package io.camunda.identity.sdk.impl.microsoft;

import com.auth0.jwt.interfaces.DecodedJWT;
import io.camunda.identity.sdk.IdentityConfiguration;
import io.camunda.identity.sdk.authentication.AuthorizeUriBuilder;
import io.camunda.identity.sdk.authentication.Tokens;
import io.camunda.identity.sdk.authentication.UserDetails;
import io.camunda.identity.sdk.impl.dto.AccessTokenDto;
import io.camunda.identity.sdk.impl.generic.GenericAuthentication;
import io.camunda.identity.sdk.impl.rest.RestClient;
import io.camunda.identity.sdk.impl.rest.request.ClientTokenRequest;
import io.camunda.identity.sdk.utility.UrlQueryString;
import java.net.URI;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/identity-sdk-8.5.3.jar:io/camunda/identity/sdk/impl/microsoft/MicrosoftAuthentication.class */
public class MicrosoftAuthentication extends GenericAuthentication {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) MicrosoftAuthentication.class);
    private static final String SIGN_OUT_CALLBACK_PARAM_NAME = "post_logout_redirect_uri";

    public MicrosoftAuthentication(IdentityConfiguration identityConfiguration, RestClient restClient) {
        super(identityConfiguration, restClient);
    }

    @Override // io.camunda.identity.sdk.impl.generic.GenericAuthentication, io.camunda.identity.sdk.authentication.Authentication
    public AuthorizeUriBuilder authorizeUriBuilder(String str) {
        return new MicrosoftAuthorizeUriBuilder(this.configuration, wellKnownConfiguration().getAuthorizationEndpoint(), str);
    }

    @Override // io.camunda.identity.sdk.impl.generic.GenericAuthentication, io.camunda.identity.sdk.authentication.Authentication
    public void revokeToken(String str) {
        LOGGER.info("Revoke token not required for Microsoft authentication. Skipping...");
    }

    @Override // io.camunda.identity.sdk.impl.generic.GenericAuthentication, io.camunda.identity.sdk.authentication.AbstractAuthentication
    protected Tokens requestFreshToken(String str) {
        return fromAccessTokenDto((AccessTokenDto) this.restClient.request(new ClientTokenRequest(this.configuration, wellKnownConfiguration().getTokenEndpoint(), str, str + "/.default")));
    }

    @Override // io.camunda.identity.sdk.impl.generic.GenericAuthentication, io.camunda.identity.sdk.authentication.Authentication
    public boolean isM2MToken(String str) {
        return decodeJWT(str).getClaim("email").isMissing();
    }

    @Override // io.camunda.identity.sdk.impl.generic.GenericAuthentication, io.camunda.identity.sdk.authentication.Authentication
    public String getClientId(String str) {
        return decodeJWT(str).getClaim("appid").asString();
    }

    @Override // io.camunda.identity.sdk.authentication.AbstractAuthentication
    protected UserDetails getUserDetails(DecodedJWT decodedJWT, String str) {
        return new UserDetails(decodedJWT.getSubject(), decodedJWT.getClaim("email").asString(), decodedJWT.getClaim("unique_name").asString(), decodedJWT.getClaim("name").asString(), getGroupsInOrganization(decodedJWT, str));
    }

    @Override // io.camunda.identity.sdk.authentication.AbstractAuthentication
    protected URI generateSingleSignOutUri(String str) {
        return URI.create(String.format("%s?%s", super.generateSingleSignOutUri(str), new UrlQueryString().add(SIGN_OUT_CALLBACK_PARAM_NAME, str).toString()));
    }
}
