package es.prodevelop.pui9.login;

import dev.samstevens.totp.code.DefaultCodeGenerator;
import dev.samstevens.totp.code.DefaultCodeVerifier;
import dev.samstevens.totp.exceptions.QrGenerationException;
import dev.samstevens.totp.qr.QrData;
import dev.samstevens.totp.qr.ZxingPngQrGenerator;
import dev.samstevens.totp.time.SystemTimeProvider;
import dev.samstevens.totp.util.Utils;
import es.prodevelop.pui9.common.enums.PuiVariableValues;
import es.prodevelop.pui9.common.exceptions.PuiCommonAnonymousNotAllowedException;
import es.prodevelop.pui9.common.exceptions.PuiCommonAuthenticate2faMaxWrongCodeException;
import es.prodevelop.pui9.common.exceptions.PuiCommonAuthenticate2faWrongCodeException;
import es.prodevelop.pui9.common.exceptions.PuiCommonIncorrectLoginException;
import es.prodevelop.pui9.common.exceptions.PuiCommonIncorrectUserPasswordException;
import es.prodevelop.pui9.common.exceptions.PuiCommonLoginMaxAttemptsException;
import es.prodevelop.pui9.common.exceptions.PuiCommonNoSessionException;
import es.prodevelop.pui9.common.exceptions.PuiCommonUserCredentialsExpiredException;
import es.prodevelop.pui9.common.exceptions.PuiCommonUserDisabledException;
import es.prodevelop.pui9.common.exceptions.PuiCommonUserNotAuthenticatedException;
import es.prodevelop.pui9.common.exceptions.PuiCommonUserNotExistsException;
import es.prodevelop.pui9.common.exceptions.PuiCommonUserSessionTimeoutException;
import es.prodevelop.pui9.common.model.dto.PuiUserPk;
import es.prodevelop.pui9.common.model.dto.interfaces.IPuiSession;
import es.prodevelop.pui9.common.service.interfaces.IPuiUserService;
import es.prodevelop.pui9.common.service.interfaces.IPuiVariableService;
import es.prodevelop.pui9.eventlistener.PuiEventLauncher;
import es.prodevelop.pui9.eventlistener.event.LoginEvent;
import es.prodevelop.pui9.eventlistener.event.LogoutEvent;
import es.prodevelop.pui9.eventlistener.event.SessionCreatedEvent;
import es.prodevelop.pui9.exceptions.PuiException;
import es.prodevelop.pui9.session.PuiSessionHandler;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.List;
import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;

@Component
/* loaded from: input_file:es/prodevelop/pui9/login/PuiLogin.class */
public class PuiLogin implements IPuiLogin {
    public static final String TOKEN_BEARER_PREFIX = "Bearer ";

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private PuiEventLauncher eventLauncher;

    @Autowired
    private PuiSessionHandler sessionHandler;

    @Autowired
    private IPuiUserService userService;

    @Autowired
    private IPuiVariableService variableService;

    @Override // es.prodevelop.pui9.login.IPuiLogin
    public PuiUserInfo loginUser(LoginData loginData) throws PuiCommonIncorrectUserPasswordException, PuiCommonIncorrectLoginException, PuiCommonAnonymousNotAllowedException, PuiCommonUserNotExistsException, PuiCommonUserDisabledException, PuiCommonLoginMaxAttemptsException, PuiCommonUserCredentialsExpiredException {
        if (ObjectUtils.isEmpty(loginData.getUsr())) {
            throw new PuiCommonIncorrectUserPasswordException();
        }
        Authentication authenticate = authenticate(loginData);
        PuiUserSession puiUserSession = (PuiUserSession) authenticate.getPrincipal();
        fillUserSession(loginData, puiUserSession);
        this.sessionHandler.buildJwt(puiUserSession);
        IPuiSession add = this.sessionHandler.add(puiUserSession.getJwt(), authenticate);
        try {
            setContextSession(puiUserSession.getJwt());
        } catch (PuiCommonNoSessionException | PuiCommonUserNotAuthenticatedException | PuiCommonUserSessionTimeoutException e) {
        }
        this.eventLauncher.fireSync(new SessionCreatedEvent(puiUserSession, loginData));
        if (!puiUserSession.isUse2fa()) {
            this.eventLauncher.fireSync(new LoginEvent(LoginEventData.success(puiUserSession)));
        }
        this.userService.setLastAccess(new PuiUserPk(add.getUsr()), add.getCreated(), puiUserSession.getIp());
        return createUserInfo(puiUserSession);
    }

