package de.unijena.bioinf.ms.frontend.subtools.login;

import com.auth0.jwt.interfaces.DecodedJWT;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.collect.Multimap;
import de.unijena.bioinf.auth.AuthService;
import de.unijena.bioinf.auth.AuthServices;
import de.unijena.bioinf.auth.LoginException;
import de.unijena.bioinf.ms.frontend.core.ApplicationCore;
import de.unijena.bioinf.ms.frontend.core.SiriusProperties;
import de.unijena.bioinf.ms.frontend.subtools.Provide;
import de.unijena.bioinf.ms.frontend.subtools.RootOptions;
import de.unijena.bioinf.ms.frontend.subtools.StandaloneTool;
import de.unijena.bioinf.ms.frontend.workflow.Workflow;
import de.unijena.bioinf.ms.properties.ParameterConfig;
import de.unijena.bioinf.ms.properties.PropertyManager;
import de.unijena.bioinf.ms.rest.model.info.Term;
import de.unijena.bioinf.ms.rest.model.license.Subscription;
import de.unijena.bioinf.ms.rest.model.license.SubscriptionConsumables;
import de.unijena.bioinf.rest.ConnectionError;
import de.unijena.bioinf.webapi.Tokens;
import de.unijena.bioinf.webapi.WebAPI;
import java.io.IOException;
import java.util.Comparator;
import java.util.List;
import java.util.Optional;
import java.util.Scanner;
import java.util.concurrent.ExecutionException;
import java.util.stream.Collectors;
import org.jetbrains.annotations.Nullable;
import org.slf4j.LoggerFactory;
import picocli.CommandLine;

@CommandLine.Command(name = "login", description = {"<STANDALONE> Allows a user to login for SIRIUS Webservices (e.g. CSI:FingerID or CANOPUS) and securely store a personal access token. %n %n"}, versionProvider = Provide.Versions.class, mixinStandardHelpOptions = true, showDefaultValues = true)
/* loaded from: input_file:de/unijena/bioinf/ms/frontend/subtools/login/LoginOptions.class */
public class LoginOptions implements StandaloneTool<LoginWorkflow> {

    @CommandLine.Option(names = {"--logout", "--clear"}, description = {"Logout. Deletes stored refresh and access token (re-login required to use webservices again)."})
    protected boolean clearLogin;

    @CommandLine.Option(names = {"--show"}, description = {"Show profile information about the profile you are logged in with."})
    protected boolean showProfile;

    @CommandLine.Option(names = {"--license-info", "--limits"}, description = {"Show license information and compound limits."})
    protected boolean showLicense;

    @CommandLine.Option(names = {"--select-license", "--select-subscription"}, description = {"Specify active subscription (sid) if multiple licenses are available at your account. Available subscriptions can be listed with '--show'"})
    protected String sid = null;

    @CommandLine.Option(names = {"--request-token-only"}, description = {"Requests and prints a new SECRET refresh token but does not store the token as login.", "This can be used to request a token to be used in third party applications that wish to call SIRIUS Web Services using your account.", "Do never store your username and password in third party apps.", "Do not store the output of this command in any log. We recommend redirecting the output into a file."})
    protected boolean tokenRequestOnly = false;

    @CommandLine.ArgGroup(exclusive = true)
    LoginOpts login;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:de/unijena/bioinf/ms/frontend/subtools/login/LoginOptions$BatchLoginOpts.class */
    public static class BatchLoginOpts {
        protected String username;
        protected String password;

        private BatchLoginOpts() {
        }

        @CommandLine.Option(names = {"--user-env"}, required = true, description = {"Environment variable with login username."})
        private void setUsername(String str) {
            this.username = System.getenv(str);
        }

        @CommandLine.Option(names = {"--password-env"}, required = true, description = {"Environment variable with login password."})
        private void setPassword(String str) {
            this.password = System.getenv(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:de/unijena/bioinf/ms/frontend/subtools/login/LoginOptions$InteractiveLoginOpts.class */
    public static class InteractiveLoginOpts {

        @CommandLine.Option(names = {"--user", "--email", "-u"}, required = true, description = {"Login username/email"})
        protected String username;

