package org.minbox.framework.on.security.authorization.server.oauth2.config.configuration;

import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.function.Function;
import org.minbox.framework.on.security.core.authorization.data.user.SecurityUser;
import org.minbox.framework.on.security.core.authorization.data.user.SecurityUserJdbcRepository;
import org.minbox.framework.on.security.core.authorization.data.user.SecurityUserRepository;
import org.minbox.framework.on.security.core.authorization.jackson2.OnSecurityJsonMapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.jdbc.core.JdbcOperations;
import org.springframework.security.oauth2.core.oidc.OidcIdToken;
import org.springframework.security.oauth2.core.oidc.OidcUserInfo;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcUserInfoAuthenticationContext;
import org.springframework.util.ObjectUtils;

/* loaded from: input_file:org/minbox/framework/on/security/authorization/server/oauth2/config/configuration/OnSecurityOidcUserInfoMapper.class */
public class OnSecurityOidcUserInfoMapper implements Function<OidcUserInfoAuthenticationContext, OidcUserInfo> {
    static Logger logger = LoggerFactory.getLogger(OnSecurityOidcUserInfoMapper.class);
    private static final List<String> EMAIL_CLAIMS = Arrays.asList("email", "email_verified");
    private static final List<String> PHONE_CLAIMS = Arrays.asList("phone_number", "phone_number_verified");
    private static final List<String> PROFILE_CLAIMS = Arrays.asList("name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at");
    private static final List<String> ON_SECURITY_CLAIMS = Arrays.asList("email", "nickname", "gender", "phone", "birthday", "zip_code", "expand");
    private JdbcOperations jdbcOperations;
    private SecurityUserRepository userRepository;
    private OnSecurityJsonMapper jsonMapper = new OnSecurityJsonMapper();

    public OnSecurityOidcUserInfoMapper(ApplicationContext applicationContext) {
        this.jdbcOperations = (JdbcOperations) applicationContext.getBean(JdbcOperations.class);
        this.userRepository = new SecurityUserJdbcRepository(this.jdbcOperations);
    }

    @Override // java.util.function.Function
    public OidcUserInfo apply(OidcUserInfoAuthenticationContext oidcUserInfoAuthenticationContext) {
        OAuth2Authorization authorization = oidcUserInfoAuthenticationContext.getAuthorization();
        Map<String, Object> claimsRequestedByScope = getClaimsRequestedByScope(authorization.getToken(OidcIdToken.class).getToken().getClaims(), oidcUserInfoAuthenticationContext.getAccessToken().getScopes());
        SecurityUser findByUsername = this.userRepository.findByUsername(authorization.getPrincipalName());
        if (findByUsername != null) {
            putUserAdditionClaims(claimsRequestedByScope, findByUsername);
        }
        return new OidcUserInfo(claimsRequestedByScope);
    }

    private void putUserAdditionClaims(Map<String, Object> map, SecurityUser securityUser) {
        try {
            Map map2 = (Map) this.jsonMapper.readValue(this.jsonMapper.writeValueAsString(securityUser), Map.class);
            ON_SECURITY_CLAIMS.stream().forEach(str -> {
                Object obj = map2.get(str);
                if (ObjectUtils.isEmpty(obj)) {
                    return;
                }
                map.put(str, obj);
            });
        } catch (Exception e) {
            logger.error(e.getMessage(), e);
        }
    }

    private static Map<String, Object> getClaimsRequestedByScope(Map<String, Object> map, Set<String> set) {
        HashSet hashSet = new HashSet(32);
        hashSet.add("sub");
        if (set.contains("address")) {
            hashSet.add("address");
        }
        if (set.contains("email")) {
            hashSet.addAll(EMAIL_CLAIMS);
        }
        if (set.contains("phone")) {
            hashSet.addAll(PHONE_CLAIMS);
        }
        if (set.contains("profile")) {
            hashSet.addAll(PROFILE_CLAIMS);
        }
        HashMap hashMap = new HashMap(map);
        hashMap.keySet().removeIf(str -> {
            return !hashSet.contains(str);
        });
        return hashMap;
    }
}