    @Override // es.prodevelop.pui9.login.IPuiLogin
    public TwoFactorAuthenticationData generateQr2fa(String str) throws PuiCommonNoSessionException, PuiCommonUserSessionTimeoutException {
        byte[] bArr;
        String str2;
        PuiUserSession puiUserSession = (PuiUserSession) this.sessionHandler.get(str.replace(TOKEN_BEARER_PREFIX, "")).getPrincipal();
        if (!puiUserSession.isUse2fa()) {
            return null;
        }
        String variable = this.variableService.getVariable(PuiVariableValues.APPLICATION_NAME.name());
        String email = puiUserSession.getEmail();
        if (ObjectUtils.isEmpty(email)) {
            email = puiUserSession.getUsername();
        }
        QrData build = new QrData.Builder().label(email).secret(puiUserSession.getSecret2fa()).issuer(variable).build();
        TwoFactorAuthenticationData twoFactorAuthenticationData = new TwoFactorAuthenticationData();
        twoFactorAuthenticationData.setLabel(email);
        twoFactorAuthenticationData.setIssuer(variable);
        twoFactorAuthenticationData.setSecret(puiUserSession.getSecret2fa());
        twoFactorAuthenticationData.setOtpAuthUri(build.getUri());
        Integer num = 350;
        ZxingPngQrGenerator zxingPngQrGenerator = new ZxingPngQrGenerator();
        zxingPngQrGenerator.setImageSize(num.intValue());
        try {
            bArr = zxingPngQrGenerator.generate(build);
        } catch (QrGenerationException e) {
            bArr = new byte[0];
        }
        twoFactorAuthenticationData.setQrImageUri(Utils.getDataUriForImage(bArr, zxingPngQrGenerator.getImageMimeType()));
        try {
            str2 = URLEncoder.encode(build.getUri(), StandardCharsets.UTF_8.name());
        } catch (UnsupportedEncodingException e2) {
            str2 = "";
        }
        twoFactorAuthenticationData.setGeneratorUri("https://quickchart.io/qr?ecLevel=L&size=" + num + "&text=" + str2);
        return twoFactorAuthenticationData;
    }

    /* JADX WARN: Type inference failed for: r0v29, types: [java.lang.Throwable, es.prodevelop.pui9.common.exceptions.PuiCommonAuthenticate2faMaxWrongCodeException] */
    @Override // es.prodevelop.pui9.login.IPuiLogin
    public void authenticate2fa(String str, String str2, boolean z) throws PuiCommonAuthenticate2faWrongCodeException, PuiCommonAuthenticate2faMaxWrongCodeException, PuiCommonNoSessionException, PuiCommonUserSessionTimeoutException {
        PuiUserSession puiUserSession = (PuiUserSession) this.sessionHandler.get(str.replace(TOKEN_BEARER_PREFIX, "")).getPrincipal();
        if (!puiUserSession.isUse2fa() || z) {
            puiUserSession.withAuthenticated(true);
            return;
        }
        puiUserSession.incrementAttempts2fa();
        if (new DefaultCodeVerifier(new DefaultCodeGenerator(), new SystemTimeProvider()).isValidCode(puiUserSession.getSecret2fa(), str2)) {
            puiUserSession.withAuthenticated(true);
            this.eventLauncher.fireSync(new LoginEvent(LoginEventData.success(puiUserSession)));
            return;
        }
        Integer num = (Integer) this.variableService.getVariable(Integer.class, PuiVariableValues.LOGIN_MAX_ATTEMPTS.name());
        if (num == null) {
            num = Integer.MAX_VALUE;
        }
        if (puiUserSession.getAttemps2fa().intValue() < num.intValue()) {
            throw new PuiCommonAuthenticate2faWrongCodeException();
        }
        try {
            logoutUser(puiUserSession.getJwt(), true);
        } catch (PuiCommonNoSessionException e) {
        }
        ?? puiCommonAuthenticate2faMaxWrongCodeException = new PuiCommonAuthenticate2faMaxWrongCodeException();
        this.eventLauncher.fireSync(new LoginEvent(LoginEventData.error(puiUserSession.getUsr(), puiUserSession.getIp(), puiUserSession.getClient(), puiCommonAuthenticate2faMaxWrongCodeException.getMessage())));
        throw puiCommonAuthenticate2faMaxWrongCodeException;
    }

    @Override // es.prodevelop.pui9.login.IPuiLogin
    public boolean is2faAuthenticated(String str) throws PuiCommonNoSessionException, PuiCommonUserSessionTimeoutException {
        PuiUserSession puiUserSession = (PuiUserSession) this.sessionHandler.get(str.replace(TOKEN_BEARER_PREFIX, "")).getPrincipal();
        return puiUserSession.isUse2fa() && puiUserSession.isAuthenticated();
    }

    @Override // es.prodevelop.pui9.login.IPuiLogin
    public PuiUserInfo getUserInfo(String str) throws PuiCommonNoSessionException, PuiCommonUserSessionTimeoutException {
        return createUserInfo((PuiUserSession) this.sessionHandler.get(str.replace(TOKEN_BEARER_PREFIX, "")).getPrincipal());
    }

