package io.lsn.spring.auth.controller;

import com.fasterxml.jackson.annotation.JsonView;
import io.lsn.spring.auth.configuration.properties.SecurityProperties;
import io.lsn.spring.auth.entity.User;
import io.lsn.spring.auth.entity.UserLoginRequest;
import io.lsn.spring.auth.service.UserProvider;
import io.lsn.spring.auth.transport.cookie.CookieAuthHelper;
import io.lsn.spring.utilities.configuration.condition.ConditionalOnConfiguration;
import io.lsn.spring.utilities.exception.NotFoundException;
import io.lsn.spring.utilities.json.views.JsonViews;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/api/"})
@ConditionalOnConfiguration(name = "io.lsn.spring.auth", type = ConditionalOnConfiguration.Type.ENDPOINT)
@RestController
/* loaded from: input_file:io/lsn/spring/auth/controller/UserController.class */
public class UserController {

    @Autowired
    private UserProvider provider;

    @Autowired
    private SecurityProperties properties;

    @RequestMapping(value = {"/user/logout"}, method = {RequestMethod.GET})
    public ResponseEntity<String> logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication.getPrincipal() instanceof String) {
            return new ResponseEntity<>(HttpStatus.OK);
        }
        User user = (User) authentication.getPrincipal();
        this.provider.terminateApiToken(user);
        SecurityContextHolder.clearContext();
        if (SecurityProperties.TransportMethod.COOKIE == this.properties.getTransportMethod()) {
            httpServletResponse.addCookie(CookieAuthHelper.buildCookie(httpServletRequest, user, true));
        }
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @RequestMapping(value = {"/user/login"}, method = {RequestMethod.POST})
    @JsonView({JsonViews.Public.class})
    public ResponseEntity auth(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestBody UserLoginRequest userLoginRequest) throws Exception {
        try {
            User findByUsername = this.provider.findByUsername(userLoginRequest.getUsername());
            this.provider.authenticate(findByUsername, userLoginRequest.getPassword());
            if (SecurityProperties.TransportMethod.COOKIE == this.properties.getTransportMethod()) {
                httpServletResponse.addCookie(CookieAuthHelper.buildCookie(httpServletRequest, findByUsername, false));
            }
            return new ResponseEntity(findByUsername, HttpStatus.OK);
        } catch (NotFoundException e) {
            throw new BadCredentialsException("unknown user");
        }
    }

    @RequestMapping(value = {"/secured/user"}, method = {RequestMethod.GET})
    @JsonView({JsonViews.Public.class})
    public ResponseEntity getLogged() {
        return new ResponseEntity(SecurityContextHolder.getContext().getAuthentication().getPrincipal(), HttpStatus.OK);
    }
}
