package org.springframework.security.oauth2.provider.client;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import javax.sql.DataSource;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.dao.DuplicateKeyException;
import org.springframework.dao.EmptyResultDataAccessException;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.RowMapper;
import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.common.exceptions.InvalidClientException;
import org.springframework.security.oauth2.common.util.DefaultJdbcListFactory;
import org.springframework.security.oauth2.common.util.JdbcListFactory;
import org.springframework.security.oauth2.provider.ClientAlreadyExistsException;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.ClientRegistrationService;
import org.springframework.security.oauth2.provider.NoSuchClientException;
import org.springframework.util.Assert;
import org.springframework.util.ClassUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:lib/spring-security-oauth2-2.0.10.RELEASE.jar:org/springframework/security/oauth2/provider/client/JdbcClientDetailsService.class */
public class JdbcClientDetailsService implements ClientDetailsService, ClientRegistrationService {
    private static final String CLIENT_FIELDS = "client_secret, resource_ids, scope, authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information, autoapprove";
    private static final String BASE_FIND_STATEMENT = "select client_id, client_secret, resource_ids, scope, authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information, autoapprove from oauth_client_details";
    private static final String DEFAULT_FIND_STATEMENT = "select client_id, client_secret, resource_ids, scope, authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information, autoapprove from oauth_client_details order by client_id";
    private static final String DEFAULT_SELECT_STATEMENT = "select client_id, client_secret, resource_ids, scope, authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information, autoapprove from oauth_client_details where client_id = ?";
    private static final String DEFAULT_INSERT_STATEMENT = "insert into oauth_client_details (client_secret, resource_ids, scope, authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information, autoapprove, client_id) values (?,?,?,?,?,?,?,?,?,?,?)";
    private static final String DEFAULT_UPDATE_SECRET_STATEMENT = "update oauth_client_details set client_secret = ? where client_id = ?";
    private static final String DEFAULT_DELETE_STATEMENT = "delete from oauth_client_details where client_id = ?";
    private final JdbcTemplate jdbcTemplate;
    private JdbcListFactory listFactory;
    private static final Log logger = LogFactory.getLog(JdbcClientDetailsService.class);
    private static final String CLIENT_FIELDS_FOR_UPDATE = "resource_ids, scope, authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information, autoapprove";
    private static final String DEFAULT_UPDATE_STATEMENT = "update oauth_client_details set " + CLIENT_FIELDS_FOR_UPDATE.replaceAll(", ", "=?, ") + "=? where client_id = ?";
    private JsonMapper mapper = createJsonMapper();
    private RowMapper<ClientDetails> rowMapper = new ClientDetailsRowMapper();
    private String deleteClientDetailsSql = DEFAULT_DELETE_STATEMENT;
    private String findClientDetailsSql = DEFAULT_FIND_STATEMENT;
    private String updateClientDetailsSql = DEFAULT_UPDATE_STATEMENT;
    private String updateClientSecretSql = DEFAULT_UPDATE_SECRET_STATEMENT;
    private String insertClientDetailsSql = DEFAULT_INSERT_STATEMENT;
    private String selectClientDetailsSql = DEFAULT_SELECT_STATEMENT;
    private PasswordEncoder passwordEncoder = NoOpPasswordEncoder.getInstance();

    /* loaded from: input_file:lib/spring-security-oauth2-2.0.10.RELEASE.jar:org/springframework/security/oauth2/provider/client/JdbcClientDetailsService$ClientDetailsRowMapper.class */
    private static class ClientDetailsRowMapper implements RowMapper<ClientDetails> {
        private JsonMapper mapper;

        private ClientDetailsRowMapper() {
            this.mapper = JdbcClientDetailsService.access$100();
        }

        /* renamed from: mapRow, reason: merged with bridge method [inline-methods] */
        public ClientDetails m2765mapRow(ResultSet resultSet, int i) throws SQLException {
            BaseClientDetails baseClientDetails = new BaseClientDetails(resultSet.getString(1), resultSet.getString(3), resultSet.getString(4), resultSet.getString(5), resultSet.getString(7), resultSet.getString(6));
            baseClientDetails.setClientSecret(resultSet.getString(2));
            if (resultSet.getObject(8) != null) {
                baseClientDetails.setAccessTokenValiditySeconds(Integer.valueOf(resultSet.getInt(8)));
            }
            if (resultSet.getObject(9) != null) {
                baseClientDetails.setRefreshTokenValiditySeconds(Integer.valueOf(resultSet.getInt(9)));
            }
            String string = resultSet.getString(10);
            if (string != null) {
                try {
                    baseClientDetails.setAdditionalInformation((Map) this.mapper.read(string, Map.class));
                } catch (Exception e) {
                    JdbcClientDetailsService.logger.warn("Could not decode JSON for additional information: " + baseClientDetails, e);
                }
            }
            String string2 = resultSet.getString(11);
            if (string2 != null) {
                baseClientDetails.setAutoApproveScopes(StringUtils.commaDelimitedListToSet(string2));
            }
            return baseClientDetails;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/spring-security-oauth2-2.0.10.RELEASE.jar:org/springframework/security/oauth2/provider/client/JdbcClientDetailsService$Jackson2Mapper.class */
    public static class Jackson2Mapper implements JsonMapper {
        private ObjectMapper mapper;

