package org.gluu.casa.plugins.strongauthn.rest;

import java.util.List;
import java.util.Optional;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Response;
import org.gluu.casa.core.pojo.Basic2FASettings;
import org.gluu.casa.misc.Utils;
import org.gluu.casa.plugins.strongauthn.conf.Configuration;
import org.gluu.casa.plugins.strongauthn.conf.EnforcementPolicy;
import org.gluu.casa.plugins.strongauthn.conf.TrustedDevicesSettings;
import org.gluu.casa.plugins.strongauthn.service.StrongAuthSettingsService;
import org.gluu.casa.rest.ProtectedApi;
import org.gluu.casa.service.settings.IPluginSettingsHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("/config")
@ProtectedApi(scopes = {"casa.config"})
/* loaded from: input_file:org/gluu/casa/plugins/strongauthn/rest/StrongAuthnSettingsWS.class */
public class StrongAuthnSettingsWS {
    private static StrongAuthSettingsService service = StrongAuthSettingsService.instance();
    private Logger logger = LoggerFactory.getLogger(getClass());
    private IPluginSettingsHandler<Configuration> settingsHandler = service.getSettingsHandler();

    @GET
    @Produces({"application/json"})
    public Response retrieve() {
        String message;
        Response.Status status;
        this.logger.trace("StrongAuthnSettingsWS retrieve operation called");
        try {
            message = Utils.jsonFromObject(this.settingsHandler.getSettings());
            status = Response.Status.OK;
        } catch (Exception e) {
            message = e.getMessage();
            this.logger.error(message, e);
            status = Response.Status.INTERNAL_SERVER_ERROR;
        }
        return Response.status(status).entity(message).build();
    }

    @Path("basic")
    @Consumes({"application/json"})
    @POST
    @Produces({"text/plain"})
    public Response setBasicConfig(Basic2FASettings basic2FASettings) {
        Response.Status status;
        String str = null;
        Configuration configuration = (Configuration) this.settingsHandler.getSettings();
        Basic2FASettings basic2FASettings2 = configuration.getBasic2FASettings();
        this.logger.trace("StrongAuthnSettingsWS setBasicConfig operation called");
        try {
            status = Response.Status.BAD_REQUEST;
            if (basic2FASettings == null) {
                str = "Empty payload";
                this.logger.warn(str);
            } else if (basic2FASettings.getMinCreds().intValue() < 1) {
                str = "Minimum number of credentials expected to be greater than zero";
                this.logger.warn(str);
            } else if (basic2FASettings.isAutoEnable() || basic2FASettings.isAllowSelfEnableDisable()) {
                configuration.setBasic2FASettings(basic2FASettings);
                this.settingsHandler.setSettings(configuration);
                this.settingsHandler.save();
                status = Response.Status.OK;
            } else {
                str = "Cannot prevent users to turn 2FA on/off when there is no 2FA auto-enablement";
                this.logger.warn(str);
            }
        } catch (Exception e) {
            configuration.setBasic2FASettings(basic2FASettings2);
            this.settingsHandler.setSettings(configuration);
            str = e.getMessage();
            this.logger.error(str, e);
            status = Response.Status.INTERNAL_SERVER_ERROR;
        }
        return Response.status(status).entity(str).build();
    }

    @Path("enforcement-policies")
    @Consumes({"application/json"})
    @POST
    @Produces({"text/plain"})
    public Response setEnforcementPolicies(List<EnforcementPolicy> list) {
        Response.Status status;
        String str = null;
        Configuration configuration = (Configuration) this.settingsHandler.getSettings();
        List<EnforcementPolicy> enforcement2FA = configuration.getEnforcement2FA();
        this.logger.trace("StrongAuthnSettingsWS setEnforcementPolicies operation called");
        try {
            status = Response.Status.BAD_REQUEST;
            if (list == null) {
                str = "Empty payload";
                this.logger.warn(str);
            } else if (list.size() == 1 || (list.size() == 2 && list.contains(EnforcementPolicy.LOCATION_UNKNOWN) && list.contains(EnforcementPolicy.DEVICE_UNKNOWN))) {
                configuration.setEnforcement2FA(list);
                this.settingsHandler.setSettings(configuration);
                this.settingsHandler.save();
                status = Response.Status.OK;
            } else {
                str = String.format("Unacceptable combination of policies %s", list);
                this.logger.warn(str);
            }
        } catch (Exception e) {
            configuration.setEnforcement2FA(enforcement2FA);
            this.settingsHandler.setSettings(configuration);
            str = e.getMessage();
            this.logger.error(str, e);
            status = Response.Status.INTERNAL_SERVER_ERROR;
        }
        return Response.status(status).entity(str).build();
    }

    @Path("trusted-devices")
    @Consumes({"application/json"})
    @POST
    @Produces({"text/plain"})
    public Response setTrustedDevices(TrustedDevicesSettings trustedDevicesSettings) {
        Response.Status status;
        String str = null;
        Configuration configuration = (Configuration) this.settingsHandler.getSettings();
        TrustedDevicesSettings trustedDevicesSettings2 = configuration.getTrustedDevicesSettings();
        this.logger.trace("StrongAuthnSettingsWS setTrustedDevices operation called");
        try {
            status = Response.Status.BAD_REQUEST;
            if (trustedDevicesSettings == null) {
                str = "Empty payload";
                this.logger.warn(str);
            } else {
                int intValue = ((Integer) Optional.ofNullable(trustedDevicesSettings.getLocationExpirationDays()).orElse(0)).intValue();
                int intValue2 = ((Integer) Optional.ofNullable(trustedDevicesSettings.getDeviceExpirationDays()).orElse(0)).intValue();
                if (intValue <= 0 || intValue2 <= 0) {
                    str = "One or more of the provided expiration values are invalid";
                    this.logger.warn(str);
                } else {
                    configuration.setTrustedDevicesSettings(trustedDevicesSettings);
                    this.settingsHandler.setSettings(configuration);
                    this.settingsHandler.save();
                    status = Response.Status.OK;
                }
            }
        } catch (Exception e) {
            configuration.setTrustedDevicesSettings(trustedDevicesSettings2);
            this.settingsHandler.setSettings(configuration);
            str = e.getMessage();
            this.logger.error(str, e);
            status = Response.Status.INTERNAL_SERVER_ERROR;
        }
        return Response.status(status).entity(str).build();
    }
}
