package software.netcore.unimus.ui.view.my_account.widget;

import com.vaadin.data.BeanValidationBinder;
import com.vaadin.server.FileDownloader;
import com.vaadin.server.StreamResource;
import com.vaadin.server.UserError;
import com.vaadin.shared.ui.MarginInfo;
import com.vaadin.ui.AbstractComponent;
import com.vaadin.ui.Image;
import com.vaadin.ui.PasswordField;
import com.warrenstrange.googleauth.GoogleAuthenticatorKey;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.lang.invoke.SerializedLambda;
import java.nio.charset.StandardCharsets;
import java.time.Instant;
import java.util.HashSet;
import java.util.Set;
import lombok.NonNull;
import net.unimus.I18Nconstants;
import net.unimus.common.lang.Identity;
import net.unimus.common.ui.components.CopyToClipboardButton;
import net.unimus.common.ui.components.html.bold.Bold;
import net.unimus.common.ui.components.html.h2.H2;
import net.unimus.common.ui.components.html.span.Span;
import org.apache.batik.svggen.CachedImageHandlerPNGEncoder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.vaadin.viritin.button.MButton;
import org.vaadin.viritin.fields.MTextField;
import org.vaadin.viritin.label.MLabel;
import org.vaadin.viritin.layouts.MHorizontalLayout;
import org.vaadin.viritin.layouts.MVerticalLayout;
import software.netcore.common.domain.error.operation.OperationResult;
import software.netcore.unimus.aaa.spi.UnimusAAAService;
import software.netcore.unimus.aaa.spi.account.data.SystemAccount;
import software.netcore.unimus.aaa.spi.account.service.AccountService;
import software.netcore.unimus.aaa.spi.account.service.mfa.AccountMFACreateCommand;
import software.netcore.unimus.common.aaa.spi.data.Role;
import software.netcore.unimus.ui.UnimusCss;
import software.netcore.unimus.ui.common.TotpCodeFieldBuilder;
import software.netcore.unimus.ui.common.TotpDto;
import software.netcore.unimus.ui.common.UnimusUtilsJS;
import software.netcore.unimus.ui.common.widget.AbstractWidget;
import software.netcore.unimus.ui.view.my_account.MFABean;

/* loaded from: input_file:WEB-INF/lib/unimus-ui-vaadin8-3.30.0-STAGE.jar:software/netcore/unimus/ui/view/my_account/widget/MFAWidget.class */
public class MFAWidget extends AbstractWidget {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) MFAWidget.class);

    @NonNull
    private final UnimusAAAService unimusAAAService;
    private final GoogleAuthenticatorKey secretKey;
    private final AccountService accountService;
    private SystemAccount account;
    private Set<String> scratchCodes;
    private boolean showVerifiedWidget;
    private MButton downloadButton;
    private final BeanValidationBinder<MFABean> binder;
    private final BeanValidationBinder<TotpDto> totpBinder;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/unimus-ui-vaadin8-3.30.0-STAGE.jar:software/netcore/unimus/ui/view/my_account/widget/MFAWidget$PasswordFieldBuilder.class */
    public final class PasswordFieldBuilder {
        private PasswordFieldBuilder() {
        }

        public PasswordField build() {
            PasswordField passwordField = new PasswordField();
            MFAWidget.this.binder.forField(passwordField).asRequired(I18Nconstants.ACCOUNT_PASSWORD_CANT_BE_EMPTY).bind((v0) -> {
                return v0.getPassword();
            }, (v0, v1) -> {
                v0.setPassword(v1);
            });
            return passwordField;
        }

        private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
            String implMethodName = serializedLambda.getImplMethodName();
            boolean z = -1;
            switch (implMethodName.hashCode()) {
                case -1088661219:
                    if (implMethodName.equals("setPassword")) {
                        z = false;
                        break;
                    }
                    break;
                case -1000081391:
                    if (implMethodName.equals("getPassword")) {
                        z = true;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/server/Setter") && serializedLambda.getFunctionalInterfaceMethodName().equals("accept") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;Ljava/lang/Object;)V") && serializedLambda.getImplClass().equals("software/netcore/unimus/ui/view/my_account/MFABean") && serializedLambda.getImplMethodSignature().equals("(Ljava/lang/String;)V")) {
                        return (v0, v1) -> {
                            v0.setPassword(v1);
                        };
                    }
                    break;
                case true:
                    if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/data/ValueProvider") && serializedLambda.getFunctionalInterfaceMethodName().equals("apply") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;)Ljava/lang/Object;") && serializedLambda.getImplClass().equals("software/netcore/unimus/ui/view/my_account/MFABean") && serializedLambda.getImplMethodSignature().equals("()Ljava/lang/String;")) {
                        return (v0) -> {
                            return v0.getPassword();
                        };
                    }
                    break;
            }
            throw new IllegalArgumentException("Invalid lambda deserialization");
        }
    }

