package org.minbox.framework.on.security.core.authorization.data.application;

import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Set;
import java.util.function.Function;
import java.util.stream.Collectors;
import org.minbox.framework.on.security.core.authorization.SignatureAlgorithm;
import org.springframework.jdbc.core.ArgumentPreparedStatementSetter;
import org.springframework.jdbc.core.JdbcOperations;
import org.springframework.jdbc.core.RowMapper;
import org.springframework.jdbc.core.SqlParameterValue;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat;
import org.springframework.util.Assert;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:BOOT-INF/lib/on-security-core-0.0.7.jar:org/minbox/framework/on/security/core/authorization/data/application/SecurityApplicationAuthenticationJdbcRepository.class */
public class SecurityApplicationAuthenticationJdbcRepository implements SecurityApplicationAuthenticationRepository {
    private static final String COLUMN_NAMES = "id, application_id, confidential, jwks_url, authentication_methods, authentication_signing_algorithm, authorization_grant_types, consent_required, id_token_signature_algorithm, authorization_code_expiration_time, access_token_format, access_token_expiration_time, refresh_token_expiration_time, reuse_refresh_token, create_time";
    private static final String TABLE_NAME = "security_application_authentication";
    private static final String ID_FILTER = "id = ?";
    private static final String CLIENT_ID_FILTER = "application_id = ?";
    private static final String SELECT_CLIENT_AUTHENTICATION_SQL = "SELECT id, application_id, confidential, jwks_url, authentication_methods, authentication_signing_algorithm, authorization_grant_types, consent_required, id_token_signature_algorithm, authorization_code_expiration_time, access_token_format, access_token_expiration_time, refresh_token_expiration_time, reuse_refresh_token, create_time FROM security_application_authentication WHERE ";
    private static final String INSERT_CLIENT_AUTHENTICATION_SQL = "INSERT INTO security_application_authentication(id, application_id, confidential, jwks_url, authentication_methods, authentication_signing_algorithm, authorization_grant_types, consent_required, id_token_signature_algorithm, authorization_code_expiration_time, access_token_format, access_token_expiration_time, refresh_token_expiration_time, reuse_refresh_token, create_time) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
    private static final String UPDATE_CLIENT_AUTHENTICATION_SQL = "UPDATE security_application_authentication SET confidential = ?, jwks_url = ?, authentication_methods = ?, authentication_signing_algorithm = ?, authorization_grant_types = ?, consent_required = ?, id_token_signature_algorithm = ?, authorization_code_expiration_time = ?,access_token_format = ?, access_token_expiration_time = ?, refresh_token_expiration_time = ?, reuse_refresh_token = ? WHERE id = ?";
    private JdbcOperations jdbcOperations;
    private RowMapper<SecurityApplicationAuthentication> clientAuthenticationRowMapper;
    private Function<SecurityApplicationAuthentication, List<SqlParameterValue>> clientAuthenticationParametersMapper;

