package org.jahia.modules.apitokens.core;

import java.util.Calendar;
import java.util.Collections;
import java.util.Spliterators;
import java.util.stream.Stream;
import java.util.stream.StreamSupport;
import javax.jcr.NodeIterator;
import javax.jcr.RepositoryException;
import org.jahia.api.usermanager.JahiaUserManagerService;
import org.jahia.modules.apitokens.TokenBuilder;
import org.jahia.modules.apitokens.TokenDetails;
import org.jahia.modules.apitokens.TokenService;
import org.jahia.services.content.JCRContentUtils;
import org.jahia.services.content.JCRNodeWrapper;
import org.jahia.services.content.JCRSessionWrapper;
import org.jahia.services.content.decorator.JCRUserNode;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.touk.throwing.ThrowingFunction;
import pl.touk.throwing.exception.WrappedException;

@Component(immediate = true, service = {TokenService.class})
/* loaded from: input_file:org/jahia/modules/apitokens/core/TokensServiceImpl.class */
public class TokensServiceImpl implements TokenService {
    public static final String PATNT_TOKENS = "patnt:tokens";
    public static final String PATNT_TOKEN = "patnt:token";
    public static final String TOKENS = "tokens";
    public static final String KEY = "key";
    public static final String DIGEST = "digest";
    public static final String ACTIVE = "active";
    public static final String EXPIRATION_DATE = "expirationDate";
    private static final Logger logger = LoggerFactory.getLogger(TokensServiceImpl.class);
    private JahiaUserManagerService userManagerService;

    @Reference
    public void setUserManagerService(JahiaUserManagerService jahiaUserManagerService) {
        this.userManagerService = jahiaUserManagerService;
    }

    @Override // org.jahia.modules.apitokens.TokenService
    public TokenBuilder tokenBuilder(String str, String str2, JCRSessionWrapper jCRSessionWrapper) {
        TokenDetailsImpl tokenDetailsImpl = new TokenDetailsImpl(str, str2);
        return new TokenBuilderImpl(tokenDetailsImpl, str3 -> {
            return createToken(str3, tokenDetailsImpl, jCRSessionWrapper);
        });
    }

    private String createToken(String str, TokenDetailsImpl tokenDetailsImpl, JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
        if (str == null) {
            str = TokenUtils.getInstance().generateToken();
        }
        String key = TokenUtils.getInstance().getKey(str);
        if (getTokenDetails(key, jCRSessionWrapper) != null) {
            throw new IllegalArgumentException("token already exists");
        }
        String digestedSecret = TokenUtils.getInstance().getDigestedSecret(str);
        JCRUserNode lookupUserByPath = this.userManagerService.lookupUserByPath(tokenDetailsImpl.getUserPath(), jCRSessionWrapper);
        if (lookupUserByPath == null) {
            throw new IllegalArgumentException("invalid user");
        }
        JCRNodeWrapper addNode = getTokensNode(lookupUserByPath).addNode(tokenDetailsImpl.getName(), PATNT_TOKEN);
        addNode.setProperty(KEY, key);
        addNode.setProperty(DIGEST, digestedSecret);
        addNode.setProperty(ACTIVE, tokenDetailsImpl.isActive());
        addNode.setProperty(EXPIRATION_DATE, tokenDetailsImpl.getExpirationDate());
        logger.info("New token generated {}", getTokenDetails(addNode));
        return str;
    }

    @Override // org.jahia.modules.apitokens.TokenService
    public TokenDetails verifyToken(String str, JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
        TokenDetails tokenDetails = getTokenDetails(TokenUtils.getInstance().getKey(str), jCRSessionWrapper);
        if (tokenDetails == null || !TokenUtils.getInstance().getDigestedSecret(str).equals(tokenDetails.getDigest())) {
            return null;
        }
        return tokenDetails;
    }

    @Override // org.jahia.modules.apitokens.TokenService
    public TokenDetails getTokenDetails(String str, JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
        return getTokenDetails(getTokenNode(str, jCRSessionWrapper));
    }

    @Override // org.jahia.modules.apitokens.TokenService
    public TokenDetails getTokenDetails(String str, String str2, JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
        NodeIterator nodes = jCRSessionWrapper.getWorkspace().getQueryManager().createQuery("select * from [patnt:token] where isdescendantnode('" + JCRContentUtils.sqlEncode(str) + "') and localname()='" + JCRContentUtils.sqlEncode(str2) + "'", "JCR-SQL2").execute().getNodes();
        if (nodes.hasNext()) {
            return getTokenDetails((JCRNodeWrapper) nodes.nextNode());
        }
        return null;
    }

