package org.springframework.security.config.oauth2.client;

import java.util.ArrayList;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.beans.factory.parsing.BeanComponentDefinition;
import org.springframework.beans.factory.parsing.CompositeComponentDefinition;
import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
import org.springframework.beans.factory.xml.BeanDefinitionParser;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrations;
import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
import org.springframework.security.oauth2.core.AuthenticationMethod;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import org.springframework.util.StringUtils;
import org.springframework.util.xml.DomUtils;
import org.w3c.dom.Element;

/* loaded from: input_file:BOOT-INF/lib/spring-security-config-5.3.4.RELEASE.jar:org/springframework/security/config/oauth2/client/ClientRegistrationsBeanDefinitionParser.class */
public final class ClientRegistrationsBeanDefinitionParser implements BeanDefinitionParser {
    private static final String ELT_CLIENT_REGISTRATION = "client-registration";
    private static final String ELT_PROVIDER = "provider";
    private static final String ATT_REGISTRATION_ID = "registration-id";
    private static final String ATT_CLIENT_ID = "client-id";
    private static final String ATT_CLIENT_SECRET = "client-secret";
    private static final String ATT_CLIENT_AUTHENTICATION_METHOD = "client-authentication-method";
    private static final String ATT_AUTHORIZATION_GRANT_TYPE = "authorization-grant-type";
    private static final String ATT_REDIRECT_URI = "redirect-uri";
    private static final String ATT_SCOPE = "scope";
    private static final String ATT_CLIENT_NAME = "client-name";
    private static final String ATT_PROVIDER_ID = "provider-id";
    private static final String ATT_AUTHORIZATION_URI = "authorization-uri";
    private static final String ATT_TOKEN_URI = "token-uri";
    private static final String ATT_USER_INFO_URI = "user-info-uri";
    private static final String ATT_USER_INFO_AUTHENTICATION_METHOD = "user-info-authentication-method";
    private static final String ATT_USER_INFO_USER_NAME_ATTRIBUTE = "user-info-user-name-attribute";
    private static final String ATT_JWK_SET_URI = "jwk-set-uri";
    private static final String ATT_ISSUER_URI = "issuer-uri";

    @Override // org.springframework.beans.factory.xml.BeanDefinitionParser
    public BeanDefinition parse(Element element, ParserContext parserContext) {
        parserContext.pushContainingComponent(new CompositeComponentDefinition(element.getTagName(), parserContext.extractSource(element)));
        AbstractBeanDefinition beanDefinition = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) InMemoryClientRegistrationRepository.class).addConstructorArgValue(getClientRegistrations(element, parserContext, getProviders(element))).getBeanDefinition();
        parserContext.registerBeanComponent(new BeanComponentDefinition(beanDefinition, parserContext.getReaderContext().generateBeanName(beanDefinition)));
        parserContext.popAndRegisterContainingComponent();
        return null;
    }

