package com.humuson.amc.common.component;

import com.humuson.amc.common.config.FeignTokenProviderConfig;
import com.humuson.amc.common.model.User;
import com.humuson.amc.common.model.UserSession;
import java.util.Collection;
import java.util.Map;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.security.oauth2.resource.JwtAccessTokenConverterConfigurer;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextImpl;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.DefaultUserAuthenticationConverter;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.util.StringUtils;
import org.springframework.web.context.request.RequestContextHolder;

/* loaded from: input_file:com/humuson/amc/common/component/UserHandler.class */
public class UserHandler {
    private static final Logger log = LoggerFactory.getLogger(UserHandler.class);
    public static final String KEY_USER_DETAILS_HEADER = "USER_DETAILS";
    public static final String KEY_SECURITY_CONTEXT = "SPRING_SECURITY_CONTEXT";

    /* loaded from: input_file:com/humuson/amc/common/component/UserHandler$CusomUserAuthenticationConverter.class */
    public static class CusomUserAuthenticationConverter extends DefaultUserAuthenticationConverter {
        private UserDetailsService userDetailsService;
        private Collection<? extends GrantedAuthority> defaultAuthorities;

        public CusomUserAuthenticationConverter(UserDetailsService userDetailsService) {
            this.userDetailsService = userDetailsService;
        }

        public Authentication extractAuthentication(Map<String, ?> map) {
            UserDetails loadUserByUsername;
            if (!map.containsKey("user_name")) {
                return null;
            }
            Object obj = map.get("user_name");
            Collection<? extends GrantedAuthority> authorities = getAuthorities(map);
            if (this.userDetailsService != null && (loadUserByUsername = this.userDetailsService.loadUserByUsername((String) map.get("user_name"))) != null) {
                authorities = loadUserByUsername.getAuthorities();
                obj = loadUserByUsername;
            }
            return new UsernamePasswordAuthenticationToken(obj, "N/A", authorities);
        }

        private Collection<? extends GrantedAuthority> getAuthorities(Map<String, ?> map) {
            if (!map.containsKey("authorities")) {
                return this.defaultAuthorities;
            }
            Object obj = map.get("authorities");
            if (obj instanceof String) {
                return AuthorityUtils.commaSeparatedStringToAuthorityList((String) obj);
            }
            if (obj instanceof Collection) {
                return AuthorityUtils.commaSeparatedStringToAuthorityList(StringUtils.collectionToCommaDelimitedString((Collection) obj));
            }
            throw new IllegalArgumentException("Authorities must be either a String or a Collection");
        }
    }

    /* loaded from: input_file:com/humuson/amc/common/component/UserHandler$JwtUserAwareTokenConverterConfigurer.class */
    public static class JwtUserAwareTokenConverterConfigurer implements JwtAccessTokenConverterConfigurer {
        private final UserDetailsService userDetailsService;

        public JwtUserAwareTokenConverterConfigurer(UserDetailsService userDetailsService) {
            this.userDetailsService = userDetailsService;
        }

        public void configure(JwtAccessTokenConverter jwtAccessTokenConverter) {
            DefaultAccessTokenConverter defaultAccessTokenConverter = new DefaultAccessTokenConverter();
            defaultAccessTokenConverter.setUserTokenConverter(new CusomUserAuthenticationConverter(this.userDetailsService));
            jwtAccessTokenConverter.setAccessTokenConverter(defaultAccessTokenConverter);
        }
    }

    /* loaded from: input_file:com/humuson/amc/common/component/UserHandler$ResourceServerUserDetailsInSessionService.class */
    public static class ResourceServerUserDetailsInSessionService implements UserDetailsService {
        private final String userInfoUri;
        private final OAuth2RestTemplate restTemplate;

        public ResourceServerUserDetailsInSessionService(String str, OAuth2RestTemplate oAuth2RestTemplate) {
            this.userInfoUri = str;
            this.restTemplate = oAuth2RestTemplate;
        }

        public UserDetails getAnomymousUser() {
            return null;
        }

        public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException {
            User access$000;
            User userFromAuthServer;
            try {
                access$000 = UserHandler.access$000();
            } catch (Exception e) {
                UserHandler.log.error("load user error.", e);
            }
            if (access$000 != null) {
                return new UserSession(access$000);
            }
            if (this.restTemplate != null && !StringUtils.isEmpty(this.userInfoUri) && (userFromAuthServer = UserHandler.getUserFromAuthServer(this.restTemplate, this.userInfoUri)) != null) {
                return new UserSession(userFromAuthServer);
            }
            return getAnomymousUser();
        }
    }

    public static User getUserFromAuthServer(OAuth2RestTemplate oAuth2RestTemplate, String str) {
        try {
            if (oAuth2RestTemplate.getOAuth2ClientContext().getAccessToken() == null) {
                String token = getToken();
                if (token == null) {
                    return null;
                }
                DefaultOAuth2AccessToken defaultOAuth2AccessToken = new DefaultOAuth2AccessToken(token);
                defaultOAuth2AccessToken.setTokenType(FeignTokenProviderConfig.ResourceServerTokenProviderConfig.AnonymousClass1.BEARER.toLowerCase());
                oAuth2RestTemplate.getOAuth2ClientContext().setAccessToken(defaultOAuth2AccessToken);
            }
            return (User) oAuth2RestTemplate.getForEntity(str, User.class, new Object[0]).getBody();
        } catch (Exception e) {
            log.error("error(get user from auth server)", e);
            return null;
        }
    }

    private static User getUserFromSession() {
        Object attribute;
        Authentication authentication;
        HttpSession session = getSession();
        if (session == null || (attribute = session.getAttribute(KEY_SECURITY_CONTEXT)) == null || !(attribute instanceof SecurityContextImpl) || (authentication = ((SecurityContextImpl) attribute).getAuthentication()) == null || !(authentication.getPrincipal() instanceof User)) {
            return null;
        }
        return (User) authentication.getPrincipal();
    }

    private static User getUserFromSecurityContext() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && (authentication instanceof OAuth2Authentication) && (authentication.getPrincipal() instanceof User)) {
            return (User) authentication.getPrincipal();
        }
        return null;
    }

    public static User getUser() {
        User userFromSession = getUserFromSession();
        if (userFromSession != null) {
            return userFromSession;
        }
        log.warn("User is not stored in session. please check Spring Http Session (Redis), EdgeServer");
        return getUserFromSecurityContext();
    }

    public static HttpSession getSession() {
        try {
            return RequestContextHolder.currentRequestAttributes().getRequest().getSession(false);
        } catch (Exception e) {
            return null;
        }
    }

    private static String getToken() {
        String str = null;
        try {
            str = (String) RequestContextHolder.currentRequestAttributes().getRequest().getAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE);
        } catch (Exception e) {
        }
        return str;
    }

    static /* synthetic */ User access$000() {
        return getUserFromSession();
    }
}