    public MFAWidget(@NonNull Role role, SystemAccount systemAccount, AccountService accountService, UnimusAAAService unimusAAAService) {
        super(role);
        this.scratchCodes = new HashSet();
        this.binder = new BeanValidationBinder<>(MFABean.class);
        this.totpBinder = new BeanValidationBinder<>(TotpDto.class);
        if (role == null) {
            throw new NullPointerException("role is marked non-null but is null");
        }
        this.unimusAAAService = unimusAAAService;
        this.account = systemAccount;
        this.accountService = accountService;
        this.secretKey = unimusAAAService.generateSecret();
        build();
    }

    public void refresh() {
        removeAllComponents();
        if (!this.showVerifiedWidget) {
            build();
        } else {
            add(verifiedMFA());
            this.showVerifiedWidget = false;
        }
    }

    @Override // software.netcore.unimus.ui.common.widget.AbstractWidget
    public void build() {
        refreshAccount();
        if (this.account.isDualFactorEnabled()) {
            add(disableMFA());
        } else {
            add(newMFA());
        }
    }

    private void refreshAccount() {
        OperationResult<SystemAccount> findByIdentity = this.accountService.findByIdentity(Identity.of(this.account.getId()));
        if (findByIdentity.isSuccessful()) {
            this.account = findByIdentity.getData();
        }
    }

    private MVerticalLayout disableMFA() {
        MVerticalLayout mVerticalLayout = new MVerticalLayout();
        mVerticalLayout.withStyleName(UnimusCss.MFA_MAIN_LAYOUT);
        H2 h2 = new H2(I18Nconstants.MFA_ENABLED);
        MVerticalLayout mVerticalLayout2 = new MVerticalLayout();
        mVerticalLayout2.withStyleName(UnimusCss.MFA_REMOVE_PADDING);
        mVerticalLayout2.setSpacing(false);
        Span span = new Span(I18Nconstants.MULTIFACTOR_IS_ENABLED);
        Span span2 = new Span(I18Nconstants.ENTER_ACCOUNT_PASSWORD_TO_DISABLE_MFA);
        PasswordField build = new PasswordFieldBuilder().build();
        build.setRequiredIndicatorVisible(true);
        MHorizontalLayout mHorizontalLayout = new MHorizontalLayout(span2, build);
        mVerticalLayout2.add(span);
        mVerticalLayout2.add(mHorizontalLayout);
        mVerticalLayout.addComponent(h2);
        mVerticalLayout.addComponent(mVerticalLayout2);
        MButton mButton = new MButton(I18Nconstants.DISABLE_MFA);
        mButton.withListener(clickEvent -> {
            if (passwordValidator(build)) {
                this.accountService.disableMFA(Identity.of(this.account.getId()));
                log.info("MFA was disabled for user {}.", this.account.getUsername());
                UnimusUtilsJS.cleanLocalStorage();
                refresh();
            }
        });
        mVerticalLayout.addComponent(mButton);
        return mVerticalLayout;
    }

