package de.blitzdose.minecraftserverremote.web.webserver.api;

import de.blitzdose.minecraftserverremote.crypt.CryptManager;
import de.blitzdose.minecraftserverremote.logging.LoggingSaver;
import de.blitzdose.minecraftserverremote.logging.LoggingType;
import de.blitzdose.minecraftserverremote.web.webserver.Webserver;
import de.blitzdose.minecraftserverremote.web.webserver.auth.UserManager;
import io.javalin.http.Context;
import io.javalin.http.Cookie;
import io.javalin.http.SameSite;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Iterator;
import org.json.JSONArray;
import org.json.JSONObject;

/* loaded from: input_file:de/blitzdose/minecraftserverremote/web/webserver/api/UserApi.class */
public class UserApi {
    public static void login(Context context, UserManager userManager) {
        String formParam = context.formParam("username");
        String formParam2 = context.formParam("password");
        String formParam3 = context.formParam("code");
        String formParam4 = context.formParam("needsAppPassword");
        String str = null;
        if (formParam2 != null) {
            str = CryptManager.getHash(new String(Base64.getUrlDecoder().decode(formParam2.trim())));
        }
        if (formParam == null || str == null) {
            context.status(401);
            context.result();
            return;
        }
        int authenticateUser = userManager.authenticateUser(formParam, str, formParam3);
        if (authenticateUser != 1) {
            if (authenticateUser == 5) {
                context.status(402);
                context.result();
                return;
            } else {
                LoggingSaver.addLogEntry(LoggingType.LOGIN_FAIL, formParam + " (" + context.ip() + ")");
                context.status(401);
                context.result();
                return;
            }
        }
        LoggingSaver.addLogEntry(LoggingType.LOGIN_SUCCESS, formParam + " (" + context.ip() + ")");
        JSONObject jSONObject = new JSONObject();
        if (formParam4 != null && formParam4.equals("true")) {
            jSONObject.put("appPassword", userManager.createAppPassword(formParam));
        }
        jSONObject.put("success", true);
        context.cookie(new Cookie("token", userManager.getToken(formParam), "/", 2592000, false, 0, false, null, null, SameSite.LAX));
        Webserver.returnJson(context, jSONObject);
    }

    public static void getCurrent(Context context, UserManager userManager) {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("success", true);
        String username = userManager.getUsername(context.cookie("token"));
        if (username.isEmpty()) {
            jSONObject.put("success", false);
        } else {
            jSONObject.put("username", username);
        }
        Webserver.returnJson(context, jSONObject);
    }

    public static void getPermissions(Context context, UserManager userManager) {
        String username = userManager.getUsername(context.cookie("token"));
        JSONObject jSONObject = new JSONObject();
        if (username.isEmpty()) {
            jSONObject.put("success", false);
            Webserver.returnJson(context, jSONObject);
            return;
        }
        ArrayList<String> permissions = userManager.getPermissions(username, true);
        JSONArray jSONArray = new JSONArray();
        Iterator<String> it = permissions.iterator();
        while (it.hasNext()) {
            jSONArray.put(it.next().toLowerCase());
        }
        jSONObject.put("success", true);
        jSONObject.put("permissions", jSONArray);
        Webserver.returnJson(context, jSONObject);
    }

    public static void logout(Context context, UserManager userManager) {
        JSONObject jSONObject = new JSONObject();
        String username = userManager.getUsername(context.cookie("token"));
        if (username.isEmpty()) {
            jSONObject.put("success", false);
            Webserver.returnJson(context, jSONObject);
        } else {
            userManager.logout(username);
            jSONObject.put("success", true);
            context.cookie("token", "", 0);
            Webserver.returnJson(context, jSONObject);
        }
    }

    public static void changePassword(Context context, UserManager userManager) {
        String username = userManager.getUsername(context.cookie("token"));
        String formParam = context.formParam("password");
        String formParam2 = context.formParam("new-password");
        String formParam3 = context.formParam("code");
        if (username.isEmpty() || formParam == null || formParam2 == null) {
            context.status(401);
            context.result();
            return;
        }
        int authenticateUser = userManager.authenticateUser(username, CryptManager.getHash(new String(Base64.getUrlDecoder().decode(formParam))), formParam3);
        if (authenticateUser == 1) {
            userManager.setPassword(username, CryptManager.getHash(new String(Base64.getUrlDecoder().decode(formParam2))));
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("success", true);
            Webserver.returnJson(context, jSONObject);
            return;
        }
        if (authenticateUser == 5) {
            context.status(402);
            context.result();
        } else {
            LoggingSaver.addLogEntry(LoggingType.LOGIN_FAIL, username);
            context.status(401);
            context.result();
        }
    }

    public static void initTOTP(Context context, UserManager userManager) {
        JSONObject jSONObject = new JSONObject();
        String formParam = context.formParam("password");
        String str = null;
        if (formParam != null) {
            str = CryptManager.getHash(new String(Base64.getUrlDecoder().decode(formParam.trim())));
        }
        if (str == null || str.isEmpty()) {
            context.status(401);
            context.result();
            return;
        }
        String username = userManager.getUsername(context.cookie("token"));
        int authenticateUser = userManager.authenticateUser(username, str, null);
        if (authenticateUser != 1) {
            if (authenticateUser == 5) {
                context.status(402);
                context.result();
                return;
            } else {
                context.status(401);
                context.result();
                return;
            }
        }
        String initTOTP = userManager.initTOTP(username);
        if (initTOTP == null) {
            jSONObject.put("success", false);
            Webserver.returnJson(context, jSONObject);
        } else {
            jSONObject.put("success", true);
            jSONObject.put("secret", initTOTP);
            Webserver.returnJson(context, jSONObject);
        }
    }

    public static void verifyTOTP(Context context, UserManager userManager) {
        try {
            boolean verifyTOTP = userManager.verifyTOTP(userManager.getUsername(context.cookie("token")), context.formParam("code"));
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("success", verifyTOTP);
            Webserver.returnJson(context, jSONObject);
        } catch (IOException | InvalidKeyException | NoSuchAlgorithmException e) {
            JSONObject jSONObject2 = new JSONObject();
            jSONObject2.put("success", false);
            Webserver.returnJson(context, jSONObject2);
        }
    }

    public static void removeTOTP(Context context, UserManager userManager) {
        String username = userManager.getUsername(context.cookie("token"));
        String formParam = context.formParam("code");
        String formParam2 = context.formParam("password");
        String str = null;
        if (formParam2 != null) {
            str = CryptManager.getHash(new String(Base64.getUrlDecoder().decode(formParam2.trim())));
        }
        if (str == null || str.isEmpty()) {
            context.status(401);
            context.result();
            return;
        }
        int authenticateUser = userManager.authenticateUser(username, str, formParam);
        if (authenticateUser == 5) {
            context.status(402);
            context.result();
        } else if (authenticateUser == 2) {
            context.status(401);
            context.result();
        } else if (authenticateUser == 1) {
            boolean removeTOTP = userManager.removeTOTP(username, formParam);
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("success", removeTOTP);
            Webserver.returnJson(context, jSONObject);
        }
    }

    public static void hasTOTP(Context context, UserManager userManager) {
        boolean hasTOTP = userManager.hasTOTP(userManager.getUsername(context.cookie("token")));
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("success", true);
        jSONObject.put("hastotp", hasTOTP);
        Webserver.returnJson(context, jSONObject);
    }
}
