package net.n2oapp.security.admin.auth.server;

import java.util.HashSet;
import java.util.Objects;
import net.n2oapp.security.admin.api.model.Client;
import net.n2oapp.security.admin.api.service.ClientService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.ClientRegistrationException;
import org.springframework.security.oauth2.provider.NoSuchClientException;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;

@Service
/* loaded from: input_file:net/n2oapp/security/admin/auth/server/GatewayService.class */
public class GatewayService implements ClientDetailsService {

    @Autowired
    private ClientService clientService;

    @Value("${access.auth.access-token-lifetime:60}")
    private int accessTokenValidityMinutes;

    @Value("${access.auth.refresh-token-lifetime:1440}")
    private int refreshTokenValidityMinutes;

    public ClientDetails loadClientByClientId(String str) throws ClientRegistrationException {
        Client findByClientId = this.clientService.findByClientId(str);
        if (Objects.isNull(findByClientId)) {
            throw new NoSuchClientException("GatewayClient with id: " + str + " does not exists");
        }
        return gatewayClient(findByClientId);
    }

    private GatewayClient gatewayClient(Client client) {
        GatewayClient gatewayClient = new GatewayClient();
        gatewayClient.setClientId(client.getClientId());
        gatewayClient.setClientSecret(client.getClientSecret());
        HashSet hashSet = new HashSet();
        if (Boolean.TRUE.equals(client.getIsClientGrant())) {
            hashSet.add("client_credentials");
        }
        if (Boolean.TRUE.equals(client.getIsAuthorizationCode())) {
            hashSet.add("authorization_code");
            hashSet.add("refresh_token");
        }
        if (Boolean.TRUE.equals(client.getIsResourceOwnerPass())) {
            hashSet.add("password");
        }
        gatewayClient.setAuthorizedGrantTypes(hashSet);
        gatewayClient.setRegisteredRedirectUri(StringUtils.commaDelimitedListToSet(Objects.nonNull(client.getRedirectUris()) ? client.getRedirectUris().replace(" ", ",") : null));
        if (Objects.nonNull(client.getAccessTokenValidityMinutes())) {
            gatewayClient.setAccessTokenValiditySeconds(Integer.valueOf(client.getAccessTokenValidityMinutes().intValue() * 60));
        } else {
            gatewayClient.setAccessTokenValiditySeconds(Integer.valueOf(this.accessTokenValidityMinutes * 60));
        }
        if (Objects.nonNull(client.getRefreshTokenValidityMinutes())) {
            gatewayClient.setRefreshTokenValiditySeconds(Integer.valueOf(client.getRefreshTokenValidityMinutes().intValue() * 60));
        } else {
            gatewayClient.setRefreshTokenValiditySeconds(Integer.valueOf(this.refreshTokenValidityMinutes * 60));
        }
        gatewayClient.setRoles(client.getRoles());
        return gatewayClient;
    }
}
