package fi.oph.kouta.security;

import fi.oph.kouta.repository.SessionDAO$;
import fi.vm.sade.utils.cas.CasClient;
import fi.vm.sade.utils.slf4j.Logging;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
import org.slf4j.Logger;
import scala.Function0;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Some;
import scala.Tuple2;
import scala.concurrent.duration.Duration$;
import scala.package$;
import scala.reflect.ScalaSignature;
import scala.util.Either;
import scala.util.Left;

/* compiled from: casSessionService.scala */
@ScalaSignature(bytes = "\u0006\u0001\u0005es!B\u0001\u0003\u0011\u0003Y\u0011!E\"bgN+7o]5p]N+'O^5dK*\u00111\u0001B\u0001\tg\u0016\u001cWO]5us*\u0011QAB\u0001\u0006W>,H/\u0019\u0006\u0003\u000f!\t1a\u001c9i\u0015\u0005I\u0011A\u00014j\u0007\u0001\u0001\"\u0001D\u0007\u000e\u0003\t1QA\u0004\u0002\t\u0002=\u0011\u0011cQ1t'\u0016\u001c8/[8o'\u0016\u0014h/[2f'\ti\u0001\u0003\u0005\u0002\r#\u0019)aBAA\u0001%M\u0019\u0011cE\r\u0011\u0005Q9R\"A\u000b\u000b\u0003Y\tQa]2bY\u0006L!\u0001G\u000b\u0003\r\u0005s\u0017PU3g!\tQ2%D\u0001\u001c\u0015\taR$A\u0003tY\u001a$$N\u0003\u0002\u001f?\u0005)Q\u000f^5mg*\u0011\u0001%I\u0001\u0005g\u0006$WM\u0003\u0002#\u0011\u0005\u0011a/\\\u0005\u0003Im\u0011q\u0001T8hO&tw\r\u0003\u0005'#\t\u0015\r\u0011\"\u0001(\u0003=\u0019XmY;sSRL8i\u001c8uKb$X#\u0001\u0015\u0011\u00051I\u0013B\u0001\u0016\u0003\u0005=\u0019VmY;sSRL8i\u001c8uKb$\b\u0002\u0003\u0017\u0012\u0005\u0003\u0005\u000b\u0011\u0002\u0015\u0002!M,7-\u001e:jif\u001cuN\u001c;fqR\u0004\u0003\"\u0002\u0018\u0012\t\u0003y\u0013A\u0002\u001fj]&$h\b\u0006\u0002\u0011a!)a%\fa\u0001Q!9!'\u0005b\u0001\n\u0003\u0019\u0014!E:feZL7-Z%eK:$\u0018NZ5feV\tA\u0007\u0005\u00026y9\u0011aG\u000f\t\u0003oUi\u0011\u0001\u000f\u0006\u0003s)\ta\u0001\u0010:p_Rt\u0014BA\u001e\u0016\u0003\u0019\u0001&/\u001a3fM&\u0011QH\u0010\u0002\u0007'R\u0014\u0018N\\4\u000b\u0005m*\u0002B\u0002!\u0012A\u0003%A'\u0001\ntKJ4\u0018nY3JI\u0016tG/\u001b4jKJ\u0004\u0003b\u0002\"\u0012\u0005\u0004%\taM\u0001\u0007G\u0006\u001cXK\u001d7\t\r\u0011\u000b\u0002\u0015!\u00035\u0003\u001d\u0019\u0017m]+sY\u0002BqAR\tC\u0002\u0013%q)A\u0005dCN\u001cE.[3oiV\t\u0001\n\u0005\u0002J\u00196\t!J\u0003\u0002L;\u0005\u00191-Y:\n\u00055S%!C\"bg\u000ec\u0017.\u001a8u\u0011\u0019y\u0015\u0003)A\u0005\u0011\u0006Q1-Y:DY&,g\u000e\u001e\u0011\t\u000bE\u000bB\u0011\u0002*\u0002+Y\fG.