    @Override // es.prodevelop.pui9.login.IPuiLogin
    public PuiUserSession logoutUser(String str, boolean z) throws PuiCommonNoSessionException {
        if (ObjectUtils.isEmpty(str)) {
            throw new PuiCommonNoSessionException();
        }
        Authentication remove = this.sessionHandler.remove(str.replace(TOKEN_BEARER_PREFIX, ""));
        if (remove == null) {
            return null;
        }
        this.eventLauncher.fireSync(new LogoutEvent(LoginEventData.success((PuiUserSession) remove.getPrincipal())));
        if (z) {
            removeContextSession();
        }
        return (PuiUserSession) remove.getPrincipal();
    }

    @Override // es.prodevelop.pui9.login.IPuiLogin
    public List<PuiUserSession> getAllSessions() {
        return this.sessionHandler.getAllSessions();
    }

    @Override // es.prodevelop.pui9.login.IPuiLogin
    public void setContextSession(String str) throws PuiCommonNoSessionException, PuiCommonUserSessionTimeoutException, PuiCommonUserNotAuthenticatedException {
        if (ObjectUtils.isEmpty(str)) {
            throw new PuiCommonNoSessionException();
        }
        Authentication authentication = this.sessionHandler.get(str.replace(TOKEN_BEARER_PREFIX, ""));
        PuiUserSession puiUserSession = (PuiUserSession) authentication.getPrincipal();
        SecurityContextHolder.getContext().setAuthentication(authentication);
        if (!puiUserSession.isAuthenticated()) {
            throw new PuiCommonUserNotAuthenticatedException();
        }
    }

    @Override // es.prodevelop.pui9.login.IPuiLogin
    public void removeContextSession() {
        SecurityContextHolder.getContext().setAuthentication((Authentication) null);
    }

    private Authentication authenticate(LoginData loginData) throws PuiCommonUserNotExistsException, PuiCommonIncorrectLoginException, PuiCommonUserDisabledException, PuiCommonAnonymousNotAllowedException, PuiCommonIncorrectUserPasswordException, PuiCommonLoginMaxAttemptsException, PuiCommonUserCredentialsExpiredException {
        PuiException puiException = null;
        try {
            try {
                try {
                    try {
                        try {
                            try {
                                Authentication authenticate = this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(loginData.getUsr(), loginData.getPassword()));
                                if (0 != 0) {
                                    this.eventLauncher.fireAsync(new LoginEvent(LoginEventData.error(loginData.getUsr(), loginData.getIp(), loginData.getClient(), puiException.getMessage())));
                                }
                                return authenticate;
                            } catch (DisabledException e) {
                                throw new PuiCommonUserDisabledException(loginData.getUsr());
                            }
                        } catch (AuthenticationException e2) {
                            throw new PuiCommonIncorrectLoginException(e2);
                        }
                    } catch (CredentialsExpiredException e3) {
                        throw new PuiCommonUserCredentialsExpiredException();
                    }
                } catch (BadCredentialsException e4) {
                    if (this.userService.setWrongLogin(new PuiUserPk(loginData.getUsr()))) {
                        throw new PuiCommonLoginMaxAttemptsException(loginData.getUsr());
                    }
                    throw new PuiCommonIncorrectUserPasswordException();
                }
            } catch (LockedException e5) {
                throw new PuiCommonAnonymousNotAllowedException();
            } catch (UsernameNotFoundException e6) {
                throw new PuiCommonUserNotExistsException(loginData.getUsr());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                this.eventLauncher.fireAsync(new LoginEvent(LoginEventData.error(loginData.getUsr(), loginData.getIp(), loginData.getClient(), puiException.getMessage())));
            }
            throw th;
        }
    }

    private void fillUserSession(LoginData loginData, PuiUserSession puiUserSession) {
        puiUserSession.withIp(loginData.getIp());
        puiUserSession.withUserAgent(loginData.getUserAgent());
        puiUserSession.withZoneId(loginData.getJavaZoneId());
        puiUserSession.withPersistent(loginData.isPersistent());
        puiUserSession.withClient(loginData.getClient());
    }

    private PuiUserInfo createUserInfo(PuiUserSession puiUserSession) {
        PuiUserInfo with2fa = PuiUserInfo.forUser(puiUserSession.getUsr()).withName(puiUserSession.getName()).withLanguage(puiUserSession.getLanguage().getIsocode()).withEmail(puiUserSession.getEmail()).withDateFormat(puiUserSession.getDateformat()).withJwt(TOKEN_BEARER_PREFIX + puiUserSession.getJwt()).withUuid(puiUserSession.getUuid()).withLastLoginTime(puiUserSession.getLastLoginTime()).withLastLoginIp(puiUserSession.getLastLoginIp()).withPasswordValidity(puiUserSession.getPasswordValidity()).withProfiles(puiUserSession.getProfiles()).withFunctionalities(puiUserSession.getFunctionalities()).with2fa(puiUserSession.isUse2fa());
        Map properties = puiUserSession.getProperties();
        with2fa.getClass();
        properties.forEach(with2fa::addProperty);
        return with2fa;
    }
}
