package org.minbox.framework.on.security.core.authorization.data.session.converter;

import java.time.LocalDateTime;
import java.time.ZoneId;
import org.minbox.framework.on.security.core.authorization.AccessTokenType;
import org.minbox.framework.on.security.core.authorization.SessionState;
import org.minbox.framework.on.security.core.authorization.data.application.SecurityApplication;
import org.minbox.framework.on.security.core.authorization.data.application.SecurityApplicationRepository;
import org.minbox.framework.on.security.core.authorization.data.session.SecuritySession;
import org.minbox.framework.on.security.core.authorization.data.user.SecurityUser;
import org.minbox.framework.on.security.core.authorization.data.user.SecurityUserRepository;
import org.springframework.core.convert.converter.Converter;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2RefreshToken;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.core.oidc.OidcIdToken;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationCode;
import org.springframework.util.Assert;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:BOOT-INF/lib/on-security-core-0.0.7.jar:org/minbox/framework/on/security/core/authorization/data/session/converter/OAuth2AuthorizationToSecuritySessionConverter.class */
public final class OAuth2AuthorizationToSecuritySessionConverter implements Converter<OAuth2Authorization, SecuritySession> {
    private SecurityApplicationRepository clientRepository;
    private SecurityUserRepository userRepository;

    public OAuth2AuthorizationToSecuritySessionConverter(SecurityApplicationRepository securityApplicationRepository, SecurityUserRepository securityUserRepository) {
        this.clientRepository = securityApplicationRepository;
        this.userRepository = securityUserRepository;
    }

    @Override // org.springframework.core.convert.converter.Converter
    public SecuritySession convert(OAuth2Authorization oAuth2Authorization) {
        SecurityApplication findById = this.clientRepository.findById(oAuth2Authorization.getRegisteredClientId());
        Assert.notNull(findById, "Client ID: " + oAuth2Authorization.getRegisteredClientId() + ", no data retrieved");
        SecuritySession.Builder withId = SecuritySession.withId(oAuth2Authorization.getId());
        if (AuthorizationGrantType.CLIENT_CREDENTIALS != oAuth2Authorization.getAuthorizationGrantType()) {
            SecurityUser findByUsername = this.userRepository.findByUsername(oAuth2Authorization.getPrincipalName());
            Assert.notNull(findByUsername, "Username: " + oAuth2Authorization.getPrincipalName() + ", no data retrieved");
            withId.userId(findByUsername.getId());
        }
        withId.regionId(findById.getRegionId()).applicationId(findById.getId()).sessionState(SessionState.NORMAL).username(oAuth2Authorization.getPrincipalName()).attributes(oAuth2Authorization.getAttributes()).authorizationGrantType(oAuth2Authorization.getAuthorizationGrantType()).authorizationScopes(oAuth2Authorization.getAuthorizedScopes());
        String str = (String) oAuth2Authorization.getAttribute(OAuth2ParameterNames.STATE);
        if (StringUtils.hasText(str)) {
            withId.state(str);
        }
        OAuth2Authorization.Token token = oAuth2Authorization.getToken(OAuth2AuthorizationCode.class);
        if (!ObjectUtils.isEmpty(token)) {
            OAuth2AuthorizationCode token2 = token.getToken();
            withId.authorizationCodeValue(token2.getTokenValue()).authorizationCodeIssuedAt(LocalDateTime.ofInstant(token2.getIssuedAt(), ZoneId.systemDefault())).authorizationCodeExpiresAt(LocalDateTime.ofInstant(token2.getExpiresAt(), ZoneId.systemDefault())).authorizationCodeMetadata(token.getMetadata());
        }
        OAuth2Authorization.Token token3 = oAuth2Authorization.getToken(OAuth2AccessToken.class);
        if (!ObjectUtils.isEmpty(token3)) {
            OAuth2AccessToken oAuth2AccessToken = (OAuth2AccessToken) token3.getToken();
            withId.accessTokenValue(oAuth2AccessToken.getTokenValue()).accessTokenType(new AccessTokenType(oAuth2AccessToken.getTokenType().getValue())).accessTokenScopes(oAuth2AccessToken.getScopes()).accessTokenIssuedAt(LocalDateTime.ofInstant(oAuth2AccessToken.getIssuedAt(), ZoneId.systemDefault())).accessTokenExpiresAt(LocalDateTime.ofInstant(oAuth2AccessToken.getExpiresAt(), ZoneId.systemDefault())).accessTokenMetadata(token3.getMetadata());
        }
        OAuth2Authorization.Token token4 = oAuth2Authorization.getToken(OidcIdToken.class);
        if (!ObjectUtils.isEmpty(token4)) {
            OidcIdToken oidcIdToken = (OidcIdToken) token4.getToken();
            withId.oidcIdTokenValue(oidcIdToken.getTokenValue()).oidcIdTokenIssuedAt(LocalDateTime.ofInstant(oidcIdToken.getIssuedAt(), ZoneId.systemDefault())).oidcIdTokenExpiresAt(LocalDateTime.ofInstant(oidcIdToken.getExpiresAt(), ZoneId.systemDefault())).oidcIdTokenMetadata(token4.getMetadata());
        }
        OAuth2Authorization.Token refreshToken = oAuth2Authorization.getRefreshToken();
        if (!ObjectUtils.isEmpty(refreshToken)) {
            OAuth2RefreshToken oAuth2RefreshToken = (OAuth2RefreshToken) refreshToken.getToken();
            withId.refreshTokenValue(oAuth2RefreshToken.getTokenValue()).refreshTokenIssuedAt(LocalDateTime.ofInstant(oAuth2RefreshToken.getIssuedAt(), ZoneId.systemDefault())).refreshTokenExpiresAt(LocalDateTime.ofInstant(oAuth2RefreshToken.getExpiresAt(), ZoneId.systemDefault())).refreshTokenMetadata(refreshToken.getMetadata());
        }
        return withId.build();
    }
}
