package com.webauthn4j.springframework.security.options;

import com.webauthn4j.data.AttestationConveyancePreference;
import com.webauthn4j.data.AuthenticatorSelectionCriteria;
import com.webauthn4j.data.PublicKeyCredentialCreationOptions;
import com.webauthn4j.data.PublicKeyCredentialDescriptor;
import com.webauthn4j.data.PublicKeyCredentialParameters;
import com.webauthn4j.data.PublicKeyCredentialRpEntity;
import com.webauthn4j.data.PublicKeyCredentialType;
import com.webauthn4j.data.PublicKeyCredentialUserEntity;
import com.webauthn4j.data.extension.client.AuthenticationExtensionsClientInputs;
import com.webauthn4j.data.extension.client.RegistrationExtensionClientInput;
import com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorService;
import com.webauthn4j.springframework.security.challenge.ChallengeRepository;
import com.webauthn4j.springframework.security.exception.PrincipalNotFoundException;
import com.webauthn4j.springframework.security.extension.AuthenticationExtensionsClientInputsProvider;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import org.springframework.security.core.Authentication;
import org.springframework.util.Assert;

/* loaded from: input_file:com/webauthn4j/springframework/security/options/AttestationOptionsProviderImpl.class */
public class AttestationOptionsProviderImpl implements AttestationOptionsProvider {
    private String rpId;
    private String rpName;
    private String rpIcon;
    private List<PublicKeyCredentialParameters> pubKeyCredParams;
    private AuthenticatorSelectionCriteria registrationAuthenticatorSelection;
    private AttestationConveyancePreference attestation;
    private Long registrationTimeout;
    private AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> registrationExtensions;
    private RpIdProvider rpIdProvider;
    private PublicKeyCredentialUserEntityProvider publicKeyCredentialUserEntityProvider;
    private final WebAuthnAuthenticatorService authenticatorService;
    private final ChallengeRepository challengeRepository;
    private AuthenticationExtensionsClientInputsProvider<RegistrationExtensionClientInput> registrationExtensionsProvider;

    /* loaded from: input_file:com/webauthn4j/springframework/security/options/AttestationOptionsProviderImpl$DefaultPublicKeyCredentialUserEntityProvider.class */
    static class DefaultPublicKeyCredentialUserEntityProvider implements PublicKeyCredentialUserEntityProvider {
        DefaultPublicKeyCredentialUserEntityProvider() {
        }

        @Override // com.webauthn4j.springframework.security.options.PublicKeyCredentialUserEntityProvider
        public PublicKeyCredentialUserEntity provide(Authentication authentication) {
            if (authentication == null) {
                return null;
            }
            String name = authentication.getName();
            return new PublicKeyCredentialUserEntity(name.getBytes(StandardCharsets.UTF_8), name, name);
        }
    }

    /* loaded from: input_file:com/webauthn4j/springframework/security/options/AttestationOptionsProviderImpl$DefaultRegistrationExtensionsProvider.class */
    class DefaultRegistrationExtensionsProvider implements AuthenticationExtensionsClientInputsProvider<RegistrationExtensionClientInput> {
        DefaultRegistrationExtensionsProvider() {
        }

        @Override // com.webauthn4j.springframework.security.extension.AuthenticationExtensionsClientInputsProvider
        public AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> provide(HttpServletRequest httpServletRequest) {
            return AttestationOptionsProviderImpl.this.registrationExtensions;
        }
    }

    public AttestationOptionsProviderImpl(RpIdProvider rpIdProvider, WebAuthnAuthenticatorService webAuthnAuthenticatorService, ChallengeRepository challengeRepository) {
        this.rpId = null;
        this.rpName = null;
        this.rpIcon = null;
        this.pubKeyCredParams = new ArrayList();
        this.registrationTimeout = null;
        this.publicKeyCredentialUserEntityProvider = new DefaultPublicKeyCredentialUserEntityProvider();
        this.registrationExtensionsProvider = new DefaultRegistrationExtensionsProvider();
        Assert.notNull(webAuthnAuthenticatorService, "authenticatorService must not be null");
        Assert.notNull(challengeRepository, "challengeRepository must not be null");
        this.rpIdProvider = rpIdProvider;
        this.authenticatorService = webAuthnAuthenticatorService;
        this.challengeRepository = challengeRepository;
    }

    public AttestationOptionsProviderImpl(WebAuthnAuthenticatorService webAuthnAuthenticatorService, ChallengeRepository challengeRepository) {
        this(null, webAuthnAuthenticatorService, challengeRepository);
    }

