package com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.api.controller;

import com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.api.CertificateApi;
import com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.constant.AccountManagementApiResponseCode;
import com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.dto.CertificateDTO;
import com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.enum_type.SecretSubType;
import com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.mapstruct.CertificateSecretMapper;
import com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.model.CertificateResponse;
import com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.model.ListCertificateResponse;
import com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.model.UpdateCertificateDetail;
import com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.service.ICertificateSecretService;
import com.gitlab.credit_reference_platform.crp.gateway.constant.ApiResponseCode;
import com.gitlab.credit_reference_platform.crp.gateway.controller.BaseApiController;
import com.gitlab.credit_reference_platform.crp.gateway.exception.ServiceException;
import com.gitlab.credit_reference_platform.crp.gateway.http.annotation.HttpRequestLog;
import com.gitlab.credit_reference_platform.crp.gateway.model.GenericApiResponse;
import com.gitlab.credit_reference_platform.crp.gateway.system.activity.annotation.ActivityLog;
import com.gitlab.credit_reference_platform.crp.gateway.system.activity.enum_type.ActivityActionType;
import com.gitlab.credit_reference_platform.crp.gateway.system.activity.enum_type.ActivityCategory;
import com.gitlab.credit_reference_platform.crp.gateway.system.activity.enum_type.ActivityType;
import com.gitlab.credit_reference_platform.crp.gateway.utils.GenericApiResponseUtils;
import io.swagger.annotations.ApiParam;
import jakarta.validation.Valid;
import java.io.IOException;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RequestPart;
import org.springframework.web.multipart.MultipartFile;

@Controller
@HttpRequestLog
@PreAuthorize("hasAuthority('API') || hasRole('401')")
/* loaded from: input_file:BOOT-INF/lib/crp-gateway-acctmgmt-service-2.0.3.jar:com/gitlab/credit_reference_platform/crp/gateway/acctmgmt/api/controller/CertificateApiController.class */
public class CertificateApiController extends BaseApiController implements CertificateApi {

    @Autowired
    private ICertificateSecretService certificateSecretService;

    @Override // com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.api.CertificateApi
    @ActivityLog(category = ActivityCategory.ACCOUNT_MANAGEMENT, type = ActivityType.ACCOUNT_MANAGEMENT, actionType = ActivityActionType.EDIT, messageExpression = "'Create certificate with certType: ' + params[1]")
    public ResponseEntity<CertificateResponse> createCertificates(@Valid @RequestPart(value = "publicCertificate", required = true) @ApiParam("Public Certificate that to be uploaded") MultipartFile multipartFile, @RequestParam(value = "certType", required = true) @ApiParam(value = "Certificate Type, possible values - CRP_SERVER_CERTIFICATE - GATEWAY_SERVER_CERTIFICATE - ENCRYPTION_CERTIFICATE ", required = true, allowableValues = "CRP_SERVER_CERTIFICATE, GATEWAY_SERVER_CERTIFICATE, ENCRYPTION_CERTIFICATE") String str, @Valid @RequestPart(value = "privateKey", required = false) @ApiParam("Private Key that to be binded with the certificate") MultipartFile multipartFile2) {
        if (multipartFile == null || multipartFile.isEmpty()) {
            return ResponseEntity.badRequest().body((CertificateResponse) GenericApiResponseUtils.errorResponse(CertificateResponse.class, AccountManagementApiResponseCode.CERTIFICATE_NOT_FOUND, "The publicCertificate cannot be empty or null"));
        }
        SecretSubType secretSubType = CertificateSecretMapper.MAPPER.toSecretSubType(str);
        if (secretSubType == null) {
            return ResponseEntity.badRequest().body((CertificateResponse) GenericApiResponseUtils.errorResponse(CertificateResponse.class, ApiResponseCode.PARAMETER_IMPERFECT, "The certType in form data is invalid"));
        }
        byte[] bArr = null;
        try {
            byte[] bytes = multipartFile.getBytes();
            if (multipartFile2 != null) {
                try {
                    if (!multipartFile2.isEmpty()) {
                        bArr = multipartFile2.getBytes();
                    }
                } catch (IOException e) {
                    return ResponseEntity.badRequest().body((CertificateResponse) GenericApiResponseUtils.errorResponse(CertificateResponse.class, ApiResponseCode.CANNOT_OPEN_INPUT_STREAM, "Failed to get bytes of privateKey"));
                }
            }
            try {
                CertificateDTO createCertificate = this.certificateSecretService.createCertificate(secretSubType, bytes, bArr);
                CertificateResponse certificateResponse = (CertificateResponse) GenericApiResponseUtils.successResponse(CertificateResponse.class);
                certificateResponse.setData(CertificateSecretMapper.MAPPER.toCertificateDetail(createCertificate));
                return ResponseEntity.ok(certificateResponse);
            } catch (ServiceException e2) {
                return handleServiceException(e2, CertificateResponse.class);
            }
        } catch (IOException e3) {
            return ResponseEntity.badRequest().body((CertificateResponse) GenericApiResponseUtils.errorResponse(CertificateResponse.class, ApiResponseCode.CANNOT_OPEN_INPUT_STREAM, "Failed to get bytes of publicCertificate"));
        }
    }

