package com.hypersocket.auth;

import com.hypersocket.annotation.HypersocketExtension;
import com.hypersocket.permissions.Role;
import com.hypersocket.realm.Realm;
import com.hypersocket.realm.RealmRestriction;
import com.hypersocket.realm.RealmService;
import com.hypersocket.repository.CriteriaConfiguration;
import com.hypersocket.repository.DeletedCriteria;
import com.hypersocket.repository.DistinctRootEntity;
import com.hypersocket.repository.HiddenCriteria;
import com.hypersocket.repository.SystemRestriction;
import com.hypersocket.resource.AbstractResourceRepositoryImpl;
import com.hypersocket.resource.RealmCriteria;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.hibernate.Criteria;
import org.hibernate.FetchMode;
import org.hibernate.criterion.CriteriaSpecification;
import org.hibernate.criterion.Order;
import org.hibernate.criterion.Restrictions;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Repository;
import org.springframework.transaction.annotation.Transactional;

@Repository
/* loaded from: input_file:com/hypersocket/auth/AuthenticationSchemeRepositoryImpl.class */
public class AuthenticationSchemeRepositoryImpl extends AbstractResourceRepositoryImpl<AuthenticationScheme> implements AuthenticationSchemeRepository {
    static Logger log = LoggerFactory.getLogger(AuthenticationSchemeRepositoryImpl.class);

    @Autowired
    private AuthenticationModuleRepository moduleRepository;
    private Map<String, AuthenticationSchemeRegistration> schemes = new HashMap();
    CriteriaConfiguration ORDER_BY_PRIORITY = new CriteriaConfiguration() { // from class: com.hypersocket.auth.AuthenticationSchemeRepositoryImpl.1
        @Override // com.hypersocket.repository.CriteriaConfiguration
        public void configure(Criteria criteria) {
            criteria.setFetchMode("modules", FetchMode.JOIN);
            criteria.setResultTransformer(CriteriaSpecification.DISTINCT_ROOT_ENTITY);
            criteria.addOrder(Order.asc("priority"));
        }
    };

    /* loaded from: input_file:com/hypersocket/auth/AuthenticationSchemeRepositoryImpl$DefaultRegistration.class */
    class DefaultRegistration implements AuthenticationSchemeRegistration {
        String resourceKey;

        DefaultRegistration(String str) {
            this.resourceKey = str;
        }

        @Override // com.hypersocket.auth.AuthenticationSchemeRegistration
        public String getResourceKey() {
            return this.resourceKey;
        }

        @Override // com.hypersocket.auth.AuthenticationSchemeRegistration
        public boolean isEnabled() {
            return true;
        }

        @Override // com.hypersocket.auth.AuthenticationSchemeRegistration
        public boolean isAuthenticating() {
            return true;
        }
    }

    /* loaded from: input_file:com/hypersocket/auth/AuthenticationSchemeRepositoryImpl$EnabledSchemesCriteria.class */
    class EnabledSchemesCriteria implements CriteriaConfiguration {
        Realm realm;

        EnabledSchemesCriteria(Realm realm) {
            this.realm = realm;
        }

        @Override // com.hypersocket.repository.CriteriaConfiguration
        public void configure(Criteria criteria) {
            criteria.add(Restrictions.or(Restrictions.eq(RealmService.SYSTEM_PRINCIPAL, false), Restrictions.and(Restrictions.in("resourceKey", AuthenticationSchemeRepositoryImpl.this.getEnabledSchemes(this.realm)), Restrictions.eq(RealmService.SYSTEM_PRINCIPAL, true))));
        }
    }

    /* loaded from: input_file:com/hypersocket/auth/AuthenticationSchemeRepositoryImpl$SchemeRestriction.class */
    class SchemeRestriction implements CriteriaConfiguration {
        AuthenticationScheme scheme;

        SchemeRestriction(AuthenticationScheme authenticationScheme) {
            this.scheme = authenticationScheme;
        }

        @Override // com.hypersocket.repository.CriteriaConfiguration
        public void configure(Criteria criteria) {
            criteria.add(Restrictions.eq("scheme", this.scheme));
        }
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    public AuthenticationSchemeRegistration getRegistration(String str) {
        return this.schemes.get(str);
    }

