package com.helger.photon.jdbc.security;

import com.helger.commons.ValueEnforcer;
import com.helger.commons.annotation.Nonempty;
import com.helger.commons.annotation.ReturnsMutableCopy;
import com.helger.commons.annotation.ReturnsMutableObject;
import com.helger.commons.callback.CallbackList;
import com.helger.commons.collection.impl.CommonsArrayList;
import com.helger.commons.collection.impl.CommonsLinkedHashSet;
import com.helger.commons.collection.impl.ICommonsList;
import com.helger.commons.datetime.PDTFactory;
import com.helger.commons.datetime.PDTWebDateHelper;
import com.helger.commons.mutable.MutableLong;
import com.helger.commons.state.EChange;
import com.helger.commons.state.ESuccess;
import com.helger.commons.string.StringHelper;
import com.helger.commons.wrapper.Wrapper;
import com.helger.db.api.helper.DBValueHelper;
import com.helger.db.jdbc.callback.ConstantPreparedStatementDataProvider;
import com.helger.db.jdbc.executor.DBExecutor;
import com.helger.db.jdbc.executor.DBResultRow;
import com.helger.json.IJsonArray;
import com.helger.json.IJsonObject;
import com.helger.json.JsonArray;
import com.helger.json.JsonObject;
import com.helger.json.serialize.JsonReader;
import com.helger.photon.audit.AuditHelper;
import com.helger.photon.core.login.CLogin;
import com.helger.photon.security.object.BusinessObjectHelper;
import com.helger.photon.security.object.StubObject;
import com.helger.photon.security.token.accesstoken.AccessToken;
import com.helger.photon.security.token.accesstoken.IAccessToken;
import com.helger.photon.security.token.object.AccessTokenList;
import com.helger.photon.security.token.object.IAccessTokenList;
import com.helger.photon.security.token.revocation.IRevocationStatus;
import com.helger.photon.security.token.revocation.RevocationStatus;
import com.helger.photon.security.token.user.IUserToken;
import com.helger.photon.security.token.user.IUserTokenManager;
import com.helger.photon.security.token.user.IUserTokenModificationCallback;
import com.helger.photon.security.token.user.UserToken;
import com.helger.photon.security.user.IUser;
import com.helger.photon.security.user.IUserManager;
import java.time.LocalDateTime;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import java.util.function.Function;
import java.util.function.Supplier;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;

/* loaded from: input_file:WEB-INF/lib/ph-oton-jdbc-9.3.2.jar:com/helger/photon/jdbc/security/UserTokenManagerJDBC.class */
public class UserTokenManagerJDBC extends AbstractJDBCEnabledSecurityManager implements IUserTokenManager {
    private final String m_sTableName;
    private final IUserManager m_aUserMgr;
    private final CallbackList<IUserTokenModificationCallback> m_aCallbacks;

    public UserTokenManagerJDBC(@Nonnull Supplier<? extends DBExecutor> supplier, @Nonnull Function<String, String> function, @Nonnull IUserManager iUserManager) {
        super(supplier);
        this.m_aCallbacks = new CallbackList<>();
        this.m_sTableName = function.apply("secusertoken");
        this.m_aUserMgr = (IUserManager) ValueEnforcer.notNull(iUserManager, "UserManager");
    }

    @Nonnull
    @Nonempty
    public final String getTableName() {
        return this.m_sTableName;
    }

    @Nonnull
    public final IUserManager getUserManager() {
        return this.m_aUserMgr;
    }

    @Nonnull
    private static IJsonObject _asJson(@Nonnull IRevocationStatus iRevocationStatus) {
        return new JsonObject().add("revoked", iRevocationStatus.isRevoked()).addIfNotNull(CLogin.REQUEST_ATTR_USERID, iRevocationStatus.getRevocationUserID()).addIfNotNull("dt", PDTWebDateHelper.getAsStringXSD(iRevocationStatus.getRevocationDateTime())).addIfNotNull("reason", iRevocationStatus.getRevocationReason());
    }