    private List<ClientRegistration> getClientRegistrations(Element element, ParserContext parserContext, Map<String, Map<String, String>> map) {
        List<Element> childElementsByTagName = DomUtils.getChildElementsByTagName(element, ELT_CLIENT_REGISTRATION);
        ArrayList arrayList = new ArrayList();
        for (Element element2 : childElementsByTagName) {
            String attribute = element2.getAttribute(ATT_REGISTRATION_ID);
            String attribute2 = element2.getAttribute(ATT_PROVIDER_ID);
            ClientRegistration.Builder builderFromIssuerIfPossible = getBuilderFromIssuerIfPossible(attribute, attribute2, map);
            if (builderFromIssuerIfPossible == null) {
                builderFromIssuerIfPossible = getBuilder(attribute, attribute2, map);
                if (builderFromIssuerIfPossible == null) {
                    parserContext.getReaderContext().error(getErrorMessage(attribute2, attribute), parserContext.extractSource(element));
                }
            }
            Optional<String> optionalIfNotEmpty = getOptionalIfNotEmpty(element2.getAttribute("client-id"));
            ClientRegistration.Builder builder = builderFromIssuerIfPossible;
            builder.getClass();
            optionalIfNotEmpty.ifPresent(builder::clientId);
            Optional<String> optionalIfNotEmpty2 = getOptionalIfNotEmpty(element2.getAttribute(ATT_CLIENT_SECRET));
            ClientRegistration.Builder builder2 = builderFromIssuerIfPossible;
            builder2.getClass();
            optionalIfNotEmpty2.ifPresent(builder2::clientSecret);
            Optional<U> map2 = getOptionalIfNotEmpty(element2.getAttribute(ATT_CLIENT_AUTHENTICATION_METHOD)).map(ClientAuthenticationMethod::new);
            ClientRegistration.Builder builder3 = builderFromIssuerIfPossible;
            builder3.getClass();
            map2.ifPresent(builder3::clientAuthenticationMethod);
            Optional<U> map3 = getOptionalIfNotEmpty(element2.getAttribute(ATT_AUTHORIZATION_GRANT_TYPE)).map(AuthorizationGrantType::new);
            ClientRegistration.Builder builder4 = builderFromIssuerIfPossible;
            builder4.getClass();
            map3.ifPresent(builder4::authorizationGrantType);
            Optional<String> optionalIfNotEmpty3 = getOptionalIfNotEmpty(element2.getAttribute(ATT_REDIRECT_URI));
            ClientRegistration.Builder builder5 = builderFromIssuerIfPossible;
            builder5.getClass();
            optionalIfNotEmpty3.ifPresent(builder5::redirectUriTemplate);
            Optional<U> map4 = getOptionalIfNotEmpty(element2.getAttribute("scope")).map(StringUtils::commaDelimitedListToSet);
            ClientRegistration.Builder builder6 = builderFromIssuerIfPossible;
            builder6.getClass();
            map4.ifPresent((v1) -> {
                r1.scope(v1);
            });
            Optional<String> optionalIfNotEmpty4 = getOptionalIfNotEmpty(element2.getAttribute(ATT_CLIENT_NAME));
            ClientRegistration.Builder builder7 = builderFromIssuerIfPossible;
            builder7.getClass();
            optionalIfNotEmpty4.ifPresent(builder7::clientName);
            arrayList.add(builderFromIssuerIfPossible.build());
        }
        return arrayList;
    }

    private Map<String, Map<String, String>> getProviders(Element element) {
        List<Element> childElementsByTagName = DomUtils.getChildElementsByTagName(element, ELT_PROVIDER);
        HashMap hashMap = new HashMap();
        for (Element element2 : childElementsByTagName) {
            HashMap hashMap2 = new HashMap();
            String attribute = element2.getAttribute(ATT_PROVIDER_ID);
            hashMap2.put(ATT_PROVIDER_ID, attribute);
            getOptionalIfNotEmpty(element2.getAttribute(ATT_AUTHORIZATION_URI)).ifPresent(str -> {
            });
            getOptionalIfNotEmpty(element2.getAttribute(ATT_TOKEN_URI)).ifPresent(str2 -> {
            });
            getOptionalIfNotEmpty(element2.getAttribute(ATT_USER_INFO_URI)).ifPresent(str3 -> {
            });
            getOptionalIfNotEmpty(element2.getAttribute(ATT_USER_INFO_AUTHENTICATION_METHOD)).ifPresent(str4 -> {
            });
            getOptionalIfNotEmpty(element2.getAttribute(ATT_USER_INFO_USER_NAME_ATTRIBUTE)).ifPresent(str5 -> {
            });
            getOptionalIfNotEmpty(element2.getAttribute(ATT_JWK_SET_URI)).ifPresent(str6 -> {
            });
            getOptionalIfNotEmpty(element2.getAttribute(ATT_ISSUER_URI)).ifPresent(str7 -> {
            });
            hashMap.put(attribute, hashMap2);
        }
        return hashMap;
    }

    private static ClientRegistration.Builder getBuilderFromIssuerIfPossible(String str, String str2, Map<String, Map<String, String>> map) {
        String str3 = str2 != null ? str2 : str;
        if (!map.containsKey(str3)) {
            return null;
        }
        Map<String, String> map2 = map.get(str3);
        String str4 = map2.get(ATT_ISSUER_URI);
        if (StringUtils.isEmpty(str4)) {
            return null;
        }
        return getBuilder(ClientRegistrations.fromIssuerLocation(str4).registrationId(str), map2);
    }

