package com.labijie.infra.oauth2;

import com.labijie.infra.oauth2.events.UserSignedInEvent;
import com.labijie.infra.oauth2.token.TwoFactorAuthenticationConverter;
import com.labijie.infra.utils.ExtensionsKt;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Set;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.collections.MapsKt;
import kotlin.collections.SetsKt;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;

/* compiled from: TwoFactorSignInHelper.kt */
@Metadata(mv = {1, 4, 0}, bv = {1, 0, 3}, k = 1, d1 = {"��d\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000b\n��\n\u0002\u0010\"\n\u0002\b\u0004\n\u0002\u0010\u001c\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010$\n\u0002\b\u0004\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0002\n��\u0018��2\u00020\u0001B%\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007\u0012\u0006\u0010\b\u001a\u00020\t¢\u0006\u0002\u0010\nJ0\u0010\u000b\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\u00102\b\b\u0002\u0010\u0011\u001a\u00020\u00122\u000e\b\u0002\u0010\u0013\u001a\b\u0012\u0004\u0012\u00020\u000e0\u0014Jh\u0010\u000b\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u0015\u001a\u00020\u000e2\u0006\u0010\u0016\u001a\u00020\u000e2\b\b\u0002\u0010\u0011\u001a\u00020\u00122\b\b\u0002\u0010\u0017\u001a\u00020\u00122\u000e\b\u0002\u0010\u0018\u001a\b\u0012\u0004\u0012\u00020\u001a0\u00192\u000e\b\u0002\u0010\u001b\u001a\b\u0012\u0004\u0012\u00020\u000e0\u00142\u0014\b\u0002\u0010\u001c\u001a\u000e\u0012\u0004\u0012\u00020\u000e\u0012\u0004\u0012\u00020\u000e0\u001dJc\u0010\u000b\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u0015\u001a\u00020\u000e2\u0006\u0010\u0016\u001a\u00020\u000e2\f\u0010\u0018\u001a\b\u0012\u0004\u0012\u00020\u000e0\u00192\n\b\u0002\u0010\u0011\u001a\u0004\u0018\u00010\u00122\u000e\b\u0002\u0010\u001b\u001a\b\u0012\u0004\u0012\u00020\u000e0\u00142\u0014\b\u0002\u0010\u001c\u001a\u000e\u0012\u0004\u0012\u00020\u000e\u0012\u0004\u0012\u00020\u000e0\u001d¢\u0006\u0002\u0010\u001eJ\u0006\u0010\u001f\u001a\u00020\fJ\u0012\u0010 \u001a\u00020\f2\b\u0010!\u001a\u0004\u0018\u00010\"H\u0002J\u0006\u0010#\u001a\u00020$J\u0012\u0010#\u001a\u00020$2\b\u0010!\u001a\u0004\u0018\u00010\"H\u0002R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0006\u001a\u00020\u0007X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\b\u001a\u00020\tX\u0082\u0004¢\u0006\u0002\n��¨\u0006%"}, d2 = {"Lcom/labijie/infra/oauth2/TwoFactorSignInHelper;", "", "eventPublisher", "Lorg/springframework/context/ApplicationEventPublisher;", "clientDetailsService", "Lorg/springframework/security/oauth2/provider/ClientDetailsService;", "oauth2RequestFactory", "Lorg/springframework/security/oauth2/provider/OAuth2RequestFactory;", "tokenServices", "Lorg/springframework/security/oauth2/provider/token/AuthorizationServerTokenServices;", "(Lorg/springframework/context/ApplicationEventPublisher;Lorg/springframework/security/oauth2/provider/ClientDetailsService;Lorg/springframework/security/oauth2/provider/OAuth2RequestFactory;Lorg/springframework/security/oauth2/provider/token/AuthorizationServerTokenServices;)V", "signIn", "Lorg/springframework/security/oauth2/common/OAuth2AccessToken;", "clientId", "", "user", "Lcom/labijie/infra/oauth2/ITwoFactorUserDetails;", "twoFactorGranted", "", "scopes", "", "userId", "userName", "twoFactorEnabled", "authorities", "", "Lorg/springframework/security/core/GrantedAuthority;", "scope", "attachedFields", "", "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/Iterable;Ljava/lang/Boolean;Ljava/util/Set;Ljava/util/Map;)Lorg/springframework/security/oauth2/common/OAuth2AccessToken;", "signInTwoFactor", "signInTwoFactorCore", "auth", "Lorg/springframework/security/oauth2/provider/OAuth2Authentication;", "signOut", "", "oauth2-starter"})
/* loaded from: input_file:com/labijie/infra/oauth2/TwoFactorSignInHelper.class */
public final class TwoFactorSignInHelper {
    private final ApplicationEventPublisher eventPublisher;
    private final ClientDetailsService clientDetailsService;
    private final OAuth2RequestFactory oauth2RequestFactory;
    private final AuthorizationServerTokenServices tokenServices;

