package org.flowable.ui.common.rest.idm;

import java.util.Iterator;
import java.util.Map;
import java.util.StringJoiner;
import org.apache.commons.lang3.StringUtils;
import org.flowable.ui.common.model.GroupRepresentation;
import org.flowable.ui.common.model.UserRepresentation;
import org.flowable.ui.common.security.SecurityScope;
import org.flowable.ui.common.security.SecurityUtils;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.oauth2.core.user.OAuth2User;

/* loaded from: input_file:WEB-INF/lib/flowable-ui-common-6.7.2.jar:org/flowable/ui/common/rest/idm/OAuth2CurrentUserProvider.class */
public class OAuth2CurrentUserProvider implements CurrentUserProvider {
    protected String firstNameKey;
    protected String lastNameKey;
    protected String fullNameKey;
    protected String emailKey;

    @Override // org.flowable.ui.common.rest.idm.CurrentUserProvider
    public UserRepresentation getCurrentUser(Authentication authentication) {
        OAuth2User oAuth2User = (OAuth2User) authentication.getPrincipal();
        UserRepresentation currentUser = oAuth2User instanceof OidcUser ? getCurrentUser((OidcUser) oAuth2User) : getCurrentUser(oAuth2User);
        SecurityScope securityScope = SecurityUtils.getSecurityScope(authentication);
        currentUser.setTenantId(securityScope.getTenantId());
        for (String str : securityScope.getGroupIds()) {
            GroupRepresentation groupRepresentation = new GroupRepresentation();
            groupRepresentation.setId(str);
            currentUser.getGroups().add(groupRepresentation);
        }
        Iterator<? extends GrantedAuthority> it = authentication.getAuthorities().iterator();
        while (it.hasNext()) {
            currentUser.getPrivileges().add(it.next().getAuthority());
        }
        return currentUser;
    }

    protected UserRepresentation getCurrentUser(OidcUser oidcUser) {
        Map<String, Object> attributes = oidcUser.getAttributes();
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setId(oidcUser.getName());
        userRepresentation.setFirstName(getAttribute(this.firstNameKey, attributes, oidcUser.getGivenName()));
        userRepresentation.setLastName(getAttribute(this.lastNameKey, attributes, oidcUser.getFamilyName()));
        String attribute = getAttribute(this.fullNameKey, attributes, oidcUser.getFullName());
        if (StringUtils.isBlank(attribute)) {
            StringJoiner stringJoiner = new StringJoiner(" ");
            if (StringUtils.isNotBlank(userRepresentation.getFirstName())) {
                stringJoiner.add(userRepresentation.getFirstName());
            }
            if (StringUtils.isNotBlank(oidcUser.getMiddleName())) {
                stringJoiner.add(oidcUser.getMiddleName());
            }
            if (StringUtils.isNotBlank(userRepresentation.getLastName())) {
                stringJoiner.add(userRepresentation.getLastName());
            }
            attribute = stringJoiner.toString();
        }
        userRepresentation.setFullName(attribute);
        userRepresentation.setEmail(getAttribute(this.emailKey, attributes, oidcUser.getEmail()));
        return userRepresentation;
    }

    protected UserRepresentation getCurrentUser(OAuth2User oAuth2User) {
        Map<String, Object> attributes = oAuth2User.getAttributes();
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setId(oAuth2User.getName());
        userRepresentation.setFirstName(getAttribute(this.firstNameKey, attributes, null));
        userRepresentation.setLastName(getAttribute(this.lastNameKey, attributes, null));
        String attribute = getAttribute(this.fullNameKey, attributes, null);
        if (StringUtils.isBlank(attribute)) {
            StringJoiner stringJoiner = new StringJoiner(" ");
            if (StringUtils.isNotBlank(userRepresentation.getFirstName())) {
                stringJoiner.add(userRepresentation.getFirstName());
            }
            if (StringUtils.isNotBlank(userRepresentation.getLastName())) {
                stringJoiner.add(userRepresentation.getLastName());
            }
            attribute = stringJoiner.toString();
        }
        userRepresentation.setFullName(attribute);
        userRepresentation.setEmail(getAttribute(this.emailKey, attributes, null));
        return userRepresentation;
    }

    protected String getAttribute(String str, Map<String, Object> map, String str2) {
        Object obj;
        if (!StringUtils.isEmpty(str) && (obj = map.get(str)) != null) {
            return obj.toString();
        }
        return str2;
    }

    @Override // org.flowable.ui.common.rest.idm.CurrentUserProvider
    public boolean supports(Authentication authentication) {
        return authentication.getPrincipal() instanceof OAuth2User;
    }

    public String getFirstNameKey() {
        return this.firstNameKey;
    }

    public void setFirstNameKey(String str) {
        this.firstNameKey = str;
    }

    public String getLastNameKey() {
        return this.lastNameKey;
    }

    public void setLastNameKey(String str) {
        this.lastNameKey = str;
    }

    public String getFullNameKey() {
        return this.fullNameKey;
    }

    public void setFullNameKey(String str) {
        this.fullNameKey = str;
    }

    public String getEmailKey() {
        return this.emailKey;
    }

    public void setEmailKey(String str) {
        this.emailKey = str;
    }
}
