package org.springframework.security.oauth2.client;

import java.util.Collections;
import java.util.Map;
import java.util.function.Function;
import java.util.function.Supplier;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.client.AuthorizedClientServiceOAuth2AuthorizedClientManager;
import org.springframework.security.oauth2.client.OAuth2AuthorizationContext;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.core.OAuth2AuthorizationException;
import org.springframework.util.Assert;
import reactor.core.publisher.Mono;

/* loaded from: input_file:BOOT-INF/lib/spring-security-oauth2-client-5.7.3.jar:org/springframework/security/oauth2/client/AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager.class */
public final class AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager implements ReactiveOAuth2AuthorizedClientManager {
    private static final ReactiveOAuth2AuthorizedClientProvider DEFAULT_AUTHORIZED_CLIENT_PROVIDER = ReactiveOAuth2AuthorizedClientProviderBuilder.builder().clientCredentials().build();
    private final ReactiveClientRegistrationRepository clientRegistrationRepository;
    private final ReactiveOAuth2AuthorizedClientService authorizedClientService;
    private ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider = DEFAULT_AUTHORIZED_CLIENT_PROVIDER;
    private Function<OAuth2AuthorizeRequest, Mono<Map<String, Object>>> contextAttributesMapper = new DefaultContextAttributesMapper();
    private ReactiveOAuth2AuthorizationSuccessHandler authorizationSuccessHandler;
    private ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler;

    /* loaded from: input_file:BOOT-INF/lib/spring-security-oauth2-client-5.7.3.jar:org/springframework/security/oauth2/client/AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager$DefaultContextAttributesMapper.class */
    public static class DefaultContextAttributesMapper implements Function<OAuth2AuthorizeRequest, Mono<Map<String, Object>>> {
        private final AuthorizedClientServiceOAuth2AuthorizedClientManager.DefaultContextAttributesMapper mapper = new AuthorizedClientServiceOAuth2AuthorizedClientManager.DefaultContextAttributesMapper();

        @Override // java.util.function.Function
        public Mono<Map<String, Object>> apply(OAuth2AuthorizeRequest oAuth2AuthorizeRequest) {
            return Mono.fromCallable(() -> {
                return this.mapper.apply(oAuth2AuthorizeRequest);
            });
        }
    }

    public AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(ReactiveClientRegistrationRepository reactiveClientRegistrationRepository, ReactiveOAuth2AuthorizedClientService reactiveOAuth2AuthorizedClientService) {
        Assert.notNull(reactiveClientRegistrationRepository, "clientRegistrationRepository cannot be null");
        Assert.notNull(reactiveOAuth2AuthorizedClientService, "authorizedClientService cannot be null");
        this.clientRegistrationRepository = reactiveClientRegistrationRepository;
        this.authorizedClientService = reactiveOAuth2AuthorizedClientService;
        this.authorizationSuccessHandler = (oAuth2AuthorizedClient, authentication, map) -> {
            return reactiveOAuth2AuthorizedClientService.saveAuthorizedClient(oAuth2AuthorizedClient, authentication);
        };
        this.authorizationFailureHandler = new RemoveAuthorizedClientReactiveOAuth2AuthorizationFailureHandler((str, authentication2, map2) -> {
            return this.authorizedClientService.removeAuthorizedClient(str, authentication2.getName());
        });
    }

    @Override // org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientManager
    public Mono<OAuth2AuthorizedClient> authorize(OAuth2AuthorizeRequest oAuth2AuthorizeRequest) {
        Assert.notNull(oAuth2AuthorizeRequest, "authorizeRequest cannot be null");
        return createAuthorizationContext(oAuth2AuthorizeRequest).flatMap(oAuth2AuthorizationContext -> {
            return authorize(oAuth2AuthorizationContext, oAuth2AuthorizeRequest.getPrincipal());
        });
    }

