package org.springframework.cloud.common.security.support;

import java.net.URI;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.cloud.common.security.ProviderRoleMapping;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/springframework/cloud/common/security/support/DefaultAuthoritiesMapper.class */
public class DefaultAuthoritiesMapper implements AuthoritiesMapper {
    private static final Logger logger = LoggerFactory.getLogger(DefaultAuthoritiesMapper.class);
    private final Map<String, ProviderRoleMapping> providerRoleMappings;
    private final String defaultProviderId;

    public DefaultAuthoritiesMapper(Map<String, ProviderRoleMapping> map, String str) {
        Assert.notNull(map, "providerRoleMappings must not be null.");
        Iterator<Map.Entry<String, ProviderRoleMapping>> it = map.entrySet().iterator();
        while (it.hasNext()) {
            it.next().getValue().convertRoleMappingKeysToCoreSecurityRoles();
        }
        this.providerRoleMappings = map;
        this.defaultProviderId = str;
    }

    public DefaultAuthoritiesMapper(String str, boolean z, Map<String, String> map) {
        Assert.hasText(str, "The providerId must not be null or empty.");
        ProviderRoleMapping providerRoleMapping = new ProviderRoleMapping(z, map);
        this.providerRoleMappings = new HashMap(1);
        this.providerRoleMappings.put(str, providerRoleMapping);
        Iterator<ProviderRoleMapping> it = this.providerRoleMappings.values().iterator();
        while (it.hasNext()) {
            it.next().convertRoleMappingKeysToCoreSecurityRoles();
        }
        this.defaultProviderId = str;
    }

    public DefaultAuthoritiesMapper(String str, boolean z) {
        Assert.hasText(str, "The providerId must not be null or empty.");
        ProviderRoleMapping providerRoleMapping = new ProviderRoleMapping(z);
        this.providerRoleMappings = new HashMap(1);
        this.providerRoleMappings.put(str, providerRoleMapping);
        Iterator<ProviderRoleMapping> it = this.providerRoleMappings.values().iterator();
        while (it.hasNext()) {
            it.next().convertRoleMappingKeysToCoreSecurityRoles();
        }
        this.defaultProviderId = str;
    }

    public DefaultAuthoritiesMapper(String str, ProviderRoleMapping providerRoleMapping) {
        this.providerRoleMappings = new HashMap(1);
        this.providerRoleMappings.put(str, providerRoleMapping);
        Iterator<ProviderRoleMapping> it = this.providerRoleMappings.values().iterator();
        while (it.hasNext()) {
            it.next().convertRoleMappingKeysToCoreSecurityRoles();
        }
        this.defaultProviderId = str;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v21, types: [java.util.Set] */
    @Override // org.springframework.cloud.common.security.support.AuthoritiesMapper
    public Set<GrantedAuthority> mapScopesToAuthorities(String str, Set<String> set, String str2) {
        logger.debug("Mapping scopes to authorities");
        String str3 = str == null ? this.defaultProviderId : str;
        Assert.notNull(set, "The scopes argument must not be null.");
        ProviderRoleMapping providerRoleMapping = this.providerRoleMappings.get(str3);
        if (providerRoleMapping == null) {
            throw new IllegalArgumentException("No role mapping found for clientId " + str3);
        }
        ArrayList arrayList = new ArrayList();
        HashSet hashSet = new HashSet();
        if (providerRoleMapping.isMapOauthScopes()) {
            if (!set.isEmpty()) {
                for (Map.Entry<CoreSecurityRoles, String> entry : providerRoleMapping.convertRoleMappingKeysToCoreSecurityRoles().entrySet()) {
                    CoreSecurityRoles key = entry.getKey();
                    String value = entry.getValue();
                    Iterator<String> it = (providerRoleMapping.isParseOauthScopePathParts() ? pathParts(set) : set).iterator();
                    while (it.hasNext()) {
                        if (it.next().equalsIgnoreCase(value)) {
                            SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(providerRoleMapping.getRolePrefix() + key.getKey());
                            arrayList.add(simpleGrantedAuthority.getAuthority());
                            hashSet.add(simpleGrantedAuthority);
                        }
                    }
                }
                logger.info("Adding roles: {}.", StringUtils.collectionToCommaDelimitedString(arrayList));
            }
        } else if (!providerRoleMapping.isMapGroupClaims()) {
            hashSet = (Set) providerRoleMapping.convertRoleMappingKeysToCoreSecurityRoles().entrySet().stream().map(entry2 -> {
                arrayList.add(((CoreSecurityRoles) entry2.getKey()).getKey());
                return new SimpleGrantedAuthority(providerRoleMapping.getRolePrefix() + entry2.getKey());
            }).collect(Collectors.toSet());
            logger.info("Adding ALL roles: {}.", StringUtils.collectionToCommaDelimitedString(arrayList));
        }
        return hashSet;
    }

    @Override // org.springframework.cloud.common.security.support.AuthoritiesMapper
    public Set<GrantedAuthority> mapClaimsToAuthorities(String str, List<String> list) {
        logger.debug("Mapping claims to authorities");
        String str2 = str == null ? this.defaultProviderId : str;
        ProviderRoleMapping providerRoleMapping = this.providerRoleMappings.get(str2);
        if (providerRoleMapping == null) {
            throw new IllegalArgumentException("No role mapping found for clientId " + str2);
        }
        ArrayList arrayList = new ArrayList();
        HashSet hashSet = new HashSet();
        if (providerRoleMapping.isMapGroupClaims() && !list.isEmpty()) {
            for (Map.Entry<CoreSecurityRoles, String> entry : providerRoleMapping.convertGroupMappingKeysToCoreSecurityRoles().entrySet()) {
                CoreSecurityRoles key = entry.getKey();
                String value = entry.getValue();
                logger.debug("Checking group mapping {} {}", key, value);
                for (String str3 : list) {
                    logger.debug("Checking against claim {} {}", str3, value);
                    if (str3.equalsIgnoreCase(value)) {
                        SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(providerRoleMapping.getRolePrefix() + key.getKey());
                        arrayList.add(simpleGrantedAuthority.getAuthority());
                        hashSet.add(simpleGrantedAuthority);
                        logger.debug("Adding to granted authorities {}", simpleGrantedAuthority);
                    }
                }
            }
            logger.info("Adding groups: {}.", StringUtils.collectionToCommaDelimitedString(arrayList));
        }
        return hashSet;
    }

    private Set<String> pathParts(Set<String> set) {
        return (Set) set.stream().map(str -> {
            try {
                String path = URI.create(str).getPath();
                if (StringUtils.hasText(path) && path.charAt(0) == '/') {
                    return path.substring(1);
                }
            } catch (Exception e) {
            }
            return str;
        }).collect(Collectors.toSet());
    }
}
