package pl.touk.widerest.api.customers;

import com.google.common.collect.ImmutableMap;
import com.jasongoodwin.monads.Try;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Function;
import java.util.function.UnaryOperator;
import java.util.stream.Collectors;
import javaslang.control.Match;
import javax.annotation.Resource;
import javax.validation.Valid;
import org.broadleafcommerce.core.order.service.MergeCartService;
import org.broadleafcommerce.core.order.service.OrderService;
import org.broadleafcommerce.core.order.service.exception.RemoveFromCartException;
import org.broadleafcommerce.core.pricing.service.exception.PricingException;
import org.broadleafcommerce.openadmin.server.security.service.AdminUserDetails;
import org.broadleafcommerce.profile.core.domain.Customer;
import org.broadleafcommerce.profile.core.service.CustomerService;
import org.broadleafcommerce.profile.core.service.CustomerUserDetails;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.hateoas.Link;
import org.springframework.hateoas.Resources;
import org.springframework.hateoas.mvc.ControllerLinkBuilder;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
import org.springframework.security.web.bind.annotation.AuthenticationPrincipal;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import pl.touk.widerest.api.common.ResourceNotFoundException;
import pl.touk.widerest.api.products.ProductDto;
import pl.touk.widerest.security.authentication.AnonymousUserDetailsService;
import pl.touk.widerest.security.authentication.SiteAuthenticationToken;
import pl.touk.widerest.security.oauth2.Scope;
import pl.touk.widerest.security.oauth2.oob.OobAuthorizationServerEndpointsConfiguration;
import springfox.documentation.annotations.ApiIgnore;

@RequestMapping(value = {"/v1/customers"}, produces = {"application/hal+json"})
@Api(value = "customers", description = "Customer management endpoint", produces = "application/hal+json")
@RestController
/* loaded from: input_file:pl/touk/widerest/api/customers/CustomerController.class */
public class CustomerController {

    @Resource(name = "blCustomerService")
    private CustomerService customerService;

    @Resource(name = "blOrderService")
    private OrderService orderService;

    @Resource(name = "blMergeCartService")
    private MergeCartService mergeCartService;

    @Resource(name = "wdCustomerService")
    private CustomerServiceProxy customerServiceProxy;

    @Resource
    private AuthorizationCodeServices authorizationCodeServices;

    @Resource
    private AnonymousUserDetailsService customerUserDetailsService;

    @Resource
    private OobAuthorizationServerEndpointsConfiguration authorizationServerEndpointsConfiguration;

    @Autowired
    private ResourceServerTokenServices tokenServices;

    @Resource
    private CustomerConverter customerConverter;

    @RequestMapping(method = {RequestMethod.GET})
    @ApiResponses({@ApiResponse(code = 200, message = "Successful retrieval of customers list", response = CustomerDto.class, responseContainer = "List")})
    @PreAuthorize("hasRole('PERMISSION_ALL_CUSTOMER')")
    @ApiOperation(value = "List all customers", notes = "Gets a list of all active customers if the currently logged in user has admin rights. Otherwise, it simply returns details of a currently logged in customer", response = CustomerDto.class, responseContainer = "List")
    @Transactional
    public Resources<CustomerDto> readAllCustomers(@AuthenticationPrincipal @ApiIgnore UserDetails userDetails, @RequestParam(value = "embed", defaultValue = "false") Boolean bool, @RequestParam(value = "link", defaultValue = "true") Boolean bool2) {
        return new Resources<>((List) Match.of(userDetails).whenType(AdminUserDetails.class).then(() -> {
            return (List) this.customerServiceProxy.getAllCustomers().stream().map(customer -> {
                return this.customerConverter.createDto(customer, bool.booleanValue(), bool2.booleanValue());
            }).collect(Collectors.toList());
        }).whenType(CustomerUserDetails.class).then(() -> {
            return (List) Optional.ofNullable(this.customerServiceProxy.getCustomerById(((CustomerUserDetails) userDetails).getId())).map(customer -> {
                return this.customerConverter.createDto(customer, bool.booleanValue(), bool2.booleanValue());
            }).map((v0) -> {
                return Collections.singletonList(v0);
            }).orElse(Collections.emptyList());
        }).otherwise(Collections::emptyList).get(), new Link[]{ControllerLinkBuilder.linkTo(((CustomerController) ControllerLinkBuilder.methodOn(getClass(), new Object[0])).readAllCustomers(null, null, null)).withSelfRel()});
    }

