package org.mitre.openid.connect.client;

import com.google.common.base.Strings;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
import com.google.common.util.concurrent.UncheckedExecutionException;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import java.io.IOException;
import java.net.URI;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import org.apache.http.client.HttpClient;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClientBuilder;
import org.mitre.openid.connect.config.ServerConfiguration;
import org.mitre.openid.connect.model.DefaultUserInfo;
import org.mitre.openid.connect.model.PendingOIDCAuthenticationToken;
import org.mitre.openid.connect.model.UserInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpMethod;
import org.springframework.http.client.ClientHttpRequest;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.web.client.RestTemplate;

/* loaded from: input_file:org/mitre/openid/connect/client/UserInfoFetcher.class */
public class UserInfoFetcher {
    private static final Logger logger = LoggerFactory.getLogger(UserInfoFetcher.class);
    private LoadingCache<PendingOIDCAuthenticationToken, UserInfo> cache = CacheBuilder.newBuilder().expireAfterWrite(1, TimeUnit.HOURS).maximumSize(100).build(new UserInfoLoader());

    /* loaded from: input_file:org/mitre/openid/connect/client/UserInfoFetcher$UserInfoLoader.class */
    private class UserInfoLoader extends CacheLoader<PendingOIDCAuthenticationToken, UserInfo> {
        private HttpClient httpClient;
        private HttpComponentsClientHttpRequestFactory factory;

        private UserInfoLoader() {
            this.httpClient = HttpClientBuilder.create().useSystemProperties().build();
            this.factory = new HttpComponentsClientHttpRequestFactory(this.httpClient);
        }

        public UserInfo load(final PendingOIDCAuthenticationToken pendingOIDCAuthenticationToken) {
            ServerConfiguration serverConfiguration = pendingOIDCAuthenticationToken.getServerConfiguration();
            if (serverConfiguration == null) {
                UserInfoFetcher.logger.warn("No server configuration found.");
                return null;
            }
            if (Strings.isNullOrEmpty(serverConfiguration.getUserInfoUri())) {
                UserInfoFetcher.logger.warn("No userinfo endpoint, not fetching.");
                return null;
            }
            try {
                String str = null;
                if (serverConfiguration.getUserInfoTokenMethod() == null || serverConfiguration.getUserInfoTokenMethod().equals(ServerConfiguration.UserInfoTokenMethod.HEADER)) {
                    str = (String) new RestTemplate(this.factory) { // from class: org.mitre.openid.connect.client.UserInfoFetcher.UserInfoLoader.1
                        protected ClientHttpRequest createRequest(URI uri, HttpMethod httpMethod) throws IOException {
                            ClientHttpRequest createRequest = super.createRequest(uri, httpMethod);
                            createRequest.getHeaders().add("Authorization", String.format("Bearer %s", pendingOIDCAuthenticationToken.getAccessTokenValue()));
                            return createRequest;
                        }
                    }.getForObject(serverConfiguration.getUserInfoUri(), String.class, new Object[0]);
                } else if (serverConfiguration.getUserInfoTokenMethod().equals(ServerConfiguration.UserInfoTokenMethod.FORM)) {
                    LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
                    linkedMultiValueMap.add("access_token", pendingOIDCAuthenticationToken.getAccessTokenValue());
                    str = (String) new RestTemplate(this.factory).postForObject(serverConfiguration.getUserInfoUri(), linkedMultiValueMap, String.class, new Object[0]);
                } else if (serverConfiguration.getUserInfoTokenMethod().equals(ServerConfiguration.UserInfoTokenMethod.QUERY)) {
                    URIBuilder uRIBuilder = new URIBuilder(serverConfiguration.getUserInfoUri());
                    uRIBuilder.setParameter("access_token", pendingOIDCAuthenticationToken.getAccessTokenValue());
                    str = (String) new RestTemplate(this.factory).getForObject(uRIBuilder.toString(), String.class, new Object[0]);
                }
                if (Strings.isNullOrEmpty(str)) {
                    return null;
                }
                return UserInfoFetcher.this.fromJson(new JsonParser().parse(str).getAsJsonObject());
            } catch (Exception e) {
                UserInfoFetcher.logger.warn("Error fetching userinfo", e);
                return null;
            }
        }
    }

    public UserInfo loadUserInfo(PendingOIDCAuthenticationToken pendingOIDCAuthenticationToken) {
        try {
            return (UserInfo) this.cache.get(pendingOIDCAuthenticationToken);
        } catch (UncheckedExecutionException | ExecutionException e) {
            logger.warn("Couldn't load User Info from token: " + e.getMessage());
            return null;
        }
    }

    protected UserInfo fromJson(JsonObject jsonObject) {
        return DefaultUserInfo.fromJson(jsonObject);
    }
}
