package org.apache.syncope.sra.filters;

import java.util.Objects;
import java.util.Optional;
import org.apache.commons.lang3.StringUtils;
import org.apache.syncope.sra.SessionConfig;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cache.CacheManager;
import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.session.Session;
import reactor.core.publisher.Mono;

/* loaded from: input_file:org/apache/syncope/sra/filters/PrincipalToRequestHeaderFilterFactory.class */
public class PrincipalToRequestHeaderFilterFactory extends AbstractGatewayFilterFactory<AbstractGatewayFilterFactory.NameConfig> {

    @Autowired
    private CacheManager cacheManager;

    public PrincipalToRequestHeaderFilterFactory() {
        super(AbstractGatewayFilterFactory.NameConfig.class);
    }

    public GatewayFilter apply(AbstractGatewayFilterFactory.NameConfig nameConfig) {
        return (serverWebExchange, gatewayFilterChain) -> {
            return serverWebExchange.getSession().flatMap(webSession -> {
                return Mono.justOrEmpty(Optional.ofNullable((Session) this.cacheManager.getCache(SessionConfig.DEFAULT_CACHE).get(webSession.getId(), Session.class)).map(session -> {
                    String str = null;
                    SecurityContext securityContext = (SecurityContext) session.getAttribute("SPRING_SECURITY_CONTEXT");
                    if (securityContext != null && securityContext.getAuthentication() != null) {
                        str = securityContext.getAuthentication().getPrincipal() instanceof OidcUser ? ((OidcUser) securityContext.getAuthentication().getPrincipal()).getIdToken().getTokenValue() : securityContext.getAuthentication().getPrincipal() instanceof OAuth2User ? Objects.toString(((OAuth2User) securityContext.getAuthentication().getPrincipal()).getAttributes().get("preferred_username"), null) : securityContext.getAuthentication().getName();
                    }
                    return str;
                }));
            }).transform(mono -> {
                return mono.flatMap(str -> {
                    return StringUtils.isEmpty(str) ? gatewayFilterChain.filter(serverWebExchange) : gatewayFilterChain.filter(serverWebExchange.mutate().request(serverWebExchange.getRequest().mutate().headers(httpHeaders -> {
                        httpHeaders.add(nameConfig.getName(), str);
                    }).build()).build());
                });
            }).switchIfEmpty(gatewayFilterChain.filter(serverWebExchange));
        };
    }
}