    @Override // com.webauthn4j.springframework.security.options.AttestationOptionsProvider
    public PublicKeyCredentialCreationOptions getAttestationOptions(HttpServletRequest httpServletRequest, Authentication authentication) {
        PublicKeyCredentialUserEntity publicKeyCredentialUserEntity;
        PublicKeyCredentialRpEntity publicKeyCredentialRpEntity = new PublicKeyCredentialRpEntity(getRpId(httpServletRequest), this.rpName, this.rpIcon);
        try {
            publicKeyCredentialUserEntity = getPublicKeyCredentialUserEntityProvider().provide(authentication);
        } catch (PrincipalNotFoundException e) {
            publicKeyCredentialUserEntity = null;
        }
        return new PublicKeyCredentialCreationOptions(publicKeyCredentialRpEntity, publicKeyCredentialUserEntity, getChallengeRepository().loadOrGenerateChallenge(httpServletRequest), getPubKeyCredParams(), getRegistrationTimeout(), getCredentials(authentication), getRegistrationAuthenticatorSelection(), getAttestation(), getRegistrationExtensionsProvider().provide(httpServletRequest));
    }

    public String getRpId() {
        return this.rpId;
    }

    public void setRpId(String str) {
        this.rpId = str;
        this.rpIdProvider = null;
    }

    public String getRpName() {
        return this.rpName;
    }

    public void setRpName(String str) {
        Assert.hasText(str, "rpName parameter must not be empty or null");
        this.rpName = str;
    }

    public String getRpIcon() {
        return this.rpIcon;
    }

    public void setRpIcon(String str) {
        Assert.hasText(str, "rpIcon parameter must not be empty or null");
        this.rpIcon = str;
    }

    public List<PublicKeyCredentialParameters> getPubKeyCredParams() {
        return this.pubKeyCredParams;
    }

    public void setPubKeyCredParams(List<PublicKeyCredentialParameters> list) {
        this.pubKeyCredParams = list;
    }

    public AuthenticatorSelectionCriteria getRegistrationAuthenticatorSelection() {
        return this.registrationAuthenticatorSelection;
    }

    public void setRegistrationAuthenticatorSelection(AuthenticatorSelectionCriteria authenticatorSelectionCriteria) {
        this.registrationAuthenticatorSelection = authenticatorSelectionCriteria;
    }

    public AttestationConveyancePreference getAttestation() {
        return this.attestation;
    }

    public void setAttestation(AttestationConveyancePreference attestationConveyancePreference) {
        this.attestation = attestationConveyancePreference;
    }

    public Long getRegistrationTimeout() {
        return this.registrationTimeout;
    }

    public void setRegistrationTimeout(Long l) {
        Assert.notNull(l, "registrationTimeout must not be null.");
        Assert.isTrue(l.longValue() >= 0, "registrationTimeout must be within unsigned long.");
        this.registrationTimeout = l;
    }

    public AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> getRegistrationExtensions() {
        return this.registrationExtensions;
    }

    public void setRegistrationExtensions(AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> authenticationExtensionsClientInputs) {
        this.registrationExtensions = authenticationExtensionsClientInputs;
    }

    public RpIdProvider getRpIdProvider() {
        return this.rpIdProvider;
    }

    public void setRpIdProvider(RpIdProvider rpIdProvider) {
        this.rpId = null;
        this.rpIdProvider = rpIdProvider;
    }

    public AuthenticationExtensionsClientInputsProvider<RegistrationExtensionClientInput> getRegistrationExtensionsProvider() {
        return this.registrationExtensionsProvider;
    }

    public void setRegistrationExtensionsProvider(AuthenticationExtensionsClientInputsProvider<RegistrationExtensionClientInput> authenticationExtensionsClientInputsProvider) {
        Assert.notNull(authenticationExtensionsClientInputsProvider, "registrationExtensionsProvider must not be null");
        this.registrationExtensionsProvider = authenticationExtensionsClientInputsProvider;
    }

    public WebAuthnAuthenticatorService getAuthenticatorService() {
        return this.authenticatorService;
    }

    public void setPublicKeyCredentialUserEntityProvider(PublicKeyCredentialUserEntityProvider publicKeyCredentialUserEntityProvider) {
        Assert.notNull(publicKeyCredentialUserEntityProvider, "webAuthnUserHandleProvider must not be null");
        this.publicKeyCredentialUserEntityProvider = publicKeyCredentialUserEntityProvider;
    }

    public PublicKeyCredentialUserEntityProvider getPublicKeyCredentialUserEntityProvider() {
        return this.publicKeyCredentialUserEntityProvider;
    }

    protected ChallengeRepository getChallengeRepository() {
        return this.challengeRepository;
    }

    protected List<PublicKeyCredentialDescriptor> getCredentials(Authentication authentication) {
        if (authentication == null) {
            return Collections.emptyList();
        }
        try {
            return (List) getAuthenticatorService().loadAuthenticatorsByUserPrincipal(authentication.getName()).stream().map(webAuthnAuthenticator -> {
                return new PublicKeyCredentialDescriptor(PublicKeyCredentialType.PUBLIC_KEY, webAuthnAuthenticator.getAttestedCredentialData().getCredentialId(), webAuthnAuthenticator.getTransports());
            }).collect(Collectors.toList());
        } catch (PrincipalNotFoundException e) {
            return Collections.emptyList();
        }
    }

    String getRpId(HttpServletRequest httpServletRequest) {
        return this.rpIdProvider != null ? this.rpIdProvider.provide(httpServletRequest) : this.rpId;
    }
}
