package com.sqldashboards.pro;

import com.sqldashboards.lic.PLicenser;
import com.sqldashboards.webby.Application;
import com.sqldashboards.webby.PasswordAuthentication;
import com.sqldashboards.webby.RoleType;
import com.sqldashboards.webby.User;
import com.sqldashboards.webby.UserRepository;
import com.timestored.babeldb.Curler;
import io.micronaut.http.HttpRequest;
import io.micronaut.security.authentication.AuthenticationProvider;
import io.micronaut.security.authentication.AuthenticationRequest;
import io.micronaut.security.authentication.AuthenticationResponse;
import jakarta.inject.Inject;
import jakarta.inject.Singleton;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.logging.Logger;
import org.reactivestreams.Publisher;
import reactor.core.publisher.Mono;

@Singleton
/* loaded from: input_file:com/sqldashboards/pro/AuthenticationProviderUserPassword.class */
public class AuthenticationProviderUserPassword implements AuthenticationProvider {

    @Inject
    UserRepository userRepository;
    private static final Logger log = Logger.getLogger(AuthenticationProviderUserPassword.class.getName());
    public static final String USER_HEADER = Application.CONFIG.getUsername_header_name();

    /* loaded from: input_file:com/sqldashboards/pro/AuthenticationProviderUserPassword$HttpAuthentication.class */
    public static class HttpAuthentication implements UserAuthentication {
        private final String url;

        @Override // com.sqldashboards.pro.AuthenticationProviderUserPassword.UserAuthentication
        public boolean authenticate(String str, String str2, User user) {
            String fetchURL = Curler.fetchURL(this.url.replace("((username))", URLEncoder.encode(str)).replace("((password))", URLEncoder.encode(str2.replace("\"", "\\\""))));
            if (fetchURL != null) {
                return fetchURL != null && fetchURL.toLowerCase().contains("granted");
            }
            AuthenticationProviderUserPassword.log.severe("Could NOT communicate with HttpAuthentication " + this.url);
            return false;
        }

        public HttpAuthentication(String str) {
            this.url = str;
        }
    }

    /* loaded from: input_file:com/sqldashboards/pro/AuthenticationProviderUserPassword$RoleProvider.class */
    public interface RoleProvider {
        List<String> getRoles(String str, User user);
    }

    /* loaded from: input_file:com/sqldashboards/pro/AuthenticationProviderUserPassword$StoredRoleProvider.class */
    public static class StoredRoleProvider implements RoleProvider {

        @Inject
        UserRepository userRepository;

        @Override // com.sqldashboards.pro.AuthenticationProviderUserPassword.RoleProvider
        public List<String> getRoles(String str, User user) {
            if (user == null) {
                return Collections.emptyList();
            }
            ArrayList arrayList = new ArrayList(4);
            arrayList.add("STANDARD");
            arrayList.add("USERID" + user.getId());
            Iterator<RoleType> it = user.getRoleType().getAllRoles().iterator();
            while (it.hasNext()) {
                arrayList.add(it.next().name());
            }
            if (user.isEmailVerified() || user.getEmail() == null || user.getEmail().isEmpty()) {
                arrayList.add("VERIFIED");
            }
            return arrayList;
        }
    }

    /* loaded from: input_file:com/sqldashboards/pro/AuthenticationProviderUserPassword$StoredUserAuthentication.class */
    public static class StoredUserAuthentication implements UserAuthentication {

        @Inject
        UserRepository userRepository;
        private final PasswordAuthentication pauth = new PasswordAuthentication();

        @Override // com.sqldashboards.pro.AuthenticationProviderUserPassword.UserAuthentication
        public boolean authenticate(String str, String str2, User user) {
            if (user != null) {
                return this.pauth.authenticate(str2.toCharArray(), user.getPassword());
            }
            return false;
        }
    }

    /* loaded from: input_file:com/sqldashboards/pro/AuthenticationProviderUserPassword$UserAuthentication.class */
    public interface UserAuthentication {
        boolean authenticate(String str, String str2, User user);
    }

    @Override // io.micronaut.security.authentication.AuthenticationProvider
    public Publisher<AuthenticationResponse> authenticate(HttpRequest<?> httpRequest, AuthenticationRequest<?, ?> authenticationRequest) {
        return Mono.create(monoSink -> {
            String str = (String) authenticationRequest.getIdentity();
            String str2 = (String) authenticationRequest.getSecret();
            String auth_url = Application.CONFIG.getAuth_url();
            UserAuthentication storedUserAuthentication = new StoredUserAuthentication();
            if (auth_url != null) {
                if (PLicenser.isPro()) {
                    storedUserAuthentication = new HttpAuthentication(auth_url);
                } else {
                    log.severe("Pro version of Pulse required to use AUTH URL.");
                }
            }
            StoredRoleProvider storedRoleProvider = new StoredRoleProvider();
            String str3 = null;
            String master_api_key = Application.CONFIG.getMaster_api_key();
            if (master_api_key != null && master_api_key.length() > 0) {
                if (!PLicenser.isPro()) {
                    log.severe("Pro version of Pulse required to use master API key.");
                } else if (str == null || !str.equalsIgnoreCase("api_key")) {
                    String str4 = httpRequest.getHeaders().get("Authorization");
                    if (str4 != null && str4.toLowerCase().startsWith("bearer") && master_api_key.equals(str4.substring(6).trim())) {
                        str = "admin";
                        str3 = "admin";
                    }
                } else if (master_api_key.equals(str2)) {
                    str = "admin";
                    str3 = "admin";
                }
            }
            if (str3 == null && Application.CONFIG.isAuth_proxy_enabled()) {
                if (PLicenser.isPro()) {
                    str3 = httpRequest.getHeaders().get(USER_HEADER);
                    if (str3 != null && str3.length() > 0) {
                        str = str3;
                    }
                } else {
                    log.severe("Pro version of Pulse required to use Auth Proxy.");
                }
            }
            Optional<User> findByName = this.userRepository.findByName(str);
            User user = findByName.isPresent() ? findByName.get() : null;
            if (str3 != null || storedUserAuthentication.authenticate(str, str2, user)) {
                if (user == null) {
                    user = this.userRepository.save(new User(str, null, "EXTERNALAUTHENTICATION", RoleType.VIEWER));
                }
                List<String> roles = storedRoleProvider.getRoles(str, user);
                HashMap hashMap = new HashMap(2);
                hashMap.put("email", user.getEmail() == null ? "" : user.getEmail());
                hashMap.put("id", user.getId());
                monoSink.success(AuthenticationResponse.success(str, roles, hashMap));
            }
            monoSink.error(AuthenticationResponse.exception());
        });
    }

    public static void main(String... strArr) throws IOException {
        System.out.println(Curler.fetchURL("http://localhost:5000/?$[.z.pw[`$\"ryan\";\"asda\"];`granted;`denied]"));
    }
}
