package sk.eset.phoenix.auth;

import graphql.kickstart.tools.GraphQLMutationResolver;
import graphql.schema.DataFetchingEnvironment;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sk.eset.era.commons.EraWebConsoleServiceAnnotations;
import sk.eset.era.commons.common.constants.Version;
import sk.eset.era.commons.common.model.exceptions.AddressBlockedException;
import sk.eset.era.commons.common.model.exceptions.ESALoginRequired2FAException;
import sk.eset.era.commons.common.model.exceptions.ExceptionWithLocalizationKey;
import sk.eset.era.commons.common.model.exceptions.LocalizedEraException;
import sk.eset.era.commons.common.model.exceptions.LoginExpiredException;
import sk.eset.era.commons.common.model.exceptions.LoginFailedException;
import sk.eset.era.commons.common.model.exceptions.LoginRequired2FAException;
import sk.eset.era.commons.common.model.exceptions.SessionCreationFailedException;
import sk.eset.era.commons.common.model.exceptions.ThirdPartyLoginRequired2FAException;
import sk.eset.era.commons.common.model.exceptions.VersionsMismatchException;
import sk.eset.era.g2webconsole.common.model.exceptions.EraRequestHandlingException;
import sk.eset.era.g2webconsole.server.modules.authorization.EraServerConnectionError;
import sk.eset.phoenix.auth.dto.ChangePwdReq;
import sk.eset.phoenix.auth.dto.ChangePwdResp;
import sk.eset.phoenix.auth.dto.LoginReq;
import sk.eset.phoenix.auth.dto.LoginResp;
import sk.eset.phoenix.auth.dto.Message;
import sk.eset.phoenix.auth.dto.OttLoginReq;
import sk.eset.phoenix.auth.dto.OttLoginResp;
import sk.eset.phoenix.auth.dto.SecondFactorRequired;

/* loaded from: input_file:WEB-INF/lib/phoenix-authentication-0.0.1-SNAPSHOT.jar:sk/eset/phoenix/auth/AuthMutation.class */
public class AuthMutation implements GraphQLMutationResolver {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) AuthMutation.class);

    @EraWebConsoleServiceAnnotations.CLOUD
    @EraWebConsoleServiceAnnotations.ESMC
    public Boolean connect(String str, DataFetchingEnvironment dataFetchingEnvironment) {
        AuthContext authContext = (AuthContext) dataFetchingEnvironment.getContext();
        if (!authContext.isSessionValid(str)) {
            return false;
        }
        authContext.withSession(str).ifPresent(session -> {
            authContext.getSessionManager().newWindowOpened(session);
        });
        return true;
    }

    @EraWebConsoleServiceAnnotations.ESMC
    public LoginResp login(LoginReq loginReq, DataFetchingEnvironment dataFetchingEnvironment) {
        if (Version.IS_CLOUD) {
            return null;
        }
        AuthContext authContext = (AuthContext) dataFetchingEnvironment.getContext();
        try {
            try {
                return createSession(authContext, loginReq, false);
            } catch (EraServerConnectionError e) {
                return createSession(authContext, loginReq, true);
            }
        } catch (ESALoginRequired2FAException e2) {
            return new LoginResp(new SecondFactorRequired(e2));
        } catch (LocalizedEraException e3) {
            return new LoginResp(Message.create(e3, "loginFailedOther"));
        } catch (LoginExpiredException e4) {
            return new LoginResp(true, new Message(e4.getLocalizationKey()));
        } catch (ExceptionWithLocalizationKey e5) {
            return new LoginResp(Message.create(e5, "loginFailedOther"));
        } catch (ThirdPartyLoginRequired2FAException e6) {
            return new LoginResp(new SecondFactorRequired(e6));
        } catch (EraServerConnectionError e7) {
            return new LoginResp(new Message(null, e7.getLocalizationKey(), e7.getLocalizationKeyParam()));
        } catch (Throwable th) {
            LOGGER.error("Login failed:{}", th.getMessage());
            return new LoginResp(new Message("loginFailedOther"));
        }
    }

    @EraWebConsoleServiceAnnotations.ESMC
    public OttLoginResp ottLogin(OttLoginReq ottLoginReq, DataFetchingEnvironment dataFetchingEnvironment) {
        if (Version.IS_CLOUD) {
            return null;
        }
        AuthContext authContext = (AuthContext) dataFetchingEnvironment.getContext();
        try {
            try {
                return createSession(authContext, ottLoginReq, false);
            } catch (EraServerConnectionError e) {
                return createSession(authContext, ottLoginReq, true);
            }
        } catch (ExceptionWithLocalizationKey e2) {
            return new OttLoginResp(Message.create(e2, "loginFailedOther"));
        } catch (LocalizedEraException e3) {
            return new OttLoginResp(Message.create(e3, "loginFailedOther"));
        } catch (EraServerConnectionError e4) {
            return new OttLoginResp(new Message(null, e4.getLocalizationKey(), e4.getLocalizationKeyParam()));
        } catch (Throwable th) {
            return new OttLoginResp(new Message("loginFailedOther"));
        }
    }

