package com.microsoft.azure.spring.autoconfigure.aad;

import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver;
import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/microsoft/azure/spring/autoconfigure/aad/AADOAuth2AuthorizationRequestResolver.class */
public class AADOAuth2AuthorizationRequestResolver implements OAuth2AuthorizationRequestResolver {
    private OAuth2AuthorizationRequestResolver defaultResolver;

    public AADOAuth2AuthorizationRequestResolver(ClientRegistrationRepository clientRegistrationRepository) {
        this.defaultResolver = new DefaultOAuth2AuthorizationRequestResolver(clientRegistrationRepository, "/oauth2/authorization");
    }

    public OAuth2AuthorizationRequest resolve(HttpServletRequest httpServletRequest) {
        return addClaims(httpServletRequest, this.defaultResolver.resolve(httpServletRequest));
    }

    public OAuth2AuthorizationRequest resolve(HttpServletRequest httpServletRequest, String str) {
        return addClaims(httpServletRequest, this.defaultResolver.resolve(httpServletRequest, str));
    }

    private OAuth2AuthorizationRequest addClaims(HttpServletRequest httpServletRequest, OAuth2AuthorizationRequest oAuth2AuthorizationRequest) {
        if (oAuth2AuthorizationRequest == null || httpServletRequest == null) {
            return oAuth2AuthorizationRequest;
        }
        String conditionalAccessPolicyClaims = getConditionalAccessPolicyClaims(httpServletRequest);
        if (StringUtils.isEmpty(conditionalAccessPolicyClaims)) {
            return oAuth2AuthorizationRequest;
        }
        HashMap hashMap = new HashMap();
        if (oAuth2AuthorizationRequest.getAdditionalParameters() != null) {
            hashMap.putAll(oAuth2AuthorizationRequest.getAdditionalParameters());
        }
        hashMap.put(AADConstantsHelper.CLAIMS, conditionalAccessPolicyClaims);
        return OAuth2AuthorizationRequest.from(oAuth2AuthorizationRequest).additionalParameters(hashMap).build();
    }

    private String getConditionalAccessPolicyClaims(HttpServletRequest httpServletRequest) {
        String str = httpServletRequest.getSession().getAttribute(AADConstantsHelper.CAP_CLAIMS) == null ? "" : (String) httpServletRequest.getSession().getAttribute(AADConstantsHelper.CAP_CLAIMS);
        if (!StringUtils.isEmpty(str)) {
            httpServletRequest.getSession().removeAttribute(AADConstantsHelper.CAP_CLAIMS);
        }
        return str;
    }
}
