package org.georchestra.gateway.security;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentMap;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import lombok.Generated;
import lombok.NonNull;
import org.georchestra.security.model.GeorchestraUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;

/* loaded from: input_file:BOOT-INF/classes/org/georchestra/gateway/security/RolesMappingsUserCustomizer.class */
public class RolesMappingsUserCustomizer implements GeorchestraUserCustomizerExtension {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) RolesMappingsUserCustomizer.class);

    @VisibleForTesting
    final List<Matcher> rolesMappings;
    private final Cache<String, List<String>> byRoleNameCache = CacheBuilder.newBuilder().maximumSize(1000).build();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/classes/org/georchestra/gateway/security/RolesMappingsUserCustomizer$Matcher.class */
    public static class Matcher {

        @NonNull
        private final Pattern pattern;

        @NonNull
        private final List<String> extraRoles;

        public boolean matches(String str) {
            return this.pattern.matcher(str).matches();
        }

        public String toString() {
            return String.format("%s -> %s", this.pattern.pattern(), this.extraRoles);
        }

        @Generated
        public Matcher(@NonNull Pattern pattern, @NonNull List<String> list) {
            if (pattern == null) {
                throw new NullPointerException("pattern is marked non-null but is null");
            }
            if (list == null) {
                throw new NullPointerException("extraRoles is marked non-null but is null");
            }
            this.pattern = pattern;
            this.extraRoles = list;
        }

        @NonNull
        @Generated
        public List<String> getExtraRoles() {
            return this.extraRoles;
        }
    }

    public RolesMappingsUserCustomizer(@NonNull Map<String, List<String>> map) {
        if (map == null) {
            throw new NullPointerException("rolesMappings is marked non-null but is null");
        }
        this.rolesMappings = keysToRegularExpressions(map);
    }

    @NonNull
    private List<Matcher> keysToRegularExpressions(Map<String, List<String>> map) {
        return (List) map.entrySet().stream().map(entry -> {
            return new Matcher(toPattern((String) entry.getKey()), (List) entry.getValue());
        }).peek(matcher -> {
            log.info("Loaded role mapping {}", matcher);
        }).collect(Collectors.toList());
    }

    static Pattern toPattern(String str) {
        return Pattern.compile(str.replace(".", "(\\.)").replace("*", "(.*)"));
    }

    @Override // java.util.function.BiFunction
    public GeorchestraUser apply(Authentication authentication, GeorchestraUser georchestraUser) {
        Set<String> computeAdditionalRoles = computeAdditionalRoles(georchestraUser.getRoles());
        if (!computeAdditionalRoles.isEmpty()) {
            computeAdditionalRoles.addAll(georchestraUser.getRoles());
            georchestraUser.setRoles(new ArrayList(computeAdditionalRoles));
        }
        return georchestraUser;
    }

    private Set<String> computeAdditionalRoles(List<String> list) {
        ConcurrentMap<String, List<String>> asMap = this.byRoleNameCache.asMap();
        return (Set) list.stream().map(str -> {
            return (List) asMap.computeIfAbsent(str, this::computeAdditionalRoles);
        }).flatMap((v0) -> {
            return v0.stream();
        }).collect(Collectors.toSet());
    }

    private List<String> computeAdditionalRoles(@NonNull String str) {
        if (str == null) {
            throw new NullPointerException("authenticatedRole is marked non-null but is null");
        }
        List<String> list = (List) this.rolesMappings.stream().filter(matcher -> {
            return matcher.matches(str);
        }).map((v0) -> {
            return v0.getExtraRoles();
        }).flatMap((v0) -> {
            return v0.stream();
        }).collect(Collectors.toList());
        log.info("Computed additional roles for {}: {}", str, list);
        return list;
    }
}