    @EraWebConsoleServiceAnnotations.ESMC
    public ChangePwdResp changeNativeUserPassword(ChangePwdReq changePwdReq, DataFetchingEnvironment dataFetchingEnvironment) {
        if (Version.IS_CLOUD) {
            return null;
        }
        AuthContext authContext = (AuthContext) dataFetchingEnvironment.getContext();
        try {
            try {
                return changeUnauthenticatedNativeUserPassword(authContext, changePwdReq, false);
            } catch (EraServerConnectionError e) {
                return changeUnauthenticatedNativeUserPassword(authContext, changePwdReq, true);
            }
        } catch (ESALoginRequired2FAException e2) {
            return new ChangePwdResp(new SecondFactorRequired(e2));
        } catch (ExceptionWithLocalizationKey e3) {
            return new ChangePwdResp(Message.create(e3, "loginFailedExpiredPwdChange"));
        } catch (LocalizedEraException e4) {
            return new ChangePwdResp(Message.create(e4, "loginFailedExpiredPwdChange"));
        } catch (ThirdPartyLoginRequired2FAException e5) {
            return new ChangePwdResp(new SecondFactorRequired(e5));
        } catch (EraServerConnectionError e6) {
            return new ChangePwdResp(new Message(null, e6.getLocalizationKey(), e6.getLocalizationKeyParam()));
        } catch (Throwable th) {
            return new ChangePwdResp(new Message("loginFailedExpiredPwdChange"));
        }
    }

    @NotNull
    private LoginResp createSession(AuthContext authContext, LoginReq loginReq, boolean z) throws EraServerConnectionError, LoginFailedException, LoginExpiredException, LoginRequired2FAException, SessionCreationFailedException, AddressBlockedException, EraRequestHandlingException, VersionsMismatchException {
        return new LoginResp(authContext.getSessionManager().createSession(loginReq.getUsername(), loginReq.getPassword(), null, loginReq.isDomainUser(), loginReq.getSecondFactor() != null ? loginReq.getSecondFactor().getOtp() : null, loginReq.getSecondFactor() != null && loginReq.getSecondFactor().isRequestProvisionSms(), loginReq.getSecondFactor() != null ? loginReq.getSecondFactor().getMobilePhoneNumber() : null, loginReq.getSecondFactor() != null && loginReq.getSecondFactor().isRememberDevice(), loginReq.getLocale(), loginReq.isUseCookies(), loginReq.getClientVersion(), authContext.getHttpServletRequest(), authContext.getHttpServletResponse(), z, true, null, null).getSessionID());
    }

    @NotNull
    private OttLoginResp createSession(AuthContext authContext, OttLoginReq ottLoginReq, boolean z) throws EraServerConnectionError, LoginFailedException, LoginExpiredException, LoginRequired2FAException, SessionCreationFailedException, AddressBlockedException, EraRequestHandlingException, VersionsMismatchException {
        return new OttLoginResp(authContext.getSessionManager().createSession(null, null, ottLoginReq.getOtt(), false, null, false, null, false, ottLoginReq.getLocale(), ottLoginReq.isUseCookies(), ottLoginReq.getClientVersion(), authContext.getHttpServletRequest(), authContext.getHttpServletResponse(), z, true, null, null).getSessionID());
    }

    @NotNull
    private ChangePwdResp changeUnauthenticatedNativeUserPassword(AuthContext authContext, ChangePwdReq changePwdReq, boolean z) throws EraServerConnectionError, LoginFailedException, LoginRequired2FAException, AddressBlockedException, EraRequestHandlingException, VersionsMismatchException {
        authContext.getSessionManager().changeUnauthenticatedNativeUserPassword(changePwdReq.getUsername(), changePwdReq.getActualPassword(), changePwdReq.getNewPassword(), changePwdReq.getSecondFactor() != null ? changePwdReq.getSecondFactor().getOtp() : null, changePwdReq.getSecondFactor() != null && changePwdReq.getSecondFactor().isRequestProvisionSms(), changePwdReq.getSecondFactor() != null ? changePwdReq.getSecondFactor().getMobilePhoneNumber() : null, changePwdReq.getLocale(), changePwdReq.getClientVersion(), authContext.getHttpServletRequest(), z);
        return new ChangePwdResp(true);
    }
}
