package io.micronaut.security.oauth2.client.condition;

import io.micronaut.context.ApplicationContext;
import io.micronaut.context.BeanContext;
import io.micronaut.context.condition.Condition;
import io.micronaut.context.condition.ConditionContext;
import io.micronaut.core.annotation.Internal;
import io.micronaut.core.naming.Named;
import io.micronaut.core.value.ValueResolver;
import io.micronaut.inject.qualifiers.Qualifiers;
import io.micronaut.security.oauth2.configuration.OauthClientConfiguration;
import io.micronaut.security.oauth2.configuration.OpenIdClientConfiguration;
import io.micronaut.security.oauth2.configuration.endpoints.AuthorizationEndpointConfiguration;
import io.micronaut.security.oauth2.endpoint.authorization.request.ResponseType;
import io.micronaut.security.oauth2.grants.GrantType;
import java.util.Optional;

@Internal
/* loaded from: input_file:io/micronaut/security/oauth2/client/condition/OpenIdClientCondition.class */
public class OpenIdClientCondition implements Condition {
    public boolean matches(ConditionContext conditionContext) {
        ValueResolver component = conditionContext.getComponent();
        BeanContext beanContext = conditionContext.getBeanContext();
        if (!(beanContext instanceof ApplicationContext) || !(component instanceof ValueResolver)) {
            return true;
        }
        Optional optional = component.get(Named.class.getName(), String.class);
        if (!optional.isPresent()) {
            return true;
        }
        String str = (String) optional.get();
        OauthClientConfiguration oauthClientConfiguration = (OauthClientConfiguration) beanContext.getBean(OauthClientConfiguration.class, Qualifiers.byName(str));
        OpenIdClientConfiguration openIdClientConfiguration = oauthClientConfiguration.getOpenid().get();
        if (!oauthClientConfiguration.isEnabled()) {
            conditionContext.fail("Skipped OpenID client creation for provider [" + str + "] because the configuration is disabled");
            return false;
        }
        if (!openIdClientConfiguration.getIssuer().isPresent() && !endpointsManuallyConfigured(openIdClientConfiguration)) {
            conditionContext.fail("Skipped OpenID client creation for provider [" + str + "] because no issuer is configured");
            return false;
        }
        if (oauthClientConfiguration.getGrantType() != GrantType.AUTHORIZATION_CODE) {
            conditionContext.fail("Skipped OpenID client creation for provider [" + str + "] because the grant type is not 'authorization-code'");
            return false;
        }
        Optional<AuthorizationEndpointConfiguration> authorization = openIdClientConfiguration.getAuthorization();
        if (!authorization.isPresent() || authorization.get().getResponseType() == ResponseType.CODE) {
            return true;
        }
        conditionContext.fail("Skipped OpenID client creation for provider [" + str + "] because the response type is not 'code'");
        return false;
    }

    private boolean endpointsManuallyConfigured(OpenIdClientConfiguration openIdClientConfiguration) {
        return openIdClientConfiguration.getAuthorization().map((v0) -> {
            return v0.getUrl();
        }).isPresent() && openIdClientConfiguration.getToken().map((v0) -> {
            return v0.getUrl();
        }).isPresent();
    }
}