    @NotNull
    public final OAuth2AccessToken signIn(@NotNull String str, @NotNull ITwoFactorUserDetails iTwoFactorUserDetails, boolean z, @NotNull Set<String> set) {
        Intrinsics.checkNotNullParameter(str, "clientId");
        Intrinsics.checkNotNullParameter(iTwoFactorUserDetails, "user");
        Intrinsics.checkNotNullParameter(set, "scopes");
        if (!iTwoFactorUserDetails.isTwoFactorEnabled() && z) {
            throw new IllegalArgumentException("SignIn user isTwoFactorEnabled = false, but twoFactorGranted be set to true.");
        }
        String userId = iTwoFactorUserDetails.getUserId();
        String username = iTwoFactorUserDetails.getUsername();
        Intrinsics.checkNotNullExpressionValue(username, "user.username");
        boolean isTwoFactorEnabled = iTwoFactorUserDetails.isTwoFactorEnabled();
        Collection authorities = iTwoFactorUserDetails.getAuthorities();
        Intrinsics.checkNotNullExpressionValue(authorities, "user.authorities");
        return signIn(str, userId, username, z, isTwoFactorEnabled, authorities, set, iTwoFactorUserDetails.getAttachedTokenFields());
    }

    public static /* synthetic */ OAuth2AccessToken signIn$default(TwoFactorSignInHelper twoFactorSignInHelper, String str, ITwoFactorUserDetails iTwoFactorUserDetails, boolean z, Set set, int i, Object obj) {
        if ((i & 4) != 0) {
            z = false;
        }
        if ((i & 8) != 0) {
            set = SetsKt.emptySet();
        }
        return twoFactorSignInHelper.signIn(str, iTwoFactorUserDetails, z, set);
    }

    @NotNull
    public final OAuth2AccessToken signIn(@NotNull String str, @NotNull String str2, @NotNull String str3, boolean z, boolean z2, @NotNull Iterable<? extends GrantedAuthority> iterable, @NotNull Set<String> set, @NotNull Map<String, String> map) {
        Intrinsics.checkNotNullParameter(str, "clientId");
        Intrinsics.checkNotNullParameter(str2, "userId");
        Intrinsics.checkNotNullParameter(str3, "userName");
        Intrinsics.checkNotNullParameter(iterable, "authorities");
        Intrinsics.checkNotNullParameter(set, "scope");
        Intrinsics.checkNotNullParameter(map, "attachedFields");
        ArrayList arrayList = new ArrayList(CollectionsKt.collectionSizeOrDefault(iterable, 10));
        Iterator<? extends GrantedAuthority> it = iterable.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getAuthority());
        }
        return signIn(str, str2, str3, arrayList, z2 ? Boolean.valueOf(z) : null, set, map);
    }

    public static /* synthetic */ OAuth2AccessToken signIn$default(TwoFactorSignInHelper twoFactorSignInHelper, String str, String str2, String str3, boolean z, boolean z2, Iterable iterable, Set set, Map map, int i, Object obj) {
        if ((i & 8) != 0) {
            z = false;
        }
        if ((i & 16) != 0) {
            z2 = false;
        }
        if ((i & 32) != 0) {
            iterable = SetsKt.emptySet();
        }
        if ((i & 64) != 0) {
            set = SetsKt.emptySet();
        }
        if ((i & 128) != 0) {
            map = MapsKt.emptyMap();
        }
        return twoFactorSignInHelper.signIn(str, str2, str3, z, z2, iterable, set, map);
    }

