package io.micronaut.security.oauth2.client;

import io.micronaut.context.BeanContext;
import io.micronaut.context.BeanProvider;
import io.micronaut.context.annotation.Context;
import io.micronaut.context.annotation.EachBean;
import io.micronaut.context.annotation.Factory;
import io.micronaut.context.annotation.Parallel;
import io.micronaut.context.annotation.Parameter;
import io.micronaut.context.annotation.Requires;
import io.micronaut.core.annotation.Internal;
import io.micronaut.core.annotation.NonNull;
import io.micronaut.core.annotation.Nullable;
import io.micronaut.core.util.SupplierUtil;
import io.micronaut.security.oauth2.client.condition.OpenIdClientCondition;
import io.micronaut.security.oauth2.configuration.OauthClientConfiguration;
import io.micronaut.security.oauth2.configuration.OpenIdClientConfiguration;
import io.micronaut.security.oauth2.configuration.endpoints.AuthorizationEndpointConfiguration;
import io.micronaut.security.oauth2.configuration.endpoints.EndSessionEndpointConfiguration;
import io.micronaut.security.oauth2.endpoint.authorization.request.AuthorizationRedirectHandler;
import io.micronaut.security.oauth2.endpoint.authorization.response.OpenIdAuthorizationResponseHandler;
import io.micronaut.security.oauth2.endpoint.endsession.request.EndSessionEndpoint;
import io.micronaut.security.oauth2.endpoint.endsession.request.EndSessionEndpointResolver;
import io.micronaut.security.oauth2.endpoint.endsession.response.EndSessionCallbackUrlBuilder;
import io.micronaut.security.oauth2.endpoint.token.response.OpenIdAuthenticationMapper;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Supplier;

@Internal
@Requires(configuration = "io.micronaut.security.token.jwt")
@Factory
/* loaded from: input_file:io/micronaut/security/oauth2/client/OpenIdClientFactory.class */
class OpenIdClientFactory {
    private final BeanContext beanContext;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpenIdClientFactory(BeanContext beanContext) {
        this.beanContext = beanContext;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Parallel
    @Context
    @EachBean(OpenIdClientConfiguration.class)
    public DefaultOpenIdProviderMetadata openIdConfiguration(@Parameter OauthClientConfiguration oauthClientConfiguration, @Parameter OpenIdClientConfiguration openIdClientConfiguration, @Parameter OpenIdProviderMetadataFetcher openIdProviderMetadataFetcher) {
        DefaultOpenIdProviderMetadata fetch = openIdProviderMetadataFetcher.fetch();
        overrideFromConfig(fetch, openIdClientConfiguration, oauthClientConfiguration);
        return fetch;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Requires(condition = OpenIdClientCondition.class)
    @EachBean(OpenIdClientConfiguration.class)
    public DefaultOpenIdClient openIdClient(@Parameter OpenIdClientConfiguration openIdClientConfiguration, @Parameter OauthClientConfiguration oauthClientConfiguration, @Parameter BeanProvider<DefaultOpenIdProviderMetadata> beanProvider, @Parameter @Nullable OpenIdAuthenticationMapper openIdAuthenticationMapper, AuthorizationRedirectHandler authorizationRedirectHandler, OpenIdAuthorizationResponseHandler openIdAuthorizationResponseHandler, EndSessionEndpointResolver endSessionEndpointResolver, EndSessionCallbackUrlBuilder endSessionCallbackUrlBuilder) {
        Objects.requireNonNull(beanProvider);
        Supplier<OpenIdProviderMetadata> memoized = SupplierUtil.memoized(beanProvider::get);
        EndSessionEndpoint endSessionEndpoint = null;
        if (openIdClientConfiguration.getEndSession().isEnabled()) {
            endSessionEndpoint = endSessionEndpointResolver.resolve(oauthClientConfiguration, memoized, endSessionCallbackUrlBuilder).orElse(null);
        }
        return new DefaultOpenIdClient(oauthClientConfiguration, memoized, openIdAuthenticationMapper, authorizationRedirectHandler, openIdAuthorizationResponseHandler, this.beanContext, endSessionEndpoint);
    }