    /* loaded from: input_file:BOOT-INF/lib/on-security-core-0.0.7.jar:org/minbox/framework/on/security/core/authorization/data/application/SecurityApplicationAuthenticationJdbcRepository$SecurityClientAuthenticationParametersMapper.class */
    public static class SecurityClientAuthenticationParametersMapper implements Function<SecurityApplicationAuthentication, List<SqlParameterValue>> {
        @Override // java.util.function.Function
        public List<SqlParameterValue> apply(SecurityApplicationAuthentication securityApplicationAuthentication) {
            Set set = (Set) securityApplicationAuthentication.getAuthorizationMethods().stream().map((v0) -> {
                return v0.getValue();
            }).collect(Collectors.toSet());
            Set set2 = (Set) securityApplicationAuthentication.getGrantTypes().stream().map((v0) -> {
                return v0.getValue();
            }).collect(Collectors.toSet());
            SqlParameterValue[] sqlParameterValueArr = new SqlParameterValue[15];
            sqlParameterValueArr[0] = new SqlParameterValue(12, securityApplicationAuthentication.getId());
            sqlParameterValueArr[1] = new SqlParameterValue(12, securityApplicationAuthentication.getApplicationId());
            sqlParameterValueArr[2] = new SqlParameterValue(16, Boolean.valueOf(securityApplicationAuthentication.isConfidential()));
            sqlParameterValueArr[3] = new SqlParameterValue(12, securityApplicationAuthentication.getJwksUrl());
            sqlParameterValueArr[4] = new SqlParameterValue(12, StringUtils.collectionToCommaDelimitedString(set));
            sqlParameterValueArr[5] = new SqlParameterValue(12, !ObjectUtils.isEmpty(securityApplicationAuthentication.getSignatureAlgorithm()) ? securityApplicationAuthentication.getSignatureAlgorithm().getValue() : null);
            sqlParameterValueArr[6] = new SqlParameterValue(12, StringUtils.collectionToCommaDelimitedString(set2));
            sqlParameterValueArr[7] = new SqlParameterValue(16, Boolean.valueOf(securityApplicationAuthentication.isConsentRequired()));
            sqlParameterValueArr[8] = new SqlParameterValue(12, !ObjectUtils.isEmpty(securityApplicationAuthentication.getIdTokenSignatureAlgorithm()) ? securityApplicationAuthentication.getIdTokenSignatureAlgorithm().getValue() : null);
            sqlParameterValueArr[9] = new SqlParameterValue(4, Integer.valueOf(securityApplicationAuthentication.getAuthorizationCodeExpirationTime()));
            sqlParameterValueArr[10] = new SqlParameterValue(12, securityApplicationAuthentication.getAccessTokenFormat().getValue());
            sqlParameterValueArr[11] = new SqlParameterValue(4, Integer.valueOf(securityApplicationAuthentication.getAccessTokenExpirationTime()));
            sqlParameterValueArr[12] = new SqlParameterValue(4, Integer.valueOf(securityApplicationAuthentication.getRefreshTokenExpirationTime()));
            sqlParameterValueArr[13] = new SqlParameterValue(16, Boolean.valueOf(securityApplicationAuthentication.isReuseRefreshToken()));
            sqlParameterValueArr[14] = new SqlParameterValue(93, Timestamp.valueOf(securityApplicationAuthentication.getCreateTime()));
            return Arrays.asList(sqlParameterValueArr);
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/on-security-core-0.0.7.jar:org/minbox/framework/on/security/core/authorization/data/application/SecurityApplicationAuthenticationJdbcRepository$SecurityClientAuthenticationRowMapper.class */
    public static class SecurityClientAuthenticationRowMapper implements RowMapper<SecurityApplicationAuthentication> {
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.springframework.jdbc.core.RowMapper
        public SecurityApplicationAuthentication mapRow(ResultSet resultSet, int i) throws SQLException {
            Set<String> commaDelimitedListToSet = StringUtils.commaDelimitedListToSet(resultSet.getString("authentication_methods"));
            Set<String> commaDelimitedListToSet2 = StringUtils.commaDelimitedListToSet(resultSet.getString("authorization_grant_types"));
            String string = resultSet.getString("authentication_signing_algorithm");
            String string2 = resultSet.getString("id_token_signature_algorithm");
            return SecurityApplicationAuthentication.withId(resultSet.getString("id")).applicationId(resultSet.getString("application_id")).confidential(resultSet.getBoolean("confidential")).jwksUrl(resultSet.getString("jwks_url")).authorizationMethods((Set) commaDelimitedListToSet.stream().map(str -> {
                return new ClientAuthenticationMethod(str);
            }).collect(Collectors.toSet())).signatureAlgorithm(!ObjectUtils.isEmpty(string) ? new SignatureAlgorithm(string) : null).grantTypes((Set) commaDelimitedListToSet2.stream().map(str2 -> {
                return new AuthorizationGrantType(str2);
            }).collect(Collectors.toSet())).consentRequired(resultSet.getBoolean("consent_required")).idTokenSignatureAlgorithm(!ObjectUtils.isEmpty(string2) ? new SignatureAlgorithm(string2) : null).authorizationCodeExpirationTime(resultSet.getInt("authorization_code_expiration_time")).accessTokenFormat(new OAuth2TokenFormat(resultSet.getString("access_token_format"))).accessTokenExpirationTime(resultSet.getInt("access_token_expiration_time")).refreshTokenExpirationTime(resultSet.getInt("refresh_token_expiration_time")).reuseRefreshToken(resultSet.getBoolean("reuse_refresh_token")).createTime(resultSet.getTimestamp("create_time").toLocalDateTime()).build();
        }
    }

