package ai.tock.shared.security.auth;

import ai.tock.shared.Executor;
import ai.tock.shared.IOCsKt;
import ai.tock.shared.LocalesKt;
import ai.tock.shared.NamespacesKt;
import ai.tock.shared.PropertiesKt;
import ai.tock.shared.security.TockUser;
import ai.tock.shared.security.TockUserListener;
import ai.tock.shared.security.TockUserRole;
import ai.tock.shared.vertx.WebVerticle;
import com.github.salomonbrys.kodein.TypeReference;
import io.vertx.codegen.annotations.Fluent;
import io.vertx.core.AsyncResult;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import io.vertx.core.Vertx;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.User;
import io.vertx.ext.auth.oauth2.OAuth2Auth;
import io.vertx.ext.auth.oauth2.OAuth2AuthorizationURL;
import io.vertx.ext.web.RoutingContext;
import io.vertx.ext.web.handler.AuthenticationHandler;
import io.vertx.ext.web.handler.OAuth2AuthHandler;
import io.vertx.ext.web.handler.SessionHandler;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import kotlin.Deprecated;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.collections.CollectionsKt;
import kotlin.collections.SetsKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Ref;
import kotlin.jvm.internal.SourceDebugExtension;
import kotlin.text.Charsets;
import kotlin.text.Regex;
import kotlin.text.StringsKt;
import mu.KLogger;
import mu.KotlinLogging;
import org.jetbrains.annotations.NotNull;