    private MVerticalLayout verifiedMFA() {
        MVerticalLayout mVerticalLayout = new MVerticalLayout();
        mVerticalLayout.withStyleName(UnimusCss.MFA_MAIN_LAYOUT);
        H2 h2 = new H2(I18Nconstants.APP_VERIFIED_SAVE_BACKUP_CODE);
        MVerticalLayout mVerticalLayout2 = new MVerticalLayout();
        mVerticalLayout2.withStyleName(UnimusCss.MFA_REMOVE_PADDING);
        mVerticalLayout2.setSpacing(false);
        MLabel mLabel = new MLabel(I18Nconstants.PART_1_IF_YOU_LOSE_DEVICE);
        MLabel mLabel2 = new MLabel(I18Nconstants.PART_2_IF_YOU_LOSE_DEVICE);
        MLabel mLabel3 = new MLabel(I18Nconstants.PART_3_IF_YOU_LOSE_DEVICE);
        mVerticalLayout2.addComponent(mLabel);
        mVerticalLayout2.addComponent(mLabel2);
        mVerticalLayout2.addComponent(mLabel3);
        mVerticalLayout.add(h2);
        mVerticalLayout.add(mVerticalLayout2);
        MLabel mLabel4 = new MLabel(I18Nconstants.BACKUP_CODES);
        MVerticalLayout mVerticalLayout3 = new MVerticalLayout();
        mVerticalLayout3.withStyleName(UnimusCss.MFA_REMOVE_PADDING);
        mVerticalLayout3.setSpacing(false);
        mVerticalLayout3.addComponent(mLabel4);
        this.scratchCodes.forEach(str -> {
            mVerticalLayout3.addComponent(new MLabel(str).withStyleName("bold"));
        });
        mVerticalLayout.addComponent(mVerticalLayout3);
        mVerticalLayout.addComponent(new MLabel(I18Nconstants.PRESS_FINISH_TO_COMPLETE_SETUP));
        this.downloadButton = new MButton(I18Nconstants.DOWNLOAD_CODES);
        setDownloadResource();
        MButton mButton = new MButton(I18Nconstants.FINISH);
        mButton.withListener(clickEvent -> {
            this.showVerifiedWidget = false;
            refresh();
        });
        mVerticalLayout.addComponent(new MHorizontalLayout(this.downloadButton, mButton));
        return mVerticalLayout;
    }

    private MVerticalLayout newMFA() {
        MVerticalLayout mVerticalLayout = new MVerticalLayout();
        mVerticalLayout.withStyleName(UnimusCss.MFA_MAIN_LAYOUT);
        mVerticalLayout.add(new H2(I18Nconstants.VERIFY_AUTHENTICATOR_APP));
        InputStream generateQrCode = this.unimusAAAService.generateQrCode(this.account.getUsername(), this.secretKey);
        mVerticalLayout.add(new Image(null, new StreamResource(() -> {
            return generateQrCode;
        }, "unimus_mfa_qrcode_" + this.account.getUsername() + Instant.now().toEpochMilli() + CachedImageHandlerPNGEncoder.CACHED_PNG_SUFFIX)));
        MVerticalLayout mVerticalLayout2 = new MVerticalLayout();
        mVerticalLayout2.withStyleName(UnimusCss.MFA_REMOVE_PADDING, UnimusCss.MFA_SECTION_TWO);
        mVerticalLayout2.setMargin(new MarginInfo(true, false, true, false));
        MHorizontalLayout mHorizontalLayout = new MHorizontalLayout();
        MLabel mLabel = new MLabel(I18Nconstants.STEP_ONE_ENTER_YOUR_ACCOUNT_PASSWORD);
        PasswordField build = new PasswordFieldBuilder().build();
        build.setRequiredIndicatorVisible(true);
        mHorizontalLayout.add(mLabel, build);
        mVerticalLayout2.add(mHorizontalLayout);
        MHorizontalLayout mHorizontalLayout2 = new MHorizontalLayout();
        mHorizontalLayout2.add(new MHorizontalLayout(new MLabel(I18Nconstants.STEP_TWO_OPEN_AUTHENTICATOR_APP_AND_SCAN_THE_QR_CODE), new Bold(this.secretKey.getKey())), copyTokenButton());
        mVerticalLayout2.add(mHorizontalLayout2);
        MHorizontalLayout mHorizontalLayout3 = new MHorizontalLayout();
        MLabel mLabel2 = new MLabel(I18Nconstants.STEP_THREE_ENTER_SIX_DIGIT_TOTP_KEY_GENERATED_BY_THE_APP);
        MTextField buildTotpCodeField = new TotpCodeFieldBuilder().buildTotpCodeField(null, this.totpBinder);
        mHorizontalLayout3.add(mLabel2, buildTotpCodeField);
        mVerticalLayout2.add(mHorizontalLayout3);
        mVerticalLayout.add(mVerticalLayout2);
        MButton mButton = new MButton(I18Nconstants.VERIFY_APP_BUTTON_CAPTION);
        mButton.withListener(clickEvent -> {
            if (this.binder.validate().isOk() && this.totpBinder.validate().isOk() && customValidators(build, buildTotpCodeField)) {
                this.scratchCodes = this.unimusAAAService.generateScratchCodes(this.secretKey);
                if (this.accountService.enableMFA(AccountMFACreateCommand.builder().principal(Identity.of(this.account.getId())).secretKey(this.secretKey.getKey()).scratchCodes(this.scratchCodes).build()).isSuccessful()) {
                    log.info("MFA was enabled for user {}.", this.account.getUsername());
                    this.showVerifiedWidget = true;
                    refresh();
                }
            }
        });
        mVerticalLayout.add(mButton);
        return mVerticalLayout;
    }

