package com.infusers.core.security.common.user;

import com.infusers.auth.cache.redis.UserRedisUtility;
import com.infusers.core.audit.AuditService;
import com.infusers.core.constants.Constants;
import com.infusers.core.email.RemoteEmailUtility;
import com.infusers.core.exception.access.NoAccessException;
import com.infusers.core.logger.ILogger;
import com.infusers.core.reports.IReportService;
import com.infusers.core.reports.dto.ReportData;
import com.infusers.core.security.common.NewUserCreatedEvent;
import com.infusers.core.security.common.UserLoggedInEvent;
import com.infusers.core.security.common.UserLoggedOutEvent;
import com.infusers.core.stats.users.ActiveUserService;
import com.infusers.core.user.APIUser;
import com.infusers.core.user.UserRepository;
import com.infusers.core.user.dto.UserDetailsDto;
import com.infusers.core.user.util.UserUtility;
import com.infusers.core.util.InfusersUtility;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import net.bytebuddy.utility.RandomString;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cache.annotation.CacheConfig;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.annotation.Bean;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.data.jpa.domain.Specification;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.OAuth2TokenValidatorResult;
import org.springframework.security.oauth2.core.oidc.OidcIdToken;
import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.jwt.JwtDecoders;
import org.springframework.security.oauth2.jwt.JwtValidationException;
import org.springframework.security.oauth2.jwt.JwtValidators;
import org.springframework.stereotype.Service;

@CacheConfig(cacheNames = {"infusers-user-cache"})
@Service
/* loaded from: input_file:com/infusers/core/security/common/user/UserService.class */
public class UserService implements IReportService {
    private final ILogger log = new ILogger(UserService.class);
    private static final String CLASS_NAME = "UserService";

    @Value("${spring.profiles.active}")
    private String activeProfile;

    @Value("${infusers.environment}")
    private String environment;

    @Value("${social.login.provider.google}")
    private String socialLoginProviderGoogleKey;

    @Value("${socil.login.google.issuer}")
    private String googleIssuesURL;

    @Autowired(required = true)
    private UserRepository userRepository;

    @Autowired(required = true)
    private AuditService auditService;

    @Autowired(required = true)
    private RemoteEmailUtility emailUtility;

    @Autowired
    private UserRedisUtility redisUtility;

    @Autowired
    private ApplicationEventPublisher eventPublisher;

    @Autowired
    private InfusersUtility infusersUtility;

    @Autowired
    private UserUtility userUtility;

    @Autowired
    private ActiveUserService activeUsers;
    private BCryptPasswordEncoder passwordEncoder;

    public UserService(BCryptPasswordEncoder bCryptPasswordEncoder) {
        this.passwordEncoder = bCryptPasswordEncoder;
    }

    @Override // com.infusers.core.reports.IReportService
    public Page<Object> findAll(Specification specification, Pageable pageable) {
        return this.userRepository.findAll(specification, pageable);
    }

    @Override // com.infusers.core.reports.IReportService
    public Page<Object> findAll(Pageable pageable) {
        return this.userRepository.findAll(pageable).map(aPIUser -> {
            return aPIUser;
        });
    }

    @Override // com.infusers.core.reports.IReportService
    public Page<Object> findByUserName(String str, Pageable pageable) {
        return this.userRepository.findByUsername(str, pageable).map(aPIUser -> {
            return aPIUser;
        });
    }

    private UserDetailsDto createUser(APIUser aPIUser) {
        if (getMyUserDetails(aPIUser.getUsername()) != null) {
            this.log.error("UserService.createUser()  :: User Creation/Registration NOT successful, user with same name already exists. user name = " + aPIUser.getUsername());
            return null;
        }
        if (!aPIUser.isValid()) {
            this.log.error("UserService.createUser()  :: User Creation/Registration NOT successful, invalid user data. user name = " + aPIUser);
            return null;
        }
        try {
            aPIUser.setVerificationCode(RandomString.make(64));
            aPIUser.setActive(false);
            this.userRepository.save(aPIUser);
            this.redisUtility.setValue(aPIUser.getUsername(), aPIUser);
            UserDetailsDto userDetailsDto = new UserDetailsDto();
            userDetailsDto.copy(aPIUser);
            long id = userDetailsDto.getId();
            userDetailsDto.getUsername();
            this.auditService.log(this.log, ILogger.LogTypes.WARN, CLASS_NAME, "createUser", userDetailsDto.getId(), "User Creation/Registration successful. " + id + id);
            try {
                this.emailUtility.sendEmailNewAccountCreated(userDetailsDto);
            } catch (Exception e) {
                this.log.error("UserService.createUser() Exception while sending an email to userName = " + userDetailsDto.getUsername() + " :: " + e.getMessage());
            }
            this.eventPublisher.publishEvent(new NewUserCreatedEvent(this));
            return userDetailsDto;
        } catch (Exception e2) {
            this.log.error("UserService.createUser() Exception. " + e2.getMessage());
            return null;
        }
    }