/* compiled from: KeycloakOAuth2Provider.kt */
@Metadata(mv = {2, 0, 0}, k = 1, xi = 48, d1 = {"��~\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\"\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010 \n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\n\b��\u0018�� 92\u00020\u00012\u00020\u0002:\u00019B\u0019\u0012\u0006\u0010\u0003\u001a\u00020\u0004\u0012\b\b\u0002\u0010\u0005\u001a\u00020\u0002¢\u0006\u0004\b\u0006\u0010\u0007J\u0010\u0010\f\u001a\u00020\r2\u0006\u0010\u000e\u001a\u00020\u000fH\u0016J&\u0010\u0010\u001a\u00020\r2\u0006\u0010\u000e\u001a\u00020\u000f2\f\u0010\u0011\u001a\b\u0012\u0004\u0012\u00020\u00130\u00122\u0006\u0010\u0014\u001a\u00020\u0015H\u0016J\u0016\u0010\u0016\u001a\b\u0012\u0004\u0012\u00020\u00130\u00172\u0006\u0010\u0018\u001a\u00020\u0013H\u0002J\u0016\u0010\u0019\u001a\b\u0012\u0004\u0012\u00020\u00130\u00122\u0006\u0010\u0018\u001a\u00020\u0013H\u0002J\u0016\u0010\u001a\u001a\b\u0012\u0004\u0012\u00020\u001b0\u00122\u0006\u0010\u000e\u001a\u00020\u000fH\u0016J\u0010\u0010\u001c\u001a\u00020\u00132\u0006\u0010\u000e\u001a\u00020\u000fH\u0002J\u0082\u0001\u0010\u001d\u001a\u00020\u001e2\u000e\u0010\u001f\u001a\n !*\u0004\u0018\u00010 0 2b\u0010\"\u001a^\u0012(\u0012&\u0012\f\u0012\n !*\u0004\u0018\u00010%0% !*\u0012\u0012\f\u0012\n !*\u0004\u0018\u00010%0%\u0018\u00010$0$ !*.\u0012(\u0012&\u0012\f\u0012\n !*\u0004\u0018\u00010%0% !*\u0012\u0012\f\u0012\n !*\u0004\u0018\u00010%0%\u0018\u00010$0$\u0018\u00010#0#H\u0097\u0001¢\u0006\u0002\u0010&J&\u0010'\u001a\n !*\u0004\u0018\u00010\u00130\u00132\u000e\u0010\u001f\u001a\n !*\u0004\u0018\u00010 0 H\u0097\u0001¢\u0006\u0002\u0010(J&\u0010'\u001a\n !*\u0004\u0018\u00010\u00130\u00132\u000e\u0010\u001f\u001a\n !*\u0004\u0018\u00010)0)H\u0096\u0001¢\u0006\u0002\u0010*J\t\u0010+\u001a\u00020\u001eH\u0096\u0001J6\u0010,\u001a\n !*\u0004\u0018\u00010\u00130\u00132\u000e\u0010\u001f\u001a\n !*\u0004\u0018\u00010%0%2\u000e\u0010\"\u001a\n !*\u0004\u0018\u00010 0 H\u0096\u0001¢\u0006\u0002\u0010-J2\u0010.\u001a&\u0012\f\u0012\n !*\u0004\u0018\u00010000 !*\u0012\u0012\f\u0012\n !*\u0004\u0018\u00010000\u0018\u00010/0/H\u0096\u0001¢\u0006\u0002\u00101JB\u00102\u001a\n !*\u0004\u0018\u00010\u00020\u00022*\u0010\u001f\u001a&\u0012\f\u0012\n !*\u0004\u0018\u00010\u00130\u0013 !*\u0012\u0012\f\u0012\n !*\u0004\u0018\u00010\u00130\u0013\u0018\u00010#0#H\u0097\u0001¢\u0006\u0002\u00103JB\u00104\u001a&\u0012\f\u0012\n !*\u0004\u0018\u00010%0% !*\u0012\u0012\f\u0012\n !*\u0004\u0018\u00010%0%\u0018\u00010/0/2\u000e\u0010\u001f\u001a\n !*\u0004\u0018\u00010%0%H\u0096\u0001¢\u0006\u0002\u00105JR\u00106\u001a&\u0012\f\u0012\n !*\u0004\u0018\u00010000 !*\u0012\u0012\f\u0012\n !*\u0004\u0018\u00010000\u0018\u00010/0/2\u000e\u0010\u001f\u001a\n !*\u0004\u0018\u00010%0%2\u000e\u0010\"\u001a\n !*\u0004\u0018\u00010\u00130\u0013H\u0096\u0001¢\u0006\u0002\u00107JB\u00108\u001a&\u0012\f\u0012\n !*\u0004\u0018\u00010 0  !*\u0012\u0012\f\u0012\n !*\u0004\u0018\u00010 0 \u0018\u00010/0/2\u000e\u0010\u001f\u001a\n !*\u0004\u0018\u00010%0%H\u0096\u0001¢\u0006\u0002\u00105R\u000e\u0010\u0005\u001a\u00020\u0002X\u0082\u0004¢\u0006\u0002\n��R\u0014\u0010\b\u001a\u00020\t8BX\u0082\u0004¢\u0006\u0006\u001a\u0004\b\n\u0010\u000b¨\u0006:"}, d2 = {"Lai/tock/shared/security/auth/KeycloakOAuth2Provider;", "Lai/tock/shared/security/auth/SSOTockAuthProvider;", "Lio/vertx/ext/auth/oauth2/OAuth2Auth;", "vertx", "Lio/vertx/core/Vertx;", "oauth2", "<init>", "(Lio/vertx/core/Vertx;Lio/vertx/ext/auth/oauth2/OAuth2Auth;)V", "executor", "Lai/tock/shared/Executor;", "getExecutor", "()Lai/tock/shared/Executor;", "createAuthHandler", "Lio/vertx/ext/web/handler/AuthenticationHandler;", "verticle", "Lai/tock/shared/vertx/WebVerticle;", "protectPaths", "pathsToProtect", "", "", "sessionHandler", "Lio/vertx/ext/web/handler/SessionHandler;", "parseCustomRoles", "", "customRoles", "parseUserRoles", "excludedPaths", "Lkotlin/text/Regex;", "callbackPath", "authenticate", "", "p0", "Lio/vertx/core/json/JsonObject;", "kotlin.jvm.PlatformType", "p1", "Lio/vertx/core/Handler;", "Lio/vertx/core/AsyncResult;", "Lio/vertx/ext/auth/User;", "(Lio/vertx/core/json/JsonObject;Lio/vertx/core/Handler;)V", "authorizeURL", "(Lio/vertx/core/json/JsonObject;)Ljava/lang/String;", "Lio/vertx/ext/auth/oauth2/OAuth2AuthorizationURL;", "(Lio/vertx/ext/auth/oauth2/OAuth2AuthorizationURL;)Ljava/lang/String;", "close", "endSessionURL", "(Lio/vertx/ext/auth/User;Lio/vertx/core/json/JsonObject;)Ljava/lang/String;", "jWKSet", "Lio/vertx/core/Future;", "Ljava/lang/Void;", "()Lio/vertx/core/Future;", "missingKeyHandler", "(Lio/vertx/core/Handler;)Lio/vertx/ext/auth/oauth2/OAuth2Auth;", "refresh", "(Lio/vertx/ext/auth/User;)Lio/vertx/core/Future;", "revoke", "(Lio/vertx/ext/auth/User;Ljava/lang/String;)Lio/vertx/core/Future;", "userInfo", "Companion", "tock-shared"})
@SourceDebugExtension({"SMAP\nKeycloakOAuth2Provider.kt\nKotlin\n*S Kotlin\n*F\n+ 1 KeycloakOAuth2Provider.kt\nai/tock/shared/security/auth/KeycloakOAuth2Provider\n+ 2 IOCs.kt\nai/tock/shared/IOCsKt\n+ 3 GInjected.kt\ncom/github/salomonbrys/kodein/GInjectedKt\n+ 4 types.kt\ncom/github/salomonbrys/kodein/TypesKt\n+ 5 _Collections.kt\nkotlin/collections/CollectionsKt___CollectionsKt\n*L\n1#1,164:1\n48#2,2:165\n48#2,2:187\n51#3:167\n51#3:189\n277#4:168\n277#4:190\n1557#5:169\n1628#5,3:170\n1368#5:173\n1454#5,2:174\n1557#5:176\n1628#5,3:177\n1456#5,3:180\n1557#5:183\n1628#5,3:184\n*S KotlinDebug\n*F\n+ 1 KeycloakOAuth2Provider.kt\nai/tock/shared/security/auth/KeycloakOAuth2Provider\n*L\n91#1:165,2\n129#1:187,2\n91#1:167\n129#1:189\n91#1:168\n129#1:190\n148#1:169\n148#1:170,3\n152#1:173\n152#1:174,2\n152#1:176\n152#1:177,3\n152#1:180,3\n154#1:183\n154#1:184,3\n*E\n"})
/* loaded from: input_file:ai/tock/shared/security/auth/KeycloakOAuth2Provider.class */
public final class KeycloakOAuth2Provider extends SSOTockAuthProvider implements OAuth2Auth {

