package dev.fitko.fitconnect.client.subscriber;

import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.nimbusds.jose.jwk.KeyOperation;
import com.nimbusds.jose.jwk.KeyUse;
import com.nimbusds.jose.jwk.RSAKey;
import dev.fitko.fitconnect.api.FitConnectService;
import dev.fitko.fitconnect.api.config.ApplicationConfig;
import dev.fitko.fitconnect.api.domain.model.attachment.Attachment;
import dev.fitko.fitconnect.api.domain.model.event.EventPayload;
import dev.fitko.fitconnect.api.domain.model.event.authtags.AuthenticationTags;
import dev.fitko.fitconnect.api.domain.model.event.problems.Problem;
import dev.fitko.fitconnect.api.domain.model.event.problems.data.DataEncryptionIssue;
import dev.fitko.fitconnect.api.domain.model.event.problems.metadata.MetadataEncryptionIssue;
import dev.fitko.fitconnect.api.domain.model.event.problems.metadata.MetadataJsonSyntaxViolation;
import dev.fitko.fitconnect.api.domain.model.event.problems.submission.InvalidEventLog;
import dev.fitko.fitconnect.api.domain.model.event.problems.submission.MissingAuthenticationTags;
import dev.fitko.fitconnect.api.domain.model.event.problems.submission.NotExactlyOneSubmitEvent;
import dev.fitko.fitconnect.api.domain.model.metadata.Metadata;
import dev.fitko.fitconnect.api.domain.model.metadata.attachment.AttachmentForValidation;
import dev.fitko.fitconnect.api.domain.model.submission.Submission;
import dev.fitko.fitconnect.api.domain.subscriber.ReceivedSubmission;
import dev.fitko.fitconnect.api.domain.subscriber.ReceivedSubmissionData;
import dev.fitko.fitconnect.api.domain.validation.ValidationResult;
import dev.fitko.fitconnect.api.exceptions.internal.AuthenticationTagsEmptyException;
import dev.fitko.fitconnect.api.exceptions.internal.DecryptionException;
import dev.fitko.fitconnect.api.exceptions.internal.EventLogException;
import dev.fitko.fitconnect.api.exceptions.internal.RestApiException;
import dev.fitko.fitconnect.api.exceptions.internal.SubmissionRequestException;
import dev.fitko.fitconnect.api.exceptions.internal.SubmitEventNotFoundException;
import dev.fitko.fitconnect.client.attachments.download.AttachmentDownloader;
import dev.fitko.fitconnect.client.util.AttachmentMapper;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:dev/fitko/fitconnect/client/subscriber/SubmissionReceiver.class */
public class SubmissionReceiver {
    private static final Logger LOGGER = LoggerFactory.getLogger(SubmissionReceiver.class);
    private static final ObjectMapper MAPPER = new ObjectMapper().configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
    private final FitConnectService fitConnectService;
    private final ApplicationConfig config;
    private final RSAKey privateKey;
    private final AttachmentDownloader<Submission> attachmentDownloader;

    public SubmissionReceiver(FitConnectService fitConnectService, RSAKey rSAKey, ApplicationConfig applicationConfig, AttachmentDownloader<Submission> attachmentDownloader) {
        this.config = applicationConfig;
        this.privateKey = rSAKey;
        this.fitConnectService = fitConnectService;
        this.attachmentDownloader = attachmentDownloader;
    }

    public ReceivedSubmission receiveSubmission(UUID uuid) {
        LOGGER.info("Requesting submission ...");
        Submission loadSubmission = loadSubmission(uuid);
        LOGGER.info("Loading authentication tags from event log ...");
        AuthenticationTags loadAuthTagsForSubmitEvent = loadAuthTagsForSubmitEvent(loadSubmission);
        LOGGER.info("Decrypting metadata ...");
        Metadata decryptMetadata = decryptMetadata(loadSubmission);
        validateMetadata(decryptMetadata, loadSubmission, loadAuthTagsForSubmitEvent);
        LOGGER.info("Decrypting data ...");
        byte[] decryptData = decryptData(loadSubmission);
        validateData(loadSubmission, decryptMetadata, decryptData, loadAuthTagsForSubmitEvent.getData());
        LOGGER.info("Loading and decrypting attachments ...");
        List<AttachmentForValidation> loadAttachments = loadAttachments(loadSubmission, decryptMetadata);
        validateAttachments(loadAttachments, loadSubmission, loadAuthTagsForSubmitEvent);
        LOGGER.info("SUCCESSFULLY RECEIVED SUBMISSION ! \n");
        return buildReceivedSubmission(loadSubmission, decryptMetadata, decryptData, loadAttachments);
    }

    private List<AttachmentForValidation> loadAttachments(Submission submission, Metadata metadata) {
        checkPrivateKey();
        return this.attachmentDownloader.loadAttachments(submission, this.privateKey, metadata.getContentStructure().getAttachments());
    }

    private Submission loadSubmission(UUID uuid) {
        try {
            return this.fitConnectService.getSubmission(uuid);
        } catch (RestApiException e) {
            throw new SubmissionRequestException(e.getMessage(), e);
        }
    }

