package pl.psnc.dl.wf4ever.oauth;

import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
import pl.psnc.dl.wf4ever.auth.RequestAttribute;
import pl.psnc.dl.wf4ever.db.AccessToken;
import pl.psnc.dl.wf4ever.db.AccessTokenList;
import pl.psnc.dl.wf4ever.db.OAuthClient;
import pl.psnc.dl.wf4ever.db.UserProfile;
import pl.psnc.dl.wf4ever.db.dao.AccessTokenDAO;
import pl.psnc.dl.wf4ever.db.dao.OAuthClientDAO;
import pl.psnc.dl.wf4ever.db.dao.UserProfileDAO;
import pl.psnc.dl.wf4ever.dl.UserMetadata;
import pl.psnc.dl.wf4ever.exceptions.BadRequestException;
import pl.psnc.dl.wf4ever.exceptions.ForbiddenException;
import pl.psnc.dl.wf4ever.model.Builder;

@Path("accesstokens")
/* loaded from: input_file:WEB-INF/classes/pl/psnc/dl/wf4ever/oauth/AccessTokenListResource.class */
public class AccessTokenListResource {
    private static final Logger LOGGER = Logger.getLogger(AccessTokenListResource.class);

    @Context
    private UriInfo uriInfo;

    @RequestAttribute("Builder")
    private Builder builder;

    @GET
    @Produces({"text/xml"})
    public AccessTokenList getAccessTokenList(@QueryParam("client_id") String str, @QueryParam("user_id") String str2) {
        if (this.builder.getUser().getRole() != UserMetadata.Role.ADMIN) {
            throw new ForbiddenException("Only admin users can manage access tokens.");
        }
        if (str2 != null) {
            str2 = new String(Base64.decodeBase64(str2));
        }
        return new AccessTokenList(new AccessTokenDAO().findByClientOrUser(str != null ? new OAuthClientDAO().findById(str) : null, str2 != null ? new UserProfileDAO().findByLogin(str2) : null));
    }

    @POST
    @Produces({"text/plain"})
    @Consumes({"text/plain"})
    public Response createAccessToken(String str) throws BadRequestException {
        if (this.builder.getUser().getRole() != UserMetadata.Role.ADMIN) {
            throw new ForbiddenException("Only admin users can manage access tokens.");
        }
        String[] split = str.split("[\\r\\n]+");
        if (split.length < 2) {
            throw new BadRequestException("Content is shorter than 2 lines");
        }
        try {
            OAuthClient findById = new OAuthClientDAO().findById(split[0]);
            if (findById == null) {
                throw new BadRequestException("Client not found");
            }
            UserProfile findByLogin = new UserProfileDAO().findByLogin(split[1]);
            if (findByLogin == null) {
                throw new BadRequestException("User not found");
            }
            AccessTokenDAO accessTokenDAO = new AccessTokenDAO();
            AccessToken accessToken = new AccessToken(findById, findByLogin);
            accessTokenDAO.save(accessToken);
            return Response.created(this.uriInfo.getAbsolutePathBuilder().path("/").build(new Object[0]).resolve(accessToken.getToken())).build();
        } catch (IllegalArgumentException e) {
            return Response.status(Response.Status.NOT_FOUND).type("text/plain").entity(e.getMessage()).build();
        }
    }
}
