package com.webauthn4j.springframework.security.options;

import com.webauthn4j.data.PublicKeyCredentialDescriptor;
import com.webauthn4j.data.PublicKeyCredentialType;
import com.webauthn4j.data.UserVerificationRequirement;
import com.webauthn4j.data.extension.client.AuthenticationExtensionClientInput;
import com.webauthn4j.data.extension.client.AuthenticationExtensionsClientInputs;
import com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorService;
import com.webauthn4j.springframework.security.challenge.ChallengeRepository;
import com.webauthn4j.springframework.security.exception.PrincipalNotFoundException;
import com.webauthn4j.springframework.security.extension.AuthenticationExtensionsClientInputsProvider;
import jakarta.servlet.http.HttpServletRequest;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
import org.springframework.security.core.Authentication;
import org.springframework.util.Assert;

/* loaded from: input_file:com/webauthn4j/springframework/security/options/AssertionOptionsProviderImpl.class */
public class AssertionOptionsProviderImpl implements AssertionOptionsProvider {
    private String rpId;
    private UserVerificationRequirement authenticationUserVerification;
    private Long authenticationTimeout;
    private AuthenticationExtensionsClientInputs<AuthenticationExtensionClientInput> authenticationExtensions;
    private RpIdProvider rpIdProvider;
    private final WebAuthnAuthenticatorService authenticatorService;
    private final ChallengeRepository challengeRepository;
    private AuthenticationExtensionsClientInputsProvider<AuthenticationExtensionClientInput> authenticationExtensionsProvider;

    /* loaded from: input_file:com/webauthn4j/springframework/security/options/AssertionOptionsProviderImpl$DefaultAuthenticationExtensionsProvider.class */
    class DefaultAuthenticationExtensionsProvider implements AuthenticationExtensionsClientInputsProvider<AuthenticationExtensionClientInput> {
        DefaultAuthenticationExtensionsProvider() {
        }

        @Override // com.webauthn4j.springframework.security.extension.AuthenticationExtensionsClientInputsProvider
        public AuthenticationExtensionsClientInputs<AuthenticationExtensionClientInput> provide(HttpServletRequest httpServletRequest) {
            return AssertionOptionsProviderImpl.this.authenticationExtensions;
        }
    }

    public AssertionOptionsProviderImpl(RpIdProvider rpIdProvider, WebAuthnAuthenticatorService webAuthnAuthenticatorService, ChallengeRepository challengeRepository) {
        this.rpId = null;
        this.authenticationTimeout = null;
        this.authenticationExtensionsProvider = new DefaultAuthenticationExtensionsProvider();
        Assert.notNull(webAuthnAuthenticatorService, "authenticatorService must not be null");
        Assert.notNull(challengeRepository, "challengeRepository must not be null");
        this.rpIdProvider = rpIdProvider;
        this.authenticatorService = webAuthnAuthenticatorService;
        this.challengeRepository = challengeRepository;
    }

    public AssertionOptionsProviderImpl(WebAuthnAuthenticatorService webAuthnAuthenticatorService, ChallengeRepository challengeRepository) {
        this(null, webAuthnAuthenticatorService, challengeRepository);
    }

    @Override // com.webauthn4j.springframework.security.options.AssertionOptionsProvider
    public AssertionOptions getAssertionOptions(HttpServletRequest httpServletRequest, Authentication authentication) {
        return new AssertionOptions(getChallengeRepository().loadOrGenerateChallenge(httpServletRequest), getAuthenticationTimeout(), getRpId(httpServletRequest), getCredentials(authentication), getAuthenticationUserVerification(), getAuthenticationExtensionsProvider().provide(httpServletRequest));
    }

    public String getRpId() {
        return this.rpId;
    }

    public void setRpId(String str) {
        this.rpId = str;
        this.rpIdProvider = null;
    }

    public UserVerificationRequirement getAuthenticationUserVerification() {
        return this.authenticationUserVerification;
    }

    public void setAuthenticationUserVerification(UserVerificationRequirement userVerificationRequirement) {
        this.authenticationUserVerification = userVerificationRequirement;
    }

    public Long getAuthenticationTimeout() {
        return this.authenticationTimeout;
    }

    public void setAuthenticationTimeout(Long l) {
        Assert.notNull(l, "authenticationTimeout must not be null.");
        Assert.isTrue(l.longValue() >= 0, "registrationTimeout must be within unsigned long.");
        this.authenticationTimeout = l;
    }

    public AuthenticationExtensionsClientInputs<AuthenticationExtensionClientInput> getAuthenticationExtensions() {
        return this.authenticationExtensions;
    }

    public void setAuthenticationExtensions(AuthenticationExtensionsClientInputs<AuthenticationExtensionClientInput> authenticationExtensionsClientInputs) {
        this.authenticationExtensions = authenticationExtensionsClientInputs;
    }

    public RpIdProvider getRpIdProvider() {
        return this.rpIdProvider;
    }

    public void setRpIdProvider(RpIdProvider rpIdProvider) {
        this.rpId = null;
        this.rpIdProvider = rpIdProvider;
    }

    public AuthenticationExtensionsClientInputsProvider<AuthenticationExtensionClientInput> getAuthenticationExtensionsProvider() {
        return this.authenticationExtensionsProvider;
    }

    public void setAuthenticationExtensionsProvider(AuthenticationExtensionsClientInputsProvider<AuthenticationExtensionClientInput> authenticationExtensionsClientInputsProvider) {
        Assert.notNull(authenticationExtensionsClientInputsProvider, "registrationExtensionsProvider must not be null");
        this.authenticationExtensionsProvider = authenticationExtensionsClientInputsProvider;
    }

    public WebAuthnAuthenticatorService getAuthenticatorService() {
        return this.authenticatorService;
    }

    protected ChallengeRepository getChallengeRepository() {
        return this.challengeRepository;
    }

    String getRpId(HttpServletRequest httpServletRequest) {
        return this.rpIdProvider != null ? this.rpIdProvider.provide(httpServletRequest) : this.rpId;
    }

    protected List<PublicKeyCredentialDescriptor> getCredentials(Authentication authentication) {
        if (authentication == null) {
            return Collections.emptyList();
        }
        try {
            return (List) getAuthenticatorService().loadAuthenticatorsByUserPrincipal(authentication.getName()).stream().map(webAuthnAuthenticator -> {
                return new PublicKeyCredentialDescriptor(PublicKeyCredentialType.PUBLIC_KEY, webAuthnAuthenticator.getAttestedCredentialData().getCredentialId(), webAuthnAuthenticator.getTransports());
            }).collect(Collectors.toList());
        } catch (PrincipalNotFoundException e) {
            return Collections.emptyList();
        }
    }
}