    private CopyToClipboardButton copyTokenButton() {
        CopyToClipboardButton copyToClipboardButton = new CopyToClipboardButton(I18Nconstants.COPY_SECRET_BUTTON_CAPTION, I18Nconstants.SECRET_KEY_COPIED_TO_CLIPBOARD);
        copyToClipboardButton.withListener(clickEvent -> {
            copyToClipboardButton.copyString(this.secretKey.getKey());
        });
        return copyToClipboardButton;
    }

    private StreamResource prepareDownloadFile() {
        byte[] bytes = String.join("\n", this.scratchCodes).getBytes(StandardCharsets.UTF_8);
        StreamResource streamResource = new StreamResource(() -> {
            return new ByteArrayInputStream(bytes);
        }, "Unimus_MFA_backup_codes.txt");
        streamResource.setFilename("Unimus_MFA_backup_codes.txt");
        streamResource.setCacheTime(0L);
        return streamResource;
    }

    private void setDownloadResource() {
        new FileDownloader(prepareDownloadFile()).extend((AbstractComponent) this.downloadButton);
    }

    private boolean customValidators(PasswordField passwordField, MTextField mTextField) {
        if (!passwordValidator(passwordField)) {
            return false;
        }
        if (this.unimusAAAService.validateMFATotpCodeSetup(this.secretKey.getKey(), mTextField.getValue())) {
            return true;
        }
        mTextField.setComponentError(new UserError(I18Nconstants.ENTERED_TOTP_KEY_IS_INVALID));
        return false;
    }

