package com.imcode.controllers.html;

import com.imcode.entities.OnceTimeAccessToken;
import com.imcode.entities.Person;
import com.imcode.entities.Role;
import com.imcode.entities.User;
import com.imcode.entities.embed.Email;
import com.imcode.entities.embed.Phone;
import com.imcode.entities.enums.CommunicationTypeEnum;
import com.imcode.exceptions.factories.ErrorBuilder;
import com.imcode.exceptions.wrappers.GeneralError;
import com.imcode.oauth2.IvisClientDetailsService;
import com.imcode.services.OnceTimeAccessTokenService;
import com.imcode.services.PersonService;
import com.imcode.services.RoleService;
import com.imcode.services.UserService;
import com.imcode.utils.MailSenderUtil;
import com.imcode.utils.StaticUtls;
import com.imcode.validators.GeneralValidator;
import java.security.Principal;
import java.util.AbstractMap;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.mail.javamail.JavaMailSender;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BeanPropertyBindingResult;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.MethodArgumentNotValidException;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.context.request.WebRequest;
import org.springframework.web.servlet.ModelAndView;

@Controller
/* loaded from: input_file:com/imcode/controllers/html/AdminController.class */
public class AdminController {
    public Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private ConsumerTokenServices tokenServices;

    @Autowired
    private TokenStore tokenStore;

    @Autowired
    private IvisClientDetailsService clientDetailsService;

    @Value("${Hibernate.dialect}")
    private String test;

    @Autowired
    private UserService userService;

    @Autowired
    private RoleService roleService;

    @Autowired
    private PersonService personService;

    @Autowired
    private JavaMailSender mailSender;

    @Value("${mail.smtp.from.address}")
    private String fromAddress;

    @Value("${mail.smtp.from.username}")
    private String fromUsername;

    @Autowired
    public OnceTimeAccessTokenService onceTimeAccessTokenService;

    @Value("${server.name}")
    private String serverName;

    @RequestMapping(value = {"/oauth/users/{user}/tokens/{token}"}, method = {RequestMethod.DELETE})
    public ResponseEntity<Void> revokeToken(@PathVariable String str, @PathVariable String str2, Principal principal) throws Exception {
        checkResourceOwner(str, principal);
        return this.tokenServices.revokeToken(str2) ? new ResponseEntity<>(HttpStatus.NO_CONTENT) : new ResponseEntity<>(HttpStatus.NOT_FOUND);
    }

    @RequestMapping({"/oauth/clients/{client}/tokens"})
    @ResponseBody
    public Collection<OAuth2AccessToken> listTokensForClient(@PathVariable String str) throws Exception {
        return this.tokenStore.findTokensByClientId(str);
    }

    @RequestMapping(value = {"/oauth/tokens"}, method = {RequestMethod.GET})
    public String tokenList(Model model) {
        IvisClientDetailsService ivisClientDetailsService = this.clientDetailsService;
        List listClientDetails = this.clientDetailsService.listClientDetails();
        LinkedList linkedList = new LinkedList();
        Iterator it = listClientDetails.iterator();
        while (it.hasNext()) {
            Collection findTokensByClientId = this.tokenStore.findTokensByClientId(((ClientDetails) it.next()).getClientId());
            if (findTokensByClientId != null) {
                linkedList.addAll(findTokensByClientId);
            }
        }
        model.addAttribute("tokens", linkedList);
        return "tokens";
    }

    @RequestMapping(value = {"/oauth/tokens/{tokenVlue}"}, method = {RequestMethod.DELETE})
    @ResponseBody
    public boolean delete(@PathVariable("tokenVlue") String str) {
        return this.tokenServices.revokeToken(str);
    }

    @RequestMapping({"/login"})
    public ModelAndView login(@RequestParam(value = "display", required = false) String str, WebRequest webRequest, ModelAndView modelAndView) {
        if (str != null && "popup".equals(str)) {
            modelAndView.setViewName("security/login_popup");
        } else {
            modelAndView.setViewName("security/login");
        }
        return modelAndView;
    }

    @RequestMapping({"/registration"})
    public ModelAndView registration(WebRequest webRequest, ModelAndView modelAndView) {
        modelAndView.addObject(new User());
        modelAndView.setViewName("security/registration");
        return modelAndView;
    }

