package cn.herodotus.engine.oauth2.authentication.provider;

import cn.herodotus.engine.oauth2.authentication.utils.OAuth2EndpointUtils;
import cn.herodotus.engine.oauth2.core.definition.HerodotusGrantType;
import cn.herodotus.engine.rest.protect.crypto.processor.HttpCryptoProcessor;
import jakarta.servlet.http.HttpServletRequest;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import org.springframework.lang.Nullable;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.util.MultiValueMap;
import org.springframework.util.StringUtils;

/* loaded from: input_file:cn/herodotus/engine/oauth2/authentication/provider/OAuth2ResourceOwnerPasswordAuthenticationConverter.class */
public final class OAuth2ResourceOwnerPasswordAuthenticationConverter extends AbstractAuthenticationConverter {
    public OAuth2ResourceOwnerPasswordAuthenticationConverter(HttpCryptoProcessor httpCryptoProcessor) {
        super(httpCryptoProcessor);
    }

    @Nullable
    public Authentication convert(HttpServletRequest httpServletRequest) {
        if (!HerodotusGrantType.PASSWORD.getValue().equals(httpServletRequest.getParameter("grant_type"))) {
            return null;
        }
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        MultiValueMap<String, String> parameters = OAuth2EndpointUtils.getParameters(httpServletRequest);
        String checkOptionalParameter = OAuth2EndpointUtils.checkOptionalParameter(parameters, "scope");
        HashSet hashSet = null;
        if (StringUtils.hasText(checkOptionalParameter)) {
            hashSet = new HashSet(Arrays.asList(StringUtils.delimitedListToStringArray(checkOptionalParameter, " ")));
        }
        OAuth2EndpointUtils.checkRequiredParameter(parameters, "username");
        OAuth2EndpointUtils.checkRequiredParameter(parameters, "password");
        String header = httpServletRequest.getHeader("X-Herodotus-Session");
        HashMap hashMap = new HashMap();
        parameters.forEach((str, list) -> {
            if (str.equals("grant_type") || str.equals("scope")) {
                return;
            }
            hashMap.put(str, list.size() == 1 ? decrypt(header, (String) list.get(0)) : decrypt(header, (List<String>) list));
        });
        return new OAuth2ResourceOwnerPasswordAuthenticationToken(authentication, hashSet, hashMap);
    }
}
