package com.azure.spring.cloud.autoconfigure.aad;

import com.azure.spring.cloud.autoconfigure.aad.implementation.constants.AadJwtClaimNames;
import com.azure.spring.cloud.autoconfigure.aad.implementation.constants.AuthorityPrefix;
import com.azure.spring.cloud.autoconfigure.aad.implementation.jwt.AadJwtGrantedAuthoritiesConverter;
import com.azure.spring.cloud.autoconfigure.aad.implementation.oauth2.AadOAuth2AuthenticatedPrincipal;
import com.azure.spring.cloud.autoconfigure.aad.properties.AadResourceServerProperties;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import org.springframework.core.convert.converter.Converter;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication;
import org.springframework.util.Assert;

@Deprecated
/* loaded from: input_file:com/azure/spring/cloud/autoconfigure/aad/AadJwtBearerTokenAuthenticationConverter.class */
public class AadJwtBearerTokenAuthenticationConverter implements Converter<Jwt, AbstractAuthenticationToken> {
    private final Converter<Jwt, Collection<GrantedAuthority>> converter;
    private final String principalClaimName;

    public AadJwtBearerTokenAuthenticationConverter() {
        this(AadJwtClaimNames.SUB, AadResourceServerProperties.DEFAULT_CLAIM_TO_AUTHORITY_PREFIX_MAP);
    }

    public AadJwtBearerTokenAuthenticationConverter(String str) {
        this(str, AuthorityPrefix.SCOPE);
    }

    public AadJwtBearerTokenAuthenticationConverter(String str, String str2) {
        this((String) null, buildClaimToAuthorityPrefixMap(str, str2));
    }

    public AadJwtBearerTokenAuthenticationConverter(String str, Map<String, String> map) {
        Assert.notNull(map, "claimToAuthorityPrefixMap cannot be null");
        this.principalClaimName = str;
        this.converter = new AadJwtGrantedAuthoritiesConverter(map);
    }

    public AbstractAuthenticationToken convert(Jwt jwt) {
        OAuth2AccessToken oAuth2AccessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, jwt.getTokenValue(), jwt.getIssuedAt(), jwt.getExpiresAt());
        Map claims = jwt.getClaims();
        Collection collection = (Collection) this.converter.convert(jwt);
        return new BearerTokenAuthentication(new AadOAuth2AuthenticatedPrincipal(jwt.getHeaders(), claims, collection, jwt.getTokenValue(), (String) claims.get(this.principalClaimName)), oAuth2AccessToken, collection);
    }

    private static Map<String, String> buildClaimToAuthorityPrefixMap(String str, String str2) {
        Assert.notNull(str, "authoritiesClaimName cannot be null");
        Assert.notNull(str2, "authorityPrefix cannot be null");
        HashMap hashMap = new HashMap();
        hashMap.put(str, str2);
        return hashMap;
    }
}