    @NotNull
    private final OAuth2Auth oauth2;

    @NotNull
    public static final Companion Companion = new Companion(null);

    @NotNull
    private static final KLogger logger = KotlinLogging.INSTANCE.logger(KeycloakOAuth2Provider::logger$lambda$13);

    @NotNull
    private static final String userNamespaceAttribute = PropertiesKt.property("tock_custom_namespace_mapping", "tock_namespace");

    @NotNull
    private static final String userRoleAttribute = PropertiesKt.property("tock_keycloak_user_role_attribute", "tock_roles");

    @NotNull
    private static final String defaultBaseUrl = PropertiesKt.property("tock_bot_admin_rest_default_base_url", "http://localhost:8080");

    /* compiled from: KeycloakOAuth2Provider.kt */
    @Metadata(mv = {2, 0, 0}, k = 1, xi = 48, d1 = {"��\u001a\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n\u0002\b\u0003\b\u0086\u0003\u0018��2\u00020\u0001B\t\b\u0002¢\u0006\u0004\b\u0002\u0010\u0003R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0006\u001a\u00020\u0007X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\b\u001a\u00020\u0007X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\t\u001a\u00020\u0007X\u0082\u0004¢\u0006\u0002\n��¨\u0006\n"}, d2 = {"Lai/tock/shared/security/auth/KeycloakOAuth2Provider$Companion;", "", "<init>", "()V", "logger", "Lmu/KLogger;", "userNamespaceAttribute", "", "userRoleAttribute", "defaultBaseUrl", "tock-shared"})
    /* loaded from: input_file:ai/tock/shared/security/auth/KeycloakOAuth2Provider$Companion.class */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public KeycloakOAuth2Provider(@NotNull Vertx vertx, @NotNull OAuth2Auth oAuth2Auth) {
        super(vertx);
        Intrinsics.checkNotNullParameter(vertx, "vertx");
        Intrinsics.checkNotNullParameter(oAuth2Auth, "oauth2");
        this.oauth2 = oAuth2Auth;
    }

