptions.SessionNotFound;
import io.intino.amidas.core.exceptions.TokenNotValid;
import io.intino.amidas.core.exceptions.TooMuchRememberForms;
import io.intino.amidas.core.exceptions.UserAlreadyRegistered;
import io.intino.amidas.core.exceptions.UserNotFound;
import io.intino.amidas.core.exceptions.UserPermissions;
import io.intino.amidas.core.exceptions.UserRegistrationFailure;
import io.intino.amidas.core.exceptions.VerifierNotValid;
import io.intino.amidas.services.providers.AuthenticationProvider;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:io/intino/amidas/web/services/AuthenticationService.class */
public class AuthenticationService implements io.intino.amidas.services.AuthenticationService {
    private final AuthenticationProvider provider;
    private final io.intino.amidas.services.BrowserService browserService;
    private static final Map<String, Credential> credentialMap = new HashMap();
    private static final Map<String, String> accessTokenMap = new HashMap();
    private static final SecureRandom random = new SecureRandom();

    public AuthenticationService(AuthenticationProvider authenticationProvider, io.intino.amidas.services.BrowserService browserService) {
        this.provider = authenticationProvider;
        this.browserService = browserService;
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public List<Authentication> authentications(String str) {
        return this.provider.authentications(str);
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public Authentication authentication(String str, String str2) {
        return this.provider.authentication(str, str2);
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public Authentication mobileAuthentication(String str) {
        return this.provider.mobileAuthentication(str);
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public Dialog dialog(Authentication authentication, Dialog.Scope scope) {
        return this.provider.dialog(authentication, scope);
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public boolean isLogged() {
        return isLogged((Session) this.browserService.currentSession());
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public boolean isLogged(Session session) {
        return (session == null || session.user() == null) ? false : true;
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public User login(Authentication authentication, List<Parameter> list) throws UserNotFound, UserPermissions, CredentialNotFound {
        User login = this.provider.login(authentication, list);
        if (!login.enabled()) {
            throw new UserPermissions(this.provider.info(authentication, list));
        }
        Session session = (Session) this.browserService.currentSession();
        session.user(login);
        Token requestToken = this.browserService.requestToken(this.browserService.currentClient());
        if (requestToken != null) {
            credential(requestToken).linkWith(session);
        }
        return login;
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public User loginUsingToken(String str) throws UserNotFound, UserPermissions, CredentialNotFound {
        User loginUsingToken = this.provider.loginUsingToken(str);
        if (loginUsingToken == null || !loginUsingToken.enabled()) {
            return null;
        }
        Session session = (Session) this.browserService.currentSession();
        session.user(loginUsingToken);
        Token requestToken = this.browserService.requestToken(this.browserService.currentClient());
        if (requestToken != null) {
            credential(requestToken).linkWith(session);
        }
        return loginUsingToken;
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public User register(Authentication authentication, List<Parameter> list) throws UserAlreadyRegistered, UserRegistrationFailure, FormGenerateFailure, CouldNotSendMail, UserNotFound {
        return this.provider.register(authentication, list);
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public void validateRegister(Authentication authentication, boolean z, Form form) throws FormsNotRemoved, UserNotFound, CouldNotSendMail, FormCommunicationNotFound, FormCommunicationGenerateFailure {
        this.provider.validateRegister(authentication, z, form);
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public void remember(Authentication authentication, List<Parameter> list) throws FormGenerateFailure, CouldNotSendMail, UserNotFound, TooMuchRememberForms {
        this.provider.remember(authentication, list);
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public void validateRemember(Authentication authentication, List<Parameter> list, Form form) throws FormsNotRemoved, UserNotFound {
        this.provider.validateRemember(authentication, list, form);
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public void saveProfile(Authentication authentication, User user, List<Parameter> list) throws UserNotFound, IdentityAlreadyUsed {
        this.provider.saveProfile(authentication, user, list);
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public void logout() throws SessionNotFound {
        logout((Session) this.browserService.currentSession());
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public void logout(Session session) throws SessionNotFound {
        if (session == null) {
            throw new SessionNotFound();
        }
        this.provider.logout(session);
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public Credential addCredential(String str, URL url) {
        return addCredential(str, url, tokenOf(UUID.randomUUID().toString()));
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public Credential addCredential(String str, URL url, Token token) {
        Credential credentialOf = credentialOf(token, url);
        credentialMap.put(token.id(), credentialOf);
        return credentialOf;
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public void deleteCredential(Token token) {
        credentialMap.remove(accessTokenMap.get(token.id()));
        accessTokenMap.remove(token.id());
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public Credential credential(Token token) throws CredentialNotFound {
        Credential credential = credentialMap.get(token.id());
        if (credential == null) {
            credential = credentialMap.get(accessTokenMap.get(token.id()));
        }
        if (credential == null) {
            throw new CredentialNotFound(token);
        }
        return credential;
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public boolean isValidToken(Token token) {
        Session session;
        String str = accessTokenMap.get(token.id());
        return (!credentialMap.containsKey(str) || (session = credentialMap.get(str).session()) == null || session.user() == null) ? false : true;
    }

