package org.georchestra.gateway.security.oauth2;

import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Consumer;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import lombok.Generated;
import org.georchestra.gateway.security.GeorchestraUserMapperExtension;
import org.georchestra.security.model.GeorchestraUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.core.user.OAuth2User;

/* loaded from: input_file:BOOT-INF/classes/org/georchestra/gateway/security/oauth2/OAuth2UserMapper.class */
public class OAuth2UserMapper implements GeorchestraUserMapperExtension {

    @Generated
    private static final Logger log = LoggerFactory.getLogger("org.georchestra.gateway.security.oauth2");

    @Override // org.georchestra.gateway.security.GeorchestraUserMapperExtension
    public Optional<GeorchestraUser> resolve(Authentication authentication) {
        Optional ofNullable = Optional.ofNullable(authentication);
        Class<OAuth2AuthenticationToken> cls = OAuth2AuthenticationToken.class;
        Objects.requireNonNull(OAuth2AuthenticationToken.class);
        Optional filter = ofNullable.filter((v1) -> {
            return r1.isInstance(v1);
        });
        Class<OAuth2AuthenticationToken> cls2 = OAuth2AuthenticationToken.class;
        Objects.requireNonNull(OAuth2AuthenticationToken.class);
        return filter.map((v1) -> {
            return r1.cast(v1);
        }).filter(tokenFilter()).flatMap(this::map);
    }

    protected Predicate<OAuth2AuthenticationToken> tokenFilter() {
        return oAuth2AuthenticationToken -> {
            return true;
        };
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Optional<GeorchestraUser> map(OAuth2AuthenticationToken oAuth2AuthenticationToken) {
        logger().debug("Mapping {} authentication token from provider {}", oAuth2AuthenticationToken.getPrincipal().getClass().getSimpleName(), oAuth2AuthenticationToken.getAuthorizedClientRegistrationId());
        OAuth2User principal = oAuth2AuthenticationToken.getPrincipal();
        GeorchestraUser georchestraUser = new GeorchestraUser();
        georchestraUser.setOAuth2Provider(oAuth2AuthenticationToken.getAuthorizedClientRegistrationId());
        georchestraUser.setOAuth2Uid(oAuth2AuthenticationToken.getName());
        Map<String, Object> attributes = principal.getAttributes();
        List<String> resolveRoles = resolveRoles(principal.getAuthorities());
        String name = oAuth2AuthenticationToken.getName();
        String str = (String) attributes.get("login");
        Objects.requireNonNull(georchestraUser);
        apply(georchestraUser::setUsername, str, name);
        Objects.requireNonNull(georchestraUser);
        apply(georchestraUser::setEmail, (String) attributes.get("email"));
        georchestraUser.setRoles(resolveRoles);
        return Optional.of(georchestraUser);
    }

    protected List<String> resolveRoles(Collection<? extends GrantedAuthority> collection) {
        return (List) collection.stream().map((v0) -> {
            return v0.getAuthority();
        }).filter(str -> {
            if (!str.startsWith("ROLE_SCOPE_") && !str.startsWith("SCOPE_")) {
                return true;
            }
            logger().debug("Excluding granted authority {}", str);
            return false;
        }).collect(Collectors.toList());
    }

    protected void apply(Consumer<String> consumer, String... strArr) {
        for (String str : strArr) {
            if (null != str) {
                consumer.accept(str);
                return;
            }
        }
    }

    protected Logger logger() {
        return log;
    }
}
