package io.quarkus.oidc.runtime;

import io.quarkus.oidc.AuthorizationCodeTokens;
import io.quarkus.oidc.OidcRequestContext;
import io.quarkus.oidc.OidcTenantConfig;
import io.quarkus.oidc.TokenStateManager;
import io.smallrye.mutiny.Uni;
import io.vertx.core.http.impl.ServerCookie;
import io.vertx.ext.web.RoutingContext;
import javax.enterprise.context.ApplicationScoped;

@ApplicationScoped
/* loaded from: input_file:io/quarkus/oidc/runtime/DefaultTokenStateManager.class */
public class DefaultTokenStateManager implements TokenStateManager {
    private static final String SESSION_AT_COOKIE_NAME = "q_session_at";
    private static final String SESSION_RT_COOKIE_NAME = "q_session_rt";

    @Override // io.quarkus.oidc.TokenStateManager
    public Uni<String> createTokenState(RoutingContext routingContext, OidcTenantConfig oidcTenantConfig, AuthorizationCodeTokens authorizationCodeTokens, OidcRequestContext<String> oidcRequestContext) {
        StringBuilder sb = new StringBuilder();
        sb.append(authorizationCodeTokens.getIdToken());
        if (oidcTenantConfig.tokenStateManager.strategy == OidcTenantConfig.TokenStateManager.Strategy.KEEP_ALL_TOKENS) {
            if (oidcTenantConfig.tokenStateManager.splitTokens) {
                CodeAuthenticationMechanism.createCookie(routingContext, oidcTenantConfig, getAccessTokenCookieName(oidcTenantConfig), authorizationCodeTokens.getAccessToken(), ((Long) routingContext.get("session-max-age")).longValue());
                if (authorizationCodeTokens.getRefreshToken() != null) {
                    CodeAuthenticationMechanism.createCookie(routingContext, oidcTenantConfig, getRefreshTokenCookieName(oidcTenantConfig), authorizationCodeTokens.getRefreshToken(), ((Long) routingContext.get("session-max-age")).longValue());
                }
            } else {
                sb.append("|").append(authorizationCodeTokens.getAccessToken()).append("|").append(authorizationCodeTokens.getRefreshToken());
            }
        } else if (oidcTenantConfig.tokenStateManager.strategy == OidcTenantConfig.TokenStateManager.Strategy.ID_REFRESH_TOKENS) {
            if (!oidcTenantConfig.tokenStateManager.splitTokens) {
                sb.append("|").append("").append("|").append(authorizationCodeTokens.getRefreshToken());
            } else if (authorizationCodeTokens.getRefreshToken() != null) {
                CodeAuthenticationMechanism.createCookie(routingContext, oidcTenantConfig, getRefreshTokenCookieName(oidcTenantConfig), authorizationCodeTokens.getRefreshToken(), ((Long) routingContext.get("session-max-age")).longValue());
            }
        }
        return Uni.createFrom().item(sb.toString());
    }

    @Override // io.quarkus.oidc.TokenStateManager
    public Uni<AuthorizationCodeTokens> getTokens(RoutingContext routingContext, OidcTenantConfig oidcTenantConfig, String str, OidcRequestContext<AuthorizationCodeTokens> oidcRequestContext) {
        String[] split = CodeAuthenticationMechanism.COOKIE_PATTERN.split(str);
        String str2 = split[0];
        String str3 = null;
        String str4 = null;
        if (oidcTenantConfig.tokenStateManager.strategy == OidcTenantConfig.TokenStateManager.Strategy.KEEP_ALL_TOKENS) {
            if (oidcTenantConfig.tokenStateManager.splitTokens) {
                ServerCookie accessTokenCookie = getAccessTokenCookie(routingContext, oidcTenantConfig);
                if (accessTokenCookie != null) {
                    str3 = accessTokenCookie.getValue();
                }
                ServerCookie refreshTokenCookie = getRefreshTokenCookie(routingContext, oidcTenantConfig);
                if (refreshTokenCookie != null) {
                    str4 = refreshTokenCookie.getValue();
                }
            } else {
                str3 = split[1];
                str4 = split[2];
            }
        } else if (oidcTenantConfig.tokenStateManager.strategy == OidcTenantConfig.TokenStateManager.Strategy.ID_REFRESH_TOKENS) {
            if (oidcTenantConfig.tokenStateManager.splitTokens) {
                ServerCookie refreshTokenCookie2 = getRefreshTokenCookie(routingContext, oidcTenantConfig);
                if (refreshTokenCookie2 != null) {
                    str4 = refreshTokenCookie2.getValue();
                }
            } else {
                str4 = split[2];
            }
        }
        return Uni.createFrom().item(new AuthorizationCodeTokens(str2, str3, str4));
    }

    @Override // io.quarkus.oidc.TokenStateManager
    public Uni<Void> deleteTokens(RoutingContext routingContext, OidcTenantConfig oidcTenantConfig, String str, OidcRequestContext<Void> oidcRequestContext) {
        if (oidcTenantConfig.tokenStateManager.splitTokens) {
            CodeAuthenticationMechanism.removeCookie(routingContext, getAccessTokenCookie(routingContext, oidcTenantConfig), oidcTenantConfig);
            CodeAuthenticationMechanism.removeCookie(routingContext, getRefreshTokenCookie(routingContext, oidcTenantConfig), oidcTenantConfig);
        }
        return CodeAuthenticationMechanism.VOID_UNI;
    }

    private static ServerCookie getAccessTokenCookie(RoutingContext routingContext, OidcTenantConfig oidcTenantConfig) {
        return routingContext.request().getCookie(getAccessTokenCookieName(oidcTenantConfig));
    }

    private static ServerCookie getRefreshTokenCookie(RoutingContext routingContext, OidcTenantConfig oidcTenantConfig) {
        return routingContext.request().getCookie(getRefreshTokenCookieName(oidcTenantConfig));
    }

    private static String getAccessTokenCookieName(OidcTenantConfig oidcTenantConfig) {
        return "q_session_at" + CodeAuthenticationMechanism.getCookieSuffix(oidcTenantConfig);
    }

    private static String getRefreshTokenCookieName(OidcTenantConfig oidcTenantConfig) {
        return "q_session_rt" + CodeAuthenticationMechanism.getCookieSuffix(oidcTenantConfig);
    }
}
