package org.cotrix.gcube.extension;

import javax.annotation.Priority;
import javax.enterprise.inject.Alternative;
import javax.inject.Inject;
import org.cotrix.action.Action;
import org.cotrix.action.UserAction;
import org.cotrix.common.Utils;
import org.cotrix.common.cdi.BeanSession;
import org.cotrix.common.cdi.Current;
import org.cotrix.domain.dsl.Users;
import org.cotrix.domain.user.User;
import org.cotrix.gcube.stubs.PortalUser;
import org.cotrix.gcube.stubs.SessionToken;
import org.cotrix.repository.UserQueries;
import org.cotrix.repository.UserRepository;
import org.cotrix.security.Realm;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Alternative
@Priority(1000)
/* loaded from: input_file:org/cotrix/gcube/extension/GCubeRealm.class */
public class GCubeRealm implements Realm {
    private Logger logger = LoggerFactory.getLogger(GCubeRealm.class);

    @Inject
    private PortalProxyProvider safePortalUrlProvider;

    @Inject
    private PortalProxyProvider portalProxyProvider;

    @Inject
    private UserRepository userRepository;

    @Inject
    private RoleMapper roleMapper;

    @Inject
    @Current
    private BeanSession session;

    public boolean supports(Object obj) {
        return obj instanceof SessionToken;
    }

    public String login(Object obj) {
        PortalProxy portalProxy = this.portalProxyProvider.getPortalProxy((SessionToken) Utils.reveal(obj, SessionToken.class));
        this.session.add(PortalProxy.class, portalProxy);
        PortalUser portalUser = portalProxy.getPortalUser();
        User user = (User) this.userRepository.get(UserQueries.userByName(portalUser.userName()));
        if (user == null) {
            intern(portalUser);
        } else {
            update(portalUser, user);
        }
        return portalUser.userName();
    }

    protected void intern(PortalUser portalUser) {
        this.logger.info("interning external gCube user: {}", portalUser);
        User build = Users.user().name(portalUser.userName()).email(portalUser.email()).fullName(portalUser.fullName()).is(this.roleMapper.map(portalUser.roles())).build();
        this.userRepository.add(build);
        this.userRepository.update(Users.modifyUser(build).can(new Action[]{UserAction.VIEW.on(build.id())}).build());
    }

    protected void update(PortalUser portalUser, User user) {
        this.logger.trace("updating internal user from external gCube user: {}", portalUser);
        this.userRepository.update(Users.modifyUser(user).email(portalUser.email()).fullName(portalUser.fullName()).isNoLonger(user.directRoles()).is(this.roleMapper.map(portalUser.roles())).build());
    }

    public void add(String str, String str2) {
        throw new UnsupportedOperationException("sign up active only through iMarine portal");
    }
}