    @RequestMapping(value = {"/{id}"}, method = {RequestMethod.GET})
    @ApiResponses({@ApiResponse(code = 200, message = "Successful retrieval of product", response = ProductDto.class), @ApiResponse(code = 404, message = "The specified customer does not exist")})
    @PreAuthorize("hasRole('PERMISSION_ALL_CUSTOMER') or #customerId == 'me' or #customerId == T(java.lang.Long).toString(#customerUserDetails.id)")
    @ApiOperation(value = "Get single customer details", notes = "Retrieves single customer details", response = CustomerDto.class)
    @Transactional
    public ResponseEntity<CustomerDto> readOneCustomer(@AuthenticationPrincipal @ApiIgnore CustomerUserDetails customerUserDetails, @PathVariable("id") @ApiParam(value = "ID of a customer", required = true) String str, @RequestParam(value = "embed", defaultValue = "false") Boolean bool, @RequestParam(value = "link", defaultValue = "true") Boolean bool2) {
        Optional map = Optional.ofNullable(str).map(toCustomerId(customerUserDetails, str));
        CustomerService customerService = this.customerService;
        customerService.getClass();
        return (ResponseEntity) map.map(customerService::readCustomerById).map(customer -> {
            return this.customerConverter.createDto(customer, bool.booleanValue(), bool2.booleanValue());
        }).map(customerDto -> {
            return new ResponseEntity(customerDto, HttpStatus.OK);
        }).orElseThrow(CustomerNotFoundException::new);
    }

    @RequestMapping(value = {"/{id}"}, method = {RequestMethod.PUT})
    @ApiResponses({@ApiResponse(code = 200, message = "Successful retrieval of product", response = ProductDto.class), @ApiResponse(code = 404, message = "The specified customer does not exist")})
    @PreAuthorize("hasRole('PERMISSION_ALL_CUSTOMER') or #customerId == 'me' or #customerId == T(java.lang.Long).toString(#customerUserDetails.id)")
    @ApiOperation(value = "Get single customer details", notes = "Retrieves single customer details", response = CustomerDto.class)
    @Transactional
    public void updateOneCustomer(@AuthenticationPrincipal @ApiIgnore CustomerUserDetails customerUserDetails, @PathVariable("id") @ApiParam(value = "ID of a customer", required = true) String str, @Valid @RequestBody CustomerDto customerDto) {
        Optional map = Optional.ofNullable(str).map(toCustomerId(customerUserDetails, str));
        CustomerService customerService = this.customerService;
        customerService.getClass();
        Optional map2 = map.map(customerService::readCustomerById).map(customer -> {
            return this.customerConverter.updateEntity(customer, customerDto);
        });
        CustomerService customerService2 = this.customerService;
        customerService2.getClass();
        map2.map(customerService2::saveCustomer).orElseThrow(CustomerNotFoundException::new);
    }

    @RequestMapping(value = {"/{id}/authorization"}, method = {RequestMethod.POST})
    @ApiResponses({@ApiResponse(code = 200, message = "Authorization code for the specified customer has been created", response = String.class), @ApiResponse(code = 404, message = "The specified customer does not exist")})
    @PreAuthorize("hasRole('PERMISSION_ALL_CUSTOMER') or #customerId  == 'me' or #customerId == #customerUserDetails.id")
    @ApiOperation(value = "Create an authorization code", notes = "Creates a new authorization code for a specified customer", response = String.class)
    public ResponseEntity createAuthorizationCode(@AuthenticationPrincipal @ApiIgnore CustomerUserDetails customerUserDetails, @PathVariable("id") @ApiParam(value = "ID of a customer", required = true) String str) {
        Optional map = Optional.ofNullable(str).map(toCustomerId(customerUserDetails, str));
        CustomerService customerService = this.customerService;
        customerService.getClass();
        return (ResponseEntity) map.map(customerService::readCustomerById).map(this::generateCode).map((v0) -> {
            return ResponseEntity.ok(v0);
        }).orElseThrow(CustomerNotFoundException::new);
    }

