package io.rocketbase.commons.controller;

import io.rocketbase.commons.converter.AppUserConverter;
import io.rocketbase.commons.dto.ExpirationInfo;
import io.rocketbase.commons.dto.appuser.AppUserRead;
import io.rocketbase.commons.dto.authentication.EmailChangeRequest;
import io.rocketbase.commons.dto.authentication.LoginRequest;
import io.rocketbase.commons.dto.authentication.LoginResponse;
import io.rocketbase.commons.dto.authentication.PasswordChangeRequest;
import io.rocketbase.commons.dto.authentication.UpdateProfileRequest;
import io.rocketbase.commons.dto.authentication.UsernameChangeRequest;
import io.rocketbase.commons.event.RefreshTokenEvent;
import io.rocketbase.commons.event.RequestMeEvent;
import io.rocketbase.commons.model.AppUserEntity;
import io.rocketbase.commons.security.CommonsAuthenticationToken;
import io.rocketbase.commons.security.JwtTokenService;
import io.rocketbase.commons.service.auth.LoginService;
import io.rocketbase.commons.service.change.ChangeAppUserWithConfirmService;
import io.rocketbase.commons.service.user.ActiveUserStore;
import io.rocketbase.commons.service.user.AppUserService;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.validation.constraints.NotNull;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"${auth.prefix:}"})
@RestController
/* loaded from: input_file:io/rocketbase/commons/controller/AuthenticationController.class */
public class AuthenticationController implements BaseController {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(AuthenticationController.class);

    @Resource
    private JwtTokenService jwtTokenService;

    @Resource
    private AppUserService appUserService;

    @Resource
    private AppUserConverter appUserConverter;

    @Resource
    private ApplicationEventPublisher applicationEventPublisher;

    @Resource
    private LoginService loginService;

    @Resource
    private ActiveUserStore activeUserStore;

    @Resource
    private ChangeAppUserWithConfirmService changeAppUserWithConfirmService;

    @RequestMapping(method = {RequestMethod.POST}, path = {"/auth/login"}, consumes = {"application/json"})
    @ResponseBody
    public ResponseEntity<LoginResponse> login(@NotNull @RequestBody @Validated LoginRequest loginRequest) {
        LoginResponse performLogin = this.loginService.performLogin(loginRequest.getUsername(), loginRequest.getPassword());
        this.activeUserStore.addUser(performLogin.getUser());
        return ResponseEntity.ok(performLogin);
    }

    @RequestMapping(value = {"/auth/me"}, method = {RequestMethod.GET})
    @ResponseBody
    public ResponseEntity<AppUserRead> getAuthenticated(Authentication authentication) {
        if (authentication == null || !CommonsAuthenticationToken.class.isAssignableFrom(authentication.getClass())) {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
        }
        AppUserEntity byUsername = this.appUserService.getByUsername(authentication.getName());
        this.applicationEventPublisher.publishEvent(new RequestMeEvent(this, byUsername));
        this.activeUserStore.addUser(byUsername);
        return ResponseEntity.ok(this.appUserConverter.fromEntity(byUsername));
    }

    @RequestMapping(value = {"/auth/change-password"}, method = {RequestMethod.PUT}, consumes = {"application/json"})
    public ResponseEntity<Void> changePassword(@NotNull @RequestBody @Validated PasswordChangeRequest passwordChangeRequest, Authentication authentication) {
        if (authentication == null || !CommonsAuthenticationToken.class.isAssignableFrom(authentication.getClass())) {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
        }
        this.appUserService.performUpdatePassword(((CommonsAuthenticationToken) authentication).getUsername(), passwordChangeRequest);
        return ResponseEntity.status(HttpStatus.OK).build();
    }

    @RequestMapping(value = {"/auth/change-username"}, method = {RequestMethod.PUT}, consumes = {"application/json"})
    public ResponseEntity<AppUserRead> changeUsername(@NotNull @RequestBody @Validated UsernameChangeRequest usernameChangeRequest, Authentication authentication) {
        if (authentication == null || !CommonsAuthenticationToken.class.isAssignableFrom(authentication.getClass())) {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
        }
        return ResponseEntity.ok(this.appUserConverter.fromEntity(this.appUserService.changeUsername(((CommonsAuthenticationToken) authentication).getId(), usernameChangeRequest.getNewUsername())));
    }

    @RequestMapping(value = {"/auth/change-email"}, method = {RequestMethod.PUT}, consumes = {"application/json"})
    public ResponseEntity<ExpirationInfo<AppUserRead>> changeEmail(HttpServletRequest httpServletRequest, @NotNull @RequestBody @Validated EmailChangeRequest emailChangeRequest, Authentication authentication) {
        if (authentication == null || !CommonsAuthenticationToken.class.isAssignableFrom(authentication.getClass())) {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
        }
        ExpirationInfo handleEmailChangeRequest = this.changeAppUserWithConfirmService.handleEmailChangeRequest(((CommonsAuthenticationToken) authentication).getId(), emailChangeRequest, getBaseUrl(httpServletRequest));
        return ResponseEntity.ok(ExpirationInfo.builder().expires(handleEmailChangeRequest.getExpires()).detail(this.appUserConverter.fromEntity((AppUserEntity) handleEmailChangeRequest.getDetail())).build());
    }

    @RequestMapping(value = {"/auth/verify-email"}, method = {RequestMethod.GET})
    public ResponseEntity<AppUserRead> changeEmail(@RequestParam("verification") String str) {
        return ResponseEntity.ok(this.appUserConverter.fromEntity(this.changeAppUserWithConfirmService.confirmEmailChange(str)));
    }

    @RequestMapping(value = {"/auth/update-profile"}, method = {RequestMethod.PUT}, consumes = {"application/json"})
    public ResponseEntity<Void> updateProfile(@NotNull @RequestBody @Validated UpdateProfileRequest updateProfileRequest, Authentication authentication) {
        if (authentication == null || !CommonsAuthenticationToken.class.isAssignableFrom(authentication.getClass())) {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
        }
        this.appUserService.updateProfile(((CommonsAuthenticationToken) authentication).getUsername(), updateProfileRequest);
        return ResponseEntity.status(HttpStatus.OK).build();
    }

    @RequestMapping(value = {"/auth/refresh"}, method = {RequestMethod.GET})
    @ResponseBody
    public ResponseEntity<String> refreshToken(Authentication authentication) {
        if (authentication == null || !CommonsAuthenticationToken.class.isAssignableFrom(authentication.getClass())) {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
        }
        if (authentication.getAuthorities() == null || !authentication.getAuthorities().contains(new SimpleGrantedAuthority("REFRESH_TOKEN"))) {
            return ResponseEntity.status(HttpStatus.METHOD_NOT_ALLOWED).build();
        }
        AppUserEntity byUsername = this.appUserService.getByUsername(((CommonsAuthenticationToken) authentication).getUsername());
        this.applicationEventPublisher.publishEvent(new RefreshTokenEvent(this, byUsername));
        this.activeUserStore.addUser(byUsername);
        return ResponseEntity.ok(this.jwtTokenService.generateAccessToken(byUsername));
    }
}
