package org.springframework.security.web.server.authentication.ott;

import java.util.List;
import org.springframework.http.HttpMethod;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.security.authentication.ott.OneTimeTokenAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.server.authentication.ServerAuthenticationConverter;
import org.springframework.util.Assert;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/* loaded from: input_file:BOOT-INF/lib/spring-security-web-6.4.6.jar:org/springframework/security/web/server/authentication/ott/ServerOneTimeTokenAuthenticationConverter.class */
public final class ServerOneTimeTokenAuthenticationConverter implements ServerAuthenticationConverter {
    private static final String TOKEN = "token";

    @Override // org.springframework.security.web.server.authentication.ServerAuthenticationConverter
    public Mono<Authentication> convert(ServerWebExchange serverWebExchange) {
        Assert.notNull(serverWebExchange, "exchange cannot be null");
        if (isFormEncodedRequest(serverWebExchange.getRequest())) {
            return serverWebExchange.getFormData().map(multiValueMap -> {
                return OneTimeTokenAuthenticationToken.unauthenticated((String) multiValueMap.getFirst(TOKEN));
            });
        }
        String resolveTokenFromRequest = resolveTokenFromRequest(serverWebExchange.getRequest());
        return !StringUtils.hasText(resolveTokenFromRequest) ? Mono.empty() : Mono.just(OneTimeTokenAuthenticationToken.unauthenticated(resolveTokenFromRequest));
    }

    private String resolveTokenFromRequest(ServerHttpRequest serverHttpRequest) {
        List list = (List) serverHttpRequest.getQueryParams().get(TOKEN);
        if (!CollectionUtils.isEmpty(list) && list.size() == 1) {
            return (String) list.get(0);
        }
        return null;
    }

    private boolean isFormEncodedRequest(ServerHttpRequest serverHttpRequest) {
        return HttpMethod.POST.equals(serverHttpRequest.getMethod()) && "application/x-www-form-urlencoded".equals(serverHttpRequest.getHeaders().getFirst("Content-Type"));
    }
}