    @NonNull
    private static DefaultOpenIdProviderMetadata overrideFromConfig(@Nullable DefaultOpenIdProviderMetadata defaultOpenIdProviderMetadata, @NonNull OpenIdClientConfiguration openIdClientConfiguration, @NonNull OauthClientConfiguration oauthClientConfiguration) {
        String endSessionEndpoint = defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getEndSessionEndpoint();
        EndSessionEndpointConfiguration endSession = openIdClientConfiguration.getEndSession();
        Optional<AuthorizationEndpointConfiguration> authorization = openIdClientConfiguration.getAuthorization();
        return new DefaultOpenIdProviderMetadata((String) authorization.flatMap((v0) -> {
            return v0.getUrl();
        }).orElseGet(() -> {
            if (defaultOpenIdProviderMetadata == null) {
                return null;
            }
            return defaultOpenIdProviderMetadata.getAuthorizationEndpoint();
        }), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getIdTokenSigningAlgValuesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getIssuer(), openIdClientConfiguration.getJwksUri().orElseGet(() -> {
            if (defaultOpenIdProviderMetadata == null) {
                return null;
            }
            return defaultOpenIdProviderMetadata.getJwksUri();
        }), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getAcrValuesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getResponseTypesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getResponseModesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getScopesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getGrantTypesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getSubjectTypesSupported(), (String) openIdClientConfiguration.getToken().flatMap((v0) -> {
            return v0.getUrl();
        }).orElseGet(() -> {
            if (defaultOpenIdProviderMetadata == null) {
                return null;
            }
            return defaultOpenIdProviderMetadata.getTokenEndpoint();
        }), (List) oauthClientConfiguration.getToken().flatMap((v0) -> {
            return v0.getAuthMethod();
        }).map(authenticationMethod -> {
            return Collections.singletonList(authenticationMethod.toString());
        }).orElseGet(() -> {
            if (defaultOpenIdProviderMetadata == null) {
                return null;
            }
            return defaultOpenIdProviderMetadata.getTokenEndpointAuthMethodsSupported();
        }), (String) openIdClientConfiguration.getUserInfo().flatMap((v0) -> {
            return v0.getUrl();
        }).orElseGet(() -> {
            if (defaultOpenIdProviderMetadata == null) {
                return null;
            }
            return defaultOpenIdProviderMetadata.getUserinfoEndpoint();
        }), (String) openIdClientConfiguration.getRegistration().flatMap((v0) -> {
            return v0.getUrl();
        }).orElseGet(() -> {
            if (defaultOpenIdProviderMetadata == null) {
                return null;
            }
            return defaultOpenIdProviderMetadata.getRegistrationEndpoint();
        }), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getClaimsSupported(), (List) authorization.flatMap((v0) -> {
            return v0.getCodeChallengeMethod();
        }).map((v0) -> {
            return Collections.singletonList(v0);
        }).orElseGet(() -> {
            if (defaultOpenIdProviderMetadata == null) {
                return null;
            }
            return defaultOpenIdProviderMetadata.getCodeChallengeMethodsSupported();
        }), (String) oauthClientConfiguration.getIntrospection().flatMap((v0) -> {
            return v0.getUrl();
        }).orElseGet(() -> {
            if (defaultOpenIdProviderMetadata == null) {
                return null;
            }
            return defaultOpenIdProviderMetadata.getIntrospectionEndpoint();
        }), (List) oauthClientConfiguration.getIntrospection().flatMap((v0) -> {
            return v0.getAuthMethod();
        }).map(authenticationMethod2 -> {
            return Collections.singletonList(authenticationMethod2.toString());
        }).orElseGet(() -> {
            if (defaultOpenIdProviderMetadata == null) {
                return null;
            }
            return defaultOpenIdProviderMetadata.getIntrospectionEndpointAuthMethodsSupported();
        }), (String) oauthClientConfiguration.getRevocation().flatMap((v0) -> {
            return v0.getUrl();
        }).orElseGet(() -> {
            if (defaultOpenIdProviderMetadata == null) {
                return null;
            }
            return defaultOpenIdProviderMetadata.getRevocationEndpoint();
        }), (List) oauthClientConfiguration.getRevocation().flatMap((v0) -> {
            return v0.getAuthMethod();
        }).map(authenticationMethod3 -> {
            return Collections.singletonList(authenticationMethod3.toString());
        }).orElseGet(() -> {
            if (defaultOpenIdProviderMetadata == null) {
                return null;
            }
            return defaultOpenIdProviderMetadata.getRevocationEndpointAuthMethodsSupported();
        }), endSession.isEnabled() ? endSession.getUrl().orElse(endSessionEndpoint) : endSessionEndpoint, defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getRequestParameterSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getRequestUriParameterSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getRequireRequestUriRegistration(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getRequestObjectSigningAlgValuesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getServiceDocumentation(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getIdTokenEncryptionEncValuesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getDisplayValuesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getClaimTypesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getClaimsParameterSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getOpTosUri(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getOpPolicyUri(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getUriLocalesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getClaimsLocalesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getUserInfoEncryptionAlgValuesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getUserinfoEncryptionEncValuesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getTokenEndpointAuthSigningAlgValuesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getRequestObjectEncryptionAlgValuesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getRequestObjectEncryptionEncValuesSupported(), defaultOpenIdProviderMetadata == null ? null : defaultOpenIdProviderMetadata.getCheckSessionIframe());
    }
}
