package com.c4_soft.springaddons.security.oidc.starter.synchronised.client;

import com.c4_soft.springaddons.security.oidc.starter.properties.SpringAddonsOidcProperties;
import com.c4_soft.springaddons.security.oidc.starter.properties.condition.bean.DefaultGrantedAuthoritiesMapperCondition;
import com.c4_soft.springaddons.security.oidc.starter.properties.condition.bean.DefaultOAuth2AuthorizedClientManagerCondition;
import com.c4_soft.springaddons.security.oidc.starter.properties.condition.bean.DefaultOAuth2AuthorizedClientProviderCondition;
import com.c4_soft.springaddons.security.oidc.starter.properties.condition.configuration.IsServletOauth2ClientCondition;
import java.util.Collection;
import java.util.HashSet;
import java.util.Map;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Conditional;
import org.springframework.core.convert.converter.Converter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientManager;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientProvider;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager;
import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority;
import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;

@Conditional({IsServletOauth2ClientCondition.class})
@AutoConfiguration
/* loaded from: input_file:com/c4_soft/springaddons/security/oidc/starter/synchronised/client/SpringAddonsOAuth2AuthorizedClientBeans.class */
public class SpringAddonsOAuth2AuthorizedClientBeans {
    @Conditional({DefaultOAuth2AuthorizedClientManagerCondition.class})
    @Bean
    OAuth2AuthorizedClientManager authorizedClientManager(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository oAuth2AuthorizedClientRepository, OAuth2AuthorizedClientProvider oAuth2AuthorizedClientProvider) {
        DefaultOAuth2AuthorizedClientManager defaultOAuth2AuthorizedClientManager = new DefaultOAuth2AuthorizedClientManager(clientRegistrationRepository, oAuth2AuthorizedClientRepository);
        defaultOAuth2AuthorizedClientManager.setAuthorizedClientProvider(oAuth2AuthorizedClientProvider);
        return defaultOAuth2AuthorizedClientManager;
    }

    @Conditional({DefaultOAuth2AuthorizedClientProviderCondition.class})
    @Bean
    OAuth2AuthorizedClientProvider oauth2AuthorizedClientProvider(SpringAddonsOidcProperties springAddonsOidcProperties, InMemoryClientRegistrationRepository inMemoryClientRegistrationRepository) {
        return new PerRegistrationOAuth2AuthorizedClientProvider(inMemoryClientRegistrationRepository, springAddonsOidcProperties);
    }

    @Conditional({DefaultGrantedAuthoritiesMapperCondition.class})
    @Bean
    GrantedAuthoritiesMapper grantedAuthoritiesMapper(Converter<Map<String, Object>, Collection<? extends GrantedAuthority>> converter) {
        return collection -> {
            HashSet hashSet = new HashSet();
            collection.forEach(grantedAuthority -> {
                if (grantedAuthority instanceof OidcUserAuthority) {
                    hashSet.addAll((Collection) converter.convert(((OidcUserAuthority) grantedAuthority).getIdToken().getClaims()));
                } else if (grantedAuthority instanceof OAuth2UserAuthority) {
                    hashSet.addAll((Collection) converter.convert(((OAuth2UserAuthority) grantedAuthority).getAttributes()));
                }
            });
            return hashSet;
        };
    }
}
