package ai.grakn.engine.controller;

import ai.grakn.engine.user.UsersHandler;
import ai.grakn.engine.util.ConfigProperties;
import ai.grakn.engine.util.JWTHandler;
import ai.grakn.exception.GraknEngineServerException;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import mjson.Json;
import spark.Request;
import spark.Response;
import spark.Spark;

@Api(value = "/graph", description = "Endpoints used to handle operations related to authentication.")
@Produces({"application/json", "text/plain"})
@Path("/auth")
/* loaded from: input_file:ai/grakn/engine/controller/AuthController.class */
public class AuthController {
    private static final UsersHandler usersHandler = UsersHandler.getInstance();
    private static final String USERNAME_KEY = "username";
    private static final String PASSWORD_KEY = "password";

    public AuthController() {
        Spark.post("/auth/session/", this::newSession);
        Spark.get("/auth/enabled/", this::isPasswordProtected);
    }

    @Path("/session")
    @ApiImplicitParams({@ApiImplicitParam(name = USERNAME_KEY, value = "Username", required = true, dataType = "string", paramType = "body"), @ApiImplicitParam(name = PASSWORD_KEY, value = "Password", required = true, dataType = "string", paramType = "body")})
    @ApiOperation("If a given user/password pair is valid, returns a new JWT")
    @POST
    private String newSession(Request request, Response response) {
        try {
            Json read = Json.read(request.body());
            String asString = read.at(USERNAME_KEY).asString();
            if (usersHandler.validateUser(asString, hashPassword(read.at(PASSWORD_KEY).asString()))) {
                return JWTHandler.signJWT(asString);
            }
            throw new GraknEngineServerException(401, "Wrong authentication parameters have been provided.");
        } catch (Exception e) {
            throw new GraknEngineServerException(400, e);
        }
    }

    @GET
    @Path("/enabled")
    @ApiOperation("Returns true if Engine endpoints are password protected. False otherwise.")
    private String isPasswordProtected(Request request, Response response) {
        return ConfigProperties.getInstance().getProperty(ConfigProperties.PASSWORD_PROTECTED_PROPERTY);
    }

    private String hashPassword(String str) {
        return str;
    }
}
