package com.vaadin.controlcenter.starter.idm;

import java.util.HashMap;
import java.util.Map;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.web.client.RestTemplateBuilder;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.RequestEntity;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.ClientRegistrations;
import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
import org.springframework.web.client.RestTemplate;

@AutoConfiguration
/* loaded from: input_file:com/vaadin/controlcenter/starter/idm/ClientRegistrationRepositoryConfiguration.class */
class ClientRegistrationRepositoryConfiguration {
    private static final ParameterizedTypeReference<Map<String, Object>> MAP_TYPE_REFERENCE = new ParameterizedTypeReference<Map<String, Object>>() { // from class: com.vaadin.controlcenter.starter.idm.ClientRegistrationRepositoryConfiguration.1
    };
    private final RestTemplate rest;

    ClientRegistrationRepositoryConfiguration(RestTemplateBuilder restTemplateBuilder) {
        this.rest = restTemplateBuilder.build();
    }

    @RefreshScope
    @Bean
    ClientRegistrationRepository clientRegistrationRepository(IdentityManagementProperties identityManagementProperties) {
        HashMap hashMap = new HashMap();
        String issuerBackendUri = identityManagementProperties.getIssuerBackendUri();
        if (issuerBackendUri != null) {
            String issuerFrontendUri = identityManagementProperties.getIssuerFrontendUri();
            String clientId = identityManagementProperties.getClientId();
            String clientSecret = identityManagementProperties.getClientSecret();
            String clientRegistrationId = identityManagementProperties.getClientRegistrationId();
            Map<String, Object> configuration = getConfiguration(issuerBackendUri);
            if (configuration == null) {
                throw new IllegalStateException("Failed to retrieve configuration from %s".formatted(issuerBackendUri));
            }
            Object obj = configuration.get("issuer");
            if (!issuerFrontendUri.equals(obj)) {
                throw new IllegalStateException("The Issuer %s provided by the configuration did not match the expected issuer %s".formatted(obj, issuerFrontendUri));
            }
            hashMap.put(clientRegistrationId, ClientRegistrations.fromOidcConfiguration(configuration).registrationId(clientRegistrationId).clientId(clientId).clientSecret(clientSecret).scope(new String[]{"openid"}).build());
        }
        return new DelegatingClientRegistrationRepository(new InMemoryClientRegistrationRepository(hashMap));
    }

    private Map<String, Object> getConfiguration(String str) {
        return (Map) this.rest.exchange(RequestEntity.get(str + "/.well-known/openid-configuration", new Object[0]).build(), MAP_TYPE_REFERENCE).getBody();
    }
}