    @NotNull
    public final OAuth2AccessToken signIn(@NotNull String str, @NotNull String str2, @NotNull String str3, @NotNull Iterable<String> iterable, @Nullable Boolean bool, @NotNull Set<String> set, @NotNull Map<String, String> map) {
        Intrinsics.checkNotNullParameter(str, "clientId");
        Intrinsics.checkNotNullParameter(str2, "userId");
        Intrinsics.checkNotNullParameter(str3, "userName");
        Intrinsics.checkNotNullParameter(iterable, "authorities");
        Intrinsics.checkNotNullParameter(set, "scope");
        Intrinsics.checkNotNullParameter(map, "attachedFields");
        ArrayList arrayList = new ArrayList(CollectionsKt.collectionSizeOrDefault(iterable, 10));
        Iterator<String> it = iterable.iterator();
        while (it.hasNext()) {
            arrayList.add(new GrantedAuthorityObject(it.next()));
        }
        ArrayList arrayList2 = new ArrayList(arrayList);
        ClientDetails loadClientByClientId = this.clientDetailsService.loadClientByClientId(str);
        SimpleTwoFactorUserDetails simpleTwoFactorUserDetails = new SimpleTwoFactorUserDetails(str2, str3, false, false, null, false, false, bool != null, arrayList2, map, 124, null);
        AuthorizationRequest authorizationRequest = new AuthorizationRequest(str, set);
        authorizationRequest.setAuthorities(arrayList2);
        OAuth2Request createOAuth2Request = this.oauth2RequestFactory.createOAuth2Request(loadClientByClientId, this.oauth2RequestFactory.createTokenRequest(authorizationRequest, Constants.GRANT_TYPE_PASSWORD));
        Authentication usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(simpleTwoFactorUserDetails, "", arrayList2);
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        TwoFactorAuthenticationConverter.setUserDetails$default(TwoFactorAuthenticationConverter.INSTANCE, linkedHashMap, simpleTwoFactorUserDetails, null, 4, null);
        usernamePasswordAuthenticationToken.setDetails(linkedHashMap);
        Authentication oAuth2Authentication = new OAuth2Authentication(createOAuth2Request, usernamePasswordAuthenticationToken);
        oAuth2Authentication.setAuthenticated(true);
        OAuth2AccessToken createAccessToken = this.tokenServices.createAccessToken(oAuth2Authentication);
        this.eventPublisher.publishEvent(new UserSignedInEvent(this, oAuth2Authentication));
        Intrinsics.checkNotNullExpressionValue(createAccessToken, "token");
        return createAccessToken;
    }

    public static /* synthetic */ OAuth2AccessToken signIn$default(TwoFactorSignInHelper twoFactorSignInHelper, String str, String str2, String str3, Iterable iterable, Boolean bool, Set set, Map map, int i, Object obj) {
        if ((i & 16) != 0) {
            bool = (Boolean) null;
        }
        if ((i & 32) != 0) {
            set = SetsKt.emptySet();
        }
        if ((i & 64) != 0) {
            map = MapsKt.emptyMap();
        }
        return twoFactorSignInHelper.signIn(str, str2, str3, iterable, bool, set, map);
    }

