package org.thingsboard.server.service.security.auth.oauth2;

import com.fasterxml.jackson.databind.node.ObjectNode;
import java.util.List;
import java.util.Optional;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
import org.apache.kafka.common.network.NetworkReceive;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.thingsboard.common.util.JacksonUtil;
import org.thingsboard.server.common.data.Customer;
import org.thingsboard.server.common.data.StringUtils;
import org.thingsboard.server.common.data.Tenant;
import org.thingsboard.server.common.data.User;
import org.thingsboard.server.common.data.id.CustomerId;
import org.thingsboard.server.common.data.id.DashboardId;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.data.oauth2.OAuth2Client;
import org.thingsboard.server.common.data.oauth2.OAuth2MapperConfig;
import org.thingsboard.server.common.data.page.PageData;
import org.thingsboard.server.common.data.page.PageLink;
import org.thingsboard.server.common.data.security.Authority;
import org.thingsboard.server.dao.customer.CustomerService;
import org.thingsboard.server.dao.dashboard.DashboardService;
import org.thingsboard.server.dao.oauth2.OAuth2User;
import org.thingsboard.server.dao.tenant.TbTenantProfileCache;
import org.thingsboard.server.dao.tenant.TenantService;
import org.thingsboard.server.dao.user.UserService;
import org.thingsboard.server.service.entitiy.tenant.TbTenantService;
import org.thingsboard.server.service.entitiy.user.TbUserService;
import org.thingsboard.server.service.install.InstallScripts;
import org.thingsboard.server.service.security.model.SecurityUser;
import org.thingsboard.server.service.security.model.UserPrincipal;

/* loaded from: input_file:org/thingsboard/server/service/security/auth/oauth2/AbstractOAuth2ClientMapper.class */
public abstract class AbstractOAuth2ClientMapper {
    private static final Logger log = LoggerFactory.getLogger(AbstractOAuth2ClientMapper.class);
    private static final int DASHBOARDS_REQUEST_LIMIT = 10;

    @Autowired
    private UserService userService;

    @Autowired
    private BCryptPasswordEncoder passwordEncoder;

    @Autowired
    private TenantService tenantService;

    @Autowired
    private TbTenantService tbTenantService;

    @Autowired
    private CustomerService customerService;

    @Autowired
    private DashboardService dashboardService;

    @Autowired
    private InstallScripts installScripts;

    @Autowired
    private TbUserService tbUserService;

    @Autowired
    protected TbTenantProfileCache tenantProfileCache;

    @Autowired
    private ApplicationEventPublisher eventPublisher;

    @Value("${edges.enabled}")
    private boolean edgesEnabled;
    private final Lock userCreationLock = new ReentrantLock();