    public SecurityApplicationAuthenticationJdbcRepository(JdbcOperations jdbcOperations) {
        Assert.notNull(jdbcOperations, "jdbcOperations cannot be null");
        this.jdbcOperations = jdbcOperations;
        this.clientAuthenticationRowMapper = new SecurityClientAuthenticationRowMapper();
        this.clientAuthenticationParametersMapper = new SecurityClientAuthenticationParametersMapper();
    }

    @Override // org.minbox.framework.on.security.core.authorization.data.application.SecurityApplicationAuthenticationRepository
    public void save(SecurityApplicationAuthentication securityApplicationAuthentication) {
        Assert.notNull(securityApplicationAuthentication, "clientAuthentication cannot be null");
        if (findBy(ID_FILTER, securityApplicationAuthentication.getId()) != null) {
            updateClientAuthentication(securityApplicationAuthentication);
        } else {
            insertClientAuthentication(securityApplicationAuthentication);
        }
    }

    @Override // org.minbox.framework.on.security.core.authorization.data.application.SecurityApplicationAuthenticationRepository
    public SecurityApplicationAuthentication findById(String str) {
        Assert.hasText(str, "id cannot be empty");
        return findBy(ID_FILTER, str);
    }

    @Override // org.minbox.framework.on.security.core.authorization.data.application.SecurityApplicationAuthenticationRepository
    public SecurityApplicationAuthentication findByClientId(String str) {
        Assert.hasText(str, "applicationId cannot be empty");
        return findBy(CLIENT_ID_FILTER, str);
    }

    private void updateClientAuthentication(SecurityApplicationAuthentication securityApplicationAuthentication) {
        ArrayList arrayList = new ArrayList(this.clientAuthenticationParametersMapper.apply(securityApplicationAuthentication));
        SqlParameterValue sqlParameterValue = (SqlParameterValue) arrayList.remove(0);
        arrayList.remove(0);
        arrayList.remove(12);
        arrayList.add(sqlParameterValue);
        this.jdbcOperations.update(UPDATE_CLIENT_AUTHENTICATION_SQL, new ArgumentPreparedStatementSetter(arrayList.toArray()));
    }

    private void insertClientAuthentication(SecurityApplicationAuthentication securityApplicationAuthentication) {
        assertUniqueIdentifiers(securityApplicationAuthentication);
        this.jdbcOperations.update(INSERT_CLIENT_AUTHENTICATION_SQL, new ArgumentPreparedStatementSetter(this.clientAuthenticationParametersMapper.apply(securityApplicationAuthentication).toArray()));
    }

    private void assertUniqueIdentifiers(SecurityApplicationAuthentication securityApplicationAuthentication) {
        Assert.isNull(findBy(CLIENT_ID_FILTER, securityApplicationAuthentication.getApplicationId()), "Client ID must be unique，duplicate ID：" + securityApplicationAuthentication.getApplicationId());
    }

    private SecurityApplicationAuthentication findBy(String str, Object... objArr) {
        List query = this.jdbcOperations.query(SELECT_CLIENT_AUTHENTICATION_SQL + str, this.clientAuthenticationRowMapper, objArr);
        if (query.isEmpty()) {
            return null;
        }
        return (SecurityApplicationAuthentication) query.get(0);
    }
}
