package io.dialob.security.spring.oauth2;

import io.dialob.security.spring.oauth2.model.Group;
import io.dialob.security.spring.tenant.ImmutableGroupGrantedAuthority;
import java.util.Objects;
import java.util.function.Predicate;
import java.util.function.UnaryOperator;
import java.util.stream.Stream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;

/* loaded from: input_file:BOOT-INF/lib/dialob-security-spring-2.1.9.jar:io/dialob/security/spring/oauth2/UaaGroups2GroupGrantedAuthoritiesMapper.class */
public class UaaGroups2GroupGrantedAuthoritiesMapper implements UnaryOperator<Stream<? extends GrantedAuthority>> {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) UaaGroups2GroupGrantedAuthoritiesMapper.class);
    private final UsersAndGroupsService usersAndGroupsService;
    private final Predicate<Group> groupFilter;

    public UaaGroups2GroupGrantedAuthoritiesMapper(UsersAndGroupsService usersAndGroupsService) {
        this(usersAndGroupsService, group -> {
            return true;
        });
    }

    public UaaGroups2GroupGrantedAuthoritiesMapper(UsersAndGroupsService usersAndGroupsService, Predicate<Group> predicate) {
        this.usersAndGroupsService = (UsersAndGroupsService) Objects.requireNonNull(usersAndGroupsService);
        this.groupFilter = (Predicate) Objects.requireNonNull(predicate);
    }

    public Stream<Group> loadUserGroups(String str) {
        return (Stream) this.usersAndGroupsService.findUser(str).map(user -> {
            LOGGER.debug("Loaded user {}, {} groups", user.getId(), Integer.valueOf(user.getGroups().size()));
            return user.getGroups().stream().filter(this.groupFilter);
        }).orElseGet(() -> {
            LOGGER.warn("User {} not found", str);
            return Stream.empty();
        });
    }

    @Override // java.util.function.Function
    public Stream<? extends GrantedAuthority> apply(Stream<? extends GrantedAuthority> stream) {
        return stream.flatMap(grantedAuthority -> {
            if (!(grantedAuthority instanceof OAuth2UserAuthority)) {
                return Stream.of(grantedAuthority);
            }
            return Stream.concat(Stream.of(grantedAuthority), loadUserGroups((String) ((OAuth2UserAuthority) grantedAuthority).getAttributes().get("sub")).map(group -> {
                return ImmutableGroupGrantedAuthority.of(group.getId(), group.getName());
            }));
        });
    }
}
