package it.geosolutions.geostore.services.rest.security.oauth2;

import it.geosolutions.geostore.services.rest.security.IdPConfiguration;
import java.util.Collections;
import java.util.Objects;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.web.util.UriComponentsBuilder;

/* loaded from: input_file:it/geosolutions/geostore/services/rest/security/oauth2/OAuth2Configuration.class */
public class OAuth2Configuration extends IdPConfiguration {
    private static final Logger LOGGER = LogManager.getLogger(OAuth2Configuration.class);
    public static final String CONFIG_NAME_SUFFIX = "OAuth2Config";
    public static final String CONFIGURATION_NAME = "CONFIGURATION_NAME";
    private String clientId;
    private String clientSecret;
    private String accessTokenUri;
    private String authorizationUri;
    private String checkTokenEndpointUrl;
    private String logoutUri;
    private String revokeEndpoint;
    private String scopes;
    private String idTokenUri;
    private String discoveryUrl;
    private String principalKey;
    private String uniqueUsername;
    private String rolesClaim;
    private String groupsClaim;
    private boolean globalLogoutEnabled = false;
    private boolean enableRedirectEntryPoint = false;
    private boolean groupNamesUppercase = false;
    private long initialBackoffDelay = 1000;
    private double backoffMultiplier = 2.0d;
    private int maxRetries = 3;

    /* loaded from: input_file:it/geosolutions/geostore/services/rest/security/oauth2/OAuth2Configuration$Endpoint.class */
    public static class Endpoint {
        private final String url;
        private final HttpMethod method;
        private final HttpEntity<?> requestEntity;

        public Endpoint(HttpMethod httpMethod, String str, HttpEntity<?> httpEntity) {
            this.method = httpMethod;
            this.url = str;
            this.requestEntity = httpEntity;
        }

        public String getUrl() {
            return this.url;
        }

        public HttpMethod getMethod() {
            return this.method;
        }

        public HttpEntity<?> getRequestEntity() {
            return this.requestEntity;
        }
    }

    public int getMaxRetries() {
        return this.maxRetries;
    }

    public void setMaxRetries(int i) {
        this.maxRetries = i;
    }

    public long getInitialBackoffDelay() {
        return this.initialBackoffDelay;
    }

    public void setInitialBackoffDelay(long j) {
        this.initialBackoffDelay = j;
    }

    public double getBackoffMultiplier() {
        return this.backoffMultiplier;
    }

    public void setBackoffMultiplier(double d) {
        this.backoffMultiplier = d;
    }

    public AuthenticationEntryPoint getAuthenticationEntryPoint() {
        return (httpServletRequest, httpServletResponse, authenticationException) -> {
            httpServletResponse.sendRedirect(buildLoginUri());
        };
    }

    public String buildLoginUri() {
        return buildLoginUri(null, new String[0]);
    }

    public String buildLoginUri(String str) {
        return buildLoginUri(str, new String[0]);
    }

    public String buildLoginUri(String str, String... strArr) {
        StringBuilder sb = new StringBuilder(getAuthorizationUri());
        sb.append("?response_type=code").append("&client_id=").append(getClientId()).append("&scope=").append(getScopes().replace(",", "%20"));
        for (String str2 : strArr) {
            sb.append("%20").append(str2);
        }
        sb.append("&redirect_uri=").append(getRedirectUri());
        if (str != null) {
            sb.append("&access_type=").append(str);
        }
        LOGGER.debug("Authorization endpoint URI built: {}", sb);
        return sb.toString();
    }

    public String buildRefreshTokenURI() {
        return buildRefreshTokenURI(null);
    }

    public String buildRefreshTokenURI(String str) {
        StringBuilder append = new StringBuilder(getAccessTokenUri()).append("?client_id=").append(getClientId()).append("&scope=").append(getScopes().replace(",", "%20"));
        if (str != null) {
            append.append("&access_type=").append(str);
        }
        return append.toString();
    }

    public String getClientId() {
        return this.clientId;
    }

    public void setClientId(String str) {
        this.clientId = str;
    }

    public String getClientSecret() {
        return this.clientSecret;
    }

    public void setClientSecret(String str) {
        this.clientSecret = str;
    }

    public String getAccessTokenUri() {
        return this.accessTokenUri;
    }

    public void setAccessTokenUri(String str) {
        this.accessTokenUri = str;
    }

    public String getAuthorizationUri() {
        return this.authorizationUri;
    }

    public void setAuthorizationUri(String str) {
        this.authorizationUri = str;
    }

    public String getCheckTokenEndpointUrl() {
        return this.checkTokenEndpointUrl;
    }

    public void setCheckTokenEndpointUrl(String str) {
        this.checkTokenEndpointUrl = str;
    }

