package de.cuioss.portal.authentication.oauth.impl;

import de.cuioss.portal.authentication.oauth.OAuthConfigKeys;
import de.cuioss.portal.authentication.oauth.Oauth2Configuration;
import de.cuioss.portal.restclient.CuiRestClientBuilder;
import de.cuioss.tools.logging.CuiLogger;
import de.cuioss.tools.net.UrlHelper;
import de.cuioss.tools.string.MoreStrings;
import jakarta.annotation.PostConstruct;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.enterprise.context.Dependent;
import jakarta.enterprise.inject.Produces;
import jakarta.inject.Inject;
import jakarta.inject.Provider;
import jakarta.ws.rs.GET;
import java.io.Closeable;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import lombok.Generated;
import org.eclipse.microprofile.config.inject.ConfigProperty;

@ApplicationScoped
/* loaded from: input_file:de/cuioss/portal/authentication/oauth/impl/Oauth2DiscoveryConfigurationProducer.class */
public class Oauth2DiscoveryConfigurationProducer {
    private static final CuiLogger LOGGER = new CuiLogger(Oauth2DiscoveryConfigurationProducer.class);

    @Dependent
    @Produces
    private Oauth2Configuration configuration;

    @Inject
    @ConfigProperty(name = OAuthConfigKeys.OPEN_ID_CLIENT_ID)
    private Provider<Optional<String>> oauth2clientId;

    @Inject
    @ConfigProperty(name = OAuthConfigKeys.OPEN_ID_CLIENT_SECRET)
    private Provider<Optional<String>> oauth2clientSecret;

    @Inject
    @ConfigProperty(name = OAuthConfigKeys.OPEN_ID_SERVER_BASE_URL)
    private Provider<Optional<String>> serverBaseUrl;

    @Inject
    @ConfigProperty(name = OAuthConfigKeys.OPEN_ID_DISCOVER_PATH)
    private Provider<Optional<String>> oauth2discoveryUri;

    @Inject
    @ConfigProperty(name = OAuthConfigKeys.EXTERNAL_HOSTNAME)
    private Provider<Optional<String>> externalContextPath;

    @Inject
    @ConfigProperty(name = OAuthConfigKeys.OPEN_ID_CLIENT_DEFAULT_SCOPES)
    private Provider<Optional<String>> oauth2initialScopes;

    @Inject
    @ConfigProperty(name = OAuthConfigKeys.OPEN_ID_ROLE_MAPPER_CLAIM)
    private Provider<Optional<List<String>>> roleMapperClaim;

    @Inject
    @ConfigProperty(name = OAuthConfigKeys.OPEN_ID_CLIENT_LOGOUT_REDIRECT_PARAMETER)
    private Provider<Optional<String>> logoutRedirectParameter;

    @Inject
    @ConfigProperty(name = OAuthConfigKeys.OPEN_ID_CLIENT_LOGOUT_ADD_ID_TOKEN_HINT)
    private Provider<Optional<Boolean>> logoutWithIdTokenHintProvider;

    @Inject
    @ConfigProperty(name = OAuthConfigKeys.OPEN_ID_CLIENT_POST_LOGOUT_REDIRECT_URI)
    private Provider<Optional<String>> postLogoutRedirectUri;

    @Inject
    @ConfigProperty(name = OAuthConfigKeys.OPEN_ID_SERVER_TOKEN_URL)
    private Provider<Optional<String>> internalTokenUrl;

    @Inject
    @ConfigProperty(name = OAuthConfigKeys.OPEN_ID_SERVER_USER_INFO_URL)
    private Provider<Optional<String>> internalUserInfoUrl;

    @Inject
    @ConfigProperty(name = OAuthConfigKeys.CONFIG_VALIDATION_ENABLED)
    private Provider<Boolean> configValidationEnabled;

    /* loaded from: input_file:de/cuioss/portal/authentication/oauth/impl/Oauth2DiscoveryConfigurationProducer$RequestDiscovery.class */
    public interface RequestDiscovery extends Closeable {
        @GET
        Map<String, Object> getDiscovery();
    }

