package org.minbox.framework.on.security.core.authorization.data.application.converter;

import java.time.Duration;
import java.time.ZoneId;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import org.minbox.framework.on.security.core.authorization.data.application.SecurityApplication;
import org.minbox.framework.on.security.core.authorization.data.application.SecurityApplicationAuthentication;
import org.minbox.framework.on.security.core.authorization.data.application.SecurityApplicationSecret;
import org.springframework.core.convert.converter.Converter;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
import org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
import org.springframework.util.ObjectUtils;

/* loaded from: input_file:BOOT-INF/lib/on-security-core-0.0.8.jar:org/minbox/framework/on/security/core/authorization/data/application/converter/SecurityApplicationToRegisteredClientConverter.class */
public class SecurityApplicationToRegisteredClientConverter implements Converter<SecurityApplication, RegisteredClient> {
    /* JADX WARN: Type inference failed for: r1v4, types: [java.time.ZonedDateTime] */
    /* JADX WARN: Type inference failed for: r1v60, types: [java.time.ZonedDateTime] */
    @Override // org.springframework.core.convert.converter.Converter
    public RegisteredClient convert(SecurityApplication securityApplication) {
        RegisteredClient.Builder withId = RegisteredClient.withId(securityApplication.getId());
        withId.clientId(securityApplication.getApplicationId()).clientIdIssuedAt(securityApplication.getCreateTime().atZone(ZoneId.systemDefault()).toInstant()).clientName(securityApplication.getDisplayName());
        if (!ObjectUtils.isEmpty(securityApplication.getSecrets())) {
            Optional<SecurityApplicationSecret> findFirst = securityApplication.getSecrets().stream().filter(securityApplicationSecret -> {
                return !securityApplicationSecret.isDeleted();
            }).findFirst();
            if (findFirst.isPresent()) {
                SecurityApplicationSecret securityApplicationSecret2 = findFirst.get();
                withId.clientSecret(securityApplicationSecret2.getApplicationSecret()).clientSecretExpiresAt(securityApplicationSecret2.getSecretExpiresAt().atZone(ZoneId.systemDefault()).toInstant());
            }
        }
        if (!ObjectUtils.isEmpty(securityApplication.getScopes())) {
            Set set = (Set) securityApplication.getScopes().stream().map((v0) -> {
                return v0.getScopeCode();
            }).collect(Collectors.toSet());
            withId.scopes(set2 -> {
                set2.addAll(set);
            });
        }
        if (!ObjectUtils.isEmpty(securityApplication.getRedirectUris())) {
            Set set3 = (Set) securityApplication.getRedirectUris().stream().map((v0) -> {
                return v0.getRedirectUri();
            }).collect(Collectors.toSet());
            withId.redirectUris(set4 -> {
                set4.addAll(set3);
            });
        }
        if (!ObjectUtils.isEmpty(securityApplication.getAuthentication())) {
            SecurityApplicationAuthentication authentication = securityApplication.getAuthentication();
            if (!ObjectUtils.isEmpty(authentication.getAuthenticationMethods())) {
                Set set5 = (Set) authentication.getAuthenticationMethods().stream().map(clientAuthenticationMethod -> {
                    return new ClientAuthenticationMethod(clientAuthenticationMethod.getValue());
                }).collect(Collectors.toSet());
                withId.clientAuthenticationMethods(set6 -> {
                    set6.addAll(set5);
                });
            }
            if (!ObjectUtils.isEmpty(authentication.getAuthorizationGrantTypes())) {
                Set set7 = (Set) authentication.getAuthorizationGrantTypes().stream().map(authorizationGrantType -> {
                    return new AuthorizationGrantType(authorizationGrantType.getValue());
                }).collect(Collectors.toSet());
                withId.authorizationGrantTypes(set8 -> {
                    set8.addAll(set7);
                });
            }
            ClientSettings.Builder requireAuthorizationConsent = ClientSettings.builder().requireProofKey(authentication.isConfidential()).requireAuthorizationConsent(authentication.isConsentRequired());
            if (!ObjectUtils.isEmpty(authentication.getJwksUrl())) {
                requireAuthorizationConsent.jwkSetUrl(authentication.getJwksUrl());
            }
            if (!ObjectUtils.isEmpty(authentication.getAuthenticationSigningAlgorithm())) {
                requireAuthorizationConsent.tokenEndpointAuthenticationSigningAlgorithm(() -> {
                    return authentication.getAuthenticationSigningAlgorithm().getValue();
                });
            }
            withId.clientSettings(requireAuthorizationConsent.build());
            withId.tokenSettings(TokenSettings.builder().authorizationCodeTimeToLive(Duration.ofSeconds(authentication.getAuthorizationCodeExpirationTime())).accessTokenFormat(authentication.getAccessTokenFormat()).accessTokenTimeToLive(Duration.ofSeconds(authentication.getAccessTokenExpirationTime())).reuseRefreshTokens(authentication.isReuseRefreshToken()).refreshTokenTimeToLive(Duration.ofSeconds(authentication.getRefreshTokenExpirationTime())).idTokenSignatureAlgorithm(SignatureAlgorithm.from(authentication.getIdTokenSignatureAlgorithm().getValue())).build());
        }
        return withId.build();
    }
}