    @RequestMapping(value = {"/registration/do"}, params = {"firstName", "lastName", "email", "contactPhone"}, method = {RequestMethod.POST})
    public ModelAndView registrationDo(@ModelAttribute("user") User user, @RequestParam("firstName") String str, @RequestParam("lastName") String str2, @RequestParam("email") String str3, @RequestParam("contactPhone") String str4, BindingResult bindingResult, WebRequest webRequest, ModelAndView modelAndView) throws MethodArgumentNotValidException {
        Person person = new Person();
        person.setFirstName(str);
        person.setLastName(str2);
        Email email = new Email();
        email.setValue(str3);
        person.setEmail(email);
        Phone phone = new Phone();
        phone.setValue(str4);
        person.setPhone(phone);
        user.setPerson(person);
        HashMap hashMap = new HashMap();
        GeneralValidator.buildField(hashMap, "password", new AbstractMap.SimpleEntry(GeneralValidator.Constraint.NOT_NULL_OR_EMPTY, null), new AbstractMap.SimpleEntry(GeneralValidator.Constraint.MIN, "4"), new AbstractMap.SimpleEntry(GeneralValidator.Constraint.MATCH_WITH, "confirmPassword"));
        GeneralValidator.buildField(hashMap, "person.firstName", new AbstractMap.SimpleEntry(GeneralValidator.Constraint.NOT_NULL_OR_EMPTY, null), new AbstractMap.SimpleEntry(GeneralValidator.Constraint.MIN, "4"));
        GeneralValidator.buildField(hashMap, "person.lastName", new AbstractMap.SimpleEntry(GeneralValidator.Constraint.NOT_NULL_OR_EMPTY, null), new AbstractMap.SimpleEntry(GeneralValidator.Constraint.MIN, "4"));
        GeneralValidator.buildField(hashMap, "person.emails", new AbstractMap.SimpleEntry(GeneralValidator.Constraint.NOT_NULL_OR_EMPTY, null), new AbstractMap.SimpleEntry(GeneralValidator.Constraint.REGEX, GeneralValidator.EMAIL_PATTERN));
        GeneralValidator.buildField(hashMap, "person.phones", new AbstractMap.SimpleEntry(GeneralValidator.Constraint.NOT_NULL_OR_EMPTY, null), new AbstractMap.SimpleEntry(GeneralValidator.Constraint.MIN, "8"));
        if (this.userService.findByUsername(user.getUsername()) != null) {
            bindingResult.reject((String) null, "username not unique");
        }
        if (this.userService.findByEmail(str3) != null) {
            bindingResult.reject((String) null, "email not unique");
        }
        new GeneralValidator(hashMap).invoke(user, bindingResult);
        StaticUtls.encodeUserPassword(user);
        OnceTimeAccessToken genToken = OnceTimeAccessToken.genToken(user, 1440, OnceTimeAccessToken.TokenType.VERIFICATION);
        this.onceTimeAccessTokenService.save(genToken);
        String str5 = "Thank you, " + user.getUsername() + " for registration in iVIS. Please follow link to confirm registration: " + StaticUtls.genLinkConfirmationForOnceTimeAccessToken(genToken, this.serverName, "registration");
        MailSenderUtil mailSenderUtil = new MailSenderUtil(this.mailSender, false, false, this.fromAddress, this.fromUsername);
        mailSenderUtil.createMessage(str3, "Registration confirmation in iVIS", str5);
        mailSenderUtil.sendMessage();
        modelAndView.setViewName("redirect:/login");
        return modelAndView;
    }

