package fi.evolver.ai.vaadin.cs.util;

import fi.evolver.utils.ContextUtils;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;

/* loaded from: input_file:fi/evolver/ai/vaadin/cs/util/AuthUtils.class */
public class AuthUtils {
    private static final String CONTEXT_USER_ROLES = "%s:USER_ROLES".formatted(AuthUtils.class.getSimpleName());
    private static Set<String> adminUsers = new HashSet();
    private static Set<String> domains = new HashSet();

    private AuthUtils() {
    }

    public static Optional<String> getGivenName() {
        return getAttribute("given_name");
    }

    public static Optional<String> getUsername() {
        return getAttribute("preferred_username").or(() -> {
            return getAttribute("unique_name");
        });
    }

    public static Optional<String> getEmail() {
        return getAttribute("email").or(() -> {
            return getAttribute("verified_primary_email").or(() -> {
                return getAttribute("verified_secondary_email");
            });
        });
    }

    public static Optional<String> getSub() {
        return getAttribute("sub");
    }

    public static Optional<String> getOid() {
        return getAttribute("oid");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static Optional<String> getAttribute(String str) {
        OAuth2AuthenticatedPrincipal principal = getPrincipal();
        return principal != null ? Optional.ofNullable((String) principal.getAttribute(str)) : Optional.empty();
    }

    public static boolean isAdminUser() {
        Optional<String> oid = getOid();
        Set<String> set = adminUsers;
        Objects.requireNonNull(set);
        if (!((Boolean) oid.map((v1) -> {
            return r1.contains(v1);
        }).orElse(false)).booleanValue()) {
            Optional<String> sub = getSub();
            Set<String> set2 = adminUsers;
            Objects.requireNonNull(set2);
            if (!((Boolean) sub.map((v1) -> {
                return r1.contains(v1);
            }).orElse(false)).booleanValue() && !((Boolean) getEmail().map((v0) -> {
                return v0.toLowerCase();
            }).map(str -> {
                return Boolean.valueOf(domains.contains(str.substring(str.indexOf(64) + 1)) || adminUsers.contains(str));
            }).orElse(false)).booleanValue()) {
                return false;
            }
        }
        return true;
    }

    public static void setAdminUsers(List<String> list) {
        if (list == null || list.isEmpty() || !adminUsers.isEmpty()) {
            return;
        }
        adminUsers = new HashSet(list);
    }

    public static void setAdminDomains(List<String> list) {
        if (list == null || list.isEmpty() || !domains.isEmpty()) {
            return;
        }
        domains = new HashSet(list);
    }

    public static List<?> getUserRoles() {
        return (List) ContextUtils.computeIfAbsent(CONTEXT_USER_ROLES, List.class, () -> {
            return (List) Optional.ofNullable(SecurityContextHolder.getContext().getAuthentication()).map(authentication -> {
                return (List) authentication.getAuthorities().stream().map((v0) -> {
                    return v0.getAuthority();
                }).collect(Collectors.toList());
            }).orElse(List.of());
        });
    }

    private static OAuth2AuthenticatedPrincipal getPrincipal() {
        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        if (principal instanceof OAuth2AuthenticatedPrincipal) {
            return (OAuth2AuthenticatedPrincipal) principal;
        }
        return null;
    }
}