    /* JADX INFO: Access modifiers changed from: protected */
    public SecurityUser getOrCreateSecurityUserFromOAuth2User(OAuth2User oAuth2User, OAuth2Client oAuth2Client) {
        OAuth2MapperConfig mapperConfig = oAuth2Client.getMapperConfig();
        UserPrincipal userPrincipal = new UserPrincipal(UserPrincipal.Type.USER_NAME, oAuth2User.getEmail());
        User findUserByEmail = this.userService.findUserByEmail(TenantId.SYS_TENANT_ID, oAuth2User.getEmail());
        if (findUserByEmail == null && !mapperConfig.isAllowUserCreation()) {
            throw new UsernameNotFoundException("User not found: " + oAuth2User.getEmail());
        }
        if (findUserByEmail == null) {
            this.userCreationLock.lock();
            try {
                try {
                    findUserByEmail = this.userService.findUserByEmail(TenantId.SYS_TENANT_ID, oAuth2User.getEmail());
                    if (findUserByEmail == null) {
                        User user = new User();
                        if (oAuth2User.getCustomerId() == null && StringUtils.isEmpty(oAuth2User.getCustomerName())) {
                            user.setAuthority(Authority.TENANT_ADMIN);
                        } else {
                            user.setAuthority(Authority.CUSTOMER_USER);
                        }
                        TenantId tenantId = oAuth2User.getTenantId() != null ? oAuth2User.getTenantId() : getTenantId(oAuth2User.getTenantName());
                        user.setTenantId(tenantId);
                        CustomerId customerId = oAuth2User.getCustomerId() != null ? oAuth2User.getCustomerId() : getCustomerId(user.getTenantId(), oAuth2User.getCustomerName());
                        user.setCustomerId(customerId);
                        user.setEmail(oAuth2User.getEmail());
                        user.setFirstName(oAuth2User.getFirstName());
                        user.setLastName(oAuth2User.getLastName());
                        ObjectNode newObjectNode = JacksonUtil.newObjectNode();
                        if (!StringUtils.isEmpty(oAuth2User.getDefaultDashboardName())) {
                            Optional<DashboardId> dashboardId = user.getAuthority() == Authority.TENANT_ADMIN ? getDashboardId(tenantId, oAuth2User.getDefaultDashboardName()) : getDashboardId(tenantId, customerId, oAuth2User.getDefaultDashboardName());
                            if (dashboardId.isPresent()) {
                                newObjectNode.put("defaultDashboardFullscreen", oAuth2User.isAlwaysFullScreen());
                                newObjectNode.put("defaultDashboardId", dashboardId.get().getId().toString());
                            }
                        }
                        if (oAuth2Client.getAdditionalInfo() != null && oAuth2Client.getAdditionalInfo().has("providerName")) {
                            newObjectNode.put("authProviderName", oAuth2Client.getAdditionalInfo().get("providerName").asText());
                        }
                        user.setAdditionalInfo(newObjectNode);
                        findUserByEmail = this.tbUserService.save(tenantId, customerId, user, false, null, null);
                        if (mapperConfig.isActivateUser()) {
                            this.userService.activateUserCredentials(findUserByEmail.getTenantId(), this.userService.findUserCredentialsByUserId(findUserByEmail.getTenantId(), findUserByEmail.getId()).getActivateToken(), this.passwordEncoder.encode(NetworkReceive.UNKNOWN_SOURCE));
                        }
                    }
                } catch (Exception e) {
                    log.error("Can't get or create security user from oauth2 user", e);
                    throw new RuntimeException("Can't get or create security user from oauth2 user", e);
                }
            } finally {
                this.userCreationLock.unlock();
            }
        }
        try {
            SecurityUser securityUser = new SecurityUser(findUserByEmail, true, userPrincipal);
            return (SecurityUser) new UsernamePasswordAuthenticationToken(securityUser, (Object) null, securityUser.getAuthorities()).getPrincipal();
        } catch (Exception e2) {
            log.error("Can't get or create security user from oauth2 user", e2);
            throw new RuntimeException("Can't get or create security user from oauth2 user", e2);
        }
    }

    private TenantId getTenantId(String str) throws Exception {
        Tenant save;
        List data = this.tenantService.findTenants(new PageLink(1, 0, str)).getData();
        if (data == null || data.isEmpty()) {
            Tenant tenant = new Tenant();
            tenant.setTitle(str);
            save = this.tbTenantService.save(tenant);
        } else {
            save = (Tenant) data.get(0);
        }
        return save.getTenantId();
    }

    private CustomerId getCustomerId(TenantId tenantId, String str) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        Optional findCustomerByTenantIdAndTitle = this.customerService.findCustomerByTenantIdAndTitle(tenantId, str);
        if (findCustomerByTenantIdAndTitle.isPresent()) {
            return ((Customer) findCustomerByTenantIdAndTitle.get()).getId();
        }
        Customer customer = new Customer();
        customer.setTenantId(tenantId);
        customer.setTitle(str);
        return this.customerService.saveCustomer(customer).getId();
    }

    private Optional<DashboardId> getDashboardId(TenantId tenantId, String str) {
        return Optional.ofNullable(this.dashboardService.findFirstDashboardInfoByTenantIdAndName(tenantId, str)).map((v0) -> {
            return v0.getId();
        });
    }

    private Optional<DashboardId> getDashboardId(TenantId tenantId, CustomerId customerId, String str) {
        PageData findDashboardsByTenantIdAndCustomerId;
        PageLink pageLink = null;
        do {
            pageLink = pageLink == null ? new PageLink(DASHBOARDS_REQUEST_LIMIT) : pageLink.nextPageLink();
            findDashboardsByTenantIdAndCustomerId = this.dashboardService.findDashboardsByTenantIdAndCustomerId(tenantId, customerId, pageLink);
            Optional findAny = findDashboardsByTenantIdAndCustomerId.getData().stream().filter(dashboardInfo -> {
                return str.equals(dashboardInfo.getName());
            }).findAny();
            if (findAny.isPresent()) {
                return findAny.map((v0) -> {
                    return v0.getId();
                });
            }
        } while (findDashboardsByTenantIdAndCustomerId.hasNext());
        return Optional.empty();
    }

    public boolean isEdgesEnabled() {
        return this.edgesEnabled;
    }
}
