package org.trustedanalytics.usermanagement.users.config;

import java.util.Collections;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.context.annotation.Scope;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.web.client.RestOperations;
import org.springframework.web.client.RestTemplate;
import org.trustedanalytics.auth.AuthTokenRetriever;
import org.trustedanalytics.auth.HeaderAddingHttpInterceptor;
import org.trustedanalytics.uaa.UaaClient;
import org.trustedanalytics.uaa.UaaOperations;
import org.trustedanalytics.usermanagement.invitations.service.AccessInvitationsService;
import org.trustedanalytics.usermanagement.invitations.service.InvitationsService;
import org.trustedanalytics.usermanagement.security.OAuth2PrivilegedInterceptor;
import org.trustedanalytics.usermanagement.users.PasswordGenerator;
import org.trustedanalytics.usermanagement.users.RandomPasswordGenerator;
import org.trustedanalytics.usermanagement.users.rest.AuthGatewayOperations;
import org.trustedanalytics.usermanagement.users.service.UaaUsersService;
import org.trustedanalytics.usermanagement.users.service.UsersService;

@Profile({"cloud"})
@Configuration
/* loaded from: input_file:org/trustedanalytics/usermanagement/users/config/UsersServiceConfig.class */
public class UsersServiceConfig {

    @Value("${oauth.uaa}")
    private String uaaBaseUrl;

    @Value("${oauth.resource}")
    private String apiBaseUrl;

    @Autowired
    private AuthTokenRetriever tokenRetriever;

    @Bean
    protected OAuth2PrivilegedInterceptor oauth2PrivilegedInterceptor(OAuth2ProtectedResourceDetails oAuth2ProtectedResourceDetails) {
        return new OAuth2PrivilegedInterceptor(oAuth2ProtectedResourceDetails);
    }

    @Bean
    protected UaaOperations uaaPrivilegedClient(RestOperations restOperations) {
        return new UaaClient(this.uaaBaseUrl, restOperations);
    }

    @Scope(value = "request", proxyMode = ScopedProxyMode.TARGET_CLASS)
    @Bean
    protected UaaOperations uaaClient(RestTemplate restTemplate) {
        return new UaaClient(this.uaaBaseUrl, setAccessToken(restTemplate));
    }

    private OAuth2Authentication getAuthentication() {
        SecurityContext context = SecurityContextHolder.getContext();
        if (context == null) {
            return null;
        }
        return (OAuth2Authentication) context.getAuthentication();
    }

    private RestTemplate setAccessToken(RestTemplate restTemplate) {
        restTemplate.setInterceptors(Collections.singletonList(new HeaderAddingHttpInterceptor("Authorization", "bearer " + getAccessToken())));
        return restTemplate;
    }

    private String getAccessToken() {
        return this.tokenRetriever.getAuthToken(getAuthentication());
    }

    @Bean
    protected UsersService usersService(UaaOperations uaaOperations, InvitationsService invitationsService, AccessInvitationsService accessInvitationsService, AuthGatewayOperations authGatewayOperations) {
        return new UaaUsersService(uaaOperations, invitationsService, accessInvitationsService, authGatewayOperations);
    }

    @Bean
    protected UsersService priviledgedUsersService(UaaOperations uaaOperations, InvitationsService invitationsService, AccessInvitationsService accessInvitationsService, AuthGatewayOperations authGatewayOperations) {
        return new UaaUsersService(uaaOperations, invitationsService, accessInvitationsService, authGatewayOperations);
    }

    @Bean
    protected PasswordGenerator passwordGenerator() {
        return new RandomPasswordGenerator();
    }
}
