package io.micronaut.security.oauth2.endpoint.token.request.password;

import io.micronaut.security.authentication.AuthenticationRequest;
import io.micronaut.security.authentication.AuthenticationResponse;
import io.micronaut.security.authentication.provider.ReactiveAuthenticationProvider;
import io.micronaut.security.oauth2.configuration.OauthClientConfiguration;
import io.micronaut.security.oauth2.endpoint.AuthenticationMethods;
import io.micronaut.security.oauth2.endpoint.DefaultSecureEndpoint;
import io.micronaut.security.oauth2.endpoint.SecureEndpoint;
import io.micronaut.security.oauth2.endpoint.token.request.TokenEndpointClient;
import io.micronaut.security.oauth2.endpoint.token.request.context.OauthPasswordTokenRequestContext;
import io.micronaut.security.oauth2.endpoint.token.response.OauthAuthenticationMapper;
import org.reactivestreams.Publisher;
import reactor.core.publisher.Flux;

/* loaded from: input_file:io/micronaut/security/oauth2/endpoint/token/request/password/ReactiveOauthPasswordAuthenticationProvider.class */
public class ReactiveOauthPasswordAuthenticationProvider<T, I, S> implements ReactiveAuthenticationProvider<T, I, S> {
    private final TokenEndpointClient tokenEndpointClient;
    private final SecureEndpoint secureEndpoint;
    private final OauthClientConfiguration clientConfiguration;
    private final OauthAuthenticationMapper authenticationMapper;

    public ReactiveOauthPasswordAuthenticationProvider(TokenEndpointClient tokenEndpointClient, OauthClientConfiguration oauthClientConfiguration, OauthAuthenticationMapper oauthAuthenticationMapper) {
        this.tokenEndpointClient = tokenEndpointClient;
        this.clientConfiguration = oauthClientConfiguration;
        this.authenticationMapper = oauthAuthenticationMapper;
        this.secureEndpoint = getTokenEndpoint(oauthClientConfiguration);
    }

    public Publisher<AuthenticationResponse> authenticate(T t, AuthenticationRequest<I, S> authenticationRequest) {
        return Flux.from(this.tokenEndpointClient.sendRequest(new OauthPasswordTokenRequestContext(authenticationRequest, this.secureEndpoint, this.clientConfiguration))).flatMap(tokenResponse -> {
            return Flux.from(this.authenticationMapper.createAuthenticationResponse(tokenResponse, null));
        });
    }

    protected SecureEndpoint getTokenEndpoint(OauthClientConfiguration oauthClientConfiguration) {
        return new DefaultSecureEndpoint(oauthClientConfiguration.getToken().orElseThrow(() -> {
            return new IllegalArgumentException("Token endpoint configuration is missing for provider [" + oauthClientConfiguration.getName() + "]");
        }), AuthenticationMethods.CLIENT_SECRET_BASIC);
    }
}
