package org.nentangso.core.security;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:org/nentangso/core/security/NtsSecurityHelper.class */
public class NtsSecurityHelper implements InitializingBean {
    private final String rolesClaim;
    private final String rolePrefix;
    private static NtsSecurityHelper instance;

    private NtsSecurityHelper(@Value("${nts.security.oauth2.client.configuration.roles-claim:roles}") String str, @Value("${nts.security.oauth2.client.configuration.role-prefix:ROLE_}") String str2) {
        this.rolesClaim = str;
        this.rolePrefix = str2;
    }

    public Optional<String> getCurrentUserLogin() {
        return Optional.ofNullable(extractPrincipal(SecurityContextHolder.getContext().getAuthentication()));
    }

    private String extractPrincipal(Authentication authentication) {
        if (authentication == null) {
            return null;
        }
        if (authentication.getPrincipal() instanceof UserDetails) {
            return ((UserDetails) authentication.getPrincipal()).getUsername();
        }
        if (authentication instanceof JwtAuthenticationToken) {
            return (String) ((JwtAuthenticationToken) authentication).getToken().getClaims().get("preferred_username");
        }
        if (!(authentication.getPrincipal() instanceof DefaultOidcUser)) {
            if (authentication.getPrincipal() instanceof String) {
                return (String) authentication.getPrincipal();
            }
            return null;
        }
        Map attributes = ((DefaultOidcUser) authentication.getPrincipal()).getAttributes();
        if (attributes.containsKey("preferred_username")) {
            return (String) attributes.get("preferred_username");
        }
        return null;
    }

    public boolean isAuthenticated() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null) {
            Stream<String> authorities = getAuthorities(authentication);
            String str = NtsAuthoritiesConstants.ANONYMOUS;
            if (authorities.noneMatch((v1) -> {
                return r1.equals(v1);
            })) {
                return true;
            }
        }
        return false;
    }

    public boolean hasCurrentUserAnyOfAuthorities(String... strArr) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return authentication != null && getAuthorities(authentication).anyMatch(str -> {
            return Arrays.asList(strArr).contains(str);
        });
    }

    public boolean hasCurrentUserNoneOfAuthorities(String... strArr) {
        return !hasCurrentUserAnyOfAuthorities(strArr);
    }

    public boolean hasCurrentUserThisAuthority(String str) {
        return hasCurrentUserAnyOfAuthorities(str);
    }

    private Stream<String> getAuthorities(Authentication authentication) {
        return (authentication instanceof JwtAuthenticationToken ? extractAuthorityFromClaims(((JwtAuthenticationToken) authentication).getToken().getClaims()) : authentication.getAuthorities()).stream().map((v0) -> {
            return v0.getAuthority();
        });
    }

    public List<GrantedAuthority> extractAuthorityFromClaims(Map<String, Object> map) {
        return mapRolesToGrantedAuthorities(getRolesFromClaims(map));
    }

    private Collection<String> getRolesFromClaims(Map<String, Object> map) {
        return (Collection) map.getOrDefault(this.rolesClaim, new ArrayList());
    }

    private List<GrantedAuthority> mapRolesToGrantedAuthorities(Collection<String> collection) {
        return (List) collection.stream().filter(str -> {
            return str.startsWith(this.rolePrefix);
        }).map(SimpleGrantedAuthority::new).collect(Collectors.toList());
    }

    public void afterPropertiesSet() {
        instance = this;
    }

    public static NtsSecurityHelper getInstance() {
        return instance;
    }
}
