package sk.eset.era.g3webserver.auth;

import graphql.kickstart.tools.GraphQLMutationResolver;
import graphql.kickstart.tools.GraphQLQueryResolver;
import graphql.schema.DataFetchingEnvironment;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sk.eset.era.annotations.GraphQLDataClass;
import sk.eset.era.commons.EraWebConsoleServiceAnnotations;
import sk.eset.era.commons.common.Version;
import sk.eset.era.commons.common.model.exceptions.AddressBlockedException;
import sk.eset.era.commons.common.model.exceptions.EraServerConnectionError;
import sk.eset.era.commons.common.model.exceptions.ExceptionWithLocalizationKey;
import sk.eset.era.commons.common.model.exceptions.LocalizedEraException;
import sk.eset.era.commons.common.model.exceptions.LoginExpiredException;
import sk.eset.era.commons.common.model.exceptions.LoginFailedException;
import sk.eset.era.commons.common.model.exceptions.LoginRequired2FAException;
import sk.eset.era.commons.common.model.exceptions.SessionCreationFailedException;
import sk.eset.era.commons.common.model.exceptions.VersionsMismatchException;
import sk.eset.era.g2webconsole.common.model.exceptions.EraRequestHandlingException;

/* loaded from: input_file:WEB-INF/lib/g3-server-0.0.1-SNAPSHOT.jar:sk/eset/era/g3webserver/auth/Authentication.class */
public class Authentication implements GraphQLMutationResolver, GraphQLQueryResolver {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) Authentication.class);

    @GraphQLDataClass
    /* loaded from: input_file:WEB-INF/lib/g3-server-0.0.1-SNAPSHOT.jar:sk/eset/era/g3webserver/auth/Authentication$ChangePwdReq.class */
    public static class ChangePwdReq {
        private String username;
        private String actualPassword;
        private String newPassword;
        private SecondFactor secondFactor;
        private String locale;
        private String clientVersion;

        public String getUsername() {
            return this.username;
        }

        public void setUsername(String str) {
            this.username = str;
        }

        public String getActualPassword() {
            return this.actualPassword;
        }

        public void setActualPassword(String str) {
            this.actualPassword = str;
        }

        public String getNewPassword() {
            return this.newPassword;
        }

        public void setNewPassword(String str) {
            this.newPassword = str;
        }

        public SecondFactor getSecondFactor() {
            return this.secondFactor;
        }

        public void setSecondFactor(SecondFactor secondFactor) {
            this.secondFactor = secondFactor;
        }

        public String getLocale() {
            return this.locale;
        }

        public void setLocale(String str) {
            this.locale = str;
        }

        public String getClientVersion() {
            return this.clientVersion;
        }

        public void setClientVersion(String str) {
            this.clientVersion = str;
        }

        public String toString() {
            return "ChangePwdReq{username='" + this.username + "', secondFactor=" + this.secondFactor + ", locale='" + this.locale + "', clientVersion='" + this.clientVersion + "'}";
        }
    }

    @GraphQLDataClass
    /* loaded from: input_file:WEB-INF/lib/g3-server-0.0.1-SNAPSHOT.jar:sk/eset/era/g3webserver/auth/Authentication$ChangePwdResp.class */
    public static class ChangePwdResp {
        private boolean success;
        private SecondFactorRequired secondFactorRequired;
        private Message failed;

        public ChangePwdResp(boolean z) {
            this.success = false;
            this.secondFactorRequired = null;
            this.failed = null;
            this.success = z;
        }

        public ChangePwdResp(SecondFactorRequired secondFactorRequired) {
            this.success = false;
            this.secondFactorRequired = null;
            this.failed = null;
            this.secondFactorRequired = secondFactorRequired;
        }

        public ChangePwdResp(Message message) {
            this.success = false;
            this.secondFactorRequired = null;
            this.failed = null;
            this.failed = message;
        }

        public boolean isSuccess() {
            return this.success;
        }

        public SecondFactorRequired getSecondFactorRequired() {
            return this.secondFactorRequired;
        }