    @PostConstruct
    public void init() {
        this.configuration = null;
        String str = (String) ((Optional) this.serverBaseUrl.get()).orElse(null);
        String str2 = (String) ((Optional) this.oauth2discoveryUri.get()).orElse(null);
        if (MoreStrings.isBlank(str) || MoreStrings.isBlank(str2)) {
            LOGGER.warn("Oauth config key '{}' and/or '{}' not set, trying fallback", new Object[]{OAuthConfigKeys.OPEN_ID_SERVER_BASE_URL, OAuthConfigKeys.OPEN_ID_DISCOVER_PATH});
        } else {
            CuiRestClientBuilder cuiRestClientBuilder = new CuiRestClientBuilder(LOGGER);
            String str3 = UrlHelper.addTrailingSlashToUrl(str) + str2;
            LOGGER.debug("Using discoveryURI {}", new Object[]{str3});
            cuiRestClientBuilder.url(str3);
            try {
                RequestDiscovery requestDiscovery = (RequestDiscovery) cuiRestClientBuilder.build(RequestDiscovery.class);
                try {
                    this.configuration = createConfiguration(requestDiscovery.getDiscovery());
                    if (requestDiscovery != null) {
                        requestDiscovery.close();
                    }
                } finally {
                }
            } catch (Exception e) {
                LOGGER.error(e, "Auto discovery of oauth config failed, using URI: {}", new Object[]{str3});
            }
        }
        LOGGER.debug("oauth config: {}", new Object[]{this.configuration});
        if (null == this.configuration || !((Boolean) this.configValidationEnabled.get()).booleanValue()) {
            return;
        }
        this.configuration.validate();
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:8:0x011e. Please report as an issue. */
    private Oauth2Configuration createConfiguration(Map<String, Object> map) {
        Oauth2ConfigurationImpl oauth2ConfigurationImpl = new Oauth2ConfigurationImpl();
        Optional optional = (Optional) this.oauth2clientId.get();
        Objects.requireNonNull(oauth2ConfigurationImpl);
        optional.ifPresent(oauth2ConfigurationImpl::setClientId);
        Optional optional2 = (Optional) this.oauth2clientSecret.get();
        Objects.requireNonNull(oauth2ConfigurationImpl);
        optional2.ifPresent(oauth2ConfigurationImpl::setClientSecret);
        Optional optional3 = (Optional) this.externalContextPath.get();
        Objects.requireNonNull(oauth2ConfigurationImpl);
        optional3.ifPresent(oauth2ConfigurationImpl::setExternalContextPath);
        Optional optional4 = (Optional) this.oauth2initialScopes.get();
        Objects.requireNonNull(oauth2ConfigurationImpl);
        optional4.ifPresent(oauth2ConfigurationImpl::setInitialScopes);
        Optional optional5 = (Optional) this.logoutRedirectParameter.get();
        Objects.requireNonNull(oauth2ConfigurationImpl);
        optional5.ifPresent(oauth2ConfigurationImpl::setLogoutRedirectParamName);
        Optional optional6 = (Optional) this.postLogoutRedirectUri.get();
        Objects.requireNonNull(oauth2ConfigurationImpl);
        optional6.ifPresent(oauth2ConfigurationImpl::setPostLogoutRedirectUri);
        Optional optional7 = (Optional) this.roleMapperClaim.get();
        if (optional7.isPresent()) {
            oauth2ConfigurationImpl.setRoleMapperClaims((List) optional7.get());
        } else {
            oauth2ConfigurationImpl.setRoleMapperClaims(Collections.emptyList());
        }
        Optional optional8 = (Optional) this.logoutWithIdTokenHintProvider.get();
        Objects.requireNonNull(oauth2ConfigurationImpl);
        optional8.ifPresent((v1) -> {
            r1.setLogoutWithIdTokenHintEnabled(v1);
        });
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            String key = entry.getKey();
            boolean z = -1;
            switch (key.hashCode()) {
                case -110387198:
                    if (key.equals("end_session_endpoint")) {
                        z = 3;
                        break;
                    }
                    break;
                case 146023451:
                    if (key.equals("userinfo_endpoint")) {
                        z = true;
                        break;
                    }
                    break;
                case 495238427:
                    if (key.equals("token_endpoint")) {
                        z = 2;
                        break;
                    }
                    break;
                case 2140464795:
                    if (key.equals("authorization_endpoint")) {
                        z = false;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    oauth2ConfigurationImpl.setAuthorizeUri((String) entry.getValue());
                    break;
                case true:
                    oauth2ConfigurationImpl.setUserInfoUri((String) entry.getValue());
                    break;
                case true:
                    oauth2ConfigurationImpl.setTokenUri((String) entry.getValue());
                    break;
                case true:
                    oauth2ConfigurationImpl.setLogoutUri((String) entry.getValue());
                    break;
            }
        }
        ((Optional) this.internalTokenUrl.get()).ifPresent(str -> {
            LOGGER.debug("overwrite well-known token-url '{}' with: {}", new Object[]{oauth2ConfigurationImpl.getTokenUri(), str});
            oauth2ConfigurationImpl.setTokenUri(str);
        });
        ((Optional) this.internalUserInfoUrl.get()).ifPresent(str2 -> {
            LOGGER.debug("overwrite well-known userinfo-url '{}' with: {}", new Object[]{oauth2ConfigurationImpl.getUserInfoUri(), str2});
            oauth2ConfigurationImpl.setUserInfoUri(str2);
        });
        return oauth2ConfigurationImpl;
    }

    @Generated
    public Oauth2Configuration getConfiguration() {
        return this.configuration;
    }
}
