package io.imunity.attr.introspection;

import com.vaadin.annotations.Theme;
import com.vaadin.server.VaadinRequest;
import com.vaadin.server.VaadinSession;
import com.vaadin.server.WrappedSession;
import com.vaadin.ui.Alignment;
import com.vaadin.ui.VerticalLayout;
import io.imunity.attr.introspection.config.AttrIntrospectionAttributePoliciesConfiguration;
import io.imunity.attr.introspection.config.AttrIntrospectionEndpointProperties;
import io.imunity.attr.introspection.summary.PolicyProcessingSummaryComponent;
import java.util.List;
import java.util.Optional;
import java.util.Properties;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.MessageSource;
import pl.edu.icm.unity.engine.api.EntityManagement;
import pl.edu.icm.unity.engine.api.authn.AuthenticationFlow;
import pl.edu.icm.unity.engine.api.authn.AuthenticatorSupportService;
import pl.edu.icm.unity.engine.api.authn.InteractiveAuthenticationProcessor;
import pl.edu.icm.unity.engine.api.authn.remote.RemotelyAuthenticatedPrincipal;
import pl.edu.icm.unity.engine.api.authn.sandbox.SandboxAuthnContext;
import pl.edu.icm.unity.engine.api.utils.ExecutorsService;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.types.endpoint.ResolvedEndpoint;
import pl.edu.icm.unity.webui.EndpointRegistrationConfiguration;
import pl.edu.icm.unity.webui.UnityUIBase;
import pl.edu.icm.unity.webui.UnityWebUI;
import pl.edu.icm.unity.webui.VaadinEndpointProperties;
import pl.edu.icm.unity.webui.authn.remote.RemoteRedirectedAuthnResponseProcessingFilter;
import pl.edu.icm.unity.webui.common.file.ImageAccessService;
import pl.edu.icm.unity.webui.sandbox.SandboxAuthenticationScreen;

@Theme("unityThemeValo")
@Scope("prototype")
@Component("AttrIntrospectionUI")
/* loaded from: input_file:io/imunity/attr/introspection/AttrIntrospectionUI.class */
class AttrIntrospectionUI extends UnityUIBase implements UnityWebUI {
    public static final String SANDBOX_CONTEXT_SESSION_ATTRIBUTE = "__sandbox_context";
    private final AuthenticatorSupportService authenticatorSupport;
    private final InteractiveAuthenticationProcessor authnProcessor;
    private final ExecutorsService execService;
    private final EntityManagement idsMan;
    private final ImageAccessService imageAccessService;
    private final PolicyProcessingSummaryComponent.PolicyProcessingSummaryComponentFactory summaryViewFactory;
    private AttrIntrospectionAttributePoliciesConfiguration config;

    AttrIntrospectionUI(MessageSource messageSource, InteractiveAuthenticationProcessor interactiveAuthenticationProcessor, ExecutorsService executorsService, @Qualifier("insecure") EntityManagement entityManagement, AuthenticatorSupportService authenticatorSupportService, ImageAccessService imageAccessService, PolicyProcessingSummaryComponent.PolicyProcessingSummaryComponentFactory policyProcessingSummaryComponentFactory) {
        super(messageSource);
        this.authnProcessor = interactiveAuthenticationProcessor;
        this.execService = executorsService;
        this.idsMan = entityManagement;
        this.authenticatorSupport = authenticatorSupportService;
        this.imageAccessService = imageAccessService;
        this.summaryViewFactory = policyProcessingSummaryComponentFactory;
    }

    public void configure(ResolvedEndpoint resolvedEndpoint, List<AuthenticationFlow> list, EndpointRegistrationConfiguration endpointRegistrationConfiguration, Properties properties) {
        super.configure(resolvedEndpoint, list, endpointRegistrationConfiguration, properties);
        this.config = new AttrIntrospectionAttributePoliciesConfiguration();
        this.config.fromProperties(new AttrIntrospectionEndpointProperties(properties), this.msg);
    }

    protected void appInit(VaadinRequest vaadinRequest) {
        loadInitialState();
    }

    private void loadInitialState() {
        WrappedSession session = VaadinSession.getCurrent().getSession();
        if (((RemoteRedirectedAuthnResponseProcessingFilter.PostAuthenticationDecissionWithContext) session.getAttribute("__ff_post_authn_decision")) == null) {
            createAuthnUI();
            return;
        }
        showResult((SandboxAuthnContext) session.getAttribute(SANDBOX_CONTEXT_SESSION_ATTRIBUTE));
        session.removeAttribute("__ff_post_authn_decision");
        session.removeAttribute(SANDBOX_CONTEXT_SESSION_ATTRIBUTE);
    }

    private void createAuthnUI() {
        setContent(new SandboxAuthenticationScreen(this.msg, this.imageAccessService, prepareConfigurationBasingOnEndpoint(((UnityUIBase) this).config.getProperties()), this.endpointDescription, this.cancelHandler, this.idsMan, this.execService, this.authnProcessor, Optional.empty(), getAllRemoteVaadinAuthenticators(), "", this.sandboxRouter, true));
        setSizeFull();
        addSandboxListener();
    }

    private static VaadinEndpointProperties prepareConfigurationBasingOnEndpoint(Properties properties) {
        Properties properties2 = new Properties();
        properties2.putAll(properties);
        properties2.setProperty("unity.endpoint.web.authnScreenShowAllOptions", "false");
        return new VaadinEndpointProperties(properties2);
    }

    protected void addSandboxListener() {
        WrappedSession session = VaadinSession.getCurrent().getSession();
        this.sandboxRouter.addListener(sandboxAuthnEvent -> {
            session.setAttribute(SANDBOX_CONTEXT_SESSION_ATTRIBUTE, sandboxAuthnEvent.ctx);
        });
    }

    private void showResult(SandboxAuthnContext sandboxAuthnContext) {
        if (sandboxAuthnContext == null || sandboxAuthnContext.getRemotePrincipal().isEmpty()) {
            throw new IllegalStateException("Unknown remote user");
        }
        PolicyProcessingSummaryComponent policyProcessingSummaryComponentFactory = this.summaryViewFactory.getInstance(this.config, () -> {
            loadInitialState();
        });
        policyProcessingSummaryComponentFactory.setPolicyProcessingResultForUser((RemotelyAuthenticatedPrincipal) sandboxAuthnContext.getRemotePrincipal().get());
        VerticalLayout verticalLayout = new VerticalLayout();
        verticalLayout.addComponent(policyProcessingSummaryComponentFactory);
        verticalLayout.setComponentAlignment(policyProcessingSummaryComponentFactory, Alignment.TOP_CENTER);
        setContent(verticalLayout);
    }

    public String getUiRootPath() {
        return this.endpointDescription.getEndpoint().getContextAddress();
    }

    private List<AuthenticationFlow> getAllRemoteVaadinAuthenticators() {
        try {
            return this.authenticatorSupport.getRemoteAuthenticatorsAsFlows("web-vaadin7");
        } catch (EngineException e) {
            throw new IllegalStateException("Can not initialize authn sandbox UI", e);
        }
    }
}
