package it.geosolutions.geostore.services.rest.security.oauth2;

import it.geosolutions.geostore.services.rest.security.IdPConfiguration;
import java.util.Collections;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.http.HttpMethod;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.web.util.UriComponentsBuilder;

/* loaded from: input_file:it/geosolutions/geostore/services/rest/security/oauth2/OAuth2Configuration.class */
public class OAuth2Configuration extends IdPConfiguration {
    public static final String CONFIG_NAME_SUFFIX = "OAuth2Config";
    public static final String CONFIGURATION_NAME = "CONFIGURATION_NAME";
    private static final Logger LOGGER = LogManager.getLogger(OAuth2GeoStoreAuthenticationFilter.class);
    protected String clientId;
    protected String clientSecret;
    protected String accessTokenUri;
    protected String authorizationUri;
    protected String checkTokenEndpointUrl;
    protected String logoutUri;
    protected String scopes;
    protected String idTokenUri;
    protected String discoveryUrl;
    protected String revokeEndpoint;
    protected boolean enableRedirectEntryPoint = false;
    protected String principalKey;
    protected String rolesClaim;
    protected String groupsClaim;

    /* loaded from: input_file:it/geosolutions/geostore/services/rest/security/oauth2/OAuth2Configuration$Endpoint.class */
    public static class Endpoint {
        private String url;
        private HttpMethod method;

        public Endpoint(HttpMethod httpMethod, String str) {
            this.method = httpMethod;
            this.url = str;
        }

        public String getUrl() {
            return this.url;
        }

        public void setUrl(String str) {
            this.url = str;
        }

        public HttpMethod getMethod() {
            return this.method;
        }

        public void setMethod(HttpMethod httpMethod) {
            this.method = httpMethod;
        }
    }

    public AuthenticationEntryPoint getAuthenticationEntryPoint() {
        return (httpServletRequest, httpServletResponse, authenticationException) -> {
            httpServletResponse.sendRedirect(buildLoginUri());
        };
    }

    public String buildLoginUri() {
        return buildLoginUri(null, new String[0]);
    }

    public String buildLoginUri(String str) {
        return buildLoginUri(str, new String[0]);
    }

    public String buildLoginUri(String str, String... strArr) {
        StringBuilder sb = new StringBuilder(getAuthorizationUri());
        sb.append("?").append("response_type=code").append("&").append("client_id=").append(getClientId()).append("&").append("scope=").append(getScopes().replace(",", "%20"));
        for (String str2 : strArr) {
            sb.append("%20").append(str2);
        }
        sb.append("&").append("redirect_uri=").append(getRedirectUri());
        if (str != null) {
            sb.append("&").append("access_type=").append(str);
        }
        String sb2 = sb.toString();
        if (LOGGER.isDebugEnabled()) {
            LOGGER.info("Going to request authorization to this endpoint " + sb2);
        }
        return sb2;
    }

    public String buildRefreshTokenURI() {
        return buildRefreshTokenURI(null);
    }

    public String buildRefreshTokenURI(String str) {
        StringBuilder sb = new StringBuilder(getAccessTokenUri());
        sb.append("?").append("&").append("client_id=").append(getClientId()).append("&").append("scope=").append(getScopes().replace(",", "%20"));
        if (str != null) {
            sb.append("&").append("access_type=").append(str);
        }
        return sb.toString();
    }

    public String getClientId() {
        return this.clientId;
    }

    public void setClientId(String str) {
        this.clientId = str;
    }

    public String getClientSecret() {
        return this.clientSecret;
    }

    public void setClientSecret(String str) {
        this.clientSecret = str;
    }

    public String getAccessTokenUri() {
        return this.accessTokenUri;
    }

    public void setAccessTokenUri(String str) {
        this.accessTokenUri = str;
    }

    public String getAuthorizationUri() {
        return this.authorizationUri;
    }

    public void setAuthorizationUri(String str) {
        this.authorizationUri = str;
    }

    public String getCheckTokenEndpointUrl() {
        return this.checkTokenEndpointUrl;
    }

    public void setCheckTokenEndpointUrl(String str) {
        this.checkTokenEndpointUrl = str;
    }

    public String getLogoutUri() {
        return this.logoutUri;
    }

    public void setLogoutUri(String str) {
        this.logoutUri = str;
    }

    public String getScopes() {
        return this.scopes;
    }

    public void setScopes(String str) {
        this.scopes = str;
    }

    public String getIdTokenUri() {
        return this.idTokenUri;
    }

    public void setIdTokenUri(String str) {
        this.idTokenUri = str;
    }

    public String getDiscoveryUrl() {
        return this.discoveryUrl;
    }

    public void setDiscoveryUrl(String str) {
        this.discoveryUrl = str;
    }

    public boolean isInvalid() {
        return this.clientId == null || this.clientSecret == null || this.authorizationUri == null || this.accessTokenUri == null;
    }

    public String getRevokeEndpoint() {
        return this.revokeEndpoint;
    }

    public void setRevokeEndpoint(String str) {
        this.revokeEndpoint = str;
    }

    public String getProvider() {
        return getBeanName().replaceAll(CONFIG_NAME_SUFFIX, "");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String appendParameters(MultiValueMap<String, String> multiValueMap, String str) {
        UriComponentsBuilder fromHttpUrl = UriComponentsBuilder.fromHttpUrl(str);
        fromHttpUrl.queryParams(multiValueMap);
        return fromHttpUrl.build().toUriString();
    }

    public Endpoint buildRevokeEndpoint(String str) {
        Endpoint endpoint = null;
        if (this.revokeEndpoint != null) {
            LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
            linkedMultiValueMap.put("token", Collections.singletonList(str));
            endpoint = new Endpoint(HttpMethod.POST, appendParameters(linkedMultiValueMap, this.revokeEndpoint));
        }
        return endpoint;
    }

    public Endpoint buildLogoutEndpoint(String str) {
        Endpoint endpoint = null;
        if (this.logoutUri != null) {
            LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
            linkedMultiValueMap.put("token", Collections.singletonList(str));
            endpoint = new Endpoint(HttpMethod.GET, appendParameters(linkedMultiValueMap, this.logoutUri));
        }
        return endpoint;
    }

    public boolean isEnableRedirectEntryPoint() {
        return this.enableRedirectEntryPoint;
    }

    public void setEnableRedirectEntryPoint(boolean z) {
        this.enableRedirectEntryPoint = z;
    }

    public String getPrincipalKey() {
        return (this.principalKey == null || "".equals(this.principalKey)) ? "email" : this.principalKey;
    }

    public void setPrincipalKey(String str) {
        this.principalKey = str;
    }

    public String getRolesClaim() {
        return this.rolesClaim;
    }

    public void setRolesClaim(String str) {
        this.rolesClaim = str;
    }

    public String getGroupsClaim() {
        return this.groupsClaim;
    }

    public void setGroupsClaim(String str) {
        this.groupsClaim = str;
    }
}
