package lsfusion.http.authentication;

import com.google.common.base.Throwables;
import java.io.IOException;
import java.rmi.RemoteException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import lsfusion.http.controller.LogicsRequestHandler;
import lsfusion.http.controller.MainController;
import lsfusion.http.provider.logics.LogicsProvider;
import lsfusion.interop.base.exception.AuthenticationException;
import lsfusion.interop.logics.LogicsSessionObject;
import lsfusion.interop.session.ExternalRequest;
import org.json.JSONArray;
import org.json.JSONObject;
import org.springframework.lang.NonNull;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/classes/lsfusion/http/authentication/LSFClientRegistrationRepository.class */
public class LSFClientRegistrationRepository extends LogicsRequestHandler implements ClientRegistrationRepository, Iterable<ClientRegistration> {
    private Map<String, ClientRegistration> registrations;
    private final ServletContext servletContext;

    public LSFClientRegistrationRepository(LogicsProvider logicsProvider, ServletContext servletContext) {
        super(logicsProvider);
        this.servletContext = servletContext;
    }

    @Override // org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
    public synchronized ClientRegistration findByRegistrationId(String str) {
        Assert.hasText(str, "registrationId cannot be empty");
        return getRegistrations().get(str);
    }

    private Map<String, ClientRegistration> getRegistrations() {
        if (this.registrations == null) {
            HttpServletRequest httpServletRequest = LSFRemoteAuthenticationProvider.getHttpServletRequest();
            try {
                this.registrations = createRegistrationsMap((List) runRequest(httpServletRequest, (logicsSessionObject, z) -> {
                    return getOauth2ClientCredentials(logicsSessionObject, httpServletRequest);
                }));
            } catch (IOException e) {
                throw Throwables.propagate(e);
            }
        }
        return this.registrations;
    }

    private Map<String, ClientRegistration> createRegistrationsMap(List<ClientRegistration> list) {
        ConcurrentHashMap concurrentHashMap = new ConcurrentHashMap();
        for (ClientRegistration clientRegistration : list) {
            if (concurrentHashMap.containsKey(clientRegistration.getRegistrationId())) {
                throw new IllegalStateException(String.format("Duplicate key %s", clientRegistration.getRegistrationId()));
            }
            concurrentHashMap.put(clientRegistration.getRegistrationId(), clientRegistration);
        }
        return Collections.unmodifiableMap(concurrentHashMap);
    }

    private List<ClientRegistration> getOauth2ClientCredentials(LogicsSessionObject logicsSessionObject, HttpServletRequest httpServletRequest) throws RemoteException {
        String initParameter = this.servletContext.getInitParameter(OAuth2ToLSFTokenFilter.AUTH_SECRET_KEY);
        ArrayList arrayList = new ArrayList();
        JSONArray jSONArray = new JSONArray(MainController.sendRequest(httpServletRequest, new ExternalRequest.Param[]{ExternalRequest.getSystemParam(initParameter)}, logicsSessionObject, "Authentication.getClientCredentials"));
        int length = jSONArray.length();
        if (length == 1 && jSONArray.getJSONObject(0).has("error")) {
            throw new AuthenticationException(jSONArray.getJSONObject(0).getString("error"));
        }
        for (int i = 0; i < length; i++) {
            JSONObject jSONObject = jSONArray.getJSONObject(i);
            arrayList.add(ClientRegistration.withRegistrationId(jSONObject.getString("id")).clientAuthenticationMethod(new ClientAuthenticationMethod(jSONObject.getString("clientAuthenticationMethod"))).scope(jSONObject.getString("scope").split(" ")).authorizationUri(jSONObject.getString("authorizationUri")).tokenUri(jSONObject.getString("tokenUri")).jwkSetUri(jSONObject.has("jwkSetUri") ? jSONObject.getString("jwkSetUri") : null).userInfoUri(jSONObject.getString("userInfoUri")).userNameAttributeName(jSONObject.getString("userNameAttributeName")).authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE).clientName(jSONObject.getString("clientName")).clientId(jSONObject.getString("clientId")).clientSecret(jSONObject.getString("clientSecret")).redirectUriTemplate("{baseUrl}/{action}/oauth2/code/{registrationId}").build());
        }
        return arrayList;
    }

    @Override // java.lang.Iterable
    @NonNull
    public Iterator<ClientRegistration> iterator() throws AuthenticationException {
        Map<String, ClientRegistration> registrations = getRegistrations();
        return (registrations == null || registrations.size() == 0) ? Collections.emptyMap().values().iterator() : registrations.values().iterator();
    }
}
