package leap.oauth2.webapp;

import java.net.URI;
import java.util.ArrayList;
import java.util.List;
import leap.core.annotation.ConfigProperty;
import leap.core.annotation.Configurable;
import leap.core.annotation.Inject;
import leap.core.web.RequestIgnore;
import leap.lang.Strings;
import leap.lang.net.Urls;
import leap.lang.path.AntPathPattern;
import leap.lang.path.Paths;
import leap.oauth2.webapp.user.UserDetailsLookup;
import leap.web.App;
import leap.web.AppInitializable;
import leap.web.AppListener;
import leap.web.ServerInfo;
import leap.web.security.SecurityConfigurator;

@Configurable(prefix = "oauth2")
/* loaded from: input_file:leap/oauth2/webapp/DefaultOAuth2Config.class */
public class DefaultOAuth2Config implements OAuth2Config, OAuth2Configurator, AppInitializable, AppListener {

    @Inject
    protected SecurityConfigurator sc;
    protected boolean enabled;
    protected boolean login;
    protected boolean logout;
    protected boolean loginWithAccessToken;
    protected boolean forceLookupUserInfo;
    protected String authorizeUrl;
    protected String tokenUrl;
    protected String indirectTokenUrl;
    protected String tokenInfoUrl;
    protected String userInfoUrl;
    protected String publicKeyUrl;
    protected String jwksUrl;
    protected String logoutUrl;
    protected String clientId;
    protected String clientSecret;
    protected String redirectUri;
    protected String errorView;
    protected String logoutView;
    private List<RequestIgnore> ignoresList = new ArrayList();
    private RequestIgnore[] ignoresArray = new RequestIgnore[0];

    @Inject
    protected UserDetailsLookup userDetailsLookup;

    @Override // leap.oauth2.webapp.OAuth2Configurator
    public OAuth2Config config() {
        return this;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public boolean isEnabled() {
        return this.enabled;
    }

    @Override // leap.oauth2.webapp.OAuth2Configurator
    @ConfigProperty
    public OAuth2Configurator setEnabled(boolean z) {
        this.enabled = z;
        return this;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public boolean isLogin() {
        return this.login;
    }

    @ConfigProperty
    public void setLogin(boolean z) {
        this.login = z;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public boolean isLogout() {
        return this.logout;
    }

    @ConfigProperty
    public void setLogout(boolean z) {
        this.logout = z;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public boolean isLoginWithAccessToken() {
        return this.loginWithAccessToken;
    }

    @ConfigProperty
    public void setLoginWithAccessToken(boolean z) {
        this.loginWithAccessToken = z;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public boolean isForceLookupUserInfo() {
        return this.forceLookupUserInfo;
    }

    @ConfigProperty
    public void setForceLookupUserInfo(boolean z) {
        this.forceLookupUserInfo = z;
    }

    @Override // leap.oauth2.webapp.OAuth2Configurator
    @ConfigProperty
    public OAuth2Configurator setServerUrl(String str) {
        String suffixWithoutSlash = Paths.suffixWithoutSlash(str);
        if (null == this.authorizeUrl) {
            this.authorizeUrl = suffixWithoutSlash + "/oauth2/authorize";
        }
        if (null == this.tokenUrl) {
            this.tokenUrl = suffixWithoutSlash + "/oauth2/token";
        }
        if (null == this.tokenInfoUrl) {
            this.tokenInfoUrl = suffixWithoutSlash + "/oauth2/tokeninfo";
        }
        if (null == this.userInfoUrl) {
            this.userInfoUrl = suffixWithoutSlash + "/oauth2/userinfo";
        }
        if (null == this.publicKeyUrl) {
            this.publicKeyUrl = suffixWithoutSlash + "/oauth2/publickey";
        }
        if (null == this.logoutUrl) {
            this.logoutUrl = suffixWithoutSlash + "/oauth2/logout";
        }
        return this;
    }

    @ConfigProperty
    public void setIndirectServerUrl(String str) {
        String suffixWithoutSlash = Paths.suffixWithoutSlash(str);
        this.authorizeUrl = suffixWithoutSlash + "/oauth2/authorize";
        this.logoutUrl = suffixWithoutSlash + "/oauth2/logout";
        this.indirectTokenUrl = suffixWithoutSlash + "/oauth2/token";
    }