        private Jackson2Mapper() {
            this.mapper = new ObjectMapper();
        }

        @Override // org.springframework.security.oauth2.provider.client.JdbcClientDetailsService.JsonMapper
        public String write(Object obj) throws Exception {
            return this.mapper.writeValueAsString(obj);
        }

        @Override // org.springframework.security.oauth2.provider.client.JdbcClientDetailsService.JsonMapper
        public <T> T read(String str, Class<T> cls) throws Exception {
            return (T) this.mapper.readValue(str, cls);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/spring-security-oauth2-2.0.10.RELEASE.jar:org/springframework/security/oauth2/provider/client/JdbcClientDetailsService$JacksonMapper.class */
    public static class JacksonMapper implements JsonMapper {
        private org.codehaus.jackson.map.ObjectMapper mapper;

        private JacksonMapper() {
            this.mapper = new org.codehaus.jackson.map.ObjectMapper();
        }

        @Override // org.springframework.security.oauth2.provider.client.JdbcClientDetailsService.JsonMapper
        public String write(Object obj) throws Exception {
            return this.mapper.writeValueAsString(obj);
        }

        @Override // org.springframework.security.oauth2.provider.client.JdbcClientDetailsService.JsonMapper
        public <T> T read(String str, Class<T> cls) throws Exception {
            return (T) this.mapper.readValue(str, cls);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:lib/spring-security-oauth2-2.0.10.RELEASE.jar:org/springframework/security/oauth2/provider/client/JdbcClientDetailsService$JsonMapper.class */
    public interface JsonMapper {
        String write(Object obj) throws Exception;

        <T> T read(String str, Class<T> cls) throws Exception;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/spring-security-oauth2-2.0.10.RELEASE.jar:org/springframework/security/oauth2/provider/client/JdbcClientDetailsService$NotSupportedJsonMapper.class */
    public static class NotSupportedJsonMapper implements JsonMapper {
        private NotSupportedJsonMapper() {
        }

        @Override // org.springframework.security.oauth2.provider.client.JdbcClientDetailsService.JsonMapper
        public String write(Object obj) throws Exception {
            throw new UnsupportedOperationException("Neither Jackson 1 nor 2 is available so JSON conversion cannot be done");
        }

        @Override // org.springframework.security.oauth2.provider.client.JdbcClientDetailsService.JsonMapper
        public <T> T read(String str, Class<T> cls) throws Exception {
            throw new UnsupportedOperationException("Neither Jackson 1 nor 2 is available so JSON conversion cannot be done");
        }
    }

    public JdbcClientDetailsService(DataSource dataSource) {
        Assert.notNull(dataSource, "DataSource required");
        this.jdbcTemplate = new JdbcTemplate(dataSource);
        this.listFactory = new DefaultJdbcListFactory(new NamedParameterJdbcTemplate(this.jdbcTemplate));
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }

    @Override // org.springframework.security.oauth2.provider.ClientDetailsService
    public ClientDetails loadClientByClientId(String str) throws InvalidClientException {
        try {
            return (ClientDetails) this.jdbcTemplate.queryForObject(this.selectClientDetailsSql, new ClientDetailsRowMapper(), new Object[]{str});
        } catch (EmptyResultDataAccessException e) {
            throw new NoSuchClientException("No client with requested id: " + str);
        }
    }

    @Override // org.springframework.security.oauth2.provider.ClientRegistrationService
    public void addClientDetails(ClientDetails clientDetails) throws ClientAlreadyExistsException {
        try {
            this.jdbcTemplate.update(this.insertClientDetailsSql, getFields(clientDetails));
        } catch (DuplicateKeyException e) {
            throw new ClientAlreadyExistsException("Client already exists: " + clientDetails.getClientId(), e);
        }
    }