\u001b3bi\u0016\u001cVM\u001d<jG\u0016$\u0016nY6fiR\u00111\u000b\u001d\t\u0005)fcvL\u0004\u0002V/:\u0011qGV\u0005\u0002-%\u0011\u0001,F\u0001\ba\u0006\u001c7.Y4f\u0013\tQ6L\u0001\u0004FSRDWM\u001d\u0006\u00031V\u0001\"\u0001V/\n\u0005y[&!\u0003+ie><\u0018M\u00197f!\t\u0001WN\u0004\u0002bW:\u0011!M\u001b\b\u0003G&t!\u0001\u001a5\u000f\u0005\u0015<gBA\u001cg\u0013\u0005I\u0011B\u0001\u0012\t\u0013\t\u0001\u0013%\u0003\u0002\u001f?%\u00111*H\u0005\u0003Y*\u000b\u0011bQ1t\u00072LWM\u001c;\n\u00059|'\u0001C+tKJt\u0017-\\3\u000b\u00051T\u0005\"B9Q\u0001\u0004\u0011\u0018A\u0002;jG.,G\u000f\u0005\u0002\rg&\u0011AO\u0001\u0002\u000e'\u0016\u0014h/[2f)&\u001c7.\u001a;\t\u000bY\fB\u0011B<\u0002\u0019M$xN]3TKN\u001c\u0018n\u001c8\u0015\u000ba\fi!a\u0004\u0011\u000bQI80a\u0002\n\u0005i,\"A\u0002+va2,'\u0007E\u0002}\u0003\u0007i\u0011! \u0006\u0003}~\fA!\u001e;jY*\u0011\u0011\u0011A\u0001\u0005U\u00064\u0018-C\u0002\u0002\u0006u\u0014A!V+J\tB\u0019A\"!\u0003\n\u0007\u0005-!A\u0001\u0006DCN\u001cVm]:j_:DQ!];A\u0002IDq!!\u0005v\u0001\u0004\t\u0019\"\u0001\u0003vg\u0016\u0014\bc\u0001\u0007\u0002\u0016%\u0019\u0011q\u0003\u0002\u0003/-\u000b\u0017\u0010\u001e;p_&\\W-^:Vg\u0016\u0014H)\u001a;bS2\u001c\bbBA\u000e#\u0011%\u0011QD\u0001\u000eGJ,\u0017\r^3TKN\u001c\u0018n\u001c8\u0015\t\u0005}\u0011\u0011\u0005\t\u0005)fc\u0006\u0010\u0003\u0004r\u00033\u0001\rA\u001d\u0005\b\u0003K\tB\u0011BA\u0014\u0003)9W\r^*fgNLwN\u001c\u000b\u0005\u0003S\t\u0019\u0004E\u0003U3r\u000bY\u0003E\u0003\u0015sn\fi\u0003E\u0002\r\u0003_I1!!\r\u0003\u0005\u001d\u0019Vm]:j_:Dq!!\u000e\u0002$\u0001\u000710\u0001\u0002jI\"9\u0011QE\t\u0005\u0002\u0005eBCBA\u0015\u0003w\t\u0019\u0005C\u0004r\u0003o\u0001\r!!\u0010\u0011\tQ\tyD]\u0005\u0004\u0003\u0003*\"AB(qi&|g\u000e\u0003\u0005\u00026\u0005]\u0002\u0019AA#!\u0011!\u0012qH>\t\u000f\u0005%\u0013\u0003\"\u0001\u0002L\u0005iA-\u001a7fi\u0016\u001cVm]:j_:$B!!\u0014\u0002TA\u0019A#a\u0014\n\u0007\u0005ESCA\u0004C_>dW-\u00198\t\rE\f9\u00051\u0001s\u0011\u0019qS\u0002\"\u0001\u0002XQ\t1\u0002")
/* loaded from: input_file:fi/oph/kouta/security/CasSessionService.class */
public abstract class CasSessionService implements Logging {
    private final SecurityContext securityContext;
    private final String serviceIdentifier;
    private final String casUrl;
    private final CasClient casClient;
    private Logger logger;
    private volatile boolean bitmap$0;