    @Nonnull
    private static IJsonObject _asJson(@Nonnull IAccessToken iAccessToken) {
        return new JsonObject().add("token", iAccessToken.getTokenString()).add("notbefore", PDTWebDateHelper.getAsStringXSD(iAccessToken.getNotBefore())).addIfNotNull("notafter", PDTWebDateHelper.getAsStringXSD(iAccessToken.getNotAfter())).add("revocation", _asJson(iAccessToken.getRevocationStatus()));
    }

    @Nonnull
    private static String _asString(@Nonnull IAccessTokenList iAccessTokenList) {
        return new JsonArray().addAllMapped(iAccessTokenList.getAllAccessTokens(), UserTokenManagerJDBC::_asJson).getAsJsonString();
    }

    @Nullable
    private static AccessToken _parseAccessToken(@Nonnull IJsonObject iJsonObject) {
        IJsonObject asObject = iJsonObject.getAsObject("revocation");
        return new AccessToken(iJsonObject.getAsString("token"), PDTWebDateHelper.getLocalDateTimeFromXSD(iJsonObject.getAsString("notbefore")), PDTWebDateHelper.getLocalDateTimeFromXSD(iJsonObject.getAsString("notafter")), new RevocationStatus(asObject.getAsBoolean("revoked"), asObject.getAsString(CLogin.REQUEST_ATTR_USERID), PDTWebDateHelper.getLocalDateTimeFromXSD(asObject.getAsString("dt")), asObject.getAsString("reason")));
    }

    @Nullable
    private static ICommonsList<AccessToken> _parseAccessTokens(@Nullable String str) {
        IJsonArray readAsArray;
        if (StringHelper.hasNoText(str) || (readAsArray = JsonReader.builder().source(str).readAsArray()) == null || readAsArray.isEmpty()) {
            return null;
        }
        return new CommonsArrayList(readAsArray.iteratorObjects(), UserTokenManagerJDBC::_parseAccessToken);
    }

    @Nonnull
    @ReturnsMutableCopy
    private ICommonsList<IUserToken> _getAllWhere(@Nullable String str, @Nullable ConstantPreparedStatementDataProvider constantPreparedStatementDataProvider) {
        ICommonsList<DBResultRow> queryAll;
        CommonsArrayList commonsArrayList = new CommonsArrayList();
        String str2 = "SELECT id, creationdt, creationuserid, lastmoddt, lastmoduserid, deletedt, deleteuserid, attrs, accesstokens, userid, description FROM " + this.m_sTableName;
        if (StringHelper.hasText(str)) {
            String str3 = str2 + " WHERE " + str;
            queryAll = constantPreparedStatementDataProvider != null ? newExecutor().queryAll(str3, constantPreparedStatementDataProvider) : newExecutor().queryAll(str3);
        } else {
            queryAll = newExecutor().queryAll(str2);
        }
        if (queryAll != null) {
            for (DBResultRow dBResultRow : queryAll) {
                commonsArrayList.add(new UserToken(new StubObject(dBResultRow.getAsString(0), dBResultRow.getAsLocalDateTime(1), dBResultRow.getAsString(2), dBResultRow.getAsLocalDateTime(3), dBResultRow.getAsString(4), dBResultRow.getAsLocalDateTime(5), dBResultRow.getAsString(6), attrsToMap(dBResultRow.getAsString(7))), _parseAccessTokens(dBResultRow.getAsString(8)), this.m_aUserMgr.getUserOfID(dBResultRow.getAsString(9)), dBResultRow.getAsString(10)));
            }
        }
        return commonsArrayList;
    }

    @Override // com.helger.photon.io.mgr.IPhotonManager
    @Nonnull
    @ReturnsMutableCopy
    public ICommonsList<IUserToken> getAll() {
        return _getAllWhere(null, null);
    }

