package org.cotrix.gcube.extension;

import java.util.Iterator;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import javax.annotation.Priority;
import javax.enterprise.inject.Alternative;
import javax.inject.Inject;
import javax.inject.Singleton;
import org.cotrix.action.UserAction;
import org.cotrix.common.BeanSession;
import org.cotrix.common.CommonUtils;
import org.cotrix.common.events.Current;
import org.cotrix.domain.dsl.Users;
import org.cotrix.domain.user.User;
import org.cotrix.gcube.stubs.PortalUser;
import org.cotrix.gcube.stubs.SessionToken;
import org.cotrix.io.CloudService;
import org.cotrix.repository.UserQueries;
import org.cotrix.repository.UserRepository;
import org.cotrix.security.Realm;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.virtual.workspace.WorkspacePlugin;
import org.virtualrepository.RepositoryService;

@Alternative
@Singleton
@Priority(1000)
/* loaded from: input_file:WEB-INF/lib/cotrix-gcube-extension-0.3.0-3.11.0-126731.jar:org/cotrix/gcube/extension/GCubeRealm.class */
public class GCubeRealm implements Realm {

    @Inject
    private PortalProxyProvider safePortalUrlProvider;

    @Inject
    private PortalProxyProvider portalProxyProvider;

    @Inject
    private UserRepository userRepository;

    @Inject
    private RoleMapper roleMapper;

    @Inject
    private CloudService cloud;

    @Inject
    @Current
    private BeanSession session;

    @Inject
    private RequestLifecycle lifecycle;
    private Logger logger = LoggerFactory.getLogger(GCubeRealm.class);
    private ExecutorService asyncPool = Executors.newCachedThreadPool();

    @Override // org.cotrix.security.Realm
    public boolean supports(Object obj) {
        return obj instanceof SessionToken;
    }

    @Override // org.cotrix.security.Realm
    public String login(Object obj) {
        SessionToken sessionToken = (SessionToken) CommonUtils.reveal(obj, SessionToken.class);
        PortalProxy portalProxy = this.portalProxyProvider.getPortalProxy(sessionToken);
        this.session.add(PortalProxy.class, portalProxy);
        PortalUser portalUser = portalProxy.getPortalUser();
        User user = (User) this.userRepository.get(UserQueries.userByName(portalUser.userName()));
        if (user == null) {
            user = intern(portalUser);
        } else {
            update(portalUser, user);
        }
        initSession(sessionToken, user);
        return portalUser.userName();
    }

    private void initSession(SessionToken sessionToken, final User user) {
        this.lifecycle.init(sessionToken, user);
        Iterator<RepositoryService> it = this.cloud.repositories().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            final RepositoryService next = it.next();
            if (next.name().equals(WorkspacePlugin.name)) {
                this.asyncPool.submit(new Runnable() { // from class: org.cotrix.gcube.extension.GCubeRealm.1
                    @Override // java.lang.Runnable
                    public void run() {
                        try {
                            GCubeRealm.this.cloud.discover(120000, next);
                        } catch (Exception e) {
                            GCubeRealm.this.logger.error("cannot refresh cloud for " + user.name());
                        }
                    }
                });
                break;
            }
        }
        this.session.add(SessionToken.class, sessionToken);
    }

    private User intern(PortalUser portalUser) {
        this.logger.info("interning external gCube user: {}", portalUser);
        User build = Users.user().name(portalUser.userName()).fullName(portalUser.fullName()).email(portalUser.email()).is(this.roleMapper.map(portalUser.roles())).build();
        this.userRepository.add(build);
        this.userRepository.update(Users.modifyUser(build).can(UserAction.VIEW.on(build.id())).build());
        return build;
    }

    private void update(PortalUser portalUser, User user) {
        this.logger.trace("updating internal user from external gCube user: {}", portalUser);
        this.userRepository.update(Users.modifyUser(user).fullName(portalUser.fullName()).email(portalUser.email()).isNoLonger(PortalRole.roles()).is(this.roleMapper.map(portalUser.roles())).build());
    }

    @Override // org.cotrix.security.Realm
    public void add(String str, String str2) {
        throw new UnsupportedOperationException("sign up active only through iMarine portal");
    }
}