    @NotNull
    public final OAuth2AccessToken signInTwoFactor() {
        SecurityContext context = SecurityContextHolder.getContext();
        Intrinsics.checkNotNullExpressionValue(context, "SecurityContextHolder.getContext()");
        Authentication authentication = context.getAuthentication();
        if (!(authentication instanceof OAuth2Authentication)) {
            authentication = null;
        }
        return signInTwoFactorCore((OAuth2Authentication) authentication);
    }

    private final OAuth2AccessToken signInTwoFactorCore(OAuth2Authentication oAuth2Authentication) {
        if (oAuth2Authentication == null) {
            throw new BadCredentialsException("Current authentication is not authenticated.");
        }
        TwoFactorPrincipal twoFactorPrincipal = ExtensionMethodsKt.getTwoFactorPrincipal((Authentication) oAuth2Authentication);
        if (!oAuth2Authentication.isAuthenticated()) {
            throw new BadCredentialsException("bad oauth2 authentication.");
        }
        Authentication userAuthentication = oAuth2Authentication.getUserAuthentication();
        Intrinsics.checkNotNullExpressionValue(userAuthentication, "auth.userAuthentication");
        String name = userAuthentication.getName();
        OAuth2Request oAuth2Request = oAuth2Authentication.getOAuth2Request();
        Intrinsics.checkNotNullExpressionValue(oAuth2Request, "auth.oAuth2Request");
        String clientId = oAuth2Request.getClientId();
        OAuth2Request oAuth2Request2 = oAuth2Authentication.getOAuth2Request();
        Intrinsics.checkNotNullExpressionValue(oAuth2Request2, "auth.oAuth2Request");
        Set scope = oAuth2Request2.getScope();
        String userId = twoFactorPrincipal.getUserId();
        signOut();
        Intrinsics.checkNotNullExpressionValue(clientId, "clientId");
        Intrinsics.checkNotNullExpressionValue(name, "userName");
        Collection authorities = oAuth2Authentication.getAuthorities();
        Intrinsics.checkNotNullExpressionValue(authorities, "auth.authorities");
        Intrinsics.checkNotNullExpressionValue(scope, "scope");
        return signIn$default(this, clientId, userId, name, true, true, authorities, scope, null, 128, null);
    }

    private final void signOut(OAuth2Authentication oAuth2Authentication) {
        if (oAuth2Authentication == null) {
            ExtensionsKt.getLogger(this).warn("Current token was not an oauth2 authentication token, Sign out was unsupported.");
            return;
        }
        Object details = oAuth2Authentication.getDetails();
        if (!(details instanceof OAuth2AuthenticationDetails)) {
            details = null;
        }
        OAuth2AuthenticationDetails oAuth2AuthenticationDetails = (OAuth2AuthenticationDetails) details;
        if (oAuth2AuthenticationDetails != null) {
            AuthorizationServerTokenServices authorizationServerTokenServices = this.tokenServices;
            if (!(authorizationServerTokenServices instanceof DefaultTokenServices)) {
                authorizationServerTokenServices = null;
            }
            DefaultTokenServices defaultTokenServices = (DefaultTokenServices) authorizationServerTokenServices;
            if (defaultTokenServices != null) {
                defaultTokenServices.revokeToken(oAuth2AuthenticationDetails.getTokenValue());
            }
        }
    }

    public final void signOut() {
        SecurityContext context = SecurityContextHolder.getContext();
        Intrinsics.checkNotNullExpressionValue(context, "SecurityContextHolder.getContext()");
        Authentication authentication = context.getAuthentication();
        if (!(authentication instanceof OAuth2Authentication)) {
            authentication = null;
        }
        signOut((OAuth2Authentication) authentication);
    }

    public TwoFactorSignInHelper(@NotNull ApplicationEventPublisher applicationEventPublisher, @NotNull ClientDetailsService clientDetailsService, @NotNull OAuth2RequestFactory oAuth2RequestFactory, @NotNull AuthorizationServerTokenServices authorizationServerTokenServices) {
        Intrinsics.checkNotNullParameter(applicationEventPublisher, "eventPublisher");
        Intrinsics.checkNotNullParameter(clientDetailsService, "clientDetailsService");
        Intrinsics.checkNotNullParameter(oAuth2RequestFactory, "oauth2RequestFactory");
        Intrinsics.checkNotNullParameter(authorizationServerTokenServices, "tokenServices");
        this.eventPublisher = applicationEventPublisher;
        this.clientDetailsService = clientDetailsService;
        this.oauth2RequestFactory = oAuth2RequestFactory;
        this.tokenServices = authorizationServerTokenServices;
    }
}