    @RequestMapping(value = {"/register"}, method = {RequestMethod.POST})
    @ApiResponses({@ApiResponse(code = 200, message = "New customer successfully registered", response = Void.class), @ApiResponse(code = 404, message = "Specified customer already exists or provided credentials (email, username) are already taken")})
    @ApiOperation(value = "Register a new customer", notes = "Registers a new customer with provided credentials", response = Void.class)
    @Transactional
    public void registerCustomer(@AuthenticationPrincipal @ApiIgnore CustomerUserDetails customerUserDetails, @RequestParam String str, @RequestParam String str2, @RequestParam String str3, @RequestParam String str4) {
        Optional ofNullable = Optional.ofNullable(customerUserDetails.getId());
        CustomerService customerService = this.customerService;
        customerService.getClass();
        ofNullable.map(customerService::readCustomerById).filter(customer -> {
            return !customer.isRegistered();
        }).orElseThrow(() -> {
            return new ResourceNotFoundException("User already registered");
        });
        Optional.of(str).filter(str5 -> {
            return Objects.isNull(this.customerService.readCustomerByUsername(str5));
        }).orElseThrow(() -> {
            return new ResourceNotFoundException("Username already taken, please try with other");
        });
        Optional.of(str4).filter(str6 -> {
            return Objects.isNull(this.customerService.readCustomerByEmail(str6));
        }).orElseThrow(() -> {
            return new ResourceNotFoundException("Email address already taken, please try with other");
        });
        Customer readCustomerById = this.customerService.readCustomerById(customerUserDetails.getId());
        readCustomerById.setUsername(str);
        readCustomerById.setEmailAddress(str4);
        this.customerService.registerCustomer(readCustomerById, str2, str3);
    }

    @RequestMapping(value = {"/merge"}, method = {RequestMethod.POST})
    @ApiResponses({@ApiResponse(code = 200, message = "Carts have been successfully merged", response = Void.class)})
    @ApiOperation(value = "Merge carts", notes = "Merges anonymous cart with a logged in customer's cart", response = Void.class)
    @Transactional
    public void mergeWithAnonymous(@AuthenticationPrincipal @ApiIgnore CustomerUserDetails customerUserDetails, @RequestBody String str) throws RemoveFromCartException, PricingException {
        this.mergeCartService.mergeCart(this.customerService.readCustomerById(customerUserDetails.getId()), this.orderService.findCartForCustomer(this.customerService.readCustomerById(((CustomerUserDetails) this.tokenServices.loadAuthentication(str).getPrincipal()).getId())));
    }

    private static Function<String, Long> toCustomerId(CustomerUserDetails customerUserDetails, String str) {
        return str2 -> {
            return (Long) Optional.ofNullable(customerUserDetails).filter(customerUserDetails2 -> {
                return "me".equals(str);
            }).map((v0) -> {
                return v0.getId();
            }).orElse(Try.ofFailable(() -> {
                return Long.valueOf(Long.parseLong(str));
            }).orElse((Object) null));
        };
    }

    private static UnaryOperator<Customer> toCustomerWithEmail(String str) {
        return customer -> {
            customer.setEmailAddress(str);
            return customer;
        };
    }

    private String generateCode(Customer customer) throws AuthenticationException {
        String clientId = SecurityContextHolder.getContext().getAuthentication().getOAuth2Request().getClientId();
        OAuth2RequestFactory oAuth2RequestFactory = this.authorizationServerEndpointsConfiguration.getEndpointsConfigurer().getOAuth2RequestFactory();
        OAuth2Request createOAuth2Request = oAuth2RequestFactory.createOAuth2Request(oAuth2RequestFactory.createAuthorizationRequest(ImmutableMap.builder().put("scope", Scope.CUSTOMER.toString()).put("client_id", clientId).build()));
        UserDetails createCustomerUserDetails = this.customerUserDetailsService.createCustomerUserDetails(customer);
        return this.authorizationCodeServices.createAuthorizationCode(new OAuth2Authentication(createOAuth2Request, new SiteAuthenticationToken(createCustomerUserDetails, null, createCustomerUserDetails.getAuthorities())));
    }
}
