package io.jans.configapi.plugin.link.rest;

import io.jans.configapi.core.rest.BaseResource;
import io.jans.configapi.core.rest.ProtectedApi;
import io.jans.configapi.plugin.link.service.JansLinkService;
import io.jans.configapi.plugin.link.util.Constants;
import io.jans.link.model.config.AppConfiguration;
import io.jans.model.ldap.GluuLdapConfiguration;
import io.jans.service.EncryptionService;
import io.jans.util.security.StringEncrypter;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.parameters.RequestBody;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import jakarta.inject.Inject;
import jakarta.validation.constraints.NotNull;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.core.Response;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;

@Produces({"application/json"})
@Path(Constants.JANSLINK_CONFIG)
@Consumes({"application/json"})
/* loaded from: input_file:io/jans/configapi/plugin/link/rest/JansLinkConfigResource.class */
public class JansLinkConfigResource extends BaseResource {
    private static final String JANSLINK_CONFIGURATION = "jansLinkConfiguration";

    @Inject
    Logger logger;

    @Inject
    JansLinkService jansLinkService;

    @Inject
    private EncryptionService encryptionService;

    @ProtectedApi(scopes = {Constants.JANSLINK_CONFIG_READ_ACCESS}, groupScopes = {Constants.JANSLINK_CONFIG_WRITE_ACCESS}, superScopes = {"https://jans.io/oauth/config/read-all"})
    @Operation(summary = "Gets Jans Link App configuration.", description = "Gets Jans Link App configuration.", operationId = "get-jans-link-properties", tags = {"Jans Link - Configuration"}, security = {@SecurityRequirement(name = "oauth2", scopes = {Constants.JANSLINK_CONFIG_READ_ACCESS})})
    @GET
    @ApiResponses({@ApiResponse(responseCode = "200", description = "Ok", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = AppConfiguration.class))}), @ApiResponse(responseCode = "401", description = "Unauthorized"), @ApiResponse(responseCode = "500", description = "InternalServerError")})
    public Response getJansLinkConfiguration() {
        AppConfiguration find = this.jansLinkService.find();
        this.logger.debug("Jans Link details appConfiguration():{}", find);
        return Response.ok(find).build();
    }

    @ProtectedApi(scopes = {Constants.JANSLINK_CONFIG_WRITE_ACCESS}, groupScopes = {}, superScopes = {"https://jans.io/oauth/config/write-all"})
    @Operation(summary = "Updates Jans Link configuration properties.", description = "Updates Jans Link configuration properties.", operationId = "put-jans-link-properties", tags = {"Jans Link - Configuration"}, security = {@SecurityRequirement(name = "oauth2", scopes = {Constants.JANSLINK_CONFIG_WRITE_ACCESS})})
    @PUT
    @RequestBody(description = "JansLinkConfiguration", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = AppConfiguration.class))})
    @ApiResponses({@ApiResponse(responseCode = "200", description = "JansLinkConfiguration", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = AppConfiguration.class))}), @ApiResponse(responseCode = "401", description = "Unauthorized"), @ApiResponse(responseCode = "500", description = "InternalServerError")})
    public Response updateJansLinkConfiguration(@NotNull AppConfiguration appConfiguration) throws StringEncrypter.EncryptionException {
        this.logger.debug("Jans Link details to be updated - appConfiguration:{} ", appConfiguration);
        checkResourceNotNull(appConfiguration, JANSLINK_CONFIGURATION);
        passwordEncryption(appConfiguration);
        this.jansLinkService.merge(appConfiguration);
        return Response.ok(this.jansLinkService.find()).build();
    }

    private AppConfiguration passwordEncryption(AppConfiguration appConfiguration) throws StringEncrypter.EncryptionException {
        this.logger.debug("Password  Encryption - appConfiguration:{} ", appConfiguration);
        if (appConfiguration == null) {
            return appConfiguration;
        }
        GluuLdapConfiguration inumConfig = appConfiguration.getInumConfig();
        passwordEncryption(inumConfig);
        appConfiguration.setInumConfig(inumConfig);
        GluuLdapConfiguration targetConfig = appConfiguration.getTargetConfig();
        passwordEncryption(targetConfig);
        appConfiguration.setTargetConfig(targetConfig);
        List<GluuLdapConfiguration> sourceConfigs = appConfiguration.getSourceConfigs();
        if (sourceConfigs != null && !sourceConfigs.isEmpty()) {
            Iterator<GluuLdapConfiguration> it = sourceConfigs.iterator();
            while (it.hasNext()) {
                passwordEncryption(it.next());
                appConfiguration.setSourceConfigs(sourceConfigs);
            }
        }
        return appConfiguration;
    }

    private GluuLdapConfiguration passwordEncryption(GluuLdapConfiguration gluuLdapConfiguration) throws StringEncrypter.EncryptionException {
        this.logger.debug("Password  Encryption - ldapConfiguration:{} ", gluuLdapConfiguration);
        if (gluuLdapConfiguration == null) {
            return gluuLdapConfiguration;
        }
        String bindPassword = gluuLdapConfiguration.getBindPassword();
        if (bindPassword != null && !bindPassword.isEmpty()) {
            try {
                this.encryptionService.decrypt(bindPassword);
            } catch (Exception e) {
                this.logger.error("Exception while decryption of ldapConfiguration password hence will encrypt it!!!");
                gluuLdapConfiguration.setBindPassword(this.encryptionService.encrypt(bindPassword));
            }
        }
        return gluuLdapConfiguration;
    }
}
