package io.preboot.auth.core.usecase;

import io.preboot.auth.api.dto.AuthResponse;
import io.preboot.auth.api.dto.PasswordLoginRequest;
import io.preboot.auth.api.exception.PasswordInvalidException;
import io.preboot.auth.api.exception.TenantAccessDeniedException;
import io.preboot.auth.api.exception.UserAccountNotFoundException;
import io.preboot.auth.core.model.Tenant;
import io.preboot.auth.core.model.UserAccount;
import io.preboot.auth.core.model.UserAccountSession;
import io.preboot.auth.core.model.UserAccountTenant;
import io.preboot.auth.core.repository.TenantRepository;
import io.preboot.auth.core.repository.UserAccountRepository;
import io.preboot.auth.core.repository.UserAccountTenantRepository;
import io.preboot.auth.core.service.DeviceFingerprintService;
import io.preboot.auth.core.service.JwtTokenService;
import io.preboot.auth.core.service.SessionService;
import jakarta.servlet.http.HttpServletRequest;
import java.util.List;
import java.util.Optional;
import lombok.Generated;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:io/preboot/auth/core/usecase/AuthenticateUserUseCase.class */
public class AuthenticateUserUseCase {
    private final UserAccountRepository userAccountRepository;
    private final UserAccountTenantRepository userAccountTenantRepository;
    private final TenantRepository tenantRepository;
    private final SessionService sessionService;
    private final DeviceFingerprintService deviceFingerprintService;
    private final JwtTokenService jwtTokenService;
    private final PasswordEncoder passwordEncoder;

    public AuthResponse execute(PasswordLoginRequest passwordLoginRequest, HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("User-Agent");
        String header2 = httpServletRequest.getHeader("X-Forwarded-For");
        UserAccount orElseThrow = this.userAccountRepository.findByEmail(passwordLoginRequest.email()).orElseThrow(() -> {
            return new UserAccountNotFoundException("User not found");
        });
        if (!this.passwordEncoder.matches(passwordLoginRequest.password(), orElseThrow.getEncodedPassword().orElseThrow(PasswordInvalidException::new))) {
            throw new PasswordInvalidException();
        }
        String generateFingerprint = this.deviceFingerprintService.generateFingerprint(httpServletRequest, null);
        List<UserAccountTenant> findAllByUserAccountUuidOrderByLastUsedAt = this.userAccountTenantRepository.findAllByUserAccountUuidOrderByLastUsedAt(orElseThrow.getUuid());
        if (findAllByUserAccountUuidOrderByLastUsedAt.isEmpty() && orElseThrow.isTechnicalAdmin()) {
            return handleTechnicalAdmin(orElseThrow, header, header2, generateFingerprint, passwordLoginRequest.rememberMe());
        }
        if (findAllByUserAccountUuidOrderByLastUsedAt.isEmpty()) {
            throw new TenantAccessDeniedException("User doesn't have access to any tenant");
        }
        UserAccountTenant orElseThrow2 = findAllByUserAccountUuidOrderByLastUsedAt.stream().filter(userAccountTenant -> {
            Optional<Tenant> findByUuid = this.tenantRepository.findByUuid(userAccountTenant.getTenantUuid());
            return findByUuid.isPresent() && findByUuid.get().isActive();
        }).findFirst().orElseThrow(() -> {
            return new TenantAccessDeniedException("No active tenant found for this user");
        });
        UserAccountSession createSession = this.sessionService.createSession(orElseThrow.getUuid(), orElseThrow2.getTenantUuid(), "PASSWORD", header, generateFingerprint, header2, passwordLoginRequest.rememberMe());
        this.userAccountTenantRepository.updateLastUsedAt(orElseThrow.getUuid(), orElseThrow2.getTenantUuid());
        return new AuthResponse(this.jwtTokenService.generateToken(createSession.getSessionId()));
    }

    private AuthResponse handleTechnicalAdmin(UserAccount userAccount, String str, String str2, String str3, boolean z) {
        UserAccountSession createSession = this.sessionService.createSession(userAccount.getUuid(), Tenant.SUPER_ADMIN_TENANT, "PASSWORD", str, str3, str2, z);
        this.userAccountTenantRepository.updateLastUsedAt(userAccount.getUuid(), Tenant.SUPER_ADMIN_TENANT);
        return new AuthResponse(this.jwtTokenService.generateToken(createSession.getSessionId()));
    }

    @Generated
    public AuthenticateUserUseCase(UserAccountRepository userAccountRepository, UserAccountTenantRepository userAccountTenantRepository, TenantRepository tenantRepository, SessionService sessionService, DeviceFingerprintService deviceFingerprintService, JwtTokenService jwtTokenService, PasswordEncoder passwordEncoder) {
        this.userAccountRepository = userAccountRepository;
        this.userAccountTenantRepository = userAccountTenantRepository;
        this.tenantRepository = tenantRepository;
        this.sessionService = sessionService;
        this.deviceFingerprintService = deviceFingerprintService;
        this.jwtTokenService = jwtTokenService;
        this.passwordEncoder = passwordEncoder;
    }
}