        @CommandLine.Option(names = {"--password", "--pwd", "-p"}, required = true, description = {"Console password input."}, interactive = true)
        protected String password;

        private InteractiveLoginOpts() {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:de/unijena/bioinf/ms/frontend/subtools/login/LoginOptions$LicenseInfo.class */
    public static class LicenseInfo {
        private String userEmail;
        private String userId;
        private Subscription subscription;
        private SubscriptionConsumables consumables;

        private LicenseInfo() {
        }

        public Optional<SubscriptionConsumables> consumables() {
            return Optional.ofNullable(this.consumables);
        }
    }

    /* loaded from: input_file:de/unijena/bioinf/ms/frontend/subtools/login/LoginOptions$LoginOpts.class */
    private static class LoginOpts {

        @CommandLine.ArgGroup(exclusive = false)
        private InteractiveLoginOpts interactiveLogin = null;

        @CommandLine.ArgGroup(exclusive = false)
        private TokenLoginOpts tokenLogin = null;

        @CommandLine.ArgGroup(exclusive = false)
        private BatchLoginOpts batchLogin = null;

        private LoginOpts() {
        }

        public boolean isTokenAuth() {
            return this.tokenLogin != null;
        }

        public String getRefreshToken() {
            if (isTokenAuth()) {
                return this.tokenLogin.token;
            }
            return null;
        }

        public String getUsername() {
            if (this.interactiveLogin != null) {
                return this.interactiveLogin.username;
            }
            if (this.batchLogin != null) {
                return this.batchLogin.username;
            }
            return null;
        }

        public String getPassword() {
            if (this.interactiveLogin != null) {
                return this.interactiveLogin.password;
            }
            if (this.batchLogin != null) {
                return this.batchLogin.password;
            }
            return null;
        }
    }

    /* loaded from: input_file:de/unijena/bioinf/ms/frontend/subtools/login/LoginOptions$LoginWorkflow.class */
    public class LoginWorkflow implements Workflow {
        public LoginWorkflow() {
        }

        @Override // java.lang.Runnable
        public void run() {
            PropertyManager.DEFAULTS.changeConfig("PrintCitations", "FALSE");
            if (LoginOptions.this.clearLogin) {
                try {
                    AuthServices.clearRefreshToken(ApplicationCore.WEB_API.getAuthService(), ApplicationCore.TOKEN_FILE);
                    System.out.println("Token successfully removed. You are now logged out!");
                    return;
                } catch (IOException e) {
                    LoggerFactory.getLogger(getClass()).error("Error when clearing refresh token.", e);
                    return;
                }
            }
            AuthService authService = ApplicationCore.WEB_API.getAuthService();
            try {
                try {
                    if (LoginOptions.this.login != null) {
                        try {
                            if (LoginOptions.this.login.isTokenAuth()) {
                                authService.login(LoginOptions.this.login.getRefreshToken());
                            } else {
                                authService.login(LoginOptions.this.login.getUsername(), LoginOptions.this.login.getPassword());
                            }
                            if (LoginOptions.this.tokenRequestOnly) {
                                String str = (String) authService.getToken().map(token -> {
                                    return token.getSource().getRefreshToken();
                                }).orElseThrow(() -> {
                                    return new IOException("Could not extract refresh token after successful login!");
                                });
                                System.out.println("###################### Refresh token ######################");
                                System.out.println(str);
                                System.out.println("###########################################################");
                            }
                            AuthServices.writeRefreshToken(authService, ApplicationCore.TOKEN_FILE);
                            AuthService.Token token2 = (AuthService.Token) authService.getToken().orElse(null);
                            if (LoginOptions.this.showProfile) {
                                showProfile(token2);
                            }
                            if (determineAndCheckActiveSubscription(token2).isEmpty()) {
                                System.out.println("Login successful!");
                            }
                        } catch (IOException | InterruptedException | ExecutionException e2) {
                            LoggerFactory.getLogger(getClass()).error("Could not login to Authentication Server!", e2);
                        }
                    } else if (LoginOptions.this.sid != null) {
                        if (authService.getToken().isEmpty()) {
                            showProfile(null);
                            System.out.println("Not logged in! Please log in to select a license!");
                        } else {
                            AuthService.Token refreshIfNeeded = authService.refreshIfNeeded();
                            try {
                                determineAndCheckActiveSubscription(refreshIfNeeded);
                                if (LoginOptions.this.showProfile) {
                                    showProfile(refreshIfNeeded);
                                }
                            } catch (IOException e3) {
                                throw new RuntimeException(e3);
                            }
                        }
                    } else if (LoginOptions.this.showProfile) {
                        if (authService.getToken().isEmpty()) {
                            showProfile(null);
                        } else {
                            showProfile(authService.refreshIfNeeded());
                        }
                    }
                    if (LoginOptions.this.showLicense) {
                        try {
                            showLicense();
                        } catch (IOException e4) {
                            throw new RuntimeException("Error when requesting license information.", e4);
                        }
                    }
                    try {
                        AuthServices.writeRefreshToken(authService, ApplicationCore.TOKEN_FILE);
                    } catch (IOException e5) {
                        throw new RuntimeException("Error when storing refresh token. You may have to re-login.", e5);
                    }
                } catch (Throwable th) {
                    try {
                        AuthServices.writeRefreshToken(authService, ApplicationCore.TOKEN_FILE);
                        throw th;
                    } catch (IOException e6) {
                        throw new RuntimeException("Error when storing refresh token. You may have to re-login.", e6);
                    }
                }
            } catch (LoginException e7) {
                throw new IllegalStateException("Not logged in! Please log in to perform this operation!");
            }
        }

