package org.zowe.apiml.zaas.zaas;

import io.swagger.v3.oas.annotations.Operation;
import javax.management.ServiceNotFoundException;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestAttribute;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.zowe.apiml.passticket.IRRPassTicketGenerationException;
import org.zowe.apiml.passticket.PassTicketService;
import org.zowe.apiml.security.common.token.NoMainframeIdentityException;
import org.zowe.apiml.ticket.TicketRequest;
import org.zowe.apiml.ticket.TicketResponse;
import org.zowe.apiml.zaas.ZaasTokenResponse;
import org.zowe.apiml.zaas.security.service.TokenCreationService;
import org.zowe.apiml.zaas.security.service.schema.source.AuthSource;
import org.zowe.apiml.zaas.security.service.schema.source.AuthSourceService;
import org.zowe.apiml.zaas.security.service.zosmf.ZosmfService;
import org.zowe.apiml.zaas.security.ticket.ApplicationNameNotFoundException;

@RequestMapping({SchemeController.CONTROLLER_PATH})
@RestController
/* loaded from: input_file:org/zowe/apiml/zaas/zaas/SchemeController.class */
public class SchemeController {
    public static final String CONTROLLER_PATH = "/zaas/scheme";
    private final AuthSourceService authSourceService;
    private final PassTicketService passTicketService;
    private final ZosmfService zosmfService;
    private final TokenCreationService tokenCreationService;

    @PostMapping(path = {"ticket"}, produces = {"application/json"})
    @Operation(summary = "Provides PassTicket for authenticated user.")
    public ResponseEntity<TicketResponse> getPassTicket(@RequestBody TicketRequest ticketRequest, @RequestAttribute("zaas.auth.source.parsed") AuthSource.Parsed parsed) throws IRRPassTicketGenerationException, ApplicationNameNotFoundException {
        String applicationName = ticketRequest.getApplicationName();
        if (StringUtils.isBlank(applicationName)) {
            throw new ApplicationNameNotFoundException("ApplicationName not provided.");
        }
        return ResponseEntity.status(HttpStatus.OK).body(new TicketResponse("", parsed.getUserId(), applicationName, this.passTicketService.generate(parsed.getUserId(), applicationName)));
    }

    @PostMapping(path = {"zosmf"}, produces = {"application/json"})
    @Operation(summary = "Provides z/OSMF JWT or LTPA token for authenticated user.")
    public ResponseEntity<ZaasTokenResponse> getZosmfToken(@RequestAttribute("zaas.auth.source") AuthSource authSource, @RequestAttribute("zaas.auth.source.parsed") AuthSource.Parsed parsed) throws ServiceNotFoundException {
        return ResponseEntity.status(HttpStatus.OK).body(this.zosmfService.exchangeAuthenticationForZosmfToken(authSource.getRawSource().toString(), parsed));
    }

    @PostMapping(path = {"zoweJwt"}, produces = {"application/json"})
    @Operation(summary = "Provides zoweJwt for authenticated user.")
    public ResponseEntity<ZaasTokenResponse> getZoweJwt(@RequestAttribute("zaas.auth.source") AuthSource authSource) {
        return ResponseEntity.status(HttpStatus.OK).body(ZaasTokenResponse.builder().cookieName("apimlAuthenticationToken").token(this.authSourceService.getJWT(authSource)).build());
    }

    @ExceptionHandler({NoMainframeIdentityException.class})
    public ResponseEntity<ZaasTokenResponse> handleNoMainframeIdException(@RequestAttribute("zaas.auth.source") AuthSource authSource, NoMainframeIdentityException noMainframeIdentityException) {
        return (noMainframeIdentityException.isValidToken() && authSource.getType() == AuthSource.AuthSourceType.OIDC) ? ResponseEntity.status(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON).body(ZaasTokenResponse.builder().headerName("OIDC-token").token(String.valueOf(authSource.getRawSource())).build()) : ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
    }

    @PostMapping(path = {"safIdt"}, produces = {"application/json"})
    @Operation(summary = "Provides SAF Identity Token for authenticated user.")
    public ResponseEntity<ZaasTokenResponse> getSafIdToken(@RequestBody TicketRequest ticketRequest, @RequestAttribute("zaas.auth.source.parsed") AuthSource.Parsed parsed) throws IRRPassTicketGenerationException, ApplicationNameNotFoundException {
        String applicationName = ticketRequest.getApplicationName();
        if (StringUtils.isBlank(applicationName)) {
            throw new ApplicationNameNotFoundException("ApplicationName not provided.");
        }
        return ResponseEntity.status(HttpStatus.OK).body(ZaasTokenResponse.builder().headerName("X-SAF-Token").token(this.tokenCreationService.createSafIdTokenWithoutCredentials(parsed.getUserId(), applicationName)).build());
    }

    @Generated
    public SchemeController(AuthSourceService authSourceService, PassTicketService passTicketService, ZosmfService zosmfService, TokenCreationService tokenCreationService) {
        this.authSourceService = authSourceService;
        this.passTicketService = passTicketService;
        this.zosmfService = zosmfService;
        this.tokenCreationService = tokenCreationService;
    }
}
