package io.preboot.auth.core.usecase;

import io.preboot.auth.api.dto.AuthResponse;
import io.preboot.auth.api.dto.UserAccountInfo;
import io.preboot.auth.api.exception.SessionExpiredException;
import io.preboot.auth.core.model.UserAccountSession;
import io.preboot.auth.core.service.DeviceFingerprintService;
import io.preboot.auth.core.service.JwtTokenService;
import io.preboot.auth.core.service.SessionService;
import jakarta.servlet.http.HttpServletRequest;
import java.time.Instant;
import java.util.UUID;
import lombok.Generated;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.server.ResponseStatusException;

@Service
/* loaded from: input_file:io/preboot/auth/core/usecase/ManageUserAccountSessionUseCase.class */
public class ManageUserAccountSessionUseCase {
    private final JwtTokenService jwtTokenService;
    private final SessionService sessionService;
    private final DeviceFingerprintService deviceFingerprintService;
    private final GetUserAccountUseCase getUserAccountUseCase;

    @Transactional
    public void logout(HttpServletRequest httpServletRequest) {
        this.sessionService.deactivateSession(this.jwtTokenService.extractSessionId(extractTokenFromRequest(httpServletRequest)));
    }

    @Transactional(readOnly = true)
    public UserAccountInfo getCurrentUserAccount(HttpServletRequest httpServletRequest) {
        UserAccountSession session = this.sessionService.getSession(this.jwtTokenService.extractSessionId(extractTokenFromRequest(httpServletRequest)));
        if (session.getExpiresAt().isBefore(Instant.now())) {
            throw new SessionExpiredException("Session has expired");
        }
        return this.getUserAccountUseCase.execute(session.getUserAccountId(), session.getTenantId());
    }

    @Transactional
    public AuthResponse refreshSession(HttpServletRequest httpServletRequest, UUID uuid) {
        return new AuthResponse(this.jwtTokenService.generateToken(this.sessionService.refreshSession(this.jwtTokenService.extractSessionId(extractTokenFromRequest(httpServletRequest)), this.deviceFingerprintService.generateFingerprint(httpServletRequest, null), uuid).getSessionId()));
    }

    private String extractTokenFromRequest(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null || !header.startsWith("Bearer ")) {
            throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "Missing or invalid Authorization header");
        }
        return header.substring(7);
    }

    @Generated
    public ManageUserAccountSessionUseCase(JwtTokenService jwtTokenService, SessionService sessionService, DeviceFingerprintService deviceFingerprintService, GetUserAccountUseCase getUserAccountUseCase) {
        this.jwtTokenService = jwtTokenService;
        this.sessionService = sessionService;
        this.deviceFingerprintService = deviceFingerprintService;
        this.getUserAccountUseCase = getUserAccountUseCase;
    }
}
