package inc.yukawa.chain.security.kafka.stream;

import com.fasterxml.jackson.databind.ObjectMapper;
import inc.yukawa.chain.kafka.dao.mono.KafkaStreamsDao;
import inc.yukawa.chain.kafka.util.KafkaUtil;
import inc.yukawa.chain.security.domain.Account;
import inc.yukawa.chain.security.domain.Credentials;
import java.util.List;
import java.util.Optional;
import java.util.Properties;
import java.util.Random;
import java.util.Set;
import java.util.function.BiPredicate;
import java.util.function.Function;
import java.util.function.Predicate;
import org.apache.kafka.clients.admin.NewTopic;
import org.apache.kafka.common.serialization.Serde;
import org.apache.kafka.common.serialization.Serdes;
import org.apache.kafka.streams.StreamsBuilder;
import org.apache.kafka.streams.kstream.Consumed;
import org.apache.kafka.streams.kstream.Joined;
import org.apache.kafka.streams.kstream.Materialized;
import org.apache.kafka.streams.kstream.Produced;
import org.apache.kafka.streams.state.Stores;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:inc/yukawa/chain/security/kafka/stream/OneTimePasswordSupportStream.class */
public class OneTimePasswordSupportStream extends KafkaStreamsDao {
    private static final Logger log = LoggerFactory.getLogger(OneTimePasswordSupportStream.class);
    private final Random random;
    private final String authEventTopic;
    private final String accountTopic;
    private final Serde<Account> accountSerde;
    private final BiPredicate<String, Account> filter;
    protected final Function<String, String> passwordEncodeFunction;
    private int randomPassSize;

    public OneTimePasswordSupportStream(Properties properties, NewTopic newTopic, NewTopic newTopic2, Function<String, String> function, BiPredicate<String, Account> biPredicate, ObjectMapper objectMapper) {
        super(properties);
        this.random = new Random();
        this.randomPassSize = 32;
        this.authEventTopic = newTopic.name();
        this.accountTopic = newTopic2.name();
        this.accountSerde = KafkaUtil.getSerDes(Account.class, false, objectMapper);
        this.filter = biPredicate;
        this.passwordEncodeFunction = function;
    }

    protected StreamsBuilder buildStreams() {
        StreamsBuilder streamsBuilder = new StreamsBuilder();
        streamsBuilder.stream(this.authEventTopic, Consumed.with(Serdes.String(), Serdes.String())).filter((str, str2) -> {
            return (str == null || str2 == null) ? false : true;
        }).peek((str3, str4) -> {
            log.debug("[{}@{}] Received authEvent", str3, this.authEventTopic);
        }).filter((str5, str6) -> {
            return str6.contains("auth:authenticated");
        }).join(streamsBuilder.table(this.accountTopic, Materialized.as(Stores.inMemoryKeyValueStore("accounts")).withKeySerde(Serdes.String()).withValueSerde(this.accountSerde)), (str7, account) -> {
            return account;
        }, Joined.with(Serdes.String(), Serdes.String(), this.accountSerde)).filter(this::inInvalidateScope).peek((str8, account2) -> {
            log.info("[{}@{}] Invalidating pass for user: {}", new Object[]{str8, this.authEventTopic, str8});
        }).mapValues(this::asResetPassAccount).peek((str9, account3) -> {
            log.debug("[{}@{}] PUT account: {}", new Object[]{str9, this.accountTopic, account3});
        }).to(this.accountTopic, Produced.with(Serdes.String(), this.accountSerde));
        return streamsBuilder;
    }

    private Account asResetPassAccount(String str, Account account) {
        return new Account(new Credentials(str, this.passwordEncodeFunction.apply(randomAlphanumericString(this.randomPassSize)), account.getCredentials() != null ? account.getCredentials().getOrgId() : null), (Set) null);
    }

    private boolean inInvalidateScope(String str, Account account) {
        boolean test = this.filter.test(str, account);
        if (!test) {
            log.debug("Skipping not in scope account: {} {}", str, account);
        }
        return test;
    }

    public String randomAlphanumericString(int i) {
        return ((StringBuilder) this.random.ints(48, 122 + 1).limit(i).collect(StringBuilder::new, (v0, v1) -> {
            v0.appendCodePoint(v1);
        }, (v0, v1) -> {
            v0.append(v1);
        })).toString();
    }

    public int getRandomPassSize() {
        return this.randomPassSize;
    }

    public void setRandomPassSize(int i) {
        this.randomPassSize = i;
    }

    public static BiPredicate<String, Account> notExcludedAndHeavingOneTimePassword(List<String> list, String str) {
        Predicate predicate;
        if (list != null) {
            list.getClass();
            predicate = (v1) -> {
                return r0.contains(v1);
            };
        } else {
            predicate = str2 -> {
                return false;
            };
        }
        Predicate predicate2 = predicate;
        Predicate predicate3 = account -> {
            Optional map = Optional.ofNullable(account).map((v0) -> {
                return v0.getDetails();
            }).map(map2 -> {
                return map2.get(str);
            });
            Boolean bool = Boolean.TRUE;
            bool.getClass();
            return map.filter(bool::equals).isPresent();
        };
        Predicate negate = predicate2.negate();
        return (str3, account2) -> {
            return negate.test(str3) && predicate3.test(account2);
        };
    }
}