    @ConfigProperty
    public void setDirectServerUrl(String str) {
        String suffixWithoutSlash = Paths.suffixWithoutSlash(str);
        this.tokenUrl = suffixWithoutSlash + "/oauth2/token";
        this.tokenInfoUrl = suffixWithoutSlash + "/oauth2/tokeninfo";
        this.userInfoUrl = suffixWithoutSlash + "/oauth2/userinfo";
        this.publicKeyUrl = suffixWithoutSlash + "/oauth2/publickey";
    }

    public void onServerInfoResolved(App app, ServerInfo serverInfo) {
        this.authorizeUrl = parseUrl(this.authorizeUrl, serverInfo);
        this.tokenUrl = parseUrl(this.tokenUrl, serverInfo);
        this.tokenInfoUrl = parseUrl(this.tokenInfoUrl, serverInfo);
        this.userInfoUrl = parseUrl(this.userInfoUrl, serverInfo);
        this.publicKeyUrl = parseUrl(this.publicKeyUrl, serverInfo);
        this.logoutUrl = parseUrl(this.logoutUrl, serverInfo);
    }

    protected boolean needParse(String str) {
        if (Strings.isEmpty(str)) {
            return false;
        }
        return !(Strings.startsWith(str, "http://") || Strings.startsWith(str, "https://"));
    }

    protected String parseUrl(String str, ServerInfo serverInfo) {
        if (!needParse(str)) {
            return str;
        }
        String resolveUrlExpr = Urls.resolveUrlExpr(str, URI.create(Strings.replace(serverInfo.getServerUrl(), " ", "%20")));
        return needParse(resolveUrlExpr) ? serverInfo.getServerUrl() + Paths.prefixWithSlash(resolveUrlExpr) : resolveUrlExpr;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public String getAuthorizeUrl() {
        return this.authorizeUrl;
    }

    @Override // leap.oauth2.webapp.OAuth2Configurator
    @ConfigProperty
    public OAuth2Configurator setAuthorizeUrl(String str) {
        this.authorizeUrl = str;
        return this;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public String getTokenUrl() {
        return this.tokenUrl;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public String getIndirectTokenUrl() {
        return this.indirectTokenUrl;
    }

    @Override // leap.oauth2.webapp.OAuth2Configurator
    @ConfigProperty
    public OAuth2Configurator setIndirectTokenUrl(String str) {
        this.indirectTokenUrl = str;
        return this;
    }

    @Override // leap.oauth2.webapp.OAuth2Configurator
    @ConfigProperty
    public OAuth2Configurator setTokenUrl(String str) {
        this.tokenUrl = str;
        return this;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public String getTokenInfoUrl() {
        return this.tokenInfoUrl;
    }

    @Override // leap.oauth2.webapp.OAuth2Configurator
    @ConfigProperty
    public OAuth2Configurator setTokenInfoUrl(String str) {
        this.tokenInfoUrl = str;
        return this;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public String getUserInfoUrl() {
        return this.userInfoUrl;
    }

    @Override // leap.oauth2.webapp.OAuth2Configurator
    @ConfigProperty
    public OAuth2Configurator setUserInfoUrl(String str) {
        this.userInfoUrl = str;
        return this;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public String getPublicKeyUrl() {
        return this.publicKeyUrl;
    }

    @Override // leap.oauth2.webapp.OAuth2Configurator
    @ConfigProperty
    public OAuth2Configurator setPublicKeyUrl(String str) {
        this.publicKeyUrl = str;
        return this;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public String getJwksUrl() {
        return this.jwksUrl;
    }

    public void setJwksUrl(String str) {
        this.jwksUrl = str;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public String getLogoutUrl() {
        return this.logoutUrl;
    }

    @ConfigProperty
    public void setLogoutUrl(String str) {
        this.logoutUrl = str;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public String getClientId() {
        return this.clientId;
    }

    @Override // leap.oauth2.webapp.OAuth2Configurator
    public OAuth2Configurator ignorePath(String str) {
        AntPathPattern antPathPattern = new AntPathPattern(str);
        this.ignoresList.add(requestBase -> {
            return antPathPattern.matches(requestBase.getPath());
        });
        this.ignoresArray = (RequestIgnore[]) this.ignoresList.toArray(new RequestIgnore[this.ignoresList.size()]);
        return this;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public RequestIgnore[] getIgnores() {
        return this.ignoresArray;
    }

    @Override // leap.oauth2.webapp.OAuth2Configurator
    @ConfigProperty
    public OAuth2Configurator setClientId(String str) {
        this.clientId = str;
        return this;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public String getClientSecret() {
        return this.clientSecret;
    }

    @Override // leap.oauth2.webapp.OAuth2Configurator
    @ConfigProperty
    public OAuth2Configurator setClientSecret(String str) {
        this.clientSecret = str;
        return this;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public String getRedirectUri() {
        return this.redirectUri;
    }

    @ConfigProperty
    public void setRedirectUri(String str) {
        this.redirectUri = str;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public String getErrorView() {
        return this.errorView;
    }

    @ConfigProperty
    public void setErrorView(String str) {
        this.errorView = str;
    }

    @Override // leap.oauth2.webapp.OAuth2Config
    public String getLogoutView() {
        return this.logoutView;
    }

    @ConfigProperty
    public void setLogoutView(String str) {
        this.logoutView = str;
    }

    public void postAppInit(App app) throws Throwable {
        if (this.enabled) {
            if (!this.sc.config().isEnabled()) {
                this.sc.enable(true);
            }
            if (null == this.userDetailsLookup || !this.userDetailsLookup.isEnabled()) {
                return;
            }
            this.loginWithAccessToken = true;
        }
    }
}