        public Message getFailed() {
            return this.failed;
        }
    }

    @GraphQLDataClass
    /* loaded from: input_file:WEB-INF/lib/g3-server-0.0.1-SNAPSHOT.jar:sk/eset/era/g3webserver/auth/Authentication$LoginReq.class */
    public static class LoginReq {
        private String username;
        private String password;
        private boolean domainUser;
        private String locale;
        private boolean useCookies;
        private SecondFactor secondFactor;
        private String clientVersion;

        public String getUsername() {
            return this.username;
        }

        public void setUsername(String str) {
            this.username = str;
        }

        public String getPassword() {
            return this.password;
        }

        public void setPassword(String str) {
            this.password = str;
        }

        public boolean isDomainUser() {
            return this.domainUser;
        }

        public void setDomainUser(boolean z) {
            this.domainUser = z;
        }

        public String getLocale() {
            return this.locale;
        }

        public void setLocale(String str) {
            this.locale = str;
        }

        public boolean isUseCookies() {
            return this.useCookies;
        }

        public void setUseCookies(boolean z) {
            this.useCookies = z;
        }

        public SecondFactor getSecondFactor() {
            return this.secondFactor;
        }

        public void setSecondFactor(SecondFactor secondFactor) {
            this.secondFactor = secondFactor;
        }

        public String getClientVersion() {
            return this.clientVersion;
        }

        public void setClientVersion(String str) {
            this.clientVersion = str;
        }

        public String toString() {
            return "LoginReq{username='" + this.username + "', domainUser=" + this.domainUser + ", locale='" + this.locale + "', useCookies=" + this.useCookies + ", secondFactor=" + this.secondFactor + ", clientVersion='" + this.clientVersion + "'}";
        }
    }

    @GraphQLDataClass
    /* loaded from: input_file:WEB-INF/lib/g3-server-0.0.1-SNAPSHOT.jar:sk/eset/era/g3webserver/auth/Authentication$LoginResp.class */
    public static class LoginResp {
        private String sessionId;
        private SecondFactorRequired secondFactorRequired;
        private Message failed;
        private boolean changePasswordRequired;

        public LoginResp() {
            this.sessionId = null;
            this.secondFactorRequired = null;
            this.failed = null;
            this.changePasswordRequired = false;
        }

        public LoginResp(String str) {
            this.sessionId = null;
            this.secondFactorRequired = null;
            this.failed = null;
            this.changePasswordRequired = false;
            this.sessionId = str;
        }

        public LoginResp(Message message) {
            this.sessionId = null;
            this.secondFactorRequired = null;
            this.failed = null;
            this.changePasswordRequired = false;
            this.failed = message;
        }

        public LoginResp(SecondFactorRequired secondFactorRequired) {
            this.sessionId = null;
            this.secondFactorRequired = null;
            this.failed = null;
            this.changePasswordRequired = false;
            this.secondFactorRequired = secondFactorRequired;
        }

        public LoginResp(boolean z, Message message) {
            this.sessionId = null;
            this.secondFactorRequired = null;
            this.failed = null;
            this.changePasswordRequired = false;
            this.changePasswordRequired = z;
            this.failed = message;
        }

        public String getSessionId() {
            return this.sessionId;
        }

        public Message getFailed() {
            return this.failed;
        }

        public SecondFactorRequired getSecondFactorRequired() {
            return this.secondFactorRequired;
        }

        public String toString() {
            return "LoginResp{, secondFactorRequired='" + this.secondFactorRequired + "', changePasswordRequired='" + this.changePasswordRequired + "', failed='" + this.failed + "'}";
        }
    }