    @RequestMapping(value = {"/registration/confirm"}, params = {"access", "id"}, method = {RequestMethod.GET})
    public ModelAndView registrationConfirm(@RequestParam("access") String str, @RequestParam("id") Long l, WebRequest webRequest, ModelAndView modelAndView) {
        OnceTimeAccessToken onceTimeAccessToken = (OnceTimeAccessToken) this.onceTimeAccessTokenService.find(l);
        String checkOnceTimeAccessToken = StaticUtls.checkOnceTimeAccessToken(onceTimeAccessToken, str);
        if (checkOnceTimeAccessToken != null) {
            modelAndView.addObject(ErrorBuilder.buildSecurityException(checkOnceTimeAccessToken));
            modelAndView.setViewName("errors/error");
            return modelAndView;
        }
        User user = onceTimeAccessToken.getUser();
        user.setEnabled(true);
        Role role = (Role) this.roleService.findFirstByName("ROLE_USER");
        HashSet hashSet = new HashSet();
        hashSet.add(role);
        user.setRoles(hashSet);
        user.setPerson((Person) this.personService.save(user.getPerson()));
        this.userService.save(user);
        onceTimeAccessToken.setUsed(true);
        this.onceTimeAccessTokenService.save(onceTimeAccessToken);
        String value = ((Email) user.getPerson().getEmails().get(CommunicationTypeEnum.HOME)).getValue();
        String str2 = "Now you, " + user.getUsername() + " can use iVIS system. You can log in " + this.serverName + "/login using your username and password.";
        MailSenderUtil mailSenderUtil = new MailSenderUtil(this.mailSender, false, false, this.fromAddress, this.fromUsername);
        mailSenderUtil.createMessage(value, "Registration complete success", str2);
        mailSenderUtil.sendMessage();
        modelAndView.setViewName("redirect:/login");
        return modelAndView;
    }

    @RequestMapping(value = {"/registration/emailunique"}, method = {RequestMethod.GET})
    @ResponseBody
    public Boolean registrationEmailCheck(@RequestParam("email") String str, WebRequest webRequest, ModelAndView modelAndView) {
        return Boolean.valueOf(this.userService.findByEmail(str) == null);
    }

    @RequestMapping(value = {"/registration/usernameunique"}, method = {RequestMethod.GET})
    @ResponseBody
    public Boolean registrationUsernameCheck(@RequestParam("username") String str, WebRequest webRequest, ModelAndView modelAndView) {
        return Boolean.valueOf(this.userService.findByUsername(str) == null);
    }

    @RequestMapping({"/restore_password"})
    public ModelAndView restorePassword(WebRequest webRequest, ModelAndView modelAndView) {
        modelAndView.setViewName("security/restore_password");
        return modelAndView;
    }

    @RequestMapping(value = {"/restore_password/email"}, method = {RequestMethod.POST})
    public ModelAndView restorePasswordEmail(@RequestParam("email") String str, WebRequest webRequest, ModelAndView modelAndView) {
        User findByEmail = this.userService.findByEmail(str);
        if (findByEmail == null) {
            modelAndView.addObject(ErrorBuilder.buildValidationError((List<String>) Arrays.asList("user with email " + str + " does not exist")));
            modelAndView.setViewName("errors/error");
            return modelAndView;
        }
        OnceTimeAccessToken genToken = OnceTimeAccessToken.genToken(findByEmail, 1440, OnceTimeAccessToken.TokenType.PASSWORD_RESET);
        this.onceTimeAccessTokenService.save(genToken);
        String str2 = "Hello, " + findByEmail.getUsername() + ". For restore password in iVIS please follow link  " + StaticUtls.genLinkConfirmationForOnceTimeAccessToken(genToken, this.serverName, "restore_password");
        MailSenderUtil mailSenderUtil = new MailSenderUtil(this.mailSender, false, false, this.fromAddress, this.fromUsername);
        mailSenderUtil.createMessage(str, "Restore password in iVIS", str2);
        mailSenderUtil.sendMessage();
        modelAndView.setViewName("redirect:/login");
        return modelAndView;
    }

    @RequestMapping(value = {"/restore_password/confirm"}, params = {"access", "id"}, method = {RequestMethod.GET})
    public ModelAndView restorePasswordConfirm(@RequestParam("access") String str, @RequestParam("id") Long l, WebRequest webRequest, ModelAndView modelAndView) {
        OnceTimeAccessToken onceTimeAccessToken = (OnceTimeAccessToken) this.onceTimeAccessTokenService.find(l);
        String checkOnceTimeAccessToken = StaticUtls.checkOnceTimeAccessToken(onceTimeAccessToken, str);
        if (checkOnceTimeAccessToken != null) {
            modelAndView.addObject(ErrorBuilder.buildSecurityException(checkOnceTimeAccessToken));
            modelAndView.setViewName("errors/error");
            return modelAndView;
        }
        onceTimeAccessToken.setUsed(true);
        this.onceTimeAccessTokenService.save(onceTimeAccessToken);
        modelAndView.addObject("user", onceTimeAccessToken.getUser());
        modelAndView.setViewName("security/restore_password");
        return modelAndView;
    }

