package org.apache.james.mailbox.store;

import jakarta.inject.Inject;
import java.util.ArrayList;
import java.util.Optional;
import java.util.function.Predicate;
import org.apache.james.core.Username;
import org.apache.james.mailbox.Authenticator;
import org.apache.james.mailbox.Authorizator;
import org.apache.james.mailbox.MailboxSession;
import org.apache.james.mailbox.MailboxSessionIdGenerator;
import org.apache.james.mailbox.SessionProvider;
import org.apache.james.mailbox.exception.BadCredentialsException;
import org.apache.james.mailbox.exception.ForbiddenDelegationException;
import org.apache.james.mailbox.exception.MailboxException;
import org.apache.james.mailbox.exception.UserDoesNotExistException;

/* loaded from: input_file:org/apache/james/mailbox/store/SessionProviderImpl.class */
public class SessionProviderImpl implements SessionProvider {
    private final MailboxSessionIdGenerator idGenerator = new RandomMailboxSessionIdGenerator();
    private final Authenticator authenticator;
    private final Authorizator authorizator;

    /* renamed from: org.apache.james.mailbox.store.SessionProviderImpl$3, reason: invalid class name */
    /* loaded from: input_file:org/apache/james/mailbox/store/SessionProviderImpl$3.class */
    static /* synthetic */ class AnonymousClass3 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$james$mailbox$Authorizator$AuthorizationState = new int[Authorizator.AuthorizationState.values().length];

        static {
            try {
                $SwitchMap$org$apache$james$mailbox$Authorizator$AuthorizationState[Authorizator.AuthorizationState.ALLOWED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$james$mailbox$Authorizator$AuthorizationState[Authorizator.AuthorizationState.FORBIDDEN.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$james$mailbox$Authorizator$AuthorizationState[Authorizator.AuthorizationState.UNKNOWN_USER.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    @Inject
    public SessionProviderImpl(Authenticator authenticator, Authorizator authorizator) {
        this.authenticator = authenticator;
        this.authorizator = authorizator;
    }

    public MailboxSession createSystemSession(Username username) {
        return createSession(username, Optional.empty(), MailboxSession.SessionType.System);
    }

    public SessionProvider.AuthorizationStep authenticate(final Username username, final String str) {
        return new SessionProvider.AuthorizationStep(this) { // from class: org.apache.james.mailbox.store.SessionProviderImpl.1
            final /* synthetic */ SessionProviderImpl this$0;

            {
                this.this$0 = this;
            }

            public MailboxSession as(Username username2) throws MailboxException {
                Optional<Username> isValidLogin = this.this$0.isValidLogin(username, str);
                if (isValidLogin.isEmpty()) {
                    throw new BadCredentialsException();
                }
                return this.this$0.authenticate(isValidLogin.get()).as(username2);
            }

            public MailboxSession withoutDelegation() throws MailboxException {
                Optional<Username> isValidLogin = this.this$0.isValidLogin(username, str);
                if (isValidLogin.isPresent()) {
                    return this.this$0.createSession(isValidLogin.get(), isValidLogin, MailboxSession.SessionType.User);
                }
                throw new BadCredentialsException();
            }

            public MailboxSession forMatchingUser(Predicate<Username> predicate) throws MailboxException {
                Username orElseThrow = this.this$0.isValidLogin(username, str).orElseThrow(BadCredentialsException::new);
                return (MailboxSession) this.this$0.authorizator.delegatedUsers(orElseThrow).stream().filter(predicate).findFirst().map(username2 -> {
                    return this.this$0.createSession(username2, Optional.of(orElseThrow), MailboxSession.SessionType.System);
                }).orElseThrow(() -> {
                    return new ForbiddenDelegationException(orElseThrow);
                });
            }
        };
    }

    public SessionProvider.AuthorizationStep authenticate(final Username username) {
        return new SessionProvider.AuthorizationStep(this) { // from class: org.apache.james.mailbox.store.SessionProviderImpl.2
            final /* synthetic */ SessionProviderImpl this$0;

            {
                this.this$0 = this;
            }

            public MailboxSession as(Username username2) throws MailboxException {
                Authorizator.AuthorizationState canLoginAs = this.this$0.authorizator.user(username).canLoginAs(username2);
                switch (AnonymousClass3.$SwitchMap$org$apache$james$mailbox$Authorizator$AuthorizationState[canLoginAs.ordinal()]) {
                    case 1:
                        return this.this$0.createSession(username2, Optional.of(username), MailboxSession.SessionType.System);
                    case 2:
                        throw new ForbiddenDelegationException(username, username2);
                    case StoreMailboxManager.MAX_ATTEMPTS /* 3 */:
                        throw new UserDoesNotExistException(username2);
                    default:
                        throw new RuntimeException("Unknown AuthorizationState " + String.valueOf(canLoginAs));
                }
            }

            public MailboxSession withoutDelegation() {
                return this.this$0.createSession(username, Optional.of(username), MailboxSession.SessionType.System);
            }

            public MailboxSession forMatchingUser(Predicate<Username> predicate) throws MailboxException {
                Optional findFirst = this.this$0.authorizator.delegatedUsers(username).stream().filter(predicate).findFirst();
                Username username2 = username;
                Optional map = findFirst.map(username3 -> {
                    return this.this$0.createSession(username3, Optional.of(username2), MailboxSession.SessionType.System);
                });
                Username username4 = username;
                return (MailboxSession) map.orElseThrow(() -> {
                    return new ForbiddenDelegationException(username4);
                });
            }
        };
    }

    private MailboxSession createSession(Username username, Optional<Username> optional, MailboxSession.SessionType sessionType) {
        return new MailboxSession(newSessionId(), username, optional, new ArrayList(), '.', sessionType);
    }

    private MailboxSession.SessionId newSessionId() {
        return MailboxSession.SessionId.of(randomId());
    }

    private long randomId() {
        return this.idGenerator.nextId();
    }

    private Optional<Username> isValidLogin(Username username, String str) throws MailboxException {
        return this.authenticator.isAuthentic(username, str);
    }
}