    public <T> T withErrorLogging(Function0<T> function0, String str) {
        return (T) Logging.withErrorLogging$(this, function0, str);
    }

    public <T> T withWarnLogging(Function0<T> function0, String str, T t) {
        return (T) Logging.withWarnLogging$(this, function0, str, t);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0 */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v8, types: [fi.oph.kouta.security.CasSessionService] */
    private Logger logger$lzycompute() {
        ?? r0 = this;
        synchronized (r0) {
            if (!this.bitmap$0) {
                this.logger = Logging.logger$(this);
                r0 = this;
                r0.bitmap$0 = true;
            }
        }
        return this.logger;
    }

    public Logger logger() {
        return !this.bitmap$0 ? logger$lzycompute() : this.logger;
    }

    public SecurityContext securityContext() {
        return this.securityContext;
    }

    public String serviceIdentifier() {
        return this.serviceIdentifier;
    }

    public String casUrl() {
        return this.casUrl;
    }

    private CasClient casClient() {
        return this.casClient;
    }

    private Either<Throwable, String> validateServiceTicket(ServiceTicket serviceTicket) {
        if (serviceTicket == null) {
            throw new MatchError(serviceTicket);
        }
        String s = serviceTicket.s();
        return casClient().validateServiceTicket(securityContext().casServiceIdentifier(), s).handleWith(new CasSessionService$$anonfun$validateServiceTicket$1(this, s)).attemptRunFor(Duration$.MODULE$.apply(1L, TimeUnit.SECONDS)).toEither();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Tuple2<UUID, CasSession> storeSession(ServiceTicket serviceTicket, KayttooikeusUserDetails kayttooikeusUserDetails) {
        CasSession casSession = new CasSession(serviceTicket, kayttooikeusUserDetails.oid(), kayttooikeusUserDetails.roles());
        logger().debug(new StringBuilder(22).append("Storing to session: ").append(casSession.casTicket()).append(" ").append(casSession.personOid()).append(" ").append(casSession.roles()).toString());
        return new Tuple2<>(SessionDAO$.MODULE$.store(casSession), casSession);
    }

    private Either<Throwable, Tuple2<UUID, CasSession>> createSession(ServiceTicket serviceTicket) {
        return validateServiceTicket(serviceTicket).map(str -> {
            return new KayttooikeusUserDetails(Role$.MODULE$.all().values().toSet(), str);
        }).map(kayttooikeusUserDetails -> {
            return this.storeSession(serviceTicket, kayttooikeusUserDetails);
        });
    }

    private Either<Throwable, Tuple2<UUID, Session>> getSession(UUID uuid) {
        return SessionDAO$.MODULE$.get(uuid).map(session -> {
            return new Tuple2(uuid, session);
        }).toRight(() -> {
            return new AuthenticationFailedException(new StringBuilder(22).append("Session ").append(uuid).append(" doesn't exist").toString());
        });
    }

    public Either<Throwable, Tuple2<UUID, Session>> getSession(Option<ServiceTicket> option, Option<UUID> option2) {
        Left flatMap;
        logger().trace(new StringBuilder(44).append("Getting session with ticket ").append(option).append(" and session id ").append(option2).toString());
        Tuple2 tuple2 = new Tuple2(option, option2);
        if (tuple2 != null) {
            Option option3 = (Option) tuple2._1();
            Option option4 = (Option) tuple2._2();
            if (None$.MODULE$.equals(option3) && None$.MODULE$.equals(option4)) {
                logger().trace("No session found");
                flatMap = package$.MODULE$.Left().apply(new AuthenticationFailedException("No credentials given"));
                return flatMap;
            }
        }
        if (tuple2 != null) {
            Option option5 = (Option) tuple2._1();
            Some some = (Option) tuple2._2();
            if (None$.MODULE$.equals(option5) && (some instanceof Some)) {
                flatMap = getSession((UUID) some.value());
                return flatMap;
            }
        }
        if (tuple2 != null) {
            Some some2 = (Option) tuple2._1();
            Option option6 = (Option) tuple2._2();
            if (some2 instanceof Some) {
                ServiceTicket serviceTicket = (ServiceTicket) some2.value();
                if (None$.MODULE$.equals(option6)) {
                    flatMap = createSession(serviceTicket);
                    return flatMap;
                }
            }
        }
        if (tuple2 != null) {
            Some some3 = (Option) tuple2._1();
            Some some4 = (Option) tuple2._2();
            if (some3 instanceof Some) {
                ServiceTicket serviceTicket2 = (ServiceTicket) some3.value();
                if (some4 instanceof Some) {
                    flatMap = getSession((UUID) some4.value()).left().flatMap(th -> {
                        return th instanceof AuthenticationFailedException ? this.createSession(serviceTicket2) : package$.MODULE$.Left().apply(th);
                    });
                    return flatMap;
                }
            }
        }
        throw new MatchError(tuple2);
    }

    public boolean deleteSession(ServiceTicket serviceTicket) {
        return SessionDAO$.MODULE$.delete(serviceTicket);
    }

    public CasSessionService(SecurityContext securityContext) {
        this.securityContext = securityContext;
        Logging.$init$(this);
        logger().info(new StringBuilder(23).append("Using security context ").append(securityContext.getClass().getSimpleName()).toString());
        this.serviceIdentifier = securityContext.casServiceIdentifier();
        this.casUrl = securityContext.casUrl();
        this.casClient = securityContext.casClient();
    }
}