    @RequestMapping(value = {"/restore_password/do"}, params = {"password", "userId"}, method = {RequestMethod.POST})
    public ModelAndView restorePasswordDo(@RequestParam("password") String str, @RequestParam("confirmPassword") String str2, @RequestParam("userId") Long l, WebRequest webRequest, ModelAndView modelAndView) throws MethodArgumentNotValidException {
        User user = (User) this.userService.find(l);
        if (user == null) {
            modelAndView.addObject(ErrorBuilder.buildValidationError((List<String>) Arrays.asList("user with id " + l + " does not exist")));
            modelAndView.setViewName("errors/error");
            return modelAndView;
        }
        user.setPassword(str);
        user.setConfirmPassword(str2);
        HashMap hashMap = new HashMap();
        GeneralValidator.buildField(hashMap, "password", new AbstractMap.SimpleEntry(GeneralValidator.Constraint.NOT_NULL_OR_EMPTY, null), new AbstractMap.SimpleEntry(GeneralValidator.Constraint.MIN, "8"), new AbstractMap.SimpleEntry(GeneralValidator.Constraint.MATCH_WITH, "confirmPassword"));
        new GeneralValidator(hashMap).invoke(user, new BeanPropertyBindingResult(user, "user"));
        StaticUtls.encodeUserPassword(user);
        this.userService.save(user);
        String value = ((Email) user.getPerson().getEmails().get(CommunicationTypeEnum.HOME)).getValue();
        String str3 = "Hello, " + user.getUsername() + ". Your password has bean changed.";
        MailSenderUtil mailSenderUtil = new MailSenderUtil(this.mailSender, false, false, this.fromAddress, this.fromUsername);
        mailSenderUtil.createMessage(value, "Restore password in iVIS", str3);
        mailSenderUtil.sendMessage();
        modelAndView.setViewName("redirect:/login");
        return modelAndView;
    }

    @RequestMapping(value = {"/restore_password/emailunique"}, method = {RequestMethod.GET})
    @ResponseBody
    public Boolean restorePasswordEmailCheck(@RequestParam("email") String str, WebRequest webRequest, ModelAndView modelAndView) {
        return registrationEmailCheck(str, webRequest, modelAndView);
    }

    @RequestMapping({"/", "/home", "index"})
    public String home() {
        return "default";
    }

    @RequestMapping({"/errorhandler"})
    public void errorHandler(HttpServletRequest httpServletRequest, ModelAndView modelAndView) throws Exception {
        throw ((Exception) httpServletRequest.getAttribute("javax.servlet.error.exception"));
    }

    @RequestMapping(value = {"/errorhandler"}, params = {"body"}, method = {RequestMethod.GET})
    public ModelAndView errorHandlerWithBody(HttpServletRequest httpServletRequest, ModelAndView modelAndView) throws Exception {
        GeneralError generalError = new GeneralError();
        generalError.setErrorCode(Integer.valueOf(Integer.parseInt(httpServletRequest.getParameter("error_code"))));
        generalError.setErrorMessage(httpServletRequest.getParameter("error_message"));
        generalError.setErrorDescription(Arrays.asList(httpServletRequest.getParameter("error_description").split(",")));
        modelAndView.addObject(generalError);
        modelAndView.setViewName("errors/error");
        return modelAndView;
    }

    private void checkResourceOwner(String str, Principal principal) {
        if ((principal instanceof OAuth2Authentication) && !((OAuth2Authentication) principal).isClientOnly() && !str.equals(principal.getName())) {
            throw new AccessDeniedException(String.format("User '%s' cannot obtain tokens for user '%s'", principal.getName(), str));
        }
    }

    public void setTokenServices(ConsumerTokenServices consumerTokenServices) {
        this.tokenServices = consumerTokenServices;
    }

    public void setTokenStore(TokenStore tokenStore) {
        this.tokenStore = tokenStore;
    }

    public void setClientDetailsService(IvisClientDetailsService ivisClientDetailsService) {
        this.clientDetailsService = ivisClientDetailsService;
    }
}