    @Override // com.helger.photon.io.mgr.IPhotonManager
    public boolean containsWithID(@Nullable String str) {
        return !StringHelper.hasNoText(str) && newExecutor().queryCount("SELECT COUNT(*) FROM " + this.m_sTableName + " WHERE id=?", new ConstantPreparedStatementDataProvider(str)) > 0;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.helger.photon.io.mgr.IPhotonManager
    public boolean containsAllIDs(@Nullable Iterable<String> iterable) {
        if (iterable == null) {
            return true;
        }
        CommonsLinkedHashSet commonsLinkedHashSet = new CommonsLinkedHashSet((Iterable) iterable);
        int size = commonsLinkedHashSet.size();
        if (size == 1) {
            return containsWithID((String) commonsLinkedHashSet.getFirst());
        }
        if (size <= 0) {
            return true;
        }
        StringBuilder sb = new StringBuilder(size * 2);
        for (int i = 0; i < size; i++) {
            if (i > 0) {
                sb.append(',');
            }
            sb.append('?');
        }
        return newExecutor().queryCount("SELECT COUNT(*) FROM " + this.m_sTableName + " WHERE id IN (" + sb.toString() + ")", new ConstantPreparedStatementDataProvider(iterable)) == ((long) size);
    }

    @Override // com.helger.photon.security.token.user.IUserTokenManager
    @Nonnull
    @ReturnsMutableObject
    public CallbackList<IUserTokenModificationCallback> userTokenModificationCallbacks() {
        return this.m_aCallbacks;
    }

    @Nonnull
    private ESuccess _internalCreateItem(@Nonnull UserToken userToken) {
        DBExecutor newExecutor = newExecutor();
        return newExecutor.performInTransaction(() -> {
            long insertOrUpdateOrDelete = newExecutor.insertOrUpdateOrDelete("INSERT INTO " + this.m_sTableName + " (id, creationdt, creationuserid, lastmoddt, lastmoduserid, deletedt, deleteuserid, attrs, accesstokens, userid, description) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", new ConstantPreparedStatementDataProvider(DBValueHelper.getTrimmedToLength(userToken.getID(), 45), DBValueHelper.toTimestamp(userToken.getCreationDateTime()), DBValueHelper.getTrimmedToLength(userToken.getCreationUserID(), 40), DBValueHelper.toTimestamp(userToken.getLastModificationDateTime()), DBValueHelper.getTrimmedToLength(userToken.getLastModificationUserID(), 40), DBValueHelper.toTimestamp(userToken.getDeletionDateTime()), DBValueHelper.getTrimmedToLength(userToken.getDeletionUserID(), 40), attrsToString(userToken.attrs()), _asString(userToken.getAccessTokenList()), DBValueHelper.getTrimmedToLength(userToken.getUserID(), 20), userToken.getDescription()));
            if (insertOrUpdateOrDelete != 1) {
                throw new IllegalStateException("Failed to create new DB entry (" + insertOrUpdateOrDelete + ")");
            }
        });
    }

    @Nullable
    public UserToken internalCreateUserToken(@Nonnull UserToken userToken, boolean z) {
        if (_internalCreateItem(userToken).isFailure()) {
            AuditHelper.onAuditCreateFailure(UserToken.OT, userToken.getID(), userToken.attrs(), userToken.getUserID(), userToken.getDescription(), "database-error");
            return null;
        }
        AuditHelper.onAuditCreateSuccess(UserToken.OT, userToken.getID(), userToken.attrs(), userToken.getUserID(), userToken.getDescription());
        if (z) {
            this.m_aCallbacks.forEach(iUserTokenModificationCallback -> {
                iUserTokenModificationCallback.onUserTokenCreated(userToken);
            });
        }
        return userToken;
    }

    @Override // com.helger.photon.security.token.user.IUserTokenManager
    @Nullable
    public UserToken createUserToken(@Nullable String str, @Nullable Map<String, String> map, @Nonnull IUser iUser, @Nullable String str2) {
        return internalCreateUserToken(new UserToken(str, map, iUser, str2), true);
    }

