package org.apache.nifi.web.security.oidc.client.web;

import java.net.URI;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import org.apache.nifi.web.util.RequestUriBuilder;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver;
import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestCustomizers;
import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
import org.springframework.web.util.UriComponentsBuilder;

/* loaded from: input_file:org/apache/nifi/web/security/oidc/client/web/StandardOAuth2AuthorizationRequestResolver.class */
public class StandardOAuth2AuthorizationRequestResolver implements OAuth2AuthorizationRequestResolver {
    private final OAuth2AuthorizationRequestResolver resolver;

    public StandardOAuth2AuthorizationRequestResolver(ClientRegistrationRepository clientRegistrationRepository) {
        Objects.requireNonNull(clientRegistrationRepository, "Repository required");
        DefaultOAuth2AuthorizationRequestResolver defaultOAuth2AuthorizationRequestResolver = new DefaultOAuth2AuthorizationRequestResolver(clientRegistrationRepository, "/oauth2/authorization");
        defaultOAuth2AuthorizationRequestResolver.setAuthorizationRequestCustomizer(OAuth2AuthorizationRequestCustomizers.withPkce());
        this.resolver = defaultOAuth2AuthorizationRequestResolver;
    }

    public OAuth2AuthorizationRequest resolve(HttpServletRequest httpServletRequest) {
        return getResolvedAuthorizationRequest(this.resolver.resolve(httpServletRequest), httpServletRequest);
    }

    public OAuth2AuthorizationRequest resolve(HttpServletRequest httpServletRequest, String str) {
        return getResolvedAuthorizationRequest(this.resolver.resolve(httpServletRequest, str), httpServletRequest);
    }

    private OAuth2AuthorizationRequest getResolvedAuthorizationRequest(OAuth2AuthorizationRequest oAuth2AuthorizationRequest, HttpServletRequest httpServletRequest) {
        OAuth2AuthorizationRequest build;
        if (oAuth2AuthorizationRequest == null) {
            build = null;
        } else {
            String redirectUri = oAuth2AuthorizationRequest.getRedirectUri();
            if (redirectUri == null) {
                build = oAuth2AuthorizationRequest;
            } else {
                build = OAuth2AuthorizationRequest.from(oAuth2AuthorizationRequest).redirectUri(getRequestBasedRedirectUri(redirectUri, httpServletRequest)).build();
            }
        }
        return build;
    }

    private String getRequestBasedRedirectUri(String str, HttpServletRequest httpServletRequest) {
        URI build = RequestUriBuilder.fromHttpServletRequest(httpServletRequest).path(UriComponentsBuilder.fromUriString(str).build().getPath()).build();
        return UriComponentsBuilder.fromUriString(str).scheme(build.getScheme()).host(build.getHost()).port(build.getPort()).replacePath(build.getPath()).build().toUriString();
    }
}
