argos/dmp-backend/web/src/main/java/eu/eudat/models/v2/AccountBuilder.java

package eu.eudat.models.v2;

import eu.eudat.commons.JsonHandlingService;
import eu.eudat.commons.scope.user.UserScope;
import eu.eudat.commons.types.user.AdditionalInfoEntity;
import eu.eudat.data.UserEntity;
import eu.eudat.model.User;
import gr.cite.commons.web.authz.configuration.AuthorizationConfiguration;
import gr.cite.commons.web.oidc.principal.CurrentPrincipalResolver;
import gr.cite.commons.web.oidc.principal.MyPrincipal;
import gr.cite.commons.web.oidc.principal.extractor.ClaimExtractor;
import gr.cite.commons.web.oidc.principal.extractor.ClaimExtractorKeys;
import gr.cite.tools.exception.MyNotFoundException;
import gr.cite.tools.fieldset.BaseFieldSet;
import gr.cite.tools.fieldset.FieldSet;
import jakarta.persistence.EntityManager;
import org.springframework.beans.factory.config.ConfigurableBeanFactory;
import org.springframework.context.annotation.Scope;
import org.springframework.context.i18n.LocaleContextHolder;
import org.springframework.stereotype.Component;

import javax.management.InvalidApplicationException;
import java.util.*;

@Component
@Scope(value = ConfigurableBeanFactory.SCOPE_PROTOTYPE)
public class AccountBuilder {

    private final ClaimExtractor claimExtractor;
    private final Set<String> excludeMoreClaim;
    private final CurrentPrincipalResolver currentPrincipalResolver;
    private final AuthorizationConfiguration authorizationConfiguration;
    private final JsonHandlingService jsonHandlingService;
    private final UserScope userScope;
    private final EntityManager entityManager;
    public AccountBuilder(ClaimExtractor claimExtractor, CurrentPrincipalResolver currentPrincipalResolver, AuthorizationConfiguration authorizationConfiguration, JsonHandlingService jsonHandlingService, UserScope userScope, EntityManager entityManager) {
        this.claimExtractor = claimExtractor;
        this.currentPrincipalResolver = currentPrincipalResolver;
        this.authorizationConfiguration = authorizationConfiguration;
        this.jsonHandlingService = jsonHandlingService;
        this.userScope = userScope;
        this.entityManager = entityManager;
        this.excludeMoreClaim = Set.of(
                ClaimExtractorKeys.Subject,
                ClaimExtractorKeys.Name,
                ClaimExtractorKeys.Scope,
                ClaimExtractorKeys.Client,
                ClaimExtractorKeys.IssuedAt,
                ClaimExtractorKeys.NotBefore,
                ClaimExtractorKeys.AuthenticatedAt,
                ClaimExtractorKeys.ExpiresAt);
    }

    public Account build(FieldSet fields, MyPrincipal principal) throws InvalidApplicationException {
        Account model = new Account();
        if (principal == null || !principal.isAuthenticated()) {
            model.setIsAuthenticated(Boolean.FALSE);
            return model;
        }
        model.setIsAuthenticated(Boolean.TRUE);

        FieldSet principalFields = fields.extractPrefixed(BaseFieldSet.asIndexerPrefix(Account._principal));
        if (!principalFields.isEmpty()) model.setPrincipal(new Account.PrincipalInfo());
        if (principalFields.hasField(Account.PrincipalInfo._subject))
            model.getPrincipal().setSubject(this.claimExtractor.subjectUUID(principal));
        if (principalFields.hasField(Account.PrincipalInfo._userId))
            model.getPrincipal().setUserId(this.userScope.getUserIdSafe());
        if (principalFields.hasField(Account.PrincipalInfo._name))
            model.getPrincipal().setName(this.claimExtractor.name(principal));
        if (principalFields.hasField(Account.PrincipalInfo._scope))
            model.getPrincipal().setScope(this.claimExtractor.scope(principal));
        if (principalFields.hasField(Account.PrincipalInfo._client))
            model.getPrincipal().setClient(this.claimExtractor.client(principal));
        if (principalFields.hasField(Account.PrincipalInfo._issuedAt))
            model.getPrincipal().setIssuedAt(this.claimExtractor.issuedAt(principal));
        if (principalFields.hasField(Account.PrincipalInfo._notBefore))
            model.getPrincipal().setNotBefore(this.claimExtractor.notBefore(principal));
        if (principalFields.hasField(Account.PrincipalInfo._authenticatedAt))
            model.getPrincipal().setAuthenticatedAt(this.claimExtractor.authenticatedAt(principal));
        if (principalFields.hasField(Account.PrincipalInfo._expiresAt))
            model.getPrincipal().setExpiresAt(this.claimExtractor.expiresAt(principal));
        if (principalFields.hasField(Account.PrincipalInfo._more)) {
            model.getPrincipal().setMore(new HashMap<>());
            for (String key : this.claimExtractor.knownPublicKeys()) {
                if (this.excludeMoreClaim.contains(key))
                    continue;
                List<String> values = this.claimExtractor.asStrings(principal, key);
                if (values == null || values.isEmpty())
                    continue;
                if (!model.getPrincipal().getMore().containsKey(key))
                    model.getPrincipal().getMore().put(key, new ArrayList<>());
                model.getPrincipal().getMore().get(key).addAll(values);
            }
        }
        if (fields.hasField(Account._roles)) {
            List<String> roles = claimExtractor.roles(currentPrincipalResolver.currentPrincipal());
            model.setRoles(roles);
        }
        if (fields.hasField(Account._permissions)) {
            List<String> roles = claimExtractor.roles(currentPrincipalResolver.currentPrincipal());
            Set<String> permissions = authorizationConfiguration.permissionsOfRoles(roles);
            model.setPermissions(new ArrayList<>(permissions));
        }

        FieldSet profileFields = fields.extractPrefixed(BaseFieldSet.asIndexerPrefix(Account._profile));
        if (!profileFields.isEmpty() && this.userScope.getUserIdSafe() != null){
            model.setProfile(new Account.UserProfileInfo());
            UserEntity data = this.entityManager.find(UserEntity.class, this.userScope.getUserIdSafe());
            AdditionalInfoEntity additionalInfoEntity = data == null ? null : this.jsonHandlingService.fromJsonSafe(AdditionalInfoEntity.class, data.getAdditionalInfo());
            if (profileFields.hasField(Account.UserProfileInfo._avatarUrl) && additionalInfoEntity != null) model.getProfile().setAvatarUrl(additionalInfoEntity.getAvatarUrl());
            if (profileFields.hasField(Account.UserProfileInfo._language) && additionalInfoEntity != null) model.getProfile().setLanguage(additionalInfoEntity.getLanguage());
            if (profileFields.hasField(Account.UserProfileInfo._timezone) && additionalInfoEntity != null) model.getProfile().setTimezone(additionalInfoEntity.getTimezone());
            if (profileFields.hasField(Account.UserProfileInfo._culture) && additionalInfoEntity != null) model.getProfile().setCulture(additionalInfoEntity.getCulture());
        }
       
        return model;
    }
}