    @GraphQLDataClass
    /* loaded from: input_file:WEB-INF/lib/g3-server-0.0.1-SNAPSHOT.jar:sk/eset/era/g3webserver/auth/Authentication$Message.class */
    public static class Message {
        private String localizedMsg;
        private String key;
        private String key2;

        public Message(String str) {
            this.key = str;
        }

        public Message(String str, String str2, String str3) {
            this.localizedMsg = str;
            this.key = str2;
            this.key2 = str3;
        }

        public static Message create(LocalizedEraException localizedEraException, String str) {
            String localizedMessage = localizedEraException.getLocalizedMessage();
            return localizedMessage.length() > 0 ? new Message(localizedMessage, null, null) : new Message(str);
        }

        public static Message create(ExceptionWithLocalizationKey exceptionWithLocalizationKey, String str) {
            String localizationKey = exceptionWithLocalizationKey.getLocalizationKey();
            if (localizationKey == null || localizationKey.length() == 0) {
                localizationKey = str;
            }
            return new Message(localizationKey);
        }

        public String getLocalizedMsg() {
            return this.localizedMsg;
        }

        public String getKey() {
            return this.key;
        }

        public String getKey2() {
            return this.key2;
        }

        public String toString() {
            return "Message{localizedMsg='" + this.localizedMsg + "', key='" + this.key + "', key2='" + this.key2 + "'}";
        }
    }

    @GraphQLDataClass
    /* loaded from: input_file:WEB-INF/lib/g3-server-0.0.1-SNAPSHOT.jar:sk/eset/era/g3webserver/auth/Authentication$OttLoginReq.class */
    public static class OttLoginReq {
        private String ott;
        private String locale;
        private boolean useCookies;
        private String clientVersion;

        public String getOtt() {
            return this.ott;
        }

        public String getLocale() {
            return this.locale;
        }

        public boolean isUseCookies() {
            return this.useCookies;
        }

        public String getClientVersion() {
            return this.clientVersion;
        }

        public String toString() {
            return "OttLoginReq{locale='" + this.locale + "', useCookies=" + this.useCookies + ", clientVersion='" + this.clientVersion + "'}";
        }
    }

    @GraphQLDataClass
    /* loaded from: input_file:WEB-INF/lib/g3-server-0.0.1-SNAPSHOT.jar:sk/eset/era/g3webserver/auth/Authentication$OttLoginResp.class */
    public static class OttLoginResp {
        private String sessionId;
        private Message failed;

        public OttLoginResp(String str) {
            this.sessionId = null;
            this.failed = null;
            this.sessionId = str;
        }

        public OttLoginResp(Message message) {
            this.sessionId = null;
            this.failed = null;
            this.failed = message;
        }

        public String getSessionId() {
            return this.sessionId;
        }

        public Message getFailed() {
            return this.failed;
        }

        public String toString() {
            return "LoginResp{, failed='" + this.failed + "'}";
        }
    }

    @GraphQLDataClass
    /* loaded from: input_file:WEB-INF/lib/g3-server-0.0.1-SNAPSHOT.jar:sk/eset/era/g3webserver/auth/Authentication$SecondFactor.class */
    public static class SecondFactor {
        private String otp;
        private boolean requestProvisionSms;
        private String mobilePhoneNumber;

        public String getOtp() {
            return this.otp;
        }

        public void setOtp(String str) {
            this.otp = str;
        }

        public boolean isRequestProvisionSms() {
            return this.requestProvisionSms;
        }

        public void setRequestProvisionSms(boolean z) {
            this.requestProvisionSms = z;
        }

        public String getMobilePhoneNumber() {
            return this.mobilePhoneNumber;
        }

        public void setMobilePhoneNumber(String str) {
            this.mobilePhoneNumber = str;
        }

        public String toString() {
            return "SecondFactor{, requestProvisionSms=" + this.requestProvisionSms + '}';
        }
    }