    private boolean passwordValidator(PasswordField passwordField) {
        if (this.unimusAAAService.validatePassword(this.account.getUsername(), passwordField.getValue())) {
            return true;
        }
        passwordField.setComponentError(new UserError(I18Nconstants.ENTERED_PASSWORD_DOESNT_MATCH_WITH_ACCOUNT_PASSWORD));
        return false;
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -1563863372:
                if (implMethodName.equals("lambda$prepareDownloadFile$946556a7$1")) {
                    z = 5;
                    break;
                }
                break;
            case -397991042:
                if (implMethodName.equals("lambda$verifiedMFA$b78200a$1")) {
                    z = 2;
                    break;
                }
                break;
            case -108508721:
                if (implMethodName.equals("lambda$newMFA$3a13a389$1")) {
                    z = true;
                    break;
                }
                break;
            case -54779161:
                if (implMethodName.equals("lambda$newMFA$43215750$1")) {
                    z = 4;
                    break;
                }
                break;
            case 1680793319:
                if (implMethodName.equals("lambda$copyTokenButton$70af85b6$1")) {
                    z = 3;
                    break;
                }
                break;
            case 1913814306:
                if (implMethodName.equals("lambda$disableMFA$b0cf66fc$1")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/ui/Button$ClickListener") && serializedLambda.getFunctionalInterfaceMethodName().equals("buttonClick") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lcom/vaadin/ui/Button$ClickEvent;)V") && serializedLambda.getImplClass().equals("software/netcore/unimus/ui/view/my_account/widget/MFAWidget") && serializedLambda.getImplMethodSignature().equals("(Lcom/vaadin/ui/PasswordField;Lcom/vaadin/ui/Button$ClickEvent;)V")) {
                    MFAWidget mFAWidget = (MFAWidget) serializedLambda.getCapturedArg(0);
                    PasswordField passwordField = (PasswordField) serializedLambda.getCapturedArg(1);
                    return clickEvent -> {
                        if (passwordValidator(passwordField)) {
                            this.accountService.disableMFA(Identity.of(this.account.getId()));
                            log.info("MFA was disabled for user {}.", this.account.getUsername());
                            UnimusUtilsJS.cleanLocalStorage();
                            refresh();
                        }
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/server/StreamResource$StreamSource") && serializedLambda.getFunctionalInterfaceMethodName().equals("getStream") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/io/InputStream;") && serializedLambda.getImplClass().equals("software/netcore/unimus/ui/view/my_account/widget/MFAWidget") && serializedLambda.getImplMethodSignature().equals("(Ljava/io/InputStream;)Ljava/io/InputStream;")) {
                    InputStream inputStream = (InputStream) serializedLambda.getCapturedArg(0);
                    return () -> {
                        return inputStream;
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/ui/Button$ClickListener") && serializedLambda.getFunctionalInterfaceMethodName().equals("buttonClick") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lcom/vaadin/ui/Button$ClickEvent;)V") && serializedLambda.getImplClass().equals("software/netcore/unimus/ui/view/my_account/widget/MFAWidget") && serializedLambda.getImplMethodSignature().equals("(Lcom/vaadin/ui/Button$ClickEvent;)V")) {
                    MFAWidget mFAWidget2 = (MFAWidget) serializedLambda.getCapturedArg(0);
                    return clickEvent2 -> {
                        this.showVerifiedWidget = false;
                        refresh();
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/ui/Button$ClickListener") && serializedLambda.getFunctionalInterfaceMethodName().equals("buttonClick") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lcom/vaadin/ui/Button$ClickEvent;)V") && serializedLambda.getImplClass().equals("software/netcore/unimus/ui/view/my_account/widget/MFAWidget") && serializedLambda.getImplMethodSignature().equals("(Lnet/unimus/common/ui/components/CopyToClipboardButton;Lcom/vaadin/ui/Button$ClickEvent;)V")) {
                    MFAWidget mFAWidget3 = (MFAWidget) serializedLambda.getCapturedArg(0);
                    CopyToClipboardButton copyToClipboardButton = (CopyToClipboardButton) serializedLambda.getCapturedArg(1);
                    return clickEvent3 -> {
                        copyToClipboardButton.copyString(this.secretKey.getKey());
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/ui/Button$ClickListener") && serializedLambda.getFunctionalInterfaceMethodName().equals("buttonClick") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lcom/vaadin/ui/Button$ClickEvent;)V") && serializedLambda.getImplClass().equals("software/netcore/unimus/ui/view/my_account/widget/MFAWidget") && serializedLambda.getImplMethodSignature().equals("(Lcom/vaadin/ui/PasswordField;Lorg/vaadin/viritin/fields/MTextField;Lcom/vaadin/ui/Button$ClickEvent;)V")) {
                    MFAWidget mFAWidget4 = (MFAWidget) serializedLambda.getCapturedArg(0);
                    PasswordField passwordField2 = (PasswordField) serializedLambda.getCapturedArg(1);
                    MTextField mTextField = (MTextField) serializedLambda.getCapturedArg(2);
                    return clickEvent4 -> {
                        if (this.binder.validate().isOk() && this.totpBinder.validate().isOk() && customValidators(passwordField2, mTextField)) {
                            this.scratchCodes = this.unimusAAAService.generateScratchCodes(this.secretKey);
                            if (this.accountService.enableMFA(AccountMFACreateCommand.builder().principal(Identity.of(this.account.getId())).secretKey(this.secretKey.getKey()).scratchCodes(this.scratchCodes).build()).isSuccessful()) {
                                log.info("MFA was enabled for user {}.", this.account.getUsername());
                                this.showVerifiedWidget = true;
                                refresh();
                            }
                        }
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("com/vaadin/server/StreamResource$StreamSource") && serializedLambda.getFunctionalInterfaceMethodName().equals("getStream") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/io/InputStream;") && serializedLambda.getImplClass().equals("software/netcore/unimus/ui/view/my_account/widget/MFAWidget") && serializedLambda.getImplMethodSignature().equals("([B)Ljava/io/InputStream;")) {
                    byte[] bArr = (byte[]) serializedLambda.getCapturedArg(0);
                    return () -> {
                        return new ByteArrayInputStream(bArr);
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