    public String getLogoutUri() {
        return this.logoutUri;
    }

    public void setLogoutUri(String str) {
        this.logoutUri = str;
    }

    public boolean isGlobalLogoutEnabled() {
        return this.globalLogoutEnabled;
    }

    public void setGlobalLogoutEnabled(boolean z) {
        this.globalLogoutEnabled = z;
    }

    public String getScopes() {
        return this.scopes;
    }

    public void setScopes(String str) {
        this.scopes = str;
    }

    public String getIdTokenUri() {
        return this.idTokenUri;
    }

    public void setIdTokenUri(String str) {
        this.idTokenUri = str;
    }

    public String getDiscoveryUrl() {
        return this.discoveryUrl;
    }

    public void setDiscoveryUrl(String str) {
        this.discoveryUrl = str;
    }

    public boolean isInvalid() {
        return this.clientId == null || this.clientSecret == null || this.authorizationUri == null || this.accessTokenUri == null;
    }

    public String getRevokeEndpoint() {
        return this.revokeEndpoint;
    }

    public void setRevokeEndpoint(String str) {
        this.revokeEndpoint = str;
    }

    public String getProvider() {
        return getBeanName().replaceAll(CONFIG_NAME_SUFFIX, "");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String appendParameters(MultiValueMap<String, String> multiValueMap, String str) {
        return UriComponentsBuilder.fromHttpUrl(str).queryParams(multiValueMap).build().toUriString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void getLogoutRequestParams(String str, String str2, MultiValueMap<String, String> multiValueMap) {
        multiValueMap.put("token", Collections.singletonList(str));
        if (str2 == null || str2.isEmpty()) {
            return;
        }
        multiValueMap.put("client_id", Collections.singletonList(str2));
    }

    public Endpoint buildRevokeEndpoint(String str, String str2, OAuth2Configuration oAuth2Configuration) {
        if (this.revokeEndpoint == null) {
            return null;
        }
        HttpHeaders httpHeaders = getHttpHeaders(str2, oAuth2Configuration);
        LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
        linkedMultiValueMap.add("token", str);
        linkedMultiValueMap.add("client_id", this.clientId);
        return new Endpoint(HttpMethod.POST, this.revokeEndpoint, new HttpEntity(linkedMultiValueMap, httpHeaders));
    }

    private static HttpHeaders getHttpHeaders(String str, OAuth2Configuration oAuth2Configuration) {
        HttpHeaders headers = getHeaders(str, oAuth2Configuration);
        headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
        return headers;
    }

    public Endpoint buildLogoutEndpoint(String str, String str2, OAuth2Configuration oAuth2Configuration) {
        if (this.logoutUri == null) {
            return null;
        }
        HttpHeaders headers = getHeaders(str2, oAuth2Configuration);
        LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
        getLogoutRequestParams(str, this.clientId, linkedMultiValueMap);
        return new Endpoint(HttpMethod.GET, appendParameters(linkedMultiValueMap, this.logoutUri), new HttpEntity(headers));
    }

    private static HttpHeaders getHeaders(String str, OAuth2Configuration oAuth2Configuration) {
        HttpHeaders httpHeaders = new HttpHeaders();
        if (oAuth2Configuration != null && oAuth2Configuration.clientId != null && oAuth2Configuration.clientSecret != null) {
            httpHeaders.setBasicAuth(oAuth2Configuration.clientId, oAuth2Configuration.clientSecret);
        } else if (str != null && !str.isEmpty()) {
            httpHeaders.set("Authorization", "Bearer " + str);
        }
        return httpHeaders;
    }

    public boolean isEnableRedirectEntryPoint() {
        return this.enableRedirectEntryPoint;
    }

    public void setEnableRedirectEntryPoint(boolean z) {
        this.enableRedirectEntryPoint = z;
    }

    public String getPrincipalKey() {
        return (this.principalKey == null || this.principalKey.isEmpty()) ? "email" : this.principalKey;
    }

    public void setPrincipalKey(String str) {
        this.principalKey = str;
    }

    public String getUniqueUsername() {
        return this.uniqueUsername;
    }

    public void setUniqueUsername(String str) {
        this.uniqueUsername = str;
    }

    public String getRolesClaim() {
        if (this.rolesClaim != null) {
            return this.rolesClaim.trim();
        }
        return null;
    }

    public void setRolesClaim(String str) {
        this.rolesClaim = (str == null || str.isEmpty()) ? null : str.trim();
    }

    public String getGroupsClaim() {
        if (this.groupsClaim != null) {
            return this.groupsClaim.trim();
        }
        return null;
    }

    public void setGroupsClaim(String str) {
        this.groupsClaim = (str == null || str.isEmpty()) ? null : str.trim();
    }

