package org.georchestra.gateway.security;

import java.net.URI;
import java.util.Objects;
import lombok.Generated;
import lombok.NonNull;
import org.georchestra.gateway.model.GeorchestraOrganizations;
import org.georchestra.gateway.model.GeorchestraUsers;
import org.georchestra.gateway.security.exceptions.DuplicatedEmailFoundException;
import org.georchestra.gateway.security.ldap.extended.ExtendedGeorchestraUser;
import org.georchestra.security.model.GeorchestraUser;
import org.georchestra.security.model.Organization;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.server.DefaultServerRedirectStrategy;
import org.springframework.security.web.server.ServerRedirectStrategy;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/* loaded from: input_file:BOOT-INF/classes/org/georchestra/gateway/security/ResolveGeorchestraUserGlobalFilter.class */
public class ResolveGeorchestraUserGlobalFilter implements GlobalFilter, Ordered {
    public static final int ORDER = 10001;

    @NonNull
    private final GeorchestraUserMapper resolver;
    private ServerRedirectStrategy redirectStrategy = new DefaultServerRedirectStrategy();

    @Generated
    private static final Logger log = LoggerFactory.getLogger("org.georchestra.gateway.security");
    private static String DUPLICATE_ACCOUNT = "duplicate_account";

    @Override // org.springframework.core.Ordered
    public int getOrder() {
        return 10001;
    }

    @Override // org.springframework.cloud.gateway.filter.GlobalFilter
    public Mono<Void> filter(ServerWebExchange serverWebExchange, GatewayFilterChain gatewayFilterChain) {
        Mono doOnNext = serverWebExchange.getPrincipal().doOnNext(principal -> {
            log.debug("resolving user from {}", principal.getClass().getName());
        });
        Class<Authentication> cls = Authentication.class;
        Objects.requireNonNull(Authentication.class);
        Mono filter = doOnNext.filter((v1) -> {
            return r1.isInstance(v1);
        });
        Class<Authentication> cls2 = Authentication.class;
        Objects.requireNonNull(Authentication.class);
        Mono map = filter.map((v1) -> {
            return r1.cast(v1);
        });
        GeorchestraUserMapper georchestraUserMapper = this.resolver;
        Objects.requireNonNull(georchestraUserMapper);
        Mono defaultIfEmpty = map.map(georchestraUserMapper::resolve).map(optional -> {
            Organization org2;
            GeorchestraUser georchestraUser = (GeorchestraUser) optional.orElse(null);
            GeorchestraUsers.store(serverWebExchange, georchestraUser);
            if (georchestraUser != null && (georchestraUser instanceof ExtendedGeorchestraUser) && (org2 = ((ExtendedGeorchestraUser) georchestraUser).getOrg()) != null) {
                GeorchestraOrganizations.store(serverWebExchange, org2);
            }
            return serverWebExchange;
        }).defaultIfEmpty(serverWebExchange);
        Objects.requireNonNull(gatewayFilterChain);
        return defaultIfEmpty.flatMap(gatewayFilterChain::filter).onErrorResume(DuplicatedEmailFoundException.class, duplicatedEmailFoundException -> {
            return this.redirectStrategy.sendRedirect(serverWebExchange, URI.create("/login?error=" + DUPLICATE_ACCOUNT)).then(serverWebExchange.getSession().flatMap((v0) -> {
                return v0.invalidate();
            }));
        });
    }

    @Generated
    public ResolveGeorchestraUserGlobalFilter(@NonNull GeorchestraUserMapper georchestraUserMapper) {
        if (georchestraUserMapper == null) {
            throw new NullPointerException("resolver is marked non-null but is null");
        }
        this.resolver = georchestraUserMapper;
    }
}
