package cn.dustlight.auth.resources;

import cn.dustlight.auth.client.reactive.ReactiveAuthClient;
import cn.dustlight.auth.resources.core.AuthPrincipal;
import cn.dustlight.auth.resources.core.DefaultAuthPrincipal;
import java.util.Collection;
import java.util.Map;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken;
import org.springframework.util.StringUtils;
import reactor.core.publisher.Mono;

/* loaded from: input_file:cn/dustlight/auth/resources/AuthPrincipalUtil.class */
public class AuthPrincipalUtil {
    public static AuthPrincipal getAuthPrincipal(AbstractOAuth2TokenAuthenticationToken abstractOAuth2TokenAuthenticationToken) {
        if (abstractOAuth2TokenAuthenticationToken == null) {
            return null;
        }
        DefaultAuthPrincipal defaultAuthPrincipal = new DefaultAuthPrincipal();
        if (abstractOAuth2TokenAuthenticationToken.getToken() != null) {
            defaultAuthPrincipal.setAccessToken(abstractOAuth2TokenAuthenticationToken.getToken().getTokenValue());
        }
        if (abstractOAuth2TokenAuthenticationToken.getAuthorities() != null) {
            defaultAuthPrincipal.setAuthorities(AuthorityUtils.authorityListToSet(abstractOAuth2TokenAuthenticationToken.getAuthorities()));
        }
        if (abstractOAuth2TokenAuthenticationToken.getName() != null) {
            defaultAuthPrincipal.setUid(Long.valueOf(abstractOAuth2TokenAuthenticationToken.getName()));
        }
        if (abstractOAuth2TokenAuthenticationToken.getTokenAttributes() != null) {
            Map tokenAttributes = abstractOAuth2TokenAuthenticationToken.getTokenAttributes();
            if (tokenAttributes.containsKey("client_id")) {
                defaultAuthPrincipal.setClientId(tokenAttributes.get("client_id").toString());
            }
            if (tokenAttributes.containsKey("client_authorities")) {
                defaultAuthPrincipal.setClientAuthorities((Collection) tokenAttributes.get("client_authorities"));
            }
            if (tokenAttributes.containsKey("user_name")) {
                defaultAuthPrincipal.setName(tokenAttributes.get("user_name").toString());
            }
            if (tokenAttributes.containsKey("scope")) {
                defaultAuthPrincipal.setScope((Collection) tokenAttributes.get("scope"));
            }
            if (tokenAttributes.containsKey("member")) {
                defaultAuthPrincipal.setMember((Boolean) tokenAttributes.get("member"));
            }
            defaultAuthPrincipal.setBody(abstractOAuth2TokenAuthenticationToken.getTokenAttributes());
        }
        return defaultAuthPrincipal;
    }

    public static Mono<String> obtainClientId(ReactiveAuthClient reactiveAuthClient, String str, AuthPrincipal authPrincipal) {
        return (!StringUtils.hasText(str) || reactiveAuthClient.equals(authPrincipal.getClientId())) ? Mono.just(authPrincipal.getClientId()) : reactiveAuthClient.isClientMember(authPrincipal.getUid(), str).flatMap(bool -> {
            return bool.booleanValue() ? Mono.just(str) : Mono.error(new AccessDeniedException("Access Denied"));
        });
    }

    public static Mono<String> obtainClientIdRequireMember(ReactiveAuthClient reactiveAuthClient, String str, AuthPrincipal authPrincipal) {
        return (!StringUtils.hasText(str) || reactiveAuthClient.equals(authPrincipal.getClientId())) ? (authPrincipal.isMember().booleanValue() || authPrincipal.getUid() == null) ? Mono.just(authPrincipal.getClientId()) : Mono.error(new AccessDeniedException("Access Denied")) : reactiveAuthClient.isClientMember(authPrincipal.getUid(), str).flatMap(bool -> {
            return bool.booleanValue() ? Mono.just(str) : Mono.error(new AccessDeniedException("Access Denied"));
        });
    }
}
