package org.iplass.mtp.impl.auth.oauth;

import java.util.List;
import org.iplass.mtp.auth.User;
import org.iplass.mtp.auth.login.Credential;
import org.iplass.mtp.auth.login.CredentialUpdateException;
import org.iplass.mtp.impl.auth.AuthService;
import org.iplass.mtp.impl.auth.authenticate.AccountHandle;
import org.iplass.mtp.impl.auth.authenticate.AccountManagementModule;
import org.iplass.mtp.impl.auth.authenticate.AuthenticationProvider;
import org.iplass.mtp.impl.auth.authenticate.AuthenticationProviderBase;
import org.iplass.mtp.impl.auth.authenticate.UserEntityResolver;
import org.iplass.mtp.impl.auth.authenticate.builtin.policy.AuthenticationPolicyService;
import org.iplass.mtp.impl.auth.authenticate.builtin.policy.MetaAuthenticationPolicy;
import org.iplass.mtp.impl.auth.oauth.token.AccessToken;
import org.iplass.mtp.spi.Config;
import org.iplass.mtp.spi.ServiceRegistry;

/* loaded from: input_file:org/iplass/mtp/impl/auth/oauth/AccessTokenAuthenticationProvider.class */
public class AccessTokenAuthenticationProvider extends AuthenticationProviderBase {
    private AccessTokenAccountManagementModule amm = new AccessTokenAccountManagementModule();
    private OAuthAuthorizationService authorizationService = (OAuthAuthorizationService) ServiceRegistry.getRegistry().getService(OAuthAuthorizationService.class);
    private AuthenticationPolicyService authPolicyService = ServiceRegistry.getRegistry().getService(AuthenticationPolicyService.class);
    private Class<? extends Credential> credentialTypeForTrust;
    private Class<? extends AccountHandle> accountHandleClassForTrust;

    /* loaded from: input_file:org/iplass/mtp/impl/auth/oauth/AccessTokenAuthenticationProvider$AccessTokenAccountManagementModule.class */
    private class AccessTokenAccountManagementModule implements AccountManagementModule {
        private AccessTokenAccountManagementModule() {
        }

        public boolean canCreate() {
            return false;
        }

        public boolean canUpdate() {
            return false;
        }

        public boolean canRemove() {
            return true;
        }

        public boolean canRestore() {
            return false;
        }

        public boolean canPurge() {
            return false;
        }

        public boolean canUpdateCredential() {
            return false;
        }

        public boolean canResetCredential() {
            return false;
        }

        public void create(User user) {
        }

        public void afterCreate(User user) {
        }

        public void update(User user, List<String> list) {
        }

        public void afterUpdate(User user, String str, List<String> list) {
        }

        public void remove(User user) {
            AccessTokenAuthenticationProvider.this.authorizationService.getAccessTokenStore().revokeTokenByUserOid(user.getValue(AccessTokenAuthenticationProvider.this.getUserEntityResolver().getUnmodifiableUniqueKeyProperty()).toString());
        }

        public void restore(User user) {
        }

        public void purge(User user) {
        }

        public void updateCredential(Credential credential, Credential credential2) throws CredentialUpdateException {
        }

        public void resetCredential(Credential credential) throws CredentialUpdateException {
        }

        public boolean canResetLockoutStatus() {
            return false;
        }

        public void resetLockoutStatus(String str) {
        }
    }

    /* loaded from: input_file:org/iplass/mtp/impl/auth/oauth/AccessTokenAuthenticationProvider$AccessTokenUserEntityResolver.class */
    public class AccessTokenUserEntityResolver implements UserEntityResolver {
        private UserEntityResolver actual;

        private AccessTokenUserEntityResolver(UserEntityResolver userEntityResolver) {
            this.actual = userEntityResolver;
        }

        public void inited(AuthService authService, AuthenticationProvider authenticationProvider) {
        }

        public User searchUser(AccountHandle accountHandle) {
            return ((AccessTokenAccountHandle) accountHandle).getAccessToken().getUser();
        }

        public String getUnmodifiableUniqueKeyProperty() {
            return this.actual.getUnmodifiableUniqueKeyProperty();
        }

        public UserEntityResolver getActual() {
            return this.actual;
        }
    }

    public void setCredentialTypeForTrust(Class<? extends Credential> cls) {
        this.credentialTypeForTrust = cls;
    }

    public void setAccountHandleClassForTrust(Class<? extends AccountHandle> cls) {
        this.accountHandleClassForTrust = cls;
    }

    public Class<? extends Credential> getCredentialType() {
        return AccessTokenCredential.class;
    }

    protected Class<? extends Credential> getCredentialTypeForTrust() {
        return this.credentialTypeForTrust;
    }

    protected Class<? extends AccountHandle> getAccountHandleClassForTrust() {
        return this.accountHandleClassForTrust;
    }

    public void inited(AuthService authService, Config config) {
        super.inited(authService, config);
        setUserEntityResolver(new AccessTokenUserEntityResolver(getUserEntityResolver()));
    }

    public void destroyed() {
    }

    public void cleanupData() {
    }

    public AccountHandle login(Credential credential) {
        if (!(credential instanceof AccessTokenCredential)) {
            return null;
        }
        AccessTokenCredential accessTokenCredential = (AccessTokenCredential) credential;
        if (accessTokenCredential.getToken() == null) {
            throw new IllegalArgumentException("specify token");
        }
        AccessToken accessToken = this.authorizationService.getAccessTokenStore().getAccessToken(accessTokenCredential.getToken());
        if (accessToken == null || accessToken.getExpiresIn() <= 0) {
            return null;
        }
        UserEntityResolver userEntityResolver = getUserEntityResolver();
        User user = accessToken.getUser();
        String obj = user.getValue(userEntityResolver.getUnmodifiableUniqueKeyProperty()).toString();
        MetaAuthenticationPolicy.AuthenticationPolicyRuntime orDefault = this.authPolicyService.getOrDefault(user.getAccountPolicy());
        if (orDefault == null) {
            return null;
        }
        return new AccessTokenAccountHandle(obj, accessToken, orDefault.getMetaData().getName());
    }

    public void logout(AccountHandle accountHandle) {
    }

    public AccountManagementModule getAccountManagementModule() {
        return this.amm;
    }
}