    @GraphQLDataClass
    /* loaded from: input_file:WEB-INF/lib/g3-server-0.0.1-SNAPSHOT.jar:sk/eset/era/g3webserver/auth/Authentication$SecondFactorRequired.class */
    public static class SecondFactorRequired {
        private String provisionedMobileAppUrl;
        private String provisionedMobileAppUrlQRCode;
        private String mobilePhoneNumber;

        public SecondFactorRequired(LoginRequired2FAException loginRequired2FAException) {
            this.provisionedMobileAppUrl = loginRequired2FAException.getProvisionedMobileAppUrl();
            this.provisionedMobileAppUrlQRCode = loginRequired2FAException.getProvisionedMobileAppUrlQRCode();
            this.mobilePhoneNumber = loginRequired2FAException.getMobilePhoneNumber();
        }

        public String getProvisionedMobileAppUrl() {
            return this.provisionedMobileAppUrl;
        }

        public String getProvisionedMobileAppUrlQRCode() {
            return this.provisionedMobileAppUrlQRCode;
        }

        public String getMobilePhoneNumber() {
            return this.mobilePhoneNumber;
        }

        public String toString() {
            return "SecondFactorRequired{provisionedMobileAppUrl='" + this.provisionedMobileAppUrl + "', provisionedMobileAppUrlQRCode='" + this.provisionedMobileAppUrlQRCode + "', mobilePhoneNumber='" + this.mobilePhoneNumber + "'}";
        }
    }

    @EraWebConsoleServiceAnnotations.CLOUD
    @EraWebConsoleServiceAnnotations.ESMC
    public Boolean connect(String str, DataFetchingEnvironment dataFetchingEnvironment) {
        AuthContext authContext = (AuthContext) dataFetchingEnvironment.getContext();
        if (!authContext.isSessionValid(str)) {
            return false;
        }
        authContext.withSession(str).ifPresent(session -> {
            authContext.getSessionManager().newWindowOpened(session);
        });
        return true;
    }

    @EraWebConsoleServiceAnnotations.ESMC
    public LoginResp login(LoginReq loginReq, DataFetchingEnvironment dataFetchingEnvironment) {
        if (Version.IS_CLOUD) {
            return null;
        }
        AuthContext authContext = (AuthContext) dataFetchingEnvironment.getContext();
        try {
            try {
                return createSession(authContext, loginReq, false);
            } catch (EraServerConnectionError e) {
                return createSession(authContext, loginReq, true);
            }
        } catch (EraServerConnectionError e2) {
            return new LoginResp(new Message(null, e2.getLocalizationKey(), e2.getLocalizationKeyParam()));
        } catch (LoginExpiredException e3) {
            return new LoginResp(true, new Message(e3.getLocalizationKey()));
        } catch (ExceptionWithLocalizationKey e4) {
            return new LoginResp(Message.create(e4, "loginFailedOther"));
        } catch (LocalizedEraException e5) {
            return new LoginResp(Message.create(e5, "loginFailedOther"));
        } catch (LoginRequired2FAException e6) {
            return new LoginResp(new SecondFactorRequired(e6));
        } catch (Throwable th) {
            LOGGER.error("Login failed:{}", th.getMessage());
            return new LoginResp(new Message("loginFailedOther"));
        }
    }

    @EraWebConsoleServiceAnnotations.ESMC
    public OttLoginResp ottLogin(OttLoginReq ottLoginReq, DataFetchingEnvironment dataFetchingEnvironment) {
        if (Version.IS_CLOUD) {
            return null;
        }
        AuthContext authContext = (AuthContext) dataFetchingEnvironment.getContext();
        try {
            try {
                return createSession(authContext, ottLoginReq, false);
            } catch (EraServerConnectionError e) {
                return createSession(authContext, ottLoginReq, true);
            }
        } catch (EraServerConnectionError e2) {
            return new OttLoginResp(new Message(null, e2.getLocalizationKey(), e2.getLocalizationKeyParam()));
        } catch (ExceptionWithLocalizationKey e3) {
            return new OttLoginResp(Message.create(e3, "loginFailedOther"));
        } catch (LocalizedEraException e4) {
            return new OttLoginResp(Message.create(e4, "loginFailedOther"));
        } catch (Throwable th) {
            return new OttLoginResp(new Message("loginFailedOther"));
        }
    }