    @Override // org.jahia.modules.apitokens.TokenService
    public Stream<TokenDetails> getTokensDetails(String str, JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
        try {
            return StreamSupport.stream(Spliterators.spliteratorUnknownSize(jCRSessionWrapper.getWorkspace().getQueryManager().createQuery(str == null ? "select * from [patnt:token]" : "select * from [patnt:token] where isdescendantnode('" + JCRContentUtils.sqlEncode(str) + "')", "JCR-SQL2").execute().getNodes().iterator(), 16), false).map(ThrowingFunction.unchecked(this::getTokenDetails));
        } catch (WrappedException e) {
            if (e.getCause() instanceof RepositoryException) {
                throw e.getCause();
            }
            throw e;
        }
    }

    @Override // org.jahia.modules.apitokens.TokenService
    public boolean updateToken(TokenDetails tokenDetails, JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
        JCRNodeWrapper tokenNode = getTokenNode(tokenDetails.getKey(), jCRSessionWrapper);
        TokenDetails tokenDetails2 = getTokenDetails(tokenNode);
        if (tokenDetails2 == null) {
            return false;
        }
        if (!tokenDetails2.getName().equals(tokenDetails.getName())) {
            tokenNode.rename(tokenDetails.getName());
        }
        if (tokenDetails2.isActive() != tokenDetails.isActive()) {
            tokenNode.setProperty(ACTIVE, tokenDetails.isActive());
        }
        if (getTimeValue(tokenDetails2.getExpirationDate()) == getTimeValue(tokenDetails.getExpirationDate())) {
            return true;
        }
        tokenNode.setProperty(EXPIRATION_DATE, tokenDetails.getExpirationDate());
        return true;
    }

    private long getTimeValue(Calendar calendar) {
        if (calendar != null) {
            return calendar.getTimeInMillis();
        }
        return -1L;
    }

    @Override // org.jahia.modules.apitokens.TokenService
    public boolean deleteToken(String str, JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
        JCRNodeWrapper tokenNode = getTokenNode(str, jCRSessionWrapper);
        if (tokenNode == null) {
            return false;
        }
        tokenNode.remove();
        return true;
    }

    private JCRNodeWrapper getTokenNode(String str, JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
        NodeIterator nodes = jCRSessionWrapper.getWorkspace().getQueryManager().createQuery("select * from [patnt:token] where key=\"" + JCRContentUtils.sqlEncode(str) + "\"", "JCR-SQL2").execute().getNodes();
        if (nodes.hasNext()) {
            return nodes.nextNode();
        }
        return null;
    }

    private TokenDetails getTokenDetails(JCRNodeWrapper jCRNodeWrapper) throws RepositoryException {
        if (jCRNodeWrapper == null) {
            return null;
        }
        JCRNodeWrapper parent = jCRNodeWrapper.getParent().getParent();
        if (!parent.isNodeType("jnt:user")) {
            return null;
        }
        TokenDetailsImpl tokenDetailsImpl = new TokenDetailsImpl(parent.getPath(), jCRNodeWrapper.getName());
        tokenDetailsImpl.setKey(jCRNodeWrapper.getProperty(KEY).getString());
        tokenDetailsImpl.setDigest(jCRNodeWrapper.getProperty(DIGEST).getString());
        tokenDetailsImpl.setActive(jCRNodeWrapper.getProperty(ACTIVE).getBoolean());
        if (jCRNodeWrapper.hasProperty(EXPIRATION_DATE)) {
            tokenDetailsImpl.setExpirationDate(jCRNodeWrapper.getProperty(EXPIRATION_DATE).getDate());
        }
        tokenDetailsImpl.setCreationDate(jCRNodeWrapper.getProperty("jcr:created").getDate());
        tokenDetailsImpl.setModificationDate(jCRNodeWrapper.getProperty("jcr:lastModified").getDate());
        return tokenDetailsImpl;
    }

    private JCRNodeWrapper getTokensNode(JCRUserNode jCRUserNode) throws RepositoryException {
        if (jCRUserNode.hasNode(TOKENS)) {
            return jCRUserNode.getNode(TOKENS);
        }
        JCRNodeWrapper addNode = jCRUserNode.addNode(TOKENS, PATNT_TOKENS);
        addNode.setAclInheritanceBreak(true);
        addNode.grantRoles("u:" + jCRUserNode.getName(), Collections.singleton("owner"));
        return addNode;
    }
}
