package org.apereo.cas.support.oauth.web.views;

import jakarta.servlet.http.HttpServletResponse;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import lombok.Generated;
import org.apereo.cas.CentralAuthenticationService;
import org.apereo.cas.authentication.attribute.AttributeDefinition;
import org.apereo.cas.authentication.attribute.AttributeDefinitionStore;
import org.apereo.cas.configuration.model.support.oauth.OAuthCoreProperties;
import org.apereo.cas.configuration.model.support.oauth.OAuthProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.oauth.services.OAuthRegisteredService;
import org.apereo.cas.support.oauth.util.OAuth20Utils;
import org.apereo.cas.ticket.accesstoken.OAuth20AccessToken;
import org.apereo.cas.util.CollectionUtils;
import org.jose4j.jwt.JwtClaims;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;

/* loaded from: input_file:org/apereo/cas/support/oauth/web/views/OAuth20DefaultUserProfileViewRenderer.class */
public class OAuth20DefaultUserProfileViewRenderer implements OAuth20UserProfileViewRenderer {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(OAuth20DefaultUserProfileViewRenderer.class);
    protected final ServicesManager servicesManager;
    private final OAuthProperties oauthProperties;
    private final AttributeDefinitionStore attributeDefinitionStore;

    @Override // org.apereo.cas.support.oauth.web.views.OAuth20UserProfileViewRenderer
    public ResponseEntity render(Map<String, Object> map, OAuth20AccessToken oAuth20AccessToken, HttpServletResponse httpServletResponse) {
        return renderProfileForModel(getRenderedUserProfile(map, oAuth20AccessToken, httpServletResponse), oAuth20AccessToken, httpServletResponse);
    }

    protected ResponseEntity renderProfileForModel(Map<String, Object> map, OAuth20AccessToken oAuth20AccessToken, HttpServletResponse httpServletResponse) {
        return new ResponseEntity(convertUserProfileIntoClaims(map).getClaimsMap(), HttpStatus.OK);
    }

    protected Map<String, Object> getRenderedUserProfile(Map<String, Object> map, OAuth20AccessToken oAuth20AccessToken, HttpServletResponse httpServletResponse) {
        OAuthCoreProperties.UserProfileViewTypes determineUserProfileType = determineUserProfileType(oAuth20AccessToken);
        LOGGER.debug("User profile view type for client [{}] is set to [{}]", oAuth20AccessToken.getClientId(), determineUserProfileType);
        return determineUserProfileType == OAuthCoreProperties.UserProfileViewTypes.FLAT ? flattenUserProfile(map) : map;
    }

    protected OAuthCoreProperties.UserProfileViewTypes determineUserProfileType(OAuth20AccessToken oAuth20AccessToken) {
        OAuthRegisteredService registeredOAuthServiceByClientId = OAuth20Utils.getRegisteredOAuthServiceByClientId(this.servicesManager, oAuth20AccessToken.getClientId());
        return (registeredOAuthServiceByClientId == null || registeredOAuthServiceByClientId.getUserProfileViewType() == null) ? this.oauthProperties.getCore().getUserProfileViewType() : registeredOAuthServiceByClientId.getUserProfileViewType();
    }

    protected Map<String, Object> flattenUserProfile(Map<String, Object> map) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        if (map.containsKey(OAuth20UserProfileViewRenderer.MODEL_ATTRIBUTE_ATTRIBUTES)) {
            linkedHashMap.putAll((Map) map.get(OAuth20UserProfileViewRenderer.MODEL_ATTRIBUTE_ATTRIBUTES));
        }
        map.keySet().stream().filter(str -> {
            return !str.equalsIgnoreCase(OAuth20UserProfileViewRenderer.MODEL_ATTRIBUTE_ATTRIBUTES);
        }).forEach(str2 -> {
            linkedHashMap.put(str2, map.get(str2));
        });
        LOGGER.trace("Flattened user profile attributes with the final model as [{}]", map);
        return linkedHashMap;
    }

    protected JwtClaims convertUserProfileIntoClaims(Map<String, Object> map) {
        JwtClaims jwtClaims = new JwtClaims();
        map.entrySet().stream().filter(entry -> {
            return !((String) entry.getKey()).startsWith(CentralAuthenticationService.NAMESPACE);
        }).forEach(entry2 -> {
            if (!OAuth20UserProfileViewRenderer.MODEL_ATTRIBUTE_ATTRIBUTES.equals(entry2.getKey())) {
                jwtClaims.setClaim((String) entry2.getKey(), determineAttributeValue((String) entry2.getKey(), entry2.getValue()));
                return;
            }
            Map map2 = (Map) entry2.getValue();
            HashMap hashMap = new HashMap();
            map2.forEach((str, obj) -> {
                hashMap.put(str, determineAttributeValue(str, obj));
            });
            jwtClaims.setClaim((String) entry2.getKey(), hashMap);
        });
        return jwtClaims;
    }

    protected Object determineAttributeValue(String str, Object obj) {
        ArrayList arrayList = (ArrayList) CollectionUtils.toCollection(obj, ArrayList.class);
        return this.attributeDefinitionStore.locateAttributeDefinition(str, AttributeDefinition.class).map(attributeDefinition -> {
            return attributeDefinition.toAttributeValue(arrayList);
        }).orElseGet(() -> {
            return arrayList.size() == 1 ? arrayList.getFirst() : arrayList;
        });
    }

    @Generated
    public OAuth20DefaultUserProfileViewRenderer(ServicesManager servicesManager, OAuthProperties oAuthProperties, AttributeDefinitionStore attributeDefinitionStore) {
        this.servicesManager = servicesManager;
        this.oauthProperties = oAuthProperties;
        this.attributeDefinitionStore = attributeDefinitionStore;
    }
}
