package com.top_logic.security.auth.pac4j.config;

import com.top_logic.base.accesscontrol.DefaultExternalUserMapping;
import com.top_logic.base.accesscontrol.ExternalUserMapping;
import com.top_logic.basic.CalledByReflection;
import com.top_logic.basic.Logger;
import com.top_logic.basic.config.InstantiationContext;
import com.top_logic.basic.config.TypedConfiguration;
import com.top_logic.basic.config.annotation.Key;
import com.top_logic.basic.config.annotation.Name;
import com.top_logic.basic.config.annotation.defaults.ImplementationClassDefault;
import com.top_logic.basic.config.annotation.defaults.StringDefault;
import com.top_logic.basic.module.ConfiguredManagedClass;
import com.top_logic.basic.module.ServiceDependencies;
import com.top_logic.basic.module.TypedRuntimeModule;
import com.top_logic.basic.module.services.ServletContextService;
import com.top_logic.security.auth.pac4j.config.ClientConfigurator;
import com.top_logic.security.auth.pac4j.config.Pac4jConfigFactory.Config;
import jakarta.servlet.ServletContext;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.Map;
import org.pac4j.core.adapter.FrameworkAdapter;
import org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer;
import org.pac4j.core.client.Client;
import org.pac4j.core.client.Clients;
import org.pac4j.core.config.ConfigFactory;
import org.pac4j.core.http.url.DefaultUrlResolver;
import org.pac4j.core.http.url.UrlResolver;

@ServiceDependencies({ServletContextService.Module.class})
/* loaded from: input_file:com/top_logic/security/auth/pac4j/config/Pac4jConfigFactory.class */
public class Pac4jConfigFactory<C extends Config<?>> extends ConfiguredManagedClass<C> {
    private final Collection<ClientConfigurator> _clientConfigurators;
    private org.pac4j.core.config.Config _pac4jConfig;

    /* loaded from: input_file:com/top_logic/security/auth/pac4j/config/Pac4jConfigFactory$Config.class */
    public interface Config<I extends Pac4jConfigFactory<?>> extends ConfiguredManagedClass.Config<I>, HasCallbackUrl {
        @Override // com.top_logic.security.auth.pac4j.config.HasCallbackUrl
        @StringDefault("/servlet/callback")
        String getCallbackUrl();

        @ImplementationClassDefault(DefaultOidcClientConfigurator.class)
        @Key(ClientConfigurator.Config.NAME)
        @Name("clients")
        Map<String, ClientConfigurator.Config<? extends ClientConfigurator>> getClients();
    }

    /* loaded from: input_file:com/top_logic/security/auth/pac4j/config/Pac4jConfigFactory$Module.class */
    public static class Module extends TypedRuntimeModule<Pac4jConfigFactory<?>> {
        public static final Module INSTANCE = new Module();

        private Module() {
        }

        public Class<Pac4jConfigFactory<?>> getImplementation() {
            return Pac4jConfigFactory.class;
        }
    }

    /* loaded from: input_file:com/top_logic/security/auth/pac4j/config/Pac4jConfigFactory$TLPac4jConfigFactory.class */
    public static class TLPac4jConfigFactory implements ConfigFactory {
        public org.pac4j.core.config.Config build(Object... objArr) {
            return Pac4jConfigFactory.getInstance().getPac4jConfig();
        }
    }

    @CalledByReflection
    public Pac4jConfigFactory(InstantiationContext instantiationContext, C c) {
        super(instantiationContext, c);
        this._clientConfigurators = TypedConfiguration.getInstanceMap(instantiationContext, c.getClients()).values();
    }

    public UserNameExtractor getUserNameExtractor(String str) {
        ClientConfigurator.Config<? extends ClientConfigurator> config = ((Config) getConfig()).getClients().get(str);
        if (config != null) {
            return config.getUserNameExtractor();
        }
        Logger.error("No such client configured: " + str, Pac4jConfigFactory.class);
        return DefaultUserNameExtractor.INSTANCE;
    }

    public ExternalUserMapping getUserMapping(String str) {
        ClientConfigurator.Config<? extends ClientConfigurator> config = ((Config) getConfig()).getClients().get(str);
        if (config != null) {
            return config.getUserMapping();
        }
        Logger.error("No such client configured: " + str, Pac4jConfigFactory.class);
        return DefaultExternalUserMapping.INSTANCE;
    }

    protected void startUp() {
        super.startUp();
        this._pac4jConfig = buildPac4jConfig(ServletContextService.getInstance().getServletContext());
    }

    protected org.pac4j.core.config.Config buildPac4jConfig(ServletContext servletContext) {
        ArrayList arrayList = new ArrayList();
        Iterator<ClientConfigurator> it = this._clientConfigurators.iterator();
        while (it.hasNext()) {
            Client createClient = it.next().createClient(servletContext);
            if (createClient != null) {
                arrayList.add(createClient);
            }
        }
        Clients clients = new Clients(resolveCallbackUrl(servletContext, getConfig()), arrayList);
        clients.setUrlResolver(createUrlResolver(getConfig()));
        clients.setDefaultSecurityClients(clientNames(clients));
        org.pac4j.core.config.Config config = new org.pac4j.core.config.Config(clients);
        config.addAuthorizer("admin", new RequireAnyRoleAuthorizer(new String[]{"ROLE_ADMIN"}));
        FrameworkAdapter.INSTANCE.applyDefaultSettingsIfUndefined(config);
        return config;
    }

    private String clientNames(Clients clients) {
        StringBuilder sb = new StringBuilder();
        boolean z = false;
        for (Client client : clients.getClients()) {
            if (z) {
                sb.append(",");
            } else {
                z = true;
            }
            sb.append(client.getName());
        }
        return sb.toString();
    }

    public static String resolveCallbackUrl(ServletContext servletContext, HasCallbackUrl hasCallbackUrl) {
        String callbackUrl = hasCallbackUrl.getCallbackUrl();
        if (callbackUrl == null) {
            return null;
        }
        if (!hasCallbackUrl.isCallbackUrlAbsolute()) {
            callbackUrl = servletContext.getContextPath() + callbackUrl;
        }
        return callbackUrl;
    }

    public org.pac4j.core.config.Config getPac4jConfig() {
        return this._pac4jConfig;
    }

    public static UrlResolver createUrlResolver(HasCallbackUrl hasCallbackUrl) {
        return new DefaultUrlResolver(!hasCallbackUrl.isCallbackUrlAbsolute());
    }

    public static Pac4jConfigFactory<?> getInstance() {
        return Module.INSTANCE.getImplementationInstance();
    }
}
