package com.azure.spring.aad;

import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import org.springframework.core.convert.converter.Converter;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication;
import org.springframework.util.Assert;

/* loaded from: input_file:com/azure/spring/aad/AbstractJwtBearerTokenAuthenticationConverter.class */
public abstract class AbstractJwtBearerTokenAuthenticationConverter implements Converter<Jwt, AbstractAuthenticationToken> {
    public static final String DEFAULT_PRINCIPAL_CLAIM_NAME = "sub";
    protected Converter<Jwt, Collection<GrantedAuthority>> converter;
    protected String principalClaimName;

    public AbstractJwtBearerTokenAuthenticationConverter(String str, Map<String, String> map) {
        Assert.notNull(map, "claimToAuthorityPrefixMap cannot be null");
        this.principalClaimName = str;
        this.converter = new AADJwtGrantedAuthoritiesConverter(map);
    }

    public AbstractAuthenticationToken convert(Jwt jwt) {
        OAuth2AccessToken oAuth2AccessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, jwt.getTokenValue(), jwt.getIssuedAt(), jwt.getExpiresAt());
        Collection<GrantedAuthority> collection = (Collection) this.converter.convert(jwt);
        return new BearerTokenAuthentication(getAuthenticatedPrincipal(jwt.getHeaders(), jwt.getClaims(), collection, jwt.getTokenValue()), oAuth2AccessToken, collection);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Map<String, String> buildClaimToAuthorityPrefixMap(String str, String str2) {
        Assert.notNull(str, "authoritiesClaimName cannot be null");
        Assert.notNull(str2, "authorityPrefix cannot be null");
        HashMap hashMap = new HashMap();
        hashMap.put(str, str2);
        return hashMap;
    }

    protected abstract OAuth2AuthenticatedPrincipal getAuthenticatedPrincipal(Map<String, Object> map, Map<String, Object> map2, Collection<GrantedAuthority> collection, String str);

    public void setConverter(Converter<Jwt, Collection<GrantedAuthority>> converter) {
        this.converter = converter;
    }

    public void setPrincipalClaimName(String str) {
        Assert.hasText(str, "principalClaimName cannot be empty");
        this.principalClaimName = str;
    }
}