    @Override // com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.api.CertificateApi
    @ActivityLog(category = ActivityCategory.ACCOUNT_MANAGEMENT, type = ActivityType.ACCOUNT_MANAGEMENT, actionType = ActivityActionType.EDIT, messageExpression = "'Delete certificate with ID: ' + params[0]")
    public ResponseEntity<GenericApiResponse> deleteCertificateById(@PathVariable("id") @ApiParam(value = "Record Id of the certificate to be deleted", required = true) Long l) {
        return l == null ? ResponseEntity.badRequest().body(GenericApiResponseUtils.errorResponse(GenericApiResponse.class, ApiResponseCode.PARAMETER_IMPERFECT, "The id cannot be null")) : !this.certificateSecretService.deleteCertificateById(l.longValue()) ? ResponseEntity.status(HttpStatus.NOT_FOUND).body(GenericApiResponseUtils.errorResponse(GenericApiResponse.class, AccountManagementApiResponseCode.CERTIFICATE_NOT_FOUND)) : ResponseEntity.ok(GenericApiResponseUtils.successResponse(GenericApiResponse.class));
    }

    @Override // com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.api.CertificateApi
    @ActivityLog(category = ActivityCategory.ACCOUNT_MANAGEMENT, type = ActivityType.ACCOUNT_MANAGEMENT, actionType = ActivityActionType.VIEW, messageExpression = "'Viewing certificate with ID: ' + params[0]")
    public ResponseEntity<CertificateResponse> getCertificateById(@PathVariable("id") @ApiParam(value = "Record Id of the certificate to be retrieved", required = true) Long l) {
        if (l == null) {
            return ResponseEntity.badRequest().body((CertificateResponse) GenericApiResponseUtils.errorResponse(CertificateResponse.class, ApiResponseCode.PARAMETER_IMPERFECT, "The id cannot be null"));
        }
        CertificateDTO certificateById = this.certificateSecretService.getCertificateById(l.longValue());
        if (certificateById == null) {
            return ResponseEntity.status(HttpStatus.NOT_FOUND).body((CertificateResponse) GenericApiResponseUtils.errorResponse(CertificateResponse.class, AccountManagementApiResponseCode.CERTIFICATE_NOT_FOUND));
        }
        CertificateResponse certificateResponse = (CertificateResponse) GenericApiResponseUtils.successResponse(CertificateResponse.class);
        certificateResponse.setData(CertificateSecretMapper.MAPPER.toCertificateDetail(certificateById));
        return ResponseEntity.ok(certificateResponse);
    }

    @Override // com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.api.CertificateApi
    @ActivityLog(category = ActivityCategory.ACCOUNT_MANAGEMENT, type = ActivityType.ACCOUNT_MANAGEMENT, actionType = ActivityActionType.VIEW, messageExpression = "'Listing certificates with certType: ' + params[0]")
    public ResponseEntity<ListCertificateResponse> listCertificates(@RequestParam(value = "certType", required = false) @Valid @ApiParam(value = "", allowableValues = "CRP_SERVER_CERTIFICATE, GATEWAY_SERVER_CERTIFICATE, ENCRYPTION_CERTIFICATE") String str) {
        SecretSubType secretSubType = CertificateSecretMapper.MAPPER.toSecretSubType(str);
        if (secretSubType == null) {
            return ResponseEntity.badRequest().body((ListCertificateResponse) GenericApiResponseUtils.errorResponse(ListCertificateResponse.class, ApiResponseCode.PARAMETER_IMPERFECT, "The certType in query param is invalid"));
        }
        List<CertificateDTO> listCertificates = this.certificateSecretService.listCertificates(secretSubType);
        ListCertificateResponse listCertificateResponse = (ListCertificateResponse) GenericApiResponseUtils.successResponse(ListCertificateResponse.class);
        listCertificateResponse.setData(CertificateSecretMapper.MAPPER.toCertificateRecord(listCertificates));
        return ResponseEntity.ok(listCertificateResponse);
    }

    @Override // com.gitlab.credit_reference_platform.crp.gateway.acctmgmt.api.CertificateApi
    @ActivityLog(category = ActivityCategory.ACCOUNT_MANAGEMENT, type = ActivityType.ACCOUNT_MANAGEMENT, actionType = ActivityActionType.EDIT, messageExpression = "'Update certificate with ID: ' + params[0]")
    public ResponseEntity<GenericApiResponse> updateCertificateById(@PathVariable("id") @ApiParam(value = "Record Id of the certificate to be updated", required = true) Long l, @Valid @ApiParam(value = "Certificate details that need to be updated", required = true) @RequestBody UpdateCertificateDetail updateCertificateDetail) {
        if (l == null) {
            return ResponseEntity.badRequest().body(GenericApiResponseUtils.errorResponse(GenericApiResponse.class, ApiResponseCode.PARAMETER_IMPERFECT, "The id in path cannot be null"));
        }
        if (updateCertificateDetail == null) {
            return ResponseEntity.badRequest().body(GenericApiResponseUtils.errorResponse(GenericApiResponse.class, ApiResponseCode.PARAMETER_IMPERFECT, "The updateCertificateDetail in body cannot be null"));
        }
        try {
            return !this.certificateSecretService.updateCertificateById(l.longValue(), CertificateSecretMapper.MAPPER.toDTO(updateCertificateDetail)) ? ResponseEntity.badRequest().body(GenericApiResponseUtils.errorResponse(GenericApiResponse.class, AccountManagementApiResponseCode.NO_CHANGE_DETECTED_ON_UPDATE_CERTIFICATE)) : ResponseEntity.ok(GenericApiResponseUtils.successResponse(GenericApiResponse.class));
        } catch (ServiceException e) {
            return AccountManagementApiResponseCode.CERTIFICATE_NOT_FOUND.getCode().equals(e.getErrorCode()) ? ResponseEntity.status(HttpStatus.NOT_FOUND).body(GenericApiResponseUtils.errorResponse(GenericApiResponse.class, AccountManagementApiResponseCode.CERTIFICATE_NOT_FOUND)) : handleServiceException(e, GenericApiResponse.class);
        }
    }
}