    @Override // com.helger.photon.security.token.user.IUserTokenManager
    @Nonnull
    public EChange updateUserToken(@Nullable String str, @Nullable Map<String, String> map, @Nullable String str2) {
        if (StringHelper.hasNoText(str)) {
            return EChange.UNCHANGED;
        }
        MutableLong mutableLong = new MutableLong(-1L);
        DBExecutor newExecutor = newExecutor();
        if (newExecutor.performInTransaction(() -> {
            mutableLong.set(newExecutor.insertOrUpdateOrDelete("UPDATE " + this.m_sTableName + " SET attrs=?, description=?, lastmoddt=?, lastmoduserid=? WHERE id=?", new ConstantPreparedStatementDataProvider(attrsToString(map), str2, DBValueHelper.toTimestamp(PDTFactory.getCurrentLocalDateTime()), DBValueHelper.getTrimmedToLength(BusinessObjectHelper.getUserIDOrFallback(), 40), DBValueHelper.getTrimmedToLength(str, 45))));
        }).isFailure()) {
            AuditHelper.onAuditModifyFailure(UserToken.OT, "set-all", str, map, str2, "database-error");
            return EChange.UNCHANGED;
        }
        if (mutableLong.is0()) {
            AuditHelper.onAuditModifyFailure(UserToken.OT, "set-all", str, "no-such-id");
            return EChange.UNCHANGED;
        }
        AuditHelper.onAuditModifySuccess(UserToken.OT, "set-all", str, map, str2);
        this.m_aCallbacks.forEach(iUserTokenModificationCallback -> {
            iUserTokenModificationCallback.onUserTokenUpdated(str);
        });
        return EChange.CHANGED;
    }

    @Override // com.helger.photon.security.token.user.IUserTokenManager
    @Nonnull
    public EChange deleteUserToken(@Nullable String str) {
        if (StringHelper.hasNoText(str)) {
            return EChange.UNCHANGED;
        }
        MutableLong mutableLong = new MutableLong(-1L);
        DBExecutor newExecutor = newExecutor();
        if (newExecutor.performInTransaction(() -> {
            mutableLong.set(newExecutor.insertOrUpdateOrDelete("UPDATE " + this.m_sTableName + " SET deletedt=?, deleteuserid=? WHERE id=?", new ConstantPreparedStatementDataProvider(DBValueHelper.toTimestamp(PDTFactory.getCurrentLocalDateTime()), DBValueHelper.getTrimmedToLength(BusinessObjectHelper.getUserIDOrFallback(), 40), DBValueHelper.getTrimmedToLength(str, 45))));
        }).isFailure()) {
            AuditHelper.onAuditDeleteFailure(UserToken.OT, str, "database-error");
            return EChange.UNCHANGED;
        }
        if (mutableLong.is0()) {
            AuditHelper.onAuditDeleteFailure(UserToken.OT, str, "no-such-id");
            return EChange.UNCHANGED;
        }
        AuditHelper.onAuditDeleteSuccess(UserToken.OT, str);
        this.m_aCallbacks.forEach(iUserTokenModificationCallback -> {
            iUserTokenModificationCallback.onUserTokenDeleted(str);
        });
        return EChange.CHANGED;
    }

