package ru.infotech24.apk23main.security.oauth.infrastructure;

import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import java.time.LocalDate;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Component;
import ru.infotech24.apk23main.domain.institution.InstitutionEmployee;
import ru.infotech24.apk23main.logic.institution.dao.InstitutionDao;
import ru.infotech24.apk23main.logic.institution.dao.InstitutionEmployeeDao;
import ru.infotech24.apk23main.security.domain.SecurityRole;
import ru.infotech24.apk23main.security.oauth.EsiaAuthException;
import ru.infotech24.apk23main.security.oauth.EsiaPrincipal;
import ru.infotech24.common.helpers.StringUtils;
import ru.infotech24.common.types.Tuple4;

@Component
/* loaded from: input_file:BOOT-INF/classes/ru/infotech24/apk23main/security/oauth/infrastructure/EsiaAuthenticationProvider.class */
public class EsiaAuthenticationProvider implements AuthenticationProvider {

    @Value("${esia.debug-user-id}")
    private Integer debugUserId;
    private InstitutionEmployeeDao institutionEmployeeDao;
    private InstitutionDao institutionDao;
    private static final List<Tuple4<String, String, String, LocalDate>> temporaryUsers = new ArrayList();

    @Autowired
    public EsiaAuthenticationProvider(InstitutionEmployeeDao institutionEmployeeDao, InstitutionDao institutionDao) {
        this.institutionEmployeeDao = institutionEmployeeDao;
        this.institutionDao = institutionDao;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        Optional<Integer> empty = Optional.empty();
        EsiaPrincipal esiaPrincipal = null;
        TokenAuthentication tokenAuthentication = (TokenAuthentication) authentication;
        if (authentication != null) {
            esiaPrincipal = (EsiaPrincipal) authentication.getPrincipal();
            if (esiaPrincipal.getSnils() == null && esiaPrincipal.getInn() == null) {
                throw new EsiaAuthException("Доступ к ИС возможен только при наличии информации о СНИЛС или ИНН пользователя");
            }
            empty = esiaPrincipal.getSnils() != null ? this.institutionEmployeeDao.findUserIdWithAccessRightsWithSnils(esiaPrincipal.getSnils().longValue(), esiaPrincipal.getInstitutionId()) : Optional.empty();
            if (!empty.isPresent() && esiaPrincipal.getInn() != null) {
                empty = this.institutionEmployeeDao.findUserIdWithAccessRightsWithInn(esiaPrincipal.getInn().longValue(), esiaPrincipal.getInstitutionId());
            }
            if (!empty.isPresent()) {
                empty = tryFindUserByFioAndBirthOnlyWithActualizingIdentityData(esiaPrincipal);
            }
        } else if (this.debugUserId != null) {
            empty = Optional.of(this.debugUserId);
        }
        InstitutionEmployee institutionEmployee = (InstitutionEmployee) empty.map(num -> {
            return this.institutionEmployeeDao.byUserId(num);
        }).orElse(null);
        if (institutionEmployee != null) {
            actualizeEmployeeIdentityData(esiaPrincipal, institutionEmployee);
        }
        if (this.debugUserId != null) {
            esiaPrincipal = new EsiaPrincipal(institutionEmployee.getLastName(), institutionEmployee.getFirstName(), institutionEmployee.getMiddleName(), institutionEmployee.getBirthDate(), institutionEmployee.getSnils(), institutionEmployee.getInn(), new ArrayList(), null, institutionEmployee.getInstitutionId(), institutionEmployee.getPhone(), institutionEmployee.getEmail(), null, null);
        }
        if (esiaPrincipal != null && esiaPrincipal.getInstitutionId() == null && institutionEmployee != null) {
            esiaPrincipal.setInstitutionId(institutionEmployee.getInstitutionId());
        }
        List<Integer> asoiRoles = institutionEmployee != null ? institutionEmployee.getAsoiRoles() : null;
        if (empty.isPresent()) {
            return new TokenAuthentication(new EsiaPrincipal(esiaPrincipal, empty.get().intValue()), tokenAuthentication != null ? tokenAuthentication.getCredentials() : null, new ArrayList(), asoiRoles != null ? Sets.newHashSet(asoiRoles) : new HashSet());
        }
        return new TokenAuthentication(new EsiaPrincipal(esiaPrincipal, Integer.MIN_VALUE), tokenAuthentication.getCredentials(), new ArrayList(), Sets.newHashSet(Lists.newArrayList(SecurityRole.APP_ROLE_NEW_USER)));
    }

    private void actualizeEmployeeIdentityData(EsiaPrincipal esiaPrincipal, InstitutionEmployee institutionEmployee) {
        Long snils = institutionEmployee.getSnils() != null ? institutionEmployee.getSnils() : esiaPrincipal.getSnils();
        Long inn = institutionEmployee.getInn() != null ? institutionEmployee.getInn() : esiaPrincipal.getInn();
        if ((Objects.equals(snils, institutionEmployee.getSnils()) && Objects.equals(inn, institutionEmployee.getInn())) ? false : true) {
            institutionEmployee.setSnils(snils);
            institutionEmployee.setInn(inn);
            this.institutionEmployeeDao.update(institutionEmployee, institutionEmployee.getKey());
        }
    }

    private Optional<Integer> tryFindUserByFioAndBirthOnlyWithActualizingIdentityData(EsiaPrincipal esiaPrincipal) {
        Optional<Integer> findUserIdWithAccessRightsWithFioBirthDateOnly = this.institutionEmployeeDao.findUserIdWithAccessRightsWithFioBirthDateOnly(esiaPrincipal.getLastName(), esiaPrincipal.getFirstName(), esiaPrincipal.getMiddleName(), esiaPrincipal.getBirthDate(), esiaPrincipal.getInstitutionId());
        if (!findUserIdWithAccessRightsWithFioBirthDateOnly.isPresent()) {
            String makeDigitsLiteral = StringUtils.makeDigitsLiteral(esiaPrincipal.getLastName());
            String makeDigitsLiteral2 = StringUtils.makeDigitsLiteral(esiaPrincipal.getFirstName());
            String makeDigitsLiteral3 = StringUtils.makeDigitsLiteral(esiaPrincipal.getMiddleName());
            if (!Objects.equals(makeDigitsLiteral, esiaPrincipal.getLastName()) || !Objects.equals(makeDigitsLiteral2, esiaPrincipal.getFirstName()) || !Objects.equals(makeDigitsLiteral3, esiaPrincipal.getMiddleName())) {
                findUserIdWithAccessRightsWithFioBirthDateOnly = this.institutionEmployeeDao.findUserIdWithAccessRightsWithFioBirthDateOnly(makeDigitsLiteral, makeDigitsLiteral2, makeDigitsLiteral3, esiaPrincipal.getBirthDate(), esiaPrincipal.getInstitutionId());
            }
        }
        if (findUserIdWithAccessRightsWithFioBirthDateOnly.isPresent()) {
            InstitutionEmployee byUserId = this.institutionEmployeeDao.byUserId(findUserIdWithAccessRightsWithFioBirthDateOnly.get());
            byUserId.setSnils(esiaPrincipal.getSnils());
            byUserId.setInn(esiaPrincipal.getInn());
            this.institutionEmployeeDao.update(byUserId, byUserId.getKey());
        }
        return findUserIdWithAccessRightsWithFioBirthDateOnly;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return TokenAuthentication.class.isAssignableFrom(cls);
    }
}
