package org.springframework.security.oauth2.client.user.nimbus;

import com.nimbusds.oauth2.sdk.ErrorObject;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.http.HTTPRequest;
import com.nimbusds.oauth2.sdk.http.HTTPResponse;
import com.nimbusds.oauth2.sdk.token.BearerAccessToken;
import com.nimbusds.openid.connect.sdk.UserInfoErrorResponse;
import com.nimbusds.openid.connect.sdk.UserInfoRequest;
import java.io.IOException;
import java.net.URI;
import java.util.HashMap;
import java.util.Map;
import java.util.function.Function;
import org.springframework.http.client.ClientHttpResponse;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationException;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.user.OAuth2UserService;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.util.Assert;

/* loaded from: input_file:org/springframework/security/oauth2/client/user/nimbus/NimbusOAuth2UserService.class */
public class NimbusOAuth2UserService implements OAuth2UserService {
    private static final String INVALID_USER_INFO_RESPONSE_ERROR_CODE = "invalid_user_info_response";
    private final Map<URI, Function<ClientHttpResponse, ? extends OAuth2User>> userInfoTypeConverters;

    public NimbusOAuth2UserService(Map<URI, Function<ClientHttpResponse, ? extends OAuth2User>> map) {
        Assert.notEmpty(map, "userInfoTypeConverters cannot be empty");
        this.userInfoTypeConverters = new HashMap(map);
    }

    @Override // org.springframework.security.oauth2.client.user.OAuth2UserService
    public OAuth2User loadUser(OAuth2AuthenticationToken oAuth2AuthenticationToken) throws OAuth2AuthenticationException {
        try {
            ClientRegistration clientRegistration = oAuth2AuthenticationToken.getClientRegistration();
            try {
                URI uri = new URI(clientRegistration.getProviderDetails().getUserInfoUri());
                Function<ClientHttpResponse, ? extends OAuth2User> function = this.userInfoTypeConverters.get(uri);
                if (function == null) {
                    throw new IllegalArgumentException("There is no available User Info converter for " + uri.toString());
                }
                HTTPRequest hTTPRequest = new UserInfoRequest(uri, new BearerAccessToken(oAuth2AuthenticationToken.getAccessToken().getTokenValue())).toHTTPRequest();
                hTTPRequest.setAccept("application/json");
                HTTPResponse send = hTTPRequest.send();
                if (send.getStatusCode() == 200) {
                    return function.apply(new NimbusClientHttpResponse(send));
                }
                ErrorObject errorObject = UserInfoErrorResponse.parse(send).getErrorObject();
                StringBuilder sb = new StringBuilder();
                sb.append("An error occurred while attempting to access the UserInfo Endpoint -> ");
                sb.append("Error details: [");
                sb.append("UserInfo Uri: ").append(uri.toString());
                sb.append(", Http Status: ").append(errorObject.getHTTPStatusCode());
                if (errorObject.getCode() != null) {
                    sb.append(", Error Code: ").append(errorObject.getCode());
                }
                if (errorObject.getDescription() != null) {
                    sb.append(", Error Description: ").append(errorObject.getDescription());
                }
                sb.append("]");
                OAuth2Error oAuth2Error = new OAuth2Error(INVALID_USER_INFO_RESPONSE_ERROR_CODE, sb.toString(), (String) null);
                throw new OAuth2AuthenticationException(oAuth2Error, oAuth2Error.toString());
            } catch (Exception e) {
                throw new IllegalArgumentException("An error occurred parsing the userInfo URI: " + clientRegistration.getProviderDetails().getUserInfoUri(), e);
            }
        } catch (IOException e2) {
            throw new AuthenticationServiceException("An error occurred while sending the User Info Request: " + e2.getMessage(), e2);
        } catch (ParseException e3) {
            throw new OAuth2AuthenticationException(new OAuth2Error(INVALID_USER_INFO_RESPONSE_ERROR_CODE), (Throwable) e3);
        }
    }
}
