package si.irm.mmrest.services;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import java.util.Objects;
import java.util.logging.Logger;
import javax.ejb.EJB;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.commons.lang3.StringUtils;
import org.jose4j.jws.JsonWebSignature;
import org.jose4j.jwt.JwtClaims;
import si.irm.common.utils.ConfigUtils;
import si.irm.mm.api.common.data.ApiCommonResponse;
import si.irm.mm.api.common.data.CustomerLogin;
import si.irm.mm.ejb.SettingsEJBLocal;
import si.irm.mm.ejb.kupci.OwnerCredentialEJBLocal;
import si.irm.mm.entities.Kupci;
import si.irm.mm.enums.SNastavitveNaziv;
import si.irm.mm.enums.SNastavitveSekcija;
import si.irm.mm.exceptions.CheckException;
import si.irm.mm.mmrest.utils.ApiUtils;
import si.irm.mm.mmrest.utils.DataChecker;
import si.irm.mm.util.RestConverter;
import si.irm.mmrest.main.LoginResponse;
import si.irm.mmrest.mymarina.MyMarinaRest;
import si.irm.mmrest.mymarina.util.KeyHelper;

@Api("user")
@Path("user")
/* loaded from: input_file:MarinaMasterRest.war:WEB-INF/classes/si/irm/mmrest/services/UserService.class */
public class UserService {
    private static final String MY_MARINA_CLIENT_ID = "myMarina.client_id";
    private static final String MY_MARINA_API_KEY = "myMarina.api_key";
    private static final Logger LOG = Logger.getLogger(UserService.class.getName());

    @EJB
    private OwnerCredentialEJBLocal ownerCredEJB;

    @EJB
    private SettingsEJBLocal settingsEJB;

    @GET
    @ApiResponses({@ApiResponse(code = 200, message = "Success", response = String.class)})
    @Path("/echo")
    @ApiOperation(value = "Unprotected echo metod", notes = "Testing not protected echo call", response = String.class)
    @Produces({MediaType.APPLICATION_JSON})
    public String echo(@QueryParam("message") @ApiParam(required = true) String str) {
        LOG.info("Echo: " + str);
        return str;
    }

    @GET
    @ApiResponses({@ApiResponse(code = 200, message = "Success", response = LoginResponse.class), @ApiResponse(code = 403, message = "Forbiden", response = String.class)})
    @Path("/app/login")
    @ApiOperation(value = "Application login to myMarina API metod - do not use", notes = "Application login service call", response = LoginResponse.class)
    @Produces({MediaType.APPLICATION_JSON})
    public Response appLogin(@QueryParam("username") @ApiParam(required = true) String str, @QueryParam("password") @ApiParam(required = true) String str2) {
        try {
            Kupci login = this.ownerCredEJB.login(MyMarinaRest.getMarinaProxy(str), str, str2);
            Long id = login.getId();
            Long marinaLongSetting = this.settingsEJB.getMarinaLongSetting(SNastavitveSekcija.SKLADISCE, SNastavitveNaziv.DEFAULT_SUPPLIER, false);
            if (!Objects.nonNull(login) || !id.equals(marinaLongSetting)) {
                return Response.status(Response.Status.FORBIDDEN).build();
            }
            try {
                String jWTToken = getJWTToken(str);
                return Response.ok(RestConverter.convert(ApiUtils.getOkLoginResponse(jWTToken, id.toString()))).header("Authorization", "Bearer " + jWTToken).build();
            } catch (Exception e) {
                return Response.serverError().build();
            }
        } catch (Exception e2) {
            return Response.status(Response.Status.FORBIDDEN).build();
        }
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Success", response = LoginResponse.class), @ApiResponse(code = 403, message = "Forbiden", response = String.class)})
    @Path("/api/login")
    @ApiOperation(value = "Application post login to myMarina API metod", notes = "Application post login service call", response = LoginResponse.class)
    @POST
    @Produces({MediaType.APPLICATION_JSON})
    public Response apiLogin(CustomerLogin customerLogin) {
        if (StringUtils.isBlank(customerLogin.getUsername())) {
            return Response.status(Response.Status.FORBIDDEN).entity(RestConverter.convert(ApiUtils.getOldErrorResponse("Username missing"))).build();
        }
        if (StringUtils.isBlank(customerLogin.getPassword())) {
            return Response.status(Response.Status.FORBIDDEN).entity(RestConverter.convert(ApiUtils.getOldErrorResponse("Password missing"))).build();
        }
        try {
            Kupci login = this.ownerCredEJB.login(MyMarinaRest.getMarinaProxy(customerLogin.getUsername()), customerLogin.getUsername(), customerLogin.getPassword());
            Long id = login.getId();
            Long marinaLongSetting = this.settingsEJB.getMarinaLongSetting(SNastavitveSekcija.SKLADISCE, SNastavitveNaziv.DEFAULT_SUPPLIER, false);
            if (!Objects.nonNull(login) || !id.equals(marinaLongSetting)) {
                return Response.status(Response.Status.FORBIDDEN).entity(RestConverter.convert(ApiUtils.getOldErrorResponse("Ilegal password settings!"))).build();
            }
            try {
                String jWTToken = getJWTToken(customerLogin.getUsername());
                return Response.ok(RestConverter.convert(ApiUtils.getOkLoginResponse(jWTToken, id.toString()))).header("Authorization", "Bearer " + jWTToken).build();
            } catch (Exception e) {
                return Response.serverError().entity(RestConverter.convert(ApiUtils.getOldErrorResponse("Token error: " + e.getMessage()))).build();
            }
        } catch (Exception e2) {
            return Response.status(Response.Status.FORBIDDEN).entity(RestConverter.convert(ApiUtils.getOldErrorResponse("Internal error: " + e2.getMessage()))).build();
        }
    }