    private AuthenticationTags loadAuthTagsForSubmitEvent(Submission submission) {
        try {
            return this.fitConnectService.getSubmissionAuthenticationTags(submission);
        } catch (AuthenticationTagsEmptyException e) {
            MissingAuthenticationTags missingAuthenticationTags = new MissingAuthenticationTags();
            rejectSubmissionWithProblem(submission, missingAuthenticationTags);
            throw new SubmissionRequestException(missingAuthenticationTags.getDetail());
        } catch (EventLogException e2) {
            InvalidEventLog invalidEventLog = new InvalidEventLog();
            rejectSubmissionWithProblem(submission, invalidEventLog);
            throw new SubmissionRequestException(invalidEventLog.getDetail(), e2);
        } catch (SubmitEventNotFoundException e3) {
            NotExactlyOneSubmitEvent notExactlyOneSubmitEvent = new NotExactlyOneSubmitEvent();
            rejectSubmissionWithProblem(submission, notExactlyOneSubmitEvent);
            throw new SubmissionRequestException(notExactlyOneSubmitEvent.getDetail());
        }
    }

    private void validateMetadata(Metadata metadata, Submission submission, AuthenticationTags authenticationTags) {
        evaluateValidationResult(submission, this.fitConnectService.validateSubmissionMetadata(metadata, submission, authenticationTags));
    }

    private void validateAttachments(List<AttachmentForValidation> list, Submission submission, AuthenticationTags authenticationTags) {
        evaluateValidationResult(submission, this.fitConnectService.validateAttachments(list, authenticationTags));
    }

    private void validateData(Submission submission, Metadata metadata, byte[] bArr, String str) {
        evaluateValidationResult(submission, this.fitConnectService.validateData(bArr, submission.getEncryptedData(), metadata, str));
    }

    private void evaluateValidationResult(Submission submission, ValidationResult validationResult) throws SubmissionRequestException {
        if (validationResult.hasProblems()) {
            rejectSubmissionWithProblem(submission, (Problem[]) validationResult.getProblems().toArray(new Problem[0]));
            throw new SubmissionRequestException((String) validationResult.getProblems().stream().map((v0) -> {
                return v0.getDetail();
            }).collect(Collectors.joining()), validationResult.getError());
        }
        if (validationResult.hasError()) {
            LOGGER.error(validationResult.getError().getMessage(), validationResult.getError());
            throw new SubmissionRequestException(validationResult.getError().getMessage(), validationResult.getError());
        }
    }

    private ReceivedSubmission buildReceivedSubmission(Submission submission, Metadata metadata, byte[] bArr, List<AttachmentForValidation> list) {
        List<Attachment> list2 = (List) list.stream().map(AttachmentMapper::toApiAttachment).collect(Collectors.toList());
        Map<UUID, String> mapAttachmentIdsToAuthTags = AttachmentMapper.mapAttachmentIdsToAuthTags(list);
        return new ReceivedSubmission(this.fitConnectService, ReceivedSubmissionData.builder().attachmentAuthTags(mapAttachmentIdsToAuthTags).attachments(list2).submissionStatus(this.fitConnectService.getSubmitState(submission)).submission(submission).metadata(metadata).data(new String(bArr, StandardCharsets.UTF_8)).build());
    }

    private byte[] decryptData(Submission submission) {
        checkPrivateKey();
        try {
            return this.fitConnectService.decryptString(this.privateKey, submission.getEncryptedData());
        } catch (DecryptionException e) {
            rejectSubmissionWithProblem(submission, new DataEncryptionIssue());
            throw new SubmissionRequestException(e.getMessage(), e);
        }
    }

    private Metadata decryptMetadata(Submission submission) {
        checkPrivateKey();
        try {
            return (Metadata) MAPPER.readValue(this.fitConnectService.decryptString(this.privateKey, submission.getEncryptedMetadata()), Metadata.class);
        } catch (DecryptionException e) {
            rejectSubmissionWithProblem(submission, new MetadataEncryptionIssue());
            throw new SubmissionRequestException(e.getMessage(), e);
        } catch (IOException e2) {
            rejectSubmissionWithProblem(submission, new MetadataJsonSyntaxViolation());
            throw new SubmissionRequestException(e2.getMessage(), e2);
        }
    }

    private void checkPrivateKey() {
        if (!isUnwrapKey(this.privateKey) && !isEncryptionKeyUse(this.privateKey)) {
            throw new SubmissionRequestException("Private key is not suitable for decryption, could not find key_operation unwrapKey or key_use encryption");
        }
    }

    private static boolean isEncryptionKeyUse(RSAKey rSAKey) {
        return rSAKey.getKeyUse() != null && rSAKey.getKeyUse().equals(KeyUse.ENCRYPTION);
    }

    private static boolean isUnwrapKey(RSAKey rSAKey) {
        return rSAKey.getKeyOperations() != null && rSAKey.getKeyOperations().stream().anyMatch(keyOperation -> {
            return keyOperation.identifier().equals(KeyOperation.UNWRAP_KEY.identifier());
        });
    }

    private void rejectSubmissionWithProblem(Submission submission, Problem... problemArr) {
        reject(submission, List.of((Object[]) problemArr));
    }

    private void reject(Submission submission, List<Problem> list) {
        if (this.config.isAutoRejectEnabled()) {
            LOGGER.info("Auto-rejecting submission due the following problem(s): {}", list.stream().map((v0) -> {
                return v0.getDetail();
            }).collect(Collectors.joining("\n")));
            this.fitConnectService.rejectSubmission(EventPayload.forRejectEvent(submission, list));
        }
    }
}