    private static ClientRegistration.Builder getBuilder(String str, String str2, Map<String, Map<String, String>> map) {
        String str3 = str2 != null ? str2 : str;
        CommonOAuth2Provider commonProvider = getCommonProvider(str3);
        if (commonProvider == null && !map.containsKey(str3)) {
            return null;
        }
        ClientRegistration.Builder builder = commonProvider != null ? commonProvider.getBuilder(str) : ClientRegistration.withRegistrationId(str);
        return map.containsKey(str3) ? getBuilder(builder, map.get(str3)) : builder;
    }

    private static ClientRegistration.Builder getBuilder(ClientRegistration.Builder builder, Map<String, String> map) {
        Optional<String> optionalIfNotEmpty = getOptionalIfNotEmpty(map.get(ATT_AUTHORIZATION_URI));
        builder.getClass();
        optionalIfNotEmpty.ifPresent(builder::authorizationUri);
        Optional<String> optionalIfNotEmpty2 = getOptionalIfNotEmpty(map.get(ATT_TOKEN_URI));
        builder.getClass();
        optionalIfNotEmpty2.ifPresent(builder::tokenUri);
        Optional<String> optionalIfNotEmpty3 = getOptionalIfNotEmpty(map.get(ATT_USER_INFO_URI));
        builder.getClass();
        optionalIfNotEmpty3.ifPresent(builder::userInfoUri);
        Optional<U> map2 = getOptionalIfNotEmpty(map.get(ATT_USER_INFO_AUTHENTICATION_METHOD)).map(AuthenticationMethod::new);
        builder.getClass();
        map2.ifPresent(builder::userInfoAuthenticationMethod);
        Optional<String> optionalIfNotEmpty4 = getOptionalIfNotEmpty(map.get(ATT_JWK_SET_URI));
        builder.getClass();
        optionalIfNotEmpty4.ifPresent(builder::jwkSetUri);
        Optional<String> optionalIfNotEmpty5 = getOptionalIfNotEmpty(map.get(ATT_USER_INFO_USER_NAME_ATTRIBUTE));
        builder.getClass();
        optionalIfNotEmpty5.ifPresent(builder::userNameAttributeName);
        return builder;
    }

    private static Optional<String> getOptionalIfNotEmpty(String str) {
        return Optional.ofNullable(str).filter(str2 -> {
            return !str2.isEmpty();
        });
    }

    private static CommonOAuth2Provider getCommonProvider(String str) {
        try {
            String trim = str.trim();
            if (trim.isEmpty()) {
                return null;
            }
            try {
                return CommonOAuth2Provider.valueOf(trim);
            } catch (Exception e) {
                return findEnum(trim);
            }
        } catch (Exception e2) {
            return null;
        }
    }

    private static CommonOAuth2Provider findEnum(String str) {
        String canonicalName = getCanonicalName(str);
        Iterator it = EnumSet.allOf(CommonOAuth2Provider.class).iterator();
        while (it.hasNext()) {
            CommonOAuth2Provider commonOAuth2Provider = (CommonOAuth2Provider) it.next();
            if (canonicalName.equals(getCanonicalName(commonOAuth2Provider.name()))) {
                return commonOAuth2Provider;
            }
        }
        throw new IllegalArgumentException("No enum constant " + CommonOAuth2Provider.class.getCanonicalName() + "." + str);
    }

    private static String getCanonicalName(String str) {
        StringBuilder sb = new StringBuilder(str.length());
        str.chars().filter(Character::isLetterOrDigit).map(Character::toLowerCase).forEach(i -> {
            sb.append((char) i);
        });
        return sb.toString();
    }

    private static String getErrorMessage(String str, String str2) {
        return str != null ? "Unknown provider ID '" + str + "'" : "Provider ID must be specified for client registration '" + str2 + "'";
    }
}
