package fi.vm.sade.haku.virkailija.authentication.impl;

import com.google.common.base.Optional;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import com.google.gson.reflect.TypeToken;
import fi.vm.sade.generic.rest.CachingRestClient;
import fi.vm.sade.haku.RemoteServiceException;
import fi.vm.sade.haku.virkailija.authentication.AuthenticationService;
import fi.vm.sade.haku.virkailija.authentication.Person;
import fi.vm.sade.haku.virkailija.authentication.PersonJsonAdapter;
import fi.vm.sade.properties.OphProperties;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.ws.rs.core.MediaType;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpResponse;
import org.apache.http.impl.client.BasicResponseHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Profile;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;

@Profile({"default", "vagrant"})
@Service
/* loaded from: input_file:WEB-INF/lib/hakemus-api-14.0-SNAPSHOT.jar:fi/vm/sade/haku/virkailija/authentication/impl/AuthenticationServiceImpl.class */
public class AuthenticationServiceImpl implements AuthenticationService {
    final Logger log = LoggerFactory.getLogger(AuthenticationServiceImpl.class);
    private final String targetService;
    private final CachingRestClient cachingRestClient;
    private final Gson gson;
    private final String userOidPrefix;
    private final String langCookieName;
    private OphProperties urlConfiguration;

    @Autowired
    public AuthenticationServiceImpl(OphProperties ophProperties, @Value("${cas.service.authentication-service}") String str, @Value("${haku.app.username.to.usermanagement}") String str2, @Value("${haku.app.password.to.usermanagement}") String str3, @Value("${user.oid.prefix}") String str4, @Value("${haku.langCookie}") String str5) {
        this.urlConfiguration = ophProperties;
        GsonBuilder gsonBuilder = new GsonBuilder();
        gsonBuilder.registerTypeAdapter(Person.class, new PersonJsonAdapter());
        this.gson = gsonBuilder.create();
        this.cachingRestClient = new CachingRestClient().setClientSubSystemCode("haku.hakemus-api");
        this.cachingRestClient.setWebCasUrl(ophProperties.url("cas.url", new Object[0]));
        this.cachingRestClient.setCasService(str);
        this.cachingRestClient.setUsername(str2);
        this.cachingRestClient.setPassword(str3);
        this.targetService = str;
        this.userOidPrefix = str4;
        this.langCookieName = str5;
    }

    @Override // fi.vm.sade.haku.virkailija.authentication.AuthenticationService
    public Person addPerson(Person person) {
        String socialSecurityNumber = person.getSocialSecurityNumber();
        String personOid = person.getPersonOid();
        String email = person.getEmail();
        Optional absent = Optional.absent();
        if (StringUtils.isNotBlank(personOid)) {
            absent = Optional.fromNullable(getHenkilo(personOid));
        }
        if (!absent.isPresent() && StringUtils.isNotBlank(socialSecurityNumber)) {
            absent = Optional.fromNullable(fetchPerson(socialSecurityNumber));
        }
        if (!absent.isPresent() && StringUtils.isNotBlank(email)) {
            absent = Optional.fromNullable(fetchPersonByStudentToken(email));
        }
        if (!absent.isPresent()) {
            absent = Optional.fromNullable(createPerson(person));
        }
        try {
            return person.mergeWith((Person) absent.get());
        } catch (IllegalArgumentException e) {
            throw new RemoteServiceException("Could not create new person from  " + person + " due to conflicting data", e);
        }
    }

    @Override // fi.vm.sade.haku.virkailija.authentication.AuthenticationService
    public List<String> getOrganisaatioHenkilo() {
        String url = this.urlConfiguration.url("authentication-service.organisaatiohenkilo", SecurityContextHolder.getContext().getAuthentication().getName());
        try {
            ArrayList arrayList = new ArrayList();
            Iterator<JsonElement> it = new JsonParser().parse(IOUtils.toString(this.cachingRestClient.get(url))).getAsJsonArray().iterator();
            while (it.hasNext()) {
                JsonObject asJsonObject = it.next().getAsJsonObject();
                String asString = asJsonObject.get("organisaatioOid").getAsString();
                if (asJsonObject.get("passivoitu").getAsBoolean()) {
                    this.log.debug("Ignoring inactive organization: " + asString);
                } else {
                    arrayList.add(asString);
                }
            }
            return arrayList;
        } catch (IOException e) {
            throw new RemoteServiceException(url, e);
        }
    }

