package net.coder966.spring.multisecurityrealms.reflection;

import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import java.lang.reflect.Method;
import java.lang.reflect.Parameter;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import net.coder966.spring.multisecurityrealms.annotation.AuthenticationStep;
import net.coder966.spring.multisecurityrealms.annotation.SecurityRealm;
import net.coder966.spring.multisecurityrealms.authentication.SecurityRealmAuthentication;
import org.springframework.context.ApplicationContext;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestParam;

@Component
/* loaded from: input_file:net/coder966/spring/multisecurityrealms/reflection/SecurityRealmScanner.class */
public class SecurityRealmScanner {
    private final ApplicationContext context;
    private final ObjectMapper objectMapper;

    public SecurityRealmScanner(ApplicationContext applicationContext) {
        this.context = applicationContext;
        this.objectMapper = (ObjectMapper) applicationContext.getBean(ObjectMapper.class);
    }

    public Collection<SecurityRealmDescriptor> scan() {
        return buildDescriptors(this.context.getBeansWithAnnotation(SecurityRealm.class).values());
    }

    private Collection<SecurityRealmDescriptor> buildDescriptors(Collection<Object> collection) {
        HashMap hashMap = new HashMap();
        for (Object obj : collection) {
            SecurityRealm securityRealm = (SecurityRealm) obj.getClass().getSuperclass().getAnnotation(SecurityRealm.class);
            String name = securityRealm.name();
            String authenticationEndpoint = securityRealm.authenticationEndpoint();
            String firstStepName = securityRealm.firstStepName();
            String[] publicApis = securityRealm.publicApis();
            Map<String, AuthenticationStepInvoker> buildAuthenticationStepInvokers = buildAuthenticationStepInvokers(name, obj);
            if (name == null || name.trim().length() != name.length()) {
                throw new IllegalArgumentException("Invalid SecurityRealm name (" + name + ")");
            }
            if (hashMap.containsKey(name)) {
                throw new IllegalArgumentException("Invalid SecurityRealm name (" + name + ")");
            }
            try {
                AntPathRequestMatcher antPathRequestMatcher = new AntPathRequestMatcher(authenticationEndpoint);
                if (firstStepName == null || !buildAuthenticationStepInvokers.containsKey(firstStepName)) {
                    throw new IllegalArgumentException("Invalid firstStepName (" + firstStepName + ") for SecurityRealm (" + name + ")");
                }
                ArrayList arrayList = new ArrayList(publicApis.length);
                for (String str : publicApis) {
                    try {
                        arrayList.add(new AntPathRequestMatcher(str));
                    } catch (Exception e) {
                        throw new IllegalArgumentException("Invalid publicApis (" + str + ") for SecurityRealm (" + name + ").");
                    }
                }
                hashMap.put(name, new SecurityRealmDescriptor(name, antPathRequestMatcher, firstStepName, arrayList, buildAuthenticationStepInvokers));
            } catch (Exception e2) {
                throw new IllegalArgumentException("Invalid authenticationEndpoint (" + authenticationEndpoint + ") for SecurityRealm (" + name + ")");
            }
        }
        return hashMap.values();
    }

    private Map<String, AuthenticationStepInvoker> buildAuthenticationStepInvokers(String str, Object obj) {
        HashMap hashMap = new HashMap();
        for (Method method : obj.getClass().getSuperclass().getDeclaredMethods()) {
            AuthenticationStep authenticationStep = (AuthenticationStep) method.getAnnotation(AuthenticationStep.class);
            if (authenticationStep != null) {
                String value = authenticationStep.value();
                if (value == null || value.trim().length() != value.length() || value.isBlank()) {
                    throw new IllegalArgumentException("Invalid AuthenticationStep name (" + value + ") for SecurityRealm (" + str + ")");
                }
                if (!method.getReturnType().isAssignableFrom(SecurityRealmAuthentication.class)) {
                    throw new IllegalArgumentException("Invalid return type (" + method.getReturnType().getCanonicalName() + ") of AuthenticationStep (" + value + ") for SecurityRealm (" + str + ")");
                }
                Parameter[] parameters = method.getParameters();
                AuthenticationStepParameterDetails[] authenticationStepParameterDetailsArr = new AuthenticationStepParameterDetails[parameters.length];
                for (int i = 0; i < parameters.length; i++) {
                    Parameter parameter = parameters[i];
                    if (ServletRequest.class.isAssignableFrom(parameter.getType())) {
                        authenticationStepParameterDetailsArr[i] = new AuthenticationStepParameterDetails(AuthenticationStepParameterType.REQUEST);
                    } else if (ServletResponse.class.isAssignableFrom(parameter.getType())) {
                        authenticationStepParameterDetailsArr[i] = new AuthenticationStepParameterDetails(AuthenticationStepParameterType.RESPONSE);
                    } else if (Authentication.class.isAssignableFrom(parameter.getType())) {
                        authenticationStepParameterDetailsArr[i] = new AuthenticationStepParameterDetails(AuthenticationStepParameterType.AUTHENTICATION);
                    } else if (parameter.getAnnotation(RequestBody.class) != null) {
                        authenticationStepParameterDetailsArr[i] = new AuthenticationStepParameterDetails(AuthenticationStepParameterType.BODY).withDetails("class", parameter.getType());
                    } else if (parameter.getAnnotation(RequestHeader.class) != null) {
                        authenticationStepParameterDetailsArr[i] = new AuthenticationStepParameterDetails(AuthenticationStepParameterType.HEADER).withDetails("class", parameter.getType()).withDetails("name", parameter.getAnnotation(RequestHeader.class).value());
                    } else if (parameter.getAnnotation(RequestParam.class) != null) {
                        authenticationStepParameterDetailsArr[i] = new AuthenticationStepParameterDetails(AuthenticationStepParameterType.REQUEST_PARAM).withDetails("class", parameter.getType()).withDetails("name", parameter.getAnnotation(RequestParam.class).value());
                    } else {
                        authenticationStepParameterDetailsArr[i] = new AuthenticationStepParameterDetails(AuthenticationStepParameterType.UNKNOWN);
                    }
                }
                hashMap.put(value, new AuthenticationStepInvoker(this.objectMapper, obj, method, authenticationStepParameterDetailsArr));
            }
        }
        return hashMap;
    }
}