    /* JADX WARN: Illegal instructions before constructor call */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public /* synthetic */ KeycloakOAuth2Provider(io.vertx.core.Vertx r6, io.vertx.ext.auth.oauth2.OAuth2Auth r7, int r8, kotlin.jvm.internal.DefaultConstructorMarker r9) {
        /*
            r5 = this;
            r0 = r8
            r1 = 2
            r0 = r0 & r1
            if (r0 == 0) goto Lb9
            r0 = r6
            io.vertx.ext.auth.oauth2.OAuth2Options r1 = new io.vertx.ext.auth.oauth2.OAuth2Options
            r2 = r1
            r2.<init>()
            io.vertx.ext.auth.oauth2.OAuth2FlowType r2 = io.vertx.ext.auth.oauth2.OAuth2FlowType.AUTH_CODE
            io.vertx.ext.auth.oauth2.OAuth2Options r1 = r1.setFlow(r2)
            java.lang.String r2 = "tock_keycloak_client_id"
            java.lang.String r3 = "tock"
            java.lang.String r2 = ai.tock.shared.PropertiesKt.property(r2, r3)
            io.vertx.ext.auth.oauth2.OAuth2Options r1 = r1.setClientId(r2)
            java.lang.String r2 = "tock_keycloak_secret_key"
            java.lang.String r3 = "thesecretkeyfromkeycloak"
            java.lang.String r2 = ai.tock.shared.PropertiesKt.property(r2, r3)
            io.vertx.ext.auth.oauth2.OAuth2Options r1 = r1.setClientSecret(r2)
            java.lang.String r2 = "tock_keycloak_site_url"
            java.lang.String r3 = "https://keycloak/realms/myrealm"
            java.lang.String r2 = ai.tock.shared.PropertiesKt.property(r2, r3)
            io.vertx.ext.auth.oauth2.OAuth2Options r1 = r1.setSite(r2)
            java.lang.String r2 = "tock_keycloak_access_token_path"
            java.lang.String r3 = "/protocol/openid-connect/token"
            java.lang.String r2 = ai.tock.shared.PropertiesKt.property(r2, r3)
            io.vertx.ext.auth.oauth2.OAuth2Options r1 = r1.setTokenPath(r2)
            java.lang.String r2 = "tock_keycloak_authorize_path"
            java.lang.String r3 = "/protocol/openid-connect/auth"
            java.lang.String r2 = ai.tock.shared.PropertiesKt.property(r2, r3)
            io.vertx.ext.auth.oauth2.OAuth2Options r1 = r1.setAuthorizationPath(r2)
            java.lang.String r2 = "tock_keycloak_userinfo_path"
            java.lang.String r3 = "/protocol/openid-connect/userinfo"
            java.lang.String r2 = ai.tock.shared.PropertiesKt.property(r2, r3)
            io.vertx.ext.auth.oauth2.OAuth2Options r1 = r1.setUserInfoPath(r2)
            r10 = r1
            r1 = r10
            r11 = r1
            r19 = r0
            r0 = 0
            r12 = r0
            java.lang.String r0 = "tock_keycloak_proxy_host"
            java.lang.String r0 = ai.tock.shared.PropertiesKt.propertyOrNull(r0)
            r13 = r0
            java.lang.String r0 = "tock_keycloak_proxy_port"
            r1 = 0
            int r0 = ai.tock.shared.PropertiesKt.intProperty(r0, r1)
            r14 = r0
            r0 = r13
            if (r0 == 0) goto Lb0
            mu.KLogger r0 = ai.tock.shared.security.auth.KeycloakOAuth2Provider.logger
            r1 = r13
            r2 = r14
            void r1 = () -> { // kotlin.jvm.functions.Function0.invoke():java.lang.Object
                return _init_$lambda$2$lambda$0(r1, r2);
            }
            r0.info(r1)
            r0 = r11
            io.vertx.core.http.HttpClientOptions r0 = r0.getHttpClientOptions()
            io.vertx.core.net.ProxyOptions r1 = new io.vertx.core.net.ProxyOptions
            r2 = r1
            r2.<init>()
            r15 = r1
            r1 = r15
            r16 = r1
            r17 = r0
            r0 = 0
            r18 = r0
            r0 = r16
            r1 = r13
            io.vertx.core.net.ProxyOptions r0 = r0.setHost(r1)
            r0 = r16
            r1 = r14
            io.vertx.core.net.ProxyOptions r0 = r0.setPort(r1)
            r0 = r17
            r1 = r15
            io.vertx.core.http.HttpClientOptions r0 = r0.setProxyOptions(r1)
        Lb0:
            r0 = r19
            r1 = r10
            io.vertx.ext.auth.oauth2.OAuth2Auth r0 = io.vertx.ext.auth.oauth2.OAuth2Auth.create(r0, r1)
            r7 = r0
        Lb9:
            r0 = r5
            r1 = r6
            r2 = r7
            r0.<init>(r1, r2)
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: ai.tock.shared.security.auth.KeycloakOAuth2Provider.<init>(io.vertx.core.Vertx, io.vertx.ext.auth.oauth2.OAuth2Auth, int, kotlin.jvm.internal.DefaultConstructorMarker):void");
    }

    private final Executor getExecutor() {
        return (Executor) ((Function0) IOCsKt.getInjector().getInjector().getInjector().Provider(new TypeReference<Executor>() { // from class: ai.tock.shared.security.auth.KeycloakOAuth2Provider$special$$inlined$provide$default$1
        }, (Object) null).getValue()).invoke();
    }