    @Override // io.intino.amidas.services.AuthenticationService
    public Token validToken(Token token) {
        String str = accessTokenMap.get(token.id());
        if (credentialMap.containsKey(str)) {
            return tokenOf(str);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Token tokenOf(String str) {
        return () -> {
            return str;
        };
    }

    private Credential credentialOf(final Token token, final URL url) {
        return new Credential() { // from class: io.intino.amidas.web.services.AuthenticationService.1
            private String secret;
            private Verifier verifier;
            private Token access = null;
            private Session session = null;

            @Override // io.intino.amidas.core.Credential
            public Token requestToken() {
                return token;
            }

            @Override // io.intino.amidas.core.Credential
            public Token accessToken() {
                return this.access;
            }

            @Override // io.intino.amidas.core.Credential
            public String secret() {
                if (this.access == null) {
                    return null;
                }
                if (this.secret == null) {
                    this.secret = secretOf(this.access);
                }
                return this.secret;
            }

            @Override // io.intino.amidas.core.Credential
            public Verifier verifier() {
                if (this.verifier == null) {
                    this.verifier = verifierOf(token);
                }
                return this.verifier;
            }

            @Override // io.intino.amidas.core.Credential
            public URL callbackUrl() {
                try {
                    String url2 = url.toString();
                    return new URL((url2 + (url2.contains("?") ? "&" : "?")) + "oauth_token=" + token.id() + "&oauth_verifier=" + verifier().value());
                } catch (MalformedURLException e) {
                    return null;
                }
            }

            @Override // io.intino.amidas.core.Credential
            public Session session() {
                return this.session;
            }

            @Override // io.intino.amidas.core.Credential
            public void createAccessToken(Token token2, Verifier verifier) throws TokenNotValid, VerifierNotValid {
                if (!token.id().equals(token2.id())) {
                    throw new TokenNotValid();
                }
                if (!verifier().value().equals(verifier.value())) {
                    throw new VerifierNotValid();
                }
                this.access = AuthenticationService.this.tokenOf(UUID.randomUUID().toString());
                AuthenticationService.accessTokenMap.put(this.access.id(), token2.id());
            }

            @Override // io.intino.amidas.core.Credential
            public void linkWith(Session session) {
                this.session = session;
            }

            private Verifier verifierOf(Token token2) {
                return Verifier.build(hashOf(token2.id()));
            }

            private String secretOf(Token token2) {
                return hashOf(token2.id());
            }

            private String hashOf(String str) {
                try {
                    return Base64.encodeBase64String(MessageDigest.getInstance("SHA-1").digest((Integer.toString(AuthenticationService.random.nextInt()) + str).getBytes()));
                } catch (NoSuchAlgorithmException e) {
                    return null;
                }
            }
        };
    }
}