    @Override // com.helger.photon.security.token.user.IUserTokenManager
    @Nonnull
    public EChange createNewAccessToken(@Nullable String str, @Nonnull @Nonempty String str2, @Nonnull LocalDateTime localDateTime, @Nonnull @Nonempty String str3, @Nullable String str4) {
        if (StringHelper.hasNoText(str)) {
            return EChange.UNCHANGED;
        }
        Wrapper wrapper = new Wrapper();
        DBExecutor newExecutor = newExecutor();
        String str5 = "SELECT accesstokens FROM " + this.m_sTableName + " WHERE id=?";
        ConstantPreparedStatementDataProvider constantPreparedStatementDataProvider = new ConstantPreparedStatementDataProvider(DBValueHelper.getTrimmedToLength(str, 45));
        Objects.requireNonNull(wrapper);
        newExecutor.querySingle(str5, constantPreparedStatementDataProvider, (v1) -> {
            r3.set(v1);
        });
        if (wrapper.isNotSet()) {
            return EChange.UNCHANGED;
        }
        AccessTokenList accessTokenList = new AccessTokenList(_parseAccessTokens(((DBResultRow) wrapper.get()).getAsString(0)));
        accessTokenList.revokeActiveAccessToken(str2, localDateTime, str3);
        AccessToken createNewAccessToken = accessTokenList.createNewAccessToken(str4);
        MutableLong mutableLong = new MutableLong(-1L);
        DBExecutor newExecutor2 = newExecutor();
        if (newExecutor2.performInTransaction(() -> {
            mutableLong.set(newExecutor2.insertOrUpdateOrDelete("UPDATE " + this.m_sTableName + " SET accesstokens=?, lastmoddt=?, lastmoduserid=? WHERE id=?", new ConstantPreparedStatementDataProvider(_asString(accessTokenList), DBValueHelper.toTimestamp(PDTFactory.getCurrentLocalDateTime()), DBValueHelper.getTrimmedToLength(BusinessObjectHelper.getUserIDOrFallback(), 40), DBValueHelper.getTrimmedToLength(str, 45))));
        }).isFailure()) {
            AuditHelper.onAuditModifyFailure(UserToken.OT, "create-new-access-token", str, "database-error");
            return EChange.UNCHANGED;
        }
        if (mutableLong.is0()) {
            AuditHelper.onAuditModifyFailure(UserToken.OT, "create-new-access-token", str, "no-such-id");
            return EChange.UNCHANGED;
        }
        AuditHelper.onAuditModifySuccess(UserToken.OT, "create-new-access-token", str, str2, localDateTime, str3, str4);
        this.m_aCallbacks.forEach(iUserTokenModificationCallback -> {
            iUserTokenModificationCallback.onUserTokenCreateAccessToken(str, createNewAccessToken);
        });
        return EChange.CHANGED;
    }

    @Override // com.helger.photon.security.token.user.IUserTokenManager
    @Nonnull
    public EChange revokeAccessToken(@Nullable String str, @Nonnull @Nonempty String str2, @Nonnull LocalDateTime localDateTime, @Nonnull @Nonempty String str3) {
        if (StringHelper.hasNoText(str)) {
            return EChange.UNCHANGED;
        }
        Wrapper wrapper = new Wrapper();
        DBExecutor newExecutor = newExecutor();
        String str4 = "SELECT accesstokens FROM " + this.m_sTableName + " WHERE id=?";
        ConstantPreparedStatementDataProvider constantPreparedStatementDataProvider = new ConstantPreparedStatementDataProvider(DBValueHelper.getTrimmedToLength(str, 45));
        Objects.requireNonNull(wrapper);
        newExecutor.querySingle(str4, constantPreparedStatementDataProvider, (v1) -> {
            r3.set(v1);
        });
        if (wrapper.isNotSet()) {
            return EChange.UNCHANGED;
        }
        AccessTokenList accessTokenList = new AccessTokenList(_parseAccessTokens(((DBResultRow) wrapper.get()).getAsString(0)));
        if (accessTokenList.revokeActiveAccessToken(str2, localDateTime, str3).isUnchanged()) {
            AuditHelper.onAuditModifyFailure(UserToken.OT, "revoke-access-token", str, "already-revoked");
            return EChange.UNCHANGED;
        }
        MutableLong mutableLong = new MutableLong(-1L);
        DBExecutor newExecutor2 = newExecutor();
        if (newExecutor2.performInTransaction(() -> {
            mutableLong.set(newExecutor2.insertOrUpdateOrDelete("UPDATE " + this.m_sTableName + " SET accesstokens=?, lastmoddt=?, lastmoduserid=? WHERE id=?", new ConstantPreparedStatementDataProvider(_asString(accessTokenList), DBValueHelper.toTimestamp(PDTFactory.getCurrentLocalDateTime()), DBValueHelper.getTrimmedToLength(BusinessObjectHelper.getUserIDOrFallback(), 40), DBValueHelper.getTrimmedToLength(str, 45))));
        }).isFailure()) {
            AuditHelper.onAuditModifyFailure(UserToken.OT, "revoke-access-token", str, "database-error");
            return EChange.UNCHANGED;
        }
        if (mutableLong.is0()) {
            AuditHelper.onAuditModifyFailure(UserToken.OT, "revoke-access-token", str, "no-such-id");
            return EChange.UNCHANGED;
        }
        AuditHelper.onAuditModifySuccess(UserToken.OT, "revoke-access-token", str, str2, localDateTime, str3);
        this.m_aCallbacks.forEach(iUserTokenModificationCallback -> {
            iUserTokenModificationCallback.onUserTokenRevokeAccessToken(str);
        });
        return EChange.CHANGED;
    }