    @Override // ai.tock.shared.security.auth.SSOTockAuthProvider
    @NotNull
    public AuthenticationHandler createAuthHandler(@NotNull WebVerticle webVerticle) {
        Intrinsics.checkNotNullParameter(webVerticle, "verticle");
        AuthenticationHandler create = OAuth2AuthHandler.create(getVertx(), this.oauth2, defaultBaseUrl + "/rest/callback");
        Intrinsics.checkNotNullExpressionValue(create, "create(...)");
        return create;
    }

    @Override // ai.tock.shared.security.auth.SSOTockAuthProvider, ai.tock.shared.security.auth.TockAuthProvider
    @NotNull
    public AuthenticationHandler protectPaths(@NotNull WebVerticle webVerticle, @NotNull Set<String> set, @NotNull SessionHandler sessionHandler) {
        Intrinsics.checkNotNullParameter(webVerticle, "verticle");
        Intrinsics.checkNotNullParameter(set, "pathsToProtect");
        Intrinsics.checkNotNullParameter(sessionHandler, "sessionHandler");
        OAuth2AuthHandler protectPaths = super.protectPaths(webVerticle, set, sessionHandler);
        Intrinsics.checkNotNull(protectPaths, "null cannot be cast to non-null type io.vertx.ext.web.handler.OAuth2AuthHandler");
        protectPaths.setupCallback(webVerticle.getRouter().get(callbackPath(webVerticle)));
        webVerticle.getRouter().route("/*").handler((v1) -> {
            protectPaths$lambda$8(r1, v1);
        });
        return protectPaths;
    }

    private final List<String> parseCustomRoles(String str) {
        List split$default = StringsKt.split$default(str, new String[]{","}, false, 0, 6, (Object) null);
        ArrayList arrayList = new ArrayList(CollectionsKt.collectionSizeOrDefault(split$default, 10));
        Iterator it = split$default.iterator();
        while (it.hasNext()) {
            arrayList.add(StringsKt.trim(StringsKt.removeSuffix(StringsKt.removePrefix((String) it.next(), "["), "]")).toString());
        }
        return arrayList;
    }

    private final Set<String> parseUserRoles(String str) {
        List<String> parseCustomRoles = parseCustomRoles(str);
        ArrayList arrayList = new ArrayList();
        for (String str2 : parseCustomRoles) {
            Iterable entries = TockUserRole.getEntries();
            ArrayList arrayList2 = new ArrayList(CollectionsKt.collectionSizeOrDefault(entries, 10));
            Iterator it = entries.iterator();
            while (it.hasNext()) {
                arrayList2.add(TockUserRole.Companion.toRole(((TockUserRole) it.next()).toString()));
            }
            CollectionsKt.addAll(arrayList, arrayList2);
        }
        List filterNotNull = CollectionsKt.filterNotNull(arrayList);
        ArrayList arrayList3 = new ArrayList(CollectionsKt.collectionSizeOrDefault(filterNotNull, 10));
        Iterator it2 = filterNotNull.iterator();
        while (it2.hasNext()) {
            arrayList3.add(((TockUserRole) it2.next()).name());
        }
        return CollectionsKt.toSet(arrayList3);
    }

    @Override // ai.tock.shared.security.auth.SSOTockAuthProvider, ai.tock.shared.security.auth.TockAuthProvider
    @NotNull
    public Set<Regex> excludedPaths(@NotNull WebVerticle webVerticle) {
        Intrinsics.checkNotNullParameter(webVerticle, "verticle");
        return SetsKt.plus(super.excludedPaths(webVerticle), new Regex(callbackPath(webVerticle)));
    }

    private final String callbackPath(WebVerticle webVerticle) {
        return webVerticle.getBasePath() + "/callback";
    }

    @Deprecated(message = "Deprecated in Java")
    public void authenticate(JsonObject jsonObject, Handler<AsyncResult<User>> handler) {
        this.oauth2.authenticate(jsonObject, handler);
    }

    public Future<Void> jWKSet() {
        return this.oauth2.jWKSet();
    }

    @Fluent
    public OAuth2Auth missingKeyHandler(Handler<String> handler) {
        return this.oauth2.missingKeyHandler(handler);
    }

