package net.n2oapp.security.admin.auth.server;

import java.util.ArrayList;
import java.util.Map;
import net.n2oapp.security.auth.common.User;
import net.n2oapp.security.auth.common.authority.PermissionGrantedAuthority;
import net.n2oapp.security.auth.common.authority.RoleGrantedAuthority;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;

/* loaded from: input_file:net/n2oapp/security/admin/auth/server/GatewayAccessTokenConverter.class */
public class GatewayAccessTokenConverter extends DefaultAccessTokenConverter {
    private Boolean includeRoles;
    private Boolean includePermissions;

    public GatewayAccessTokenConverter(Boolean bool, Boolean bool2, Boolean bool3) {
        setUserTokenConverter(new UserTokenConverter(bool, bool2, bool3));
        this.includeRoles = bool;
        this.includePermissions = bool2;
    }

    public Map<String, ?> convertAccessToken(OAuth2AccessToken oAuth2AccessToken, OAuth2Authentication oAuth2Authentication) {
        if (oAuth2Authentication.isClientOnly()) {
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            if (this.includeRoles.booleanValue()) {
                oAuth2AccessToken.getAdditionalInformation().put(UserTokenConverter.ROLES, arrayList);
            }
            if (this.includePermissions.booleanValue()) {
                oAuth2AccessToken.getAdditionalInformation().put(UserTokenConverter.PERMISSIONS, arrayList2);
            }
            if (oAuth2Authentication.getAuthorities() != null) {
                for (PermissionGrantedAuthority permissionGrantedAuthority : oAuth2Authentication.getAuthorities()) {
                    if (permissionGrantedAuthority instanceof RoleGrantedAuthority) {
                        arrayList.add(((RoleGrantedAuthority) permissionGrantedAuthority).getRole());
                    } else if (permissionGrantedAuthority instanceof PermissionGrantedAuthority) {
                        arrayList2.add(permissionGrantedAuthority.getPermission());
                    }
                }
            }
        }
        if (oAuth2Authentication.getUserAuthentication() != null && (oAuth2Authentication.getUserAuthentication().getPrincipal() instanceof User)) {
            User user = (User) oAuth2Authentication.getUserAuthentication().getPrincipal();
            if (user.getRegion() != null) {
                oAuth2AccessToken.getAdditionalInformation().put(UserTokenConverter.REGION, user.getRegion());
            }
            if (user.getDepartment() != null) {
                oAuth2AccessToken.getAdditionalInformation().put(UserTokenConverter.DEPARTMENT, user.getDepartment());
            }
            if (user.getOrganization() != null) {
                oAuth2AccessToken.getAdditionalInformation().put(UserTokenConverter.ORGANIZATION, user.getOrganization());
            }
            if (user.getUserLevel() != null) {
                oAuth2AccessToken.getAdditionalInformation().put("userLevel", user.getUserLevel());
            }
        }
        return super.convertAccessToken(oAuth2AccessToken, oAuth2Authentication);
    }
}