    private String getJWTToken(String str) throws Exception {
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setIssuer(KeyHelper.JWT_ISSUER);
        jwtClaims.setIssuedAtToNow();
        jwtClaims.setExpirationTimeMinutesInTheFuture(1440.0f);
        jwtClaims.setSubject(str);
        jwtClaims.setClaim(KeyHelper.JWT_CLAIM_EMAIL, str);
        jwtClaims.setGeneratedJwtId();
        JsonWebSignature jsonWebSignature = new JsonWebSignature();
        jsonWebSignature.setPayload(jwtClaims.toJson());
        jsonWebSignature.setKey(new KeyHelper().getPrivateKey());
        jsonWebSignature.setKeyIdHeaderValue(KeyHelper.JWT_KEYID);
        jsonWebSignature.setAlgorithmHeaderValue("RS512");
        String compactSerialization = jsonWebSignature.getCompactSerialization();
        LOG.info("JWT: " + compactSerialization);
        return compactSerialization;
    }

    @ApiResponses({@ApiResponse(code = 200, message = "Success", response = LoginResponse.class), @ApiResponse(code = 400, message = "Bad request", response = ApiCommonResponse.class), @ApiResponse(code = 403, message = "Forbiden", response = String.class), @ApiResponse(code = 500, message = "Internal server error", response = String.class)})
    @Path("/app/accessToken")
    @ApiOperation(value = "Access token creation for myMarina API", notes = "Access token creation service call")
    @POST
    @Produces({MediaType.APPLICATION_JSON})
    public Response accessToken(@QueryParam("clientId") @ApiParam(required = true) String str, @QueryParam("apiKey") @ApiParam(required = true) String str2) {
        try {
            DataChecker.checkMissingParameter(str, "clientId");
            DataChecker.checkMissingParameter(str2, "apiKey");
            String myMarinaClientId = getMyMarinaClientId();
            if (!myMarinaClientId.equals(str) || !getMyMarinaApiKey().equals(str2)) {
                return Response.status(Response.Status.FORBIDDEN).build();
            }
            try {
                String jWTToken = getJWTToken(str2);
                return Response.ok(RestConverter.convert(ApiUtils.getOkLoginResponse(jWTToken, myMarinaClientId))).header("Authorization", "Bearer " + jWTToken).build();
            } catch (Exception e) {
                LOG.severe(e.getMessage());
                return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
            }
        } catch (CheckException e2) {
            LOG.severe(e2.getMessage());
            return Response.status(Response.Status.BAD_REQUEST).entity(ApiUtils.getErrorResponse(e2.getMessage())).build();
        }
    }

    private String getMyMarinaClientId() {
        return ConfigUtils.getProperty(MY_MARINA_CLIENT_ID, "myMarina");
    }

    private String getMyMarinaApiKey() {
        return ConfigUtils.getProperty(MY_MARINA_API_KEY, "CqW3mCKxiFJ8VZqiLN5MknQ8w0RbWr7tvgjynz2X37dgxsMS82hO9AgxE0GZt2nA");
    }
}