    @Deprecated(message = "Deprecated in Java")
    public String authorizeURL(JsonObject jsonObject) {
        return this.oauth2.authorizeURL(jsonObject);
    }

    public String authorizeURL(OAuth2AuthorizationURL oAuth2AuthorizationURL) {
        return this.oauth2.authorizeURL(oAuth2AuthorizationURL);
    }

    public Future<User> refresh(User user) {
        return this.oauth2.refresh(user);
    }

    public Future<Void> revoke(User user, String str) {
        return this.oauth2.revoke(user, str);
    }

    public Future<JsonObject> userInfo(User user) {
        return this.oauth2.userInfo(user);
    }

    public String endSessionURL(User user, JsonObject jsonObject) {
        return this.oauth2.endSessionURL(user, jsonObject);
    }

    public void close() {
        this.oauth2.close();
    }

    private static final Object _init_$lambda$2$lambda$0(String str, int i) {
        return "set proxy " + str + ":" + i;
    }

    private static final Object protectPaths$lambda$8$lambda$7$lambda$4(String str) {
        return "empty role for " + str;
    }

    private static final Object protectPaths$lambda$8$lambda$7$lambda$5(JsonObject jsonObject) {
        return "No attribute representing namespace called " + userNamespaceAttribute + " in " + jsonObject + ", using default \"app\" namespace";
    }

    private static final Unit protectPaths$lambda$8$lambda$7$lambda$6(String str, Ref.ObjectRef objectRef, Set set, RoutingContext routingContext) {
        routingContext.setUser(((TockUserListener) ((Function0) IOCsKt.getInjector().getInjector().getInjector().Provider(new TypeReference<TockUserListener>() { // from class: ai.tock.shared.security.auth.KeycloakOAuth2Provider$protectPaths$lambda$8$lambda$7$lambda$6$$inlined$provide$default$1
        }, (Object) null).getValue()).invoke()).registerUser(new TockUser(str, (String) objectRef.element, set, false, 8, null), true));
        routingContext.next();
        return Unit.INSTANCE;
    }

    private static final void protectPaths$lambda$8(KeycloakOAuth2Provider keycloakOAuth2Provider, RoutingContext routingContext) {
        JsonObject jsonObject;
        User user = routingContext.user();
        if (!(user != null ? user.containsKey("access_token") : false)) {
            routingContext.next();
            return;
        }
        if (user.containsKey("email")) {
            jsonObject = user.principal();
        } else {
            Base64.Decoder decoder = Base64.getDecoder();
            Object obj = user.get("access_token");
            Intrinsics.checkNotNullExpressionValue(obj, "get(...)");
            byte[] decode = decoder.decode((String) StringsKt.split$default((CharSequence) obj, new String[]{"."}, false, 0, 6, (Object) null).get(1));
            Intrinsics.checkNotNullExpressionValue(decode, "decode(...)");
            jsonObject = new JsonObject(new String(decode, Charsets.UTF_8));
        }
        JsonObject jsonObject2 = jsonObject;
        String string = jsonObject2.getString("email");
        Intrinsics.checkNotNullExpressionValue(string, "getString(...)");
        String lowerCase = string.toLowerCase(LocalesKt.getDefaultLocale());
        Intrinsics.checkNotNullExpressionValue(lowerCase, "toLowerCase(...)");
        String string2 = jsonObject2.getString(userRoleAttribute);
        Intrinsics.checkNotNullExpressionValue(string2, "getString(...)");
        Set<String> parseUserRoles = keycloakOAuth2Provider.parseUserRoles(string2);
        if (parseUserRoles.isEmpty()) {
            logger.warn(() -> {
                return protectPaths$lambda$8$lambda$7$lambda$4(r1);
            });
            routingContext.fail(401);
            return;
        }
        Ref.ObjectRef objectRef = new Ref.ObjectRef();
        objectRef.element = jsonObject2.getString(userNamespaceAttribute);
        if (objectRef.element == null) {
            logger.warn(() -> {
                return protectPaths$lambda$8$lambda$7$lambda$5(r1);
            });
            objectRef.element = NamespacesKt.getDefaultNamespace();
        }
        keycloakOAuth2Provider.getExecutor().executeBlocking(() -> {
            return protectPaths$lambda$8$lambda$7$lambda$6(r1, r2, r3, r4);
        });
    }

    private static final Unit logger$lambda$13() {
        return Unit.INSTANCE;
    }
}
