package io.micronaut.security.token.cookie;

import io.micronaut.context.annotation.Requirements;
import io.micronaut.context.annotation.Requires;
import io.micronaut.core.annotation.Nullable;
import io.micronaut.core.util.StringUtils;
import io.micronaut.http.HttpRequest;
import io.micronaut.http.MutableHttpResponse;
import io.micronaut.http.cookie.Cookie;
import io.micronaut.security.authentication.Authentication;
import io.micronaut.security.config.RedirectConfiguration;
import io.micronaut.security.config.RedirectService;
import io.micronaut.security.errors.OauthErrorResponseException;
import io.micronaut.security.errors.ObtainingAuthorizationErrorCode;
import io.micronaut.security.errors.PriorToLoginPersistence;
import io.micronaut.security.token.generator.AccessRefreshTokenGenerator;
import io.micronaut.security.token.generator.AccessTokenConfiguration;
import io.micronaut.security.token.render.AccessRefreshToken;
import jakarta.inject.Inject;
import jakarta.inject.Singleton;
import java.time.Duration;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;

@Requirements({@Requires(classes = {HttpRequest.class}), @Requires(property = "micronaut.security.authentication", value = "cookie")})
@Singleton
/* loaded from: input_file:io/micronaut/security/token/cookie/TokenCookieLoginHandler.class */
public class TokenCookieLoginHandler extends CookieLoginHandler {
    protected final AccessRefreshTokenGenerator accessRefreshTokenGenerator;
    protected final RefreshTokenCookieConfiguration refreshTokenCookieConfiguration;
    protected final AccessTokenConfiguration accessTokenConfiguration;
    private final List<LoginCookieProvider<HttpRequest<?>>> loginCookieProviders;

    @Inject
    public TokenCookieLoginHandler(RedirectService redirectService, RedirectConfiguration redirectConfiguration, AccessTokenCookieConfiguration accessTokenCookieConfiguration, RefreshTokenCookieConfiguration refreshTokenCookieConfiguration, AccessTokenConfiguration accessTokenConfiguration, AccessRefreshTokenGenerator accessRefreshTokenGenerator, @Nullable PriorToLoginPersistence<HttpRequest<?>, MutableHttpResponse<?>> priorToLoginPersistence, List<LoginCookieProvider<HttpRequest<?>>> list) {
        super(accessTokenCookieConfiguration, redirectConfiguration, redirectService, priorToLoginPersistence);
        this.refreshTokenCookieConfiguration = refreshTokenCookieConfiguration;
        this.accessTokenConfiguration = accessTokenConfiguration;
        this.accessRefreshTokenGenerator = accessRefreshTokenGenerator;
        this.loginCookieProviders = list;
    }

    @Deprecated(forRemoval = true, since = "4.11.0")
    public TokenCookieLoginHandler(RedirectService redirectService, RedirectConfiguration redirectConfiguration, AccessTokenCookieConfiguration accessTokenCookieConfiguration, RefreshTokenCookieConfiguration refreshTokenCookieConfiguration, AccessTokenConfiguration accessTokenConfiguration, AccessRefreshTokenGenerator accessRefreshTokenGenerator, @Nullable PriorToLoginPersistence<HttpRequest<?>, MutableHttpResponse<?>> priorToLoginPersistence) {
        this(redirectService, redirectConfiguration, accessTokenCookieConfiguration, refreshTokenCookieConfiguration, accessTokenConfiguration, accessRefreshTokenGenerator, priorToLoginPersistence, Collections.emptyList());
    }

    @Override // io.micronaut.security.token.cookie.CookieLoginHandler
    public List<Cookie> getCookies(Authentication authentication, HttpRequest<?> httpRequest) {
        return getCookies(this.accessRefreshTokenGenerator.generate(authentication).orElseThrow(() -> {
            return new OauthErrorResponseException(ObtainingAuthorizationErrorCode.SERVER_ERROR, "Cannot obtain an access token", null);
        }), httpRequest);
    }

    @Override // io.micronaut.security.token.cookie.CookieLoginHandler
    public List<Cookie> getCookies(Authentication authentication, String str, HttpRequest<?> httpRequest) {
        return getCookies(this.accessRefreshTokenGenerator.generate(str, authentication).orElseThrow(() -> {
            return new OauthErrorResponseException(ObtainingAuthorizationErrorCode.SERVER_ERROR, "Cannot obtain an access token", null);
        }), httpRequest);
    }

    protected List<Cookie> getCookies(AccessRefreshToken accessRefreshToken, HttpRequest<?> httpRequest) {
        ArrayList arrayList = new ArrayList(2);
        Cookie of = Cookie.of(this.accessTokenCookieConfiguration.getCookieName(), accessRefreshToken.getAccessToken());
        of.configure(this.accessTokenCookieConfiguration, httpRequest.isSecure());
        of.maxAge((TemporalAmount) this.accessTokenCookieConfiguration.getCookieMaxAge().orElseGet(() -> {
            return Duration.ofSeconds(this.accessTokenConfiguration.getExpiration().intValue());
        }));
        arrayList.add(of);
        String refreshToken = accessRefreshToken.getRefreshToken();
        if (StringUtils.isNotEmpty(refreshToken)) {
            Cookie of2 = Cookie.of(this.refreshTokenCookieConfiguration.getCookieName(), refreshToken);
            of2.configure(this.refreshTokenCookieConfiguration, httpRequest.isSecure());
            of2.maxAge((TemporalAmount) this.refreshTokenCookieConfiguration.getCookieMaxAge().orElseGet(() -> {
                return Duration.ofDays(30L);
            }));
            arrayList.add(of2);
        }
        Iterator<LoginCookieProvider<HttpRequest<?>>> it = this.loginCookieProviders.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().provideCookie(httpRequest));
        }
        return arrayList;
    }
}