    @Override // com.helger.photon.security.token.user.IUserTokenManager
    @Nonnull
    @ReturnsMutableCopy
    public ICommonsList<IUserToken> getAllActiveUserTokens() {
        return _getAllWhere("deletedt IS NULL", null);
    }

    @Override // com.helger.photon.security.token.user.IUserTokenManager
    @Nullable
    public IUserToken getUserTokenOfID(@Nullable String str) {
        if (StringHelper.hasNoText(str)) {
            return null;
        }
        Wrapper wrapper = new Wrapper();
        DBExecutor newExecutor = newExecutor();
        String str2 = "SELECT creationdt, creationuserid, lastmoddt, lastmoduserid, deletedt, deleteuserid, attrs, accesstokens, userid, description FROM " + this.m_sTableName + " WHERE id=?";
        ConstantPreparedStatementDataProvider constantPreparedStatementDataProvider = new ConstantPreparedStatementDataProvider(DBValueHelper.getTrimmedToLength(str, 45));
        Objects.requireNonNull(wrapper);
        newExecutor.querySingle(str2, constantPreparedStatementDataProvider, (v1) -> {
            r3.set(v1);
        });
        if (wrapper.isNotSet()) {
            return null;
        }
        DBResultRow dBResultRow = (DBResultRow) wrapper.get();
        return new UserToken(new StubObject(str, dBResultRow.getAsLocalDateTime(0), dBResultRow.getAsString(1), dBResultRow.getAsLocalDateTime(2), dBResultRow.getAsString(3), dBResultRow.getAsLocalDateTime(4), dBResultRow.getAsString(5), attrsToMap(dBResultRow.getAsString(6))), _parseAccessTokens(dBResultRow.getAsString(7)), this.m_aUserMgr.getUserOfID(dBResultRow.getAsString(8)), dBResultRow.getAsString(9));
    }

    @Override // com.helger.photon.security.token.user.IUserTokenManager
    @Nullable
    public IUserToken getUserTokenOfTokenString(@Nullable String str) {
        ICommonsList<DBResultRow> queryAll;
        if (StringHelper.hasNoText(str) || (queryAll = newExecutor().queryAll("SELECT id, accesstokens FROM " + this.m_sTableName)) == null) {
            return null;
        }
        for (DBResultRow dBResultRow : queryAll) {
            String asString = dBResultRow.getAsString(0);
            if (str.equals(new AccessTokenList(_parseAccessTokens(dBResultRow.getAsString(1))).getActiveTokenString())) {
                return getUserTokenOfID(asString);
            }
        }
        return null;
    }

    @Override // com.helger.photon.security.token.user.IUserTokenManager
    public boolean isAccessTokenUsed(@Nullable String str) {
        ICommonsList<DBResultRow> queryAll;
        if (StringHelper.hasNoText(str) || (queryAll = newExecutor().queryAll("SELECT accesstokens FROM " + this.m_sTableName)) == null) {
            return false;
        }
        Iterator<DBResultRow> it = queryAll.iterator();
        while (it.hasNext()) {
            if (new AccessTokenList(_parseAccessTokens(it.next().getAsString(0))).findFirstAccessToken(iAccessToken -> {
                return iAccessToken.getTokenString().equals(str);
            }) != null) {
                return true;
            }
        }
        return false;
    }
}