    public boolean isGroupNamesUppercase() {
        return this.groupNamesUppercase;
    }

    public void setGroupNamesUppercase(boolean z) {
        this.groupNamesUppercase = z;
    }

    public boolean equals(Object obj) {
        if (!(obj instanceof OAuth2Configuration)) {
            return false;
        }
        OAuth2Configuration oAuth2Configuration = (OAuth2Configuration) obj;
        return isGlobalLogoutEnabled() == oAuth2Configuration.isGlobalLogoutEnabled() && isEnableRedirectEntryPoint() == oAuth2Configuration.isEnableRedirectEntryPoint() && isGroupNamesUppercase() == oAuth2Configuration.isGroupNamesUppercase() && getInitialBackoffDelay() == oAuth2Configuration.getInitialBackoffDelay() && Double.compare(getBackoffMultiplier(), oAuth2Configuration.getBackoffMultiplier()) == 0 && getMaxRetries() == oAuth2Configuration.getMaxRetries() && Objects.equals(getClientId(), oAuth2Configuration.getClientId()) && Objects.equals(getClientSecret(), oAuth2Configuration.getClientSecret()) && Objects.equals(getAccessTokenUri(), oAuth2Configuration.getAccessTokenUri()) && Objects.equals(getAuthorizationUri(), oAuth2Configuration.getAuthorizationUri()) && Objects.equals(getCheckTokenEndpointUrl(), oAuth2Configuration.getCheckTokenEndpointUrl()) && Objects.equals(getLogoutUri(), oAuth2Configuration.getLogoutUri()) && Objects.equals(getRevokeEndpoint(), oAuth2Configuration.getRevokeEndpoint()) && Objects.equals(getScopes(), oAuth2Configuration.getScopes()) && Objects.equals(getIdTokenUri(), oAuth2Configuration.getIdTokenUri()) && Objects.equals(getDiscoveryUrl(), oAuth2Configuration.getDiscoveryUrl()) && Objects.equals(getPrincipalKey(), oAuth2Configuration.getPrincipalKey()) && Objects.equals(getUniqueUsername(), oAuth2Configuration.getUniqueUsername()) && Objects.equals(getRolesClaim(), oAuth2Configuration.getRolesClaim()) && Objects.equals(getGroupsClaim(), oAuth2Configuration.getGroupsClaim());
    }

    public int hashCode() {
        return Objects.hash(getClientId(), getClientSecret(), getAccessTokenUri(), getAuthorizationUri(), getCheckTokenEndpointUrl(), getLogoutUri(), getRevokeEndpoint(), Boolean.valueOf(isGlobalLogoutEnabled()), getScopes(), getIdTokenUri(), getDiscoveryUrl(), Boolean.valueOf(isEnableRedirectEntryPoint()), getPrincipalKey(), getUniqueUsername(), getRolesClaim(), getGroupsClaim(), Boolean.valueOf(isGroupNamesUppercase()), Long.valueOf(getInitialBackoffDelay()), Double.valueOf(getBackoffMultiplier()), Integer.valueOf(getMaxRetries()));
    }

    public String toString() {
        String str = this.clientId;
        String str2 = this.clientSecret;
        String str3 = this.accessTokenUri;
        String str4 = this.authorizationUri;
        String str5 = this.checkTokenEndpointUrl;
        String str6 = this.logoutUri;
        String str7 = this.revokeEndpoint;
        boolean z = this.globalLogoutEnabled;
        String str8 = this.scopes;
        String str9 = this.idTokenUri;
        String str10 = this.discoveryUrl;
        boolean z2 = this.enableRedirectEntryPoint;
        String str11 = this.principalKey;
        String str12 = this.uniqueUsername;
        String str13 = this.rolesClaim;
        String str14 = this.groupsClaim;
        boolean z3 = this.groupNamesUppercase;
        long j = this.initialBackoffDelay;
        double d = this.backoffMultiplier;
        int i = this.maxRetries;
        return "OAuth2Configuration{clientId='" + str + "', clientSecret='" + str2 + "', accessTokenUri='" + str3 + "', authorizationUri='" + str4 + "', checkTokenEndpointUrl='" + str5 + "', logoutUri='" + str6 + "', revokeEndpoint='" + str7 + "', globalLogoutEnabled=" + z + ", scopes='" + str8 + "', idTokenUri='" + str9 + "', discoveryUrl='" + str10 + "', enableRedirectEntryPoint=" + z2 + ", principalKey='" + str11 + "', uniqueUsername='" + str12 + "', rolesClaim='" + str13 + "', groupsClaim='" + str14 + "', groupNamesUppercase=" + z3 + ", initialBackoffDelay=" + j + ", backoffMultiplier=" + str + ", maxRetries=" + d + "}";
    }
}
