package org.webpieces.router.impl.services;

import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.List;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionStage;
import java.util.function.Function;
import org.webpieces.ctx.api.Flash;
import org.webpieces.ctx.api.HttpMethod;
import org.webpieces.ctx.api.RequestContext;
import org.webpieces.ctx.api.RouterRequest;
import org.webpieces.ctx.api.Validation;
import org.webpieces.router.api.RouterConfig;
import org.webpieces.router.api.controller.actions.Action;
import org.webpieces.router.api.exceptions.BadClientRequestException;
import org.webpieces.router.api.exceptions.Violation;
import org.webpieces.router.api.exceptions.WebpiecesException;
import org.webpieces.router.api.routes.MethodMeta;
import org.webpieces.router.impl.ctx.SessionImpl;
import org.webpieces.router.impl.loader.LoadedController;
import org.webpieces.router.impl.model.SvcProxyLogic;
import org.webpieces.router.impl.params.BeanValidator;
import org.webpieces.router.impl.params.ParamToObjectTranslatorImpl;
import org.webpieces.util.exceptions.SneakyThrow;
import org.webpieces.util.filters.Service;
import org.webpieces.util.futures.FutureHelper;

/* loaded from: input_file:org/webpieces/router/impl/services/SvcProxyForHtml.class */
public class SvcProxyForHtml implements Service<MethodMeta, Action> {
    private final ParamToObjectTranslatorImpl translator;
    private final RouterConfig config;
    private final ControllerInvoker invoker;
    private FutureHelper futureUtil;
    private BeanValidator validator;

    public SvcProxyForHtml(SvcProxyLogic svcProxyLogic, FutureHelper futureHelper) {
        this.futureUtil = futureHelper;
        this.translator = svcProxyLogic.getTranslator();
        this.config = svcProxyLogic.getConfig();
        this.invoker = svcProxyLogic.getServiceInvoker();
        this.validator = svcProxyLogic.getValidator();
    }

    public CompletableFuture<Action> invoke(MethodMeta methodMeta) {
        return this.futureUtil.syncToAsyncException(() -> {
            return invokeMethod(methodMeta);
        });
    }

    private CompletableFuture<Action> invokeMethod(MethodMeta methodMeta) throws IllegalAccessException, IllegalArgumentException, InvocationTargetException {
        tokenCheck((RouteInfoForHtml) methodMeta.getRoute(), methodMeta.getCtx());
        Method controllerMethod = methodMeta.getLoadedController().getControllerMethod();
        Object controllerInstance = methodMeta.getLoadedController().getControllerInstance();
        methodMeta.getCtx().getValidation();
        return this.translator.createArgs(controllerMethod, methodMeta.getCtx(), null).thenApply(list -> {
            return validate(controllerInstance, controllerMethod, methodMeta.getCtx(), list);
        }).thenCompose((Function<? super U, ? extends CompletionStage<U>>) list2 -> {
            return doTheInvoke(methodMeta, list2);
        });
    }

    private List<Object> validate(Object obj, Method method, RequestContext requestContext, List<Object> list) {
        if (requestContext.getRequest().method != HttpMethod.POST) {
            return list;
        }
        Validation validation = requestContext.getValidation();
        for (Violation violation : this.validator.validate(obj, method, list)) {
            validation.addError(violation.getPath(), violation.getMessage());
        }
        return list;
    }

    private CompletableFuture<Action> doTheInvoke(MethodMeta methodMeta, List<Object> list) {
        try {
            return this.invoker.invokeAndCoerce(methodMeta.getLoadedController(), list.toArray()).thenApply(action -> {
                if (this.config.isValidateFlash()) {
                    validateKeepFlagSet(action, methodMeta.getCtx(), methodMeta.getLoadedController());
                }
                return action;
            });
        } catch (IllegalAccessException e) {
            throw SneakyThrow.sneak(e);
        } catch (InvocationTargetException e2) {
            if (e2.getCause() instanceof WebpiecesException) {
                throw ((WebpiecesException) e2.getCause());
            }
            throw SneakyThrow.sneak(e2);
        }
    }

    private void tokenCheck(RouteInfoForHtml routeInfoForHtml, RequestContext requestContext) {
        RouterRequest request = requestContext.getRequest();
        if (request.multiPartFields.size() != 0 && this.config.isTokenCheckOn() && routeInfoForHtml.isCheckSecureToken()) {
            String str = requestContext.getSession().get(SessionImpl.SECURE_TOKEN_KEY);
            List list = (List) request.multiPartFields.get("__secureToken");
            if (list == null) {
                throw new BadClientRequestException("missing form token(or route added without setting checkToken variable to false)...someone posting form without getting it first(hacker or otherwise) OR you are not using the #{form}# tag or the #{secureToken}# tag to secure your forms");
            }
            if (list.size() == 0) {
                throw new BadClientRequestException("missing form token(or route added without setting checkToken variable to false)...someone posting form without getting it first(hacker or otherwise) OR you are not using the #{form}# tag or the #{secureToken}# tag to secure your forms");
            }
            if (list.size() > 1) {
                throw new BadClientRequestException("Somehow, there are two values for key=__secureToken. This name is reserved.  perhaps your app is using it?");
            }
            String str2 = (String) list.get(0);
            if (str == null) {
                throw new BadClientRequestException("Somehow, the cookie is missing the secure token.  key=__ST. This token is set in the session when rendering form tags in FormTag.java when calling Current.session().getOrCreateSecureToken();. form token=" + str2);
            }
            if (!str.equals(str2)) {
                throw new BadClientRequestException("bad form token...someone posting form with invalid token(hacker or otherwise)");
            }
        }
    }

    private void validateKeepFlagSet(Action action, RequestContext requestContext, LoadedController loadedController) {
        if (requestContext.getRequest().method != HttpMethod.POST) {
            return;
        }
        Flash flash = requestContext.getFlash();
        Validation validation = requestContext.getValidation();
        if (!flash.isKeepFlagSet()) {
            throw new IllegalStateException("In your controller, you did not call flash.keep() or flash.noKeep().  You must do one or the other(usually call keep() on redirects to flash user inpput so user doesn't lose his input).\nOffending controller=" + loadedController.getControllerMethod() + "\nResponse Action(your controller returned)=" + action);
        }
        if (!validation.isKeepFlagSet()) {
            throw new IllegalStateException("In your controller, you did not call validation.keep() or validation.noKeep().  You must do one or the other(usually call keep() on redirects to flash user inpput so user doesn't lose his input)\nOffending controller=" + loadedController.getControllerMethod() + "\nResponse Action(your controller returned)=" + action);
        }
    }
}
