package com.naturalprogrammer.spring.lemonreactive.security;

import com.naturalprogrammer.spring.lemon.commons.LemonProperties;
import com.naturalprogrammer.spring.lemon.commons.util.LecUtils;
import com.naturalprogrammer.spring.lemon.commonsreactive.util.LecrUtils;
import java.util.Collections;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.http.HttpCookie;
import org.springframework.http.ResponseCookie;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
import org.springframework.util.Assert;
import org.springframework.util.MultiValueMap;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/* loaded from: input_file:com/naturalprogrammer/spring/lemonreactive/security/ReactiveCookieServerOAuth2AuthorizedClientRepository.class */
public class ReactiveCookieServerOAuth2AuthorizedClientRepository implements ServerOAuth2AuthorizedClientRepository {
    private static final Log log = LogFactory.getLog(ReactiveCookieServerOAuth2AuthorizedClientRepository.class);
    private int cookieExpirySecs;

    public ReactiveCookieServerOAuth2AuthorizedClientRepository(LemonProperties lemonProperties) {
        this.cookieExpirySecs = lemonProperties.getJwt().getShortLivedMillis() / 1000;
    }

    public Mono<OAuth2AuthorizedClient> loadAuthorizedClient(String str, Authentication authentication, ServerWebExchange serverWebExchange) {
        log.debug("Loading authorized client for clientRegistrationId " + str + ", principal " + authentication + ", and exchange " + serverWebExchange);
        return (Mono) LecrUtils.fetchCookie(serverWebExchange, "lemon_oauth2_authorization_request").map(this::deserialize).orElse(Mono.empty());
    }

    public Mono<Void> saveAuthorizedClient(OAuth2AuthorizedClient oAuth2AuthorizedClient, Authentication authentication, ServerWebExchange serverWebExchange) {
        log.debug("Saving authorized client " + oAuth2AuthorizedClient + " for principal " + authentication + ", and exchange " + serverWebExchange);
        ServerHttpResponse response = serverWebExchange.getResponse();
        Assert.notNull(serverWebExchange, "exchange cannot be null");
        if (oAuth2AuthorizedClient == null) {
            deleteCookies(serverWebExchange, "lemon_oauth2_authorization_request", "lemon_redirect_uri");
            return Mono.empty();
        }
        response.addCookie(ResponseCookie.from("lemon_oauth2_authorization_request", LecUtils.serialize(oAuth2AuthorizedClient)).path("/").httpOnly(true).maxAge(this.cookieExpirySecs).build());
        String str = (String) serverWebExchange.getRequest().getQueryParams().getFirst("lemon_redirect_uri");
        if (StringUtils.isNotBlank(str)) {
            response.addCookie(ResponseCookie.from("lemon_redirect_uri", str).path("/").httpOnly(true).maxAge(this.cookieExpirySecs).build());
        }
        return Mono.empty();
    }

    public Mono<Void> removeAuthorizedClient(String str, Authentication authentication, ServerWebExchange serverWebExchange) {
        log.debug("Deleting authorized client for clientRegistrationId " + str + ", principal " + authentication + ", and exchange " + serverWebExchange);
        deleteCookies(serverWebExchange, "lemon_oauth2_authorization_request");
        return Mono.empty();
    }

    public static void deleteCookies(ServerWebExchange serverWebExchange, String... strArr) {
        MultiValueMap cookies = serverWebExchange.getRequest().getCookies();
        MultiValueMap cookies2 = serverWebExchange.getResponse().getCookies();
        for (int i = 0; i < strArr.length; i++) {
            if (cookies.getFirst(strArr[i]) != null) {
                cookies2.put(strArr[i], Collections.singletonList(ResponseCookie.from(strArr[i], "").path("/").maxAge(0L).build()));
            }
        }
    }

    private Mono<OAuth2AuthorizedClient> deserialize(HttpCookie httpCookie) {
        return Mono.just((OAuth2AuthorizedClient) LecUtils.deserialize(httpCookie.getValue()));
    }
}