    @Override // fi.vm.sade.haku.virkailija.authentication.AuthenticationService
    public Person getCurrentHenkilo() {
        String name;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || (name = authentication.getName()) == null || !name.startsWith(this.userOidPrefix)) {
            return null;
        }
        return getHenkilo(name);
    }

    @Override // fi.vm.sade.haku.virkailija.authentication.AuthenticationService
    public Person getHenkilo(String str) {
        String url = this.urlConfiguration.url("authentication-service.s2s", str);
        try {
            String asString = this.cachingRestClient.getAsString(url);
            this.log.debug("Got person: {}", asString);
            Person person = (Person) this.gson.fromJson(asString, Person.class);
            this.log.debug("Deserialized person: {}", person);
            return person;
        } catch (IOException e) {
            throw new RemoteServiceException(this.targetService + url, e);
        }
    }

    @Override // fi.vm.sade.haku.virkailija.authentication.AuthenticationService
    public List<Person> getHenkiloList(List<String> list) {
        String url = this.urlConfiguration.url("authentication-service.henkilotByHenkiloOidList", new Object[0]);
        try {
            HttpResponse post = this.cachingRestClient.post(url, MediaType.APPLICATION_JSON, this.gson.toJson(list));
            return (List) this.gson.fromJson(new BasicResponseHandler().handleResponse(post), new TypeToken<List<Person>>() { // from class: fi.vm.sade.haku.virkailija.authentication.impl.AuthenticationServiceImpl.1
            }.getType());
        } catch (IOException e) {
            throw new RemoteServiceException(this.targetService + url, e);
        }
    }

    @Override // fi.vm.sade.haku.virkailija.authentication.AuthenticationService
    public Person getStudentOid(String str) {
        String url = this.urlConfiguration.url("authentication-service.henkiloYksiloi", str);
        String str2 = null;
        try {
            str2 = new BasicResponseHandler().handleResponse(this.cachingRestClient.put(url, MediaType.APPLICATION_JSON, null));
        } catch (CachingRestClient.HttpException e) {
        } catch (IOException e2) {
            throw new RemoteServiceException(this.targetService + url, e2);
        }
        this.log.debug("Person found: {}", str2);
        return (Person) this.gson.fromJson(str2, Person.class);
    }

    private Person createPerson(Person person) {
        String json = this.gson.toJson(person, Person.class);
        String url = this.urlConfiguration.url("authentication-service.henkilo", new Object[0]);
        try {
            this.log.debug("Creating person: {}", json);
            return getHenkilo(new BasicResponseHandler().handleResponse(this.cachingRestClient.post(url, MediaType.APPLICATION_JSON, json)));
        } catch (IOException e) {
            throw new RemoteServiceException(this.targetService + url, e);
        }
    }

    private Person fetchPersonByResourceUrl(String str) {
        try {
            return (Person) this.gson.fromJson(this.cachingRestClient.getAsString(str), Person.class);
        } catch (CachingRestClient.HttpException e) {
            if (e.getStatusCode() == 404) {
                return null;
            }
            if (200 > e.getStatusCode() || e.getStatusCode() >= 400) {
                throw new RemoteServiceException(this.targetService + str, e);
            }
            return null;
        } catch (IOException e2) {
            throw new RemoteServiceException(this.targetService + str, e2);
        }
    }

    private Person fetchPerson(String str) {
        return fetchPersonByResourceUrl(this.urlConfiguration.url("authentication-service.s2sByHetu", str));
    }

    private Person fetchPersonByStudentToken(String str) {
        return fetchPersonByResourceUrl(this.urlConfiguration.url("authentication-service.personByStudentToken", str));
    }

    @Override // fi.vm.sade.haku.virkailija.authentication.AuthenticationService
    public String getLangCookieName() {
        return this.langCookieName;
    }
}