    @Override // com.hypersocket.resource.AbstractResourceRepositoryImpl, com.hypersocket.resource.AbstractSimpleResourceRepository, com.hypersocket.resource.FindableResourceRepository, com.hypersocket.resource.AbstractResourceRepository
    @Transactional
    public void deleteRealm(Realm realm) {
        this.moduleRepository.deleteRealm(realm);
        int i = 0;
        for (AuthenticationScheme authenticationScheme : allEntities(AuthenticationScheme.class, new RealmRestriction(realm))) {
            authenticationScheme.getAllowedRoles().clear();
            authenticationScheme.getDeniedRoles().clear();
            save(authenticationScheme);
            delete(authenticationScheme);
            i++;
        }
        log.info(String.format("Deleted %d AuthenticationScheme", Integer.valueOf(i)));
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional(readOnly = true)
    public Set<Role> getAllowedRoles(AuthenticationScheme authenticationScheme) {
        return new LinkedHashSet(getSchemeById(authenticationScheme.getId()).getAllowedRoles());
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional(readOnly = true)
    public Set<Role> getDeniedRoles(AuthenticationScheme authenticationScheme) {
        return new LinkedHashSet(getSchemeById(authenticationScheme.getId()).getDeniedRoles());
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional
    public AuthenticationScheme createScheme(Realm realm, String str, List<String> list, String str2, boolean z, Integer num, AuthenticationModuleType authenticationModuleType, boolean z2) {
        return createScheme(realm, str, list, str2, z, num, authenticationModuleType, null, null, z2);
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional
    public AuthenticationScheme createScheme(Realm realm, String str, List<String> list, String str2, boolean z, Integer num, AuthenticationModuleType authenticationModuleType, String str3, String str4, boolean z2) {
        AuthenticationScheme authenticationScheme = new AuthenticationScheme();
        authenticationScheme.setName(str);
        authenticationScheme.setRealm(realm);
        authenticationScheme.setResourceKey(str2);
        authenticationScheme.setResourceCategory(AuthenticationService.AUTHENTICATION_SCHEME);
        authenticationScheme.setHidden(z);
        authenticationScheme.setType(authenticationModuleType);
        authenticationScheme.setMaximumModules(num);
        authenticationScheme.setAllowedModules(str3);
        authenticationScheme.setLastButtonResourceKey(str4);
        authenticationScheme.setSupportsHomeRedirect(z2);
        save(authenticationScheme);
        int i = 0;
        for (String str5 : list) {
            AuthenticationModule authenticationModule = new AuthenticationModule();
            authenticationModule.setScheme(authenticationScheme);
            authenticationModule.setTemplate(str5);
            int i2 = i;
            i++;
            authenticationModule.setIndex(Integer.valueOf(i2));
            save(authenticationModule);
        }
        return authenticationScheme;
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional(readOnly = true)
    public List<AuthenticationScheme> allSchemes(Realm realm) {
        return allEntities(AuthenticationScheme.class, this.ORDER_BY_PRIORITY, new HiddenCriteria(false), new RealmRestriction(realm));
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional(readOnly = true)
    public List<AuthenticationScheme> allEnabledSchemes(Realm realm) {
        return allEntities(AuthenticationScheme.class, this.ORDER_BY_PRIORITY, new HiddenCriteria(false), new RealmRestriction(realm), new EnabledSchemesCriteria(realm));
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional(readOnly = true)
    @HypersocketExtension
    public AuthenticationScheme getSchemeByResourceKey(Realm realm, String str) {
        return (AuthenticationScheme) get("resourceKey", str, AuthenticationScheme.class, new RealmRestriction(realm), new EnabledSchemesCriteria(realm));
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional(readOnly = true)
    public AuthenticationScheme getSchemeByResourceKey2(Realm realm, String str) {
        return (AuthenticationScheme) get("resourceKey", str, AuthenticationScheme.class, new RealmRestriction(realm));
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional(readOnly = true)
    public Long getSchemeByResourceKeyCount(final Realm realm, String str) {
        return getCount(AuthenticationScheme.class, "resourceKey", str, new CriteriaConfiguration() { // from class: com.hypersocket.auth.AuthenticationSchemeRepositoryImpl.2
            @Override // com.hypersocket.repository.CriteriaConfiguration
            public void configure(Criteria criteria) {
                criteria.add(Restrictions.eq("realm", realm));
            }
        });
    }

    private Collection<String> getEnabledSchemes(Realm realm) {
        ArrayList arrayList = new ArrayList();
        for (AuthenticationSchemeRegistration authenticationSchemeRegistration : this.schemes.values()) {
            if (authenticationSchemeRegistration.isEnabled()) {
                arrayList.add(authenticationSchemeRegistration.getResourceKey());
            }
        }
        return arrayList;
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional(readOnly = true)
    public AuthenticationScheme getSchemeById(Long l) {
        return (AuthenticationScheme) get("id", l, AuthenticationScheme.class, new CriteriaConfiguration[0]);
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional
    public void saveScheme(AuthenticationScheme authenticationScheme) {
        authenticationScheme.setResourceCategory(AuthenticationService.AUTHENTICATION_SCHEME);
        save(authenticationScheme);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.hypersocket.resource.AbstractSimpleResourceRepositoryImpl
    public Class<AuthenticationScheme> getResourceClass() {
        return AuthenticationScheme.class;
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional(readOnly = true)
    public List<AuthenticationScheme> getCustomAuthenticationSchemes(Realm realm) {
        return allEntities(AuthenticationScheme.class, new DeletedCriteria(false), new HiddenCriteria(false), new DistinctRootEntity(), new RealmRestriction(realm), new SystemRestriction(false));
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    public void registerAuthenticationScheme(String str) {
        this.schemes.put(str, new DefaultRegistration(str));
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    public void registerAuthenticationScheme(AuthenticationSchemeRegistration authenticationSchemeRegistration) {
        this.schemes.put(authenticationSchemeRegistration.getResourceKey(), authenticationSchemeRegistration);
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    public boolean isEnabled(String str) {
        for (AuthenticationSchemeRegistration authenticationSchemeRegistration : this.schemes.values()) {
            if (authenticationSchemeRegistration.getResourceKey().equals(str)) {
                return authenticationSchemeRegistration.isEnabled();
            }
        }
        return false;
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional(readOnly = true)
    public Collection<AuthenticationScheme> get2faSchemes(Realm realm) {
        return list("scheme2fa", Boolean.TRUE, AuthenticationScheme.class, new RealmCriteria(realm));
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional(readOnly = true)
    public List<AuthenticationScheme> getSystemSchemes(Realm realm) {
        return list(RealmService.SYSTEM_PRINCIPAL, Boolean.TRUE, AuthenticationScheme.class, new RealmCriteria(realm));
    }

    @Override // com.hypersocket.auth.AuthenticationSchemeRepository
    @Transactional(readOnly = true)
    public AuthenticationScheme get2faScheme(Realm realm, String str) {
        return (AuthenticationScheme) get("authenticator2fa", str, AuthenticationScheme.class, new RealmCriteria(realm));
    }
}