        private void showProfile(@Nullable AuthService.Token token) {
            System.out.println();
            System.out.println("####################### Login Info #######################");
            if (token != null) {
                DecodedJWT decodedIdToken = token.getDecodedIdToken();
                System.out.println("Logged in as: " + decodedIdToken.getClaim("name").asString());
                System.out.println("User ID: " + decodedIdToken.getClaim("sub").asString());
                System.out.println("Token expires at: " + decodedIdToken.getExpiresAt().toString());
                System.out.println("Active subscription: " + ((String) Optional.ofNullable(Tokens.getActiveSubscription(token)).map((v0) -> {
                    return v0.getSid();
                }).orElse("NONE")));
                System.out.println();
                System.out.println("---- Available Subscriptions ----");
                List subscriptions = Tokens.getSubscriptions(token);
                if (subscriptions.isEmpty()) {
                    System.out.println("<NO SUBSCRIPTIONS/LICENSES AVAILABLE>");
                } else {
                    try {
                        System.out.println(new ObjectMapper().writerWithDefaultPrettyPrinter().writeValueAsString(subscriptions));
                    } catch (JsonProcessingException e) {
                        LoggerFactory.getLogger(getClass()).error("Error when printing available licenses!", e);
                    }
                }
            } else {
                System.out.println("Not logged in.");
            }
            System.out.println("##########################################################");
            System.out.println();
        }

        private void showLicense() throws IOException {
            WebAPI<?> webAPI = ApplicationCore.WEB_API;
            Subscription activeSubscription = Tokens.getActiveSubscription((AuthService.Token) webAPI.getAuthService().getToken().orElse(null));
            System.out.println();
            System.out.println("###################### License Info ######################");
            if (activeSubscription != null) {
                LicenseInfo licenseInfo = new LicenseInfo();
                licenseInfo.subscription = activeSubscription;
                System.out.println("Licensed to: " + activeSubscription.getSubscriberName() + " (" + activeSubscription.getDescription() + ")");
                System.out.println("Expires at: " + (activeSubscription.hasExpirationTime() ? activeSubscription.getExpirationDate().toString() : "NEVER"));
                if (activeSubscription.isCountQueries()) {
                    if (activeSubscription.hasCompoundLimit()) {
                        licenseInfo.consumables = webAPI.getConsumables(false);
                        System.out.println("Quota utilized (Yearly): '" + ((String) licenseInfo.consumables().map((v0) -> {
                            return v0.getCountedCompounds();
                        }).map((v0) -> {
                            return String.valueOf(v0);
                        }).orElse("?")) + " of " + activeSubscription.getCompoundLimit() + "' features computed");
                    } else {
                        licenseInfo.consumables = webAPI.getConsumables(true);
                        System.out.println("Quota utilized (Monthly): '" + ((String) licenseInfo.consumables().map((v0) -> {
                            return v0.getCountedCompounds();
                        }).map((v0) -> {
                            return String.valueOf(v0);
                        }).orElse("?")) + "' features computed");
                    }
                }
            } else {
                System.out.println("Not License information found.");
            }
            System.out.println("##########################################################");
            System.out.println();
        }