    private UserDetailsDto updateUser(APIUser aPIUser) {
        if (getMyUserDetails(aPIUser.getUsername()) == null) {
            this.log.error("UserService.updateUser()  :: User update NOT successful, user doesn't exists. user name = " + aPIUser.getUsername());
            return null;
        }
        if (!aPIUser.isValid()) {
            this.log.error("UserService.createUser()  :: User update NOT successful, invalid user data. user name = " + aPIUser.getUsername());
            return null;
        }
        try {
            this.userRepository.save(aPIUser);
            this.redisUtility.setValue(aPIUser.getUsername(), aPIUser);
            UserDetailsDto userDetailsDto = new UserDetailsDto();
            userDetailsDto.copy(aPIUser);
            return userDetailsDto;
        } catch (Exception e) {
            this.log.error("UserService.updateUser() Exception. " + e.getMessage());
            return null;
        }
    }

    public UserDetailsDto getMyUserDetails(String str) {
        APIUser value = this.redisUtility.getValue(str);
        if (value == null) {
            value = this.userRepository.findByUsername(str);
            if (value != null) {
                this.redisUtility.setValue(str, value);
            }
        }
        if (value == null) {
            return null;
        }
        UserDetailsDto userDetailsDto = new UserDetailsDto();
        userDetailsDto.copy(value);
        return userDetailsDto;
    }

    public UserDetailsDto getAnotherUser(String str, String str2) {
        if (str2 != null && str2.equalsIgnoreCase(str)) {
            return getMyUserDetails(str2);
        }
        UserDetailsDto myUserDetails = getMyUserDetails(str2);
        if (myUserDetails == null || !myUserDetails.isAdmin()) {
            throw new NoAccessException("User NOT found/No access : " + str);
        }
        return getMyUserDetails(str);
    }

    public ReportData getReportActiveUsers(UserDetailsDto userDetailsDto) {
        this.log.debug(String.format("UserService.getReportActiveUsers() :: userName = %s", userDetailsDto.getUsername()));
        ReportData generateReport = this.activeUsers.generateReport();
        this.log.debug("UserService.getReportActiveUsers() return data : " + generateReport.toString());
        return generateReport;
    }

    public void logout(String str) {
        this.eventPublisher.publishEvent(new UserLoggedOutEvent(this, str));
    }

    public boolean verify(String str) {
        APIUser findByVerificationCode = this.userRepository.findByVerificationCode(str);
        if (findByVerificationCode == null || findByVerificationCode.isActive()) {
            this.log.error("UserService.verify()  :: nvalid verification code = " + str + " :: user name = " + (findByVerificationCode == null ? "User is NULL" : findByVerificationCode.getUsername()));
            return false;
        }
        findByVerificationCode.setVerificationCode(null);
        findByVerificationCode.setActive(true);
        return updateUser(findByVerificationCode) != null;
    }

    public ResponseEntity<Object> signUp(UserDetailsDto userDetailsDto) {
        HttpStatus httpStatus;
        if (getMyUserDetails(userDetailsDto.getUsername()) != null) {
            this.log.error("UserService.signUp()  ::Sign up NOT successful, Invalid user name. user name = " + userDetailsDto.getUsername());
            return ResponseEntity.status(HttpStatus.CONFLICT).body("User Registration not successful! There is an account with that email adress: " + userDetailsDto.getUsername() + ", try with different user name/email id.");
        }
        APIUser aPIUser = new APIUser();
        aPIUser.setUsername(userDetailsDto.getUsername());
        aPIUser.setPassword(this.passwordEncoder.encode(userDetailsDto.getPassword()));
        aPIUser.setFirstname(userDetailsDto.getFirstname());
        aPIUser.setLastname(userDetailsDto.getLastname());
        aPIUser.setCountrycode(userDetailsDto.getCountrycode());
        aPIUser.setMobilenumber(this.infusersUtility.parseString2Long(userDetailsDto.getMobilenumber()));
        UserDetailsDto createUser = createUser(aPIUser);
        StringBuffer stringBuffer = new StringBuffer();
        if (createUser != null) {
            httpStatus = HttpStatus.OK;
            stringBuffer.append("User Creation/Registration successfully completed!, " + aPIUser.getUsername() + " successfully created.");
            if (this.activeProfile == null || !this.activeProfile.contains(Constants.STATIC_TEXT_ACTIVE_PROFILE_DEV)) {
                stringBuffer.append(" Please check your email and verify, in order to proceed with login!!");
            }
        } else {
            httpStatus = HttpStatus.UNPROCESSABLE_ENTITY;
            stringBuffer.append("User Creation/Registration is not successful! There is an account with that email adress/Invalid user details: " + aPIUser.getUsername() + ", try with different user name/email id.");
        }
        HashMap hashMap = new HashMap();
        hashMap.put("status", "success");
        hashMap.put("data", stringBuffer.toString());
        return new ResponseEntity<>(hashMap, httpStatus);
    }