    private Mono<OAuth2AuthorizationContext> createAuthorizationContext(OAuth2AuthorizeRequest oAuth2AuthorizeRequest) {
        String clientRegistrationId = oAuth2AuthorizeRequest.getClientRegistrationId();
        Authentication principal = oAuth2AuthorizeRequest.getPrincipal();
        return Mono.justOrEmpty(oAuth2AuthorizeRequest.getAuthorizedClient()).map(OAuth2AuthorizationContext::withAuthorizedClient).switchIfEmpty(Mono.defer(() -> {
            return this.clientRegistrationRepository.findByRegistrationId(clientRegistrationId).flatMap(clientRegistration -> {
                return this.authorizedClientService.loadAuthorizedClient(clientRegistrationId, principal.getName()).map(OAuth2AuthorizationContext::withAuthorizedClient).switchIfEmpty(Mono.fromSupplier(() -> {
                    return OAuth2AuthorizationContext.withClientRegistration(clientRegistration);
                }));
            }).switchIfEmpty(Mono.error((Supplier<? extends Throwable>) () -> {
                return new IllegalArgumentException("Could not find ClientRegistration with id '" + clientRegistrationId + "'");
            }));
        })).flatMap(builder -> {
            return this.contextAttributesMapper.apply(oAuth2AuthorizeRequest).defaultIfEmpty(Collections.emptyMap()).map(map -> {
                OAuth2AuthorizationContext.Builder principal2 = builder.principal(principal);
                if (!map.isEmpty()) {
                    principal2 = principal2.attributes(map -> {
                        map.putAll(map);
                    });
                }
                return principal2.build();
            });
        });
    }

    private Mono<OAuth2AuthorizedClient> authorize(OAuth2AuthorizationContext oAuth2AuthorizationContext, Authentication authentication) {
        return this.authorizedClientProvider.authorize(oAuth2AuthorizationContext).flatMap(oAuth2AuthorizedClient -> {
            return this.authorizationSuccessHandler.onAuthorizationSuccess(oAuth2AuthorizedClient, authentication, Collections.emptyMap()).thenReturn(oAuth2AuthorizedClient);
        }).onErrorResume(OAuth2AuthorizationException.class, (Function<? super E, ? extends Mono<? extends R>>) oAuth2AuthorizationException -> {
            return this.authorizationFailureHandler.onAuthorizationFailure(oAuth2AuthorizationException, authentication, Collections.emptyMap()).then(Mono.error(oAuth2AuthorizationException));
        }).switchIfEmpty(Mono.defer(() -> {
            return Mono.justOrEmpty(oAuth2AuthorizationContext.getAuthorizedClient());
        }));
    }

    public void setAuthorizedClientProvider(ReactiveOAuth2AuthorizedClientProvider reactiveOAuth2AuthorizedClientProvider) {
        Assert.notNull(reactiveOAuth2AuthorizedClientProvider, "authorizedClientProvider cannot be null");
        this.authorizedClientProvider = reactiveOAuth2AuthorizedClientProvider;
    }

    public void setContextAttributesMapper(Function<OAuth2AuthorizeRequest, Mono<Map<String, Object>>> function) {
        Assert.notNull(function, "contextAttributesMapper cannot be null");
        this.contextAttributesMapper = function;
    }

    public void setAuthorizationSuccessHandler(ReactiveOAuth2AuthorizationSuccessHandler reactiveOAuth2AuthorizationSuccessHandler) {
        Assert.notNull(reactiveOAuth2AuthorizationSuccessHandler, "authorizationSuccessHandler cannot be null");
        this.authorizationSuccessHandler = reactiveOAuth2AuthorizationSuccessHandler;
    }

    public void setAuthorizationFailureHandler(ReactiveOAuth2AuthorizationFailureHandler reactiveOAuth2AuthorizationFailureHandler) {
        Assert.notNull(reactiveOAuth2AuthorizationFailureHandler, "authorizationFailureHandler cannot be null");
        this.authorizationFailureHandler = reactiveOAuth2AuthorizationFailureHandler;
    }
}