    @EraWebConsoleServiceAnnotations.ESMC
    public ChangePwdResp changeNativeUserPassword(ChangePwdReq changePwdReq, DataFetchingEnvironment dataFetchingEnvironment) {
        if (Version.IS_CLOUD) {
            return null;
        }
        AuthContext authContext = (AuthContext) dataFetchingEnvironment.getContext();
        try {
            try {
                return changeUnauthenticatedNativeUserPassword(authContext, changePwdReq, false);
            } catch (EraServerConnectionError e) {
                return changeUnauthenticatedNativeUserPassword(authContext, changePwdReq, true);
            }
        } catch (EraServerConnectionError e2) {
            return new ChangePwdResp(new Message(null, e2.getLocalizationKey(), e2.getLocalizationKeyParam()));
        } catch (ExceptionWithLocalizationKey e3) {
            return new ChangePwdResp(Message.create(e3, "loginFailedExpiredPwdChange"));
        } catch (LocalizedEraException e4) {
            return new ChangePwdResp(Message.create(e4, "loginFailedExpiredPwdChange"));
        } catch (LoginRequired2FAException e5) {
            return new ChangePwdResp(new SecondFactorRequired(e5));
        } catch (Throwable th) {
            return new ChangePwdResp(new Message("loginFailedExpiredPwdChange"));
        }
    }

    public boolean dummy() {
        return true;
    }

    @NotNull
    private LoginResp createSession(AuthContext authContext, LoginReq loginReq, boolean z) throws EraServerConnectionError, LoginFailedException, LoginExpiredException, LoginRequired2FAException, SessionCreationFailedException, AddressBlockedException, EraRequestHandlingException, VersionsMismatchException {
        return new LoginResp(authContext.getSessionManager().createSession(loginReq.getUsername(), loginReq.getPassword(), null, loginReq.isDomainUser(), loginReq.getSecondFactor() != null ? loginReq.getSecondFactor().getOtp() : null, loginReq.getSecondFactor() != null && loginReq.getSecondFactor().isRequestProvisionSms(), loginReq.getSecondFactor() != null ? loginReq.getSecondFactor().getMobilePhoneNumber() : null, loginReq.getLocale(), loginReq.isUseCookies(), loginReq.getClientVersion(), authContext.getHttpServletRequest(), authContext.getHttpServletResponse(), z, true, null, null).getSessionID());
    }

    @NotNull
    private OttLoginResp createSession(AuthContext authContext, OttLoginReq ottLoginReq, boolean z) throws EraServerConnectionError, LoginFailedException, LoginExpiredException, LoginRequired2FAException, SessionCreationFailedException, AddressBlockedException, EraRequestHandlingException, VersionsMismatchException {
        return new OttLoginResp(authContext.getSessionManager().createSession(null, null, ottLoginReq.getOtt(), false, null, false, null, ottLoginReq.getLocale(), ottLoginReq.isUseCookies(), ottLoginReq.getClientVersion(), authContext.getHttpServletRequest(), authContext.getHttpServletResponse(), z, true, null, null).getSessionID());
    }

    @NotNull
    private ChangePwdResp changeUnauthenticatedNativeUserPassword(AuthContext authContext, ChangePwdReq changePwdReq, boolean z) throws EraServerConnectionError, LoginFailedException, LoginRequired2FAException, AddressBlockedException, EraRequestHandlingException, VersionsMismatchException {
        authContext.getSessionManager().changeUnauthenticatedNativeUserPassword(changePwdReq.getUsername(), changePwdReq.getActualPassword(), changePwdReq.getNewPassword(), changePwdReq.getSecondFactor() != null ? changePwdReq.getSecondFactor().getOtp() : null, changePwdReq.getSecondFactor() != null && changePwdReq.getSecondFactor().isRequestProvisionSms(), changePwdReq.getSecondFactor() != null ? changePwdReq.getSecondFactor().getMobilePhoneNumber() : null, changePwdReq.getLocale(), changePwdReq.getClientVersion(), authContext.getHttpServletRequest(), z);
        return new ChangePwdResp(true);
    }
}