    @Override // org.springframework.security.oauth2.provider.ClientRegistrationService
    public void updateClientDetails(ClientDetails clientDetails) throws NoSuchClientException {
        if (this.jdbcTemplate.update(this.updateClientDetailsSql, getFieldsForUpdate(clientDetails)) != 1) {
            throw new NoSuchClientException("No client found with id = " + clientDetails.getClientId());
        }
    }

    @Override // org.springframework.security.oauth2.provider.ClientRegistrationService
    public void updateClientSecret(String str, String str2) throws NoSuchClientException {
        if (this.jdbcTemplate.update(this.updateClientSecretSql, new Object[]{this.passwordEncoder.encode(str2), str}) != 1) {
            throw new NoSuchClientException("No client found with id = " + str);
        }
    }

    @Override // org.springframework.security.oauth2.provider.ClientRegistrationService
    public void removeClientDetails(String str) throws NoSuchClientException {
        if (this.jdbcTemplate.update(this.deleteClientDetailsSql, new Object[]{str}) != 1) {
            throw new NoSuchClientException("No client found with id = " + str);
        }
    }

    @Override // org.springframework.security.oauth2.provider.ClientRegistrationService
    public List<ClientDetails> listClientDetails() {
        return this.listFactory.getList(this.findClientDetailsSql, Collections.emptyMap(), this.rowMapper);
    }

    private Object[] getFields(ClientDetails clientDetails) {
        Object[] fieldsForUpdate = getFieldsForUpdate(clientDetails);
        Object[] objArr = new Object[fieldsForUpdate.length + 1];
        System.arraycopy(fieldsForUpdate, 0, objArr, 1, fieldsForUpdate.length);
        objArr[0] = clientDetails.getClientSecret() != null ? this.passwordEncoder.encode(clientDetails.getClientSecret()) : null;
        return objArr;
    }

    private Object[] getFieldsForUpdate(ClientDetails clientDetails) {
        String str = null;
        try {
            str = this.mapper.write(clientDetails.getAdditionalInformation());
        } catch (Exception e) {
            logger.warn("Could not serialize additional information: " + clientDetails, e);
        }
        Object[] objArr = new Object[10];
        objArr[0] = clientDetails.getResourceIds() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails.getResourceIds()) : null;
        objArr[1] = clientDetails.getScope() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails.getScope()) : null;
        objArr[2] = clientDetails.getAuthorizedGrantTypes() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails.getAuthorizedGrantTypes()) : null;
        objArr[3] = clientDetails.getRegisteredRedirectUri() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails.getRegisteredRedirectUri()) : null;
        objArr[4] = clientDetails.getAuthorities() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails.getAuthorities()) : null;
        objArr[5] = clientDetails.getAccessTokenValiditySeconds();
        objArr[6] = clientDetails.getRefreshTokenValiditySeconds();
        objArr[7] = str;
        objArr[8] = getAutoApproveScopes(clientDetails);
        objArr[9] = clientDetails.getClientId();
        return objArr;
    }

    private String getAutoApproveScopes(ClientDetails clientDetails) {
        if (clientDetails.isAutoApprove("true")) {
            return "true";
        }
        HashSet hashSet = new HashSet();
        for (String str : clientDetails.getScope()) {
            if (clientDetails.isAutoApprove(str)) {
                hashSet.add(str);
            }
        }
        return StringUtils.collectionToCommaDelimitedString(hashSet);
    }

    public void setSelectClientDetailsSql(String str) {
        this.selectClientDetailsSql = str;
    }

    public void setDeleteClientDetailsSql(String str) {
        this.deleteClientDetailsSql = str;
    }

    public void setUpdateClientDetailsSql(String str) {
        this.updateClientDetailsSql = str;
    }

    public void setUpdateClientSecretSql(String str) {
        this.updateClientSecretSql = str;
    }

    public void setInsertClientDetailsSql(String str) {
        this.insertClientDetailsSql = str;
    }

    public void setFindClientDetailsSql(String str) {
        this.findClientDetailsSql = str;
    }

    public void setListFactory(JdbcListFactory jdbcListFactory) {
        this.listFactory = jdbcListFactory;
    }

    public void setRowMapper(RowMapper<ClientDetails> rowMapper) {
        this.rowMapper = rowMapper;
    }

    private static JsonMapper createJsonMapper() {
        return ClassUtils.isPresent("org.codehaus.jackson.map.ObjectMapper", null) ? new JacksonMapper() : ClassUtils.isPresent("com.fasterxml.jackson.databind.ObjectMapper", null) ? new Jackson2Mapper() : new NotSupportedJsonMapper();
    }

    static /* synthetic */ JsonMapper access$100() {
        return createJsonMapper();
    }
}