        private Multimap<ConnectionError.Klass, ConnectionError> determineAndCheckActiveSubscription(AuthService.Token token) throws IOException {
            Subscription subscription = null;
            List subscriptions = Tokens.getSubscriptions(token);
            if (LoginOptions.this.sid != null) {
                subscription = Tokens.getActiveSubscription(subscriptions, LoginOptions.this.sid, (String) null, false);
            }
            if (subscription == null) {
                if (LoginOptions.this.sid != null) {
                    LoggerFactory.getLogger(getClass()).debug("Could not find subscription with sid '{}'. Trying to find fallback", LoginOptions.this.sid);
                }
                subscription = Tokens.getActiveSubscription(subscriptions, Tokens.getDefaultSubscriptionID(token));
            }
            SiriusProperties.SIRIUS_PROPERTIES_FILE().setProperty("de.unijena.bioinf.sirius.security.subscription", subscription.getSid());
            ApplicationCore.WEB_API.changeActiveSubscription(subscription);
            Multimap<ConnectionError.Klass, ConnectionError> checkConnection = ApplicationCore.WEB_API.checkConnection();
            LoggerFactory.getLogger(getClass()).debug("Connection check after login returned errors: {}", checkConnection.values().stream().sorted(Comparator.comparing((v0) -> {
                return v0.getSiriusErrorCode();
            })).map((v0) -> {
                return v0.toString();
            }).collect(Collectors.joining(",\n")));
            if (checkConnection.containsKey(ConnectionError.Klass.TERMS)) {
                List activeSubscriptionTerms = Tokens.getActiveSubscriptionTerms(token);
                System.out.println();
                System.out.println("###################### Accept Terms ######################");
                System.out.println("I agree to the ");
                System.out.println(Term.toText(activeSubscriptionTerms));
                System.out.print("Y(es)|No:  ");
                String next = new Scanner(System.in).next();
                System.out.println("##########################################################");
                if (!next.equalsIgnoreCase("Y") && !next.equalsIgnoreCase("YES")) {
                    System.out.println("Terms NOT Accepted! Removing login information. Please re-login and accept terms to use web service based features.");
                    AuthServices.clearRefreshToken(ApplicationCore.TOKEN_FILE);
                    throw new IllegalArgumentException("Terms not Accepted!");
                }
                ApplicationCore.WEB_API.acceptTermsAndRefreshToken();
                System.out.println("Terms accepted! Checking web service permissions...");
                checkConnection = ApplicationCore.WEB_API.checkConnection();
                System.out.println();
            }
            if (checkConnection.isEmpty()) {
                Subscription activeSubscription = ApplicationCore.WEB_API.getActiveSubscription();
                System.out.println();
                if (LoginOptions.this.sid == null || !LoginOptions.this.sid.equals(activeSubscription.getSid())) {
                    System.out.println("Active Subscription is: '" + activeSubscription.getSid() + " - " + activeSubscription.getName() + "'.");
                } else {
                    String property = SiriusProperties.getProperty("de.unijena.bioinf.sirius.security.subscription");
                    SiriusProperties.setAndStoreInBackground("de.unijena.bioinf.sirius.security.subscription", LoginOptions.this.sid);
                    System.out.println("Active Subscription changed from '" + property + "' to '" + LoginOptions.this.sid + "'.");
                }
            }
            return checkConnection;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:de/unijena/bioinf/ms/frontend/subtools/login/LoginOptions$TokenLoginOpts.class */
    public static class TokenLoginOpts {

        @CommandLine.Option(names = {"--token"}, required = true, description = {"Refresh token to use as login."})
        protected String token;

        private TokenLoginOpts() {
        }
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // de.unijena.bioinf.ms.frontend.subtools.StandaloneTool
    public LoginWorkflow makeWorkflow(RootOptions<?> rootOptions, ParameterConfig parameterConfig) {
        return new LoginWorkflow();
    }

    @Override // de.unijena.bioinf.ms.frontend.subtools.StandaloneTool
    public /* bridge */ /* synthetic */ LoginWorkflow makeWorkflow(RootOptions rootOptions, ParameterConfig parameterConfig) {
        return makeWorkflow((RootOptions<?>) rootOptions, parameterConfig);
    }
}