    public ResponseEntity<UserDetailsDto> loginSocial(String str, String str2) {
        return (str2 == null || !str2.equalsIgnoreCase(this.socialLoginProviderGoogleKey)) ? new ResponseEntity<>((Object) null, new HttpHeaders(), HttpStatus.UNAUTHORIZED) : loginGoogle(str);
    }

    public ResponseEntity<UserDetailsDto> loginGoogle(String str) {
        HttpStatus httpStatus;
        UserDetailsDto userDetailsDto = null;
        HttpHeaders httpHeaders = null;
        HttpStatus httpStatus2 = HttpStatus.UNAUTHORIZED;
        boolean z = false;
        try {
            if (str != null) {
                OidcUser oidcUserByGoogleIdTokenString = getOidcUserByGoogleIdTokenString(str);
                String email = oidcUserByGoogleIdTokenString != null ? oidcUserByGoogleIdTokenString.getEmail() : null;
                userDetailsDto = getMyUserDetails(email);
                if (userDetailsDto == null && email != null && email.trim().length() > 0) {
                    APIUser aPIUser = new APIUser();
                    aPIUser.setUsername(email);
                    aPIUser.setFirstname(oidcUserByGoogleIdTokenString.getGivenName());
                    aPIUser.setLastname(oidcUserByGoogleIdTokenString.getFamilyName());
                    aPIUser.setProvider(this.socialLoginProviderGoogleKey);
                    userDetailsDto = createUser(aPIUser);
                }
                if (userDetailsDto == null) {
                    httpStatus = HttpStatus.UNAUTHORIZED;
                    this.log.error("UserService.loginGoogle() Invalid ID token/Authentication issue!! (1) :: idTokenString = " + str);
                } else {
                    if (userDetailsDto.isActive() || (this.activeProfile != null && this.activeProfile.contains(Constants.STATIC_TEXT_ACTIVE_PROFILE_DEV))) {
                        httpHeaders = new HttpHeaders();
                        httpHeaders.add(Constants.STATIC_TEXT_AUTHORIZATION, "Bearer " + this.userUtility.getToken(email));
                        httpHeaders.add("Access-Control-Expose-Headers", Constants.STATIC_TEXT_AUTHORIZATION);
                        z = true;
                    }
                    httpStatus = HttpStatus.OK;
                    this.eventPublisher.publishEvent(new UserLoggedInEvent(this, email, new Date()));
                }
            } else {
                httpStatus = HttpStatus.UNAUTHORIZED;
                this.log.error("UserService.loginGoogle() Invalid ID token (2) :: idTokenString = " + str);
            }
        } catch (Exception e) {
            httpStatus = HttpStatus.UNAUTHORIZED;
            this.log.error("UserService.loginGoogle() Exception for idTokenString = " + str + " :: " + e.getMessage());
        }
        if (z) {
            try {
                this.emailUtility.sendEmailUserLoggedIn(userDetailsDto.getUsername());
            } catch (Exception e2) {
                this.log.error("UserService.loginGoogle() Exception while sending an email to userName = " + userDetailsDto.getUsername() + " :: " + e2.getMessage());
            }
        }
        return new ResponseEntity<>(userDetailsDto, httpHeaders, httpStatus);
    }

    @Bean
    public JwtDecoder jwtDecoder() {
        return JwtDecoders.fromIssuerLocation(this.googleIssuesURL);
    }

    private OidcUser getOidcUserByGoogleIdTokenString(String str) {
        try {
            return new DefaultOidcUser(Collections.emptyList(), validate(str));
        } catch (JwtValidationException e) {
            this.log.error("UserService.getOidcUserByGoogleIdTokenString() Exception = " + e.getMessage());
            return null;
        }
    }

    private OidcIdToken validate(String str) {
        Jwt decode = jwtDecoder().decode(str);
        OAuth2TokenValidatorResult validate = JwtValidators.createDefaultWithIssuer(this.googleIssuesURL).validate(decode);
        if (!validate.hasErrors()) {
            return new OidcIdToken(str, decode.getIssuedAt(), decode.getExpiresAt(), decode.getClaims());
        }
        List list = (List) validate.getErrors();
        String description = ((OAuth2Error) list.get(0)).getDescription();
        this.log.error("UserService.validate() description = " + description + " :: idToken = " + str);
        throw new JwtValidationException("Failed to validate ID token: " + description, list);
    }
}
