package net.n2oapp.security.auth.context.account;

import java.util.Arrays;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import net.n2oapp.security.auth.common.OauthUser;
import net.n2oapp.security.auth.common.UserParamsUtil;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.http.MediaType;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.web.client.RestTemplate;

/* loaded from: input_file:BOOT-INF/lib/security-auth-7.0.7.jar:net/n2oapp/security/auth/context/account/ContextUserInfoTokenServices.class */
public class ContextUserInfoTokenServices {
    private static final String DEPARTMENT = "department";
    private static final String CODE_KEY = "code";
    private static final String NAME_KEY = "name";
    private static final String ORGANIZATION = "organization";
    private static final String REGION = "region";
    private static final String ACCOUNT_ID = "accountId";
    private final String userInfoEndpointUrl;
    protected final Log logger = LogFactory.getLog(getClass());
    private RestTemplate restTemplate;

    public ContextUserInfoTokenServices(String str) {
        this.userInfoEndpointUrl = str;
    }

    public void setRestTemplate(RestTemplate restTemplate) {
        this.restTemplate = restTemplate;
    }

    public OAuth2AuthenticationToken loadAccountAuthentication(Integer num, Authentication authentication) {
        return extractAuthentication(getMap(this.userInfoEndpointUrl + "/" + num), authentication);
    }

    protected OAuth2AuthenticationToken extractAuthentication(Map<String, Object> map, Authentication authentication) {
        OauthUser oauthUser = (OauthUser) authentication.getPrincipal();
        List<GrantedAuthority> extractAuthorities = UserParamsUtil.extractAuthorities(map);
        OauthUser oauthUser2 = new OauthUser(oauthUser, extractAuthorities);
        enrichWithAccountClaims(map, oauthUser2);
        return new OAuth2AuthenticationToken(oauthUser2, extractAuthorities, ((OAuth2AuthenticationToken) authentication).getAuthorizedClientRegistrationId());
    }

    private Map<String, Object> getMap(String str) {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Getting user info from: " + str);
        }
        try {
            if (this.restTemplate == null) {
                this.restTemplate = new RestTemplate();
                this.restTemplate.getInterceptors().add((httpRequest, bArr, clientHttpRequestExecution) -> {
                    httpRequest.getHeaders().setAccept(Arrays.asList(MediaType.APPLICATION_JSON));
                    return clientHttpRequestExecution.execute(httpRequest, bArr);
                });
            }
            return (Map) this.restTemplate.getForEntity(str, Map.class, new Object[0]).getBody();
        } catch (Exception e) {
            this.logger.warn("Could not fetch user details: " + e.getClass() + ", " + e.getMessage());
            throw e;
        }
    }

    protected void enrichWithAccountClaims(Map<String, Object> map, OauthUser oauthUser) {
        oauthUser.setAccountId((String) map.get(ACCOUNT_ID));
        LinkedHashMap linkedHashMap = (LinkedHashMap) map.get(DEPARTMENT);
        if (linkedHashMap != null) {
            oauthUser.setDepartment((String) linkedHashMap.get("code"));
            oauthUser.setDepartmentName((String) linkedHashMap.get("name"));
        }
        LinkedHashMap linkedHashMap2 = (LinkedHashMap) map.get(ORGANIZATION);
        if (linkedHashMap2 != null) {
            oauthUser.setOrganization((String) linkedHashMap2.get("code"));
        }
        LinkedHashMap linkedHashMap3 = (LinkedHashMap) map.get("region");
        if (linkedHashMap3 != null) {
            oauthUser.setRegion((String) linkedHashMap3.get("code"));
        }
    }
}
