package com.naturalprogrammer.spring.lemonreactive.security;

import com.naturalprogrammer.spring.lemon.commons.LemonProperties;
import com.naturalprogrammer.spring.lemon.commons.security.BlueTokenService;
import com.naturalprogrammer.spring.lemon.commons.security.LemonPrincipal;
import com.naturalprogrammer.spring.lemon.commons.security.UserDto;
import com.naturalprogrammer.spring.lemon.commons.util.LecUtils;
import com.naturalprogrammer.spring.lemon.commonsreactive.util.LecrUtils;
import com.naturalprogrammer.spring.lemon.exceptions.util.LexUtils;
import com.naturalprogrammer.spring.lemonreactive.LemonReactiveService;
import com.naturalprogrammer.spring.lemonreactive.domain.AbstractMongoUser;
import com.naturalprogrammer.spring.lemonreactive.domain.AbstractMongoUserRepository;
import java.io.Serializable;
import java.net.URI;
import java.util.Map;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.security.web.server.DefaultServerRedirectStrategy;
import org.springframework.security.web.server.ServerRedirectStrategy;
import org.springframework.security.web.server.WebFilterExchange;
import org.springframework.security.web.server.authentication.ServerAuthenticationSuccessHandler;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/* loaded from: input_file:com/naturalprogrammer/spring/lemonreactive/security/ReactiveOAuth2AuthenticationSuccessHandler.class */
public class ReactiveOAuth2AuthenticationSuccessHandler<U extends AbstractMongoUser<ID>, ID extends Serializable> implements ServerAuthenticationSuccessHandler {
    private static final Log log = LogFactory.getLog(ReactiveOAuth2AuthenticationSuccessHandler.class);
    private static final ServerRedirectStrategy redirectStrategy = new DefaultServerRedirectStrategy();
    private BlueTokenService blueTokenService;
    private AbstractMongoUserRepository<U, ID> userRepository;
    private LemonReactiveUserDetailsService<U, ?> userDetailsService;
    private LemonReactiveService<U, ?> lemonService;
    private PasswordEncoder passwordEncoder;
    private LemonProperties properties;

    public Mono<Void> onAuthenticationSuccess(WebFilterExchange webFilterExchange, Authentication authentication) {
        ServerWebExchange exchange = webFilterExchange.getExchange();
        return ReactiveSecurityContextHolder.getContext().map((v0) -> {
            return v0.getAuthentication();
        }).cast(OAuth2AuthenticationToken.class).flatMap(oAuth2AuthenticationToken -> {
            return buildPrincipal(oAuth2AuthenticationToken.getPrincipal(), oAuth2AuthenticationToken.getAuthorizedClientRegistrationId());
        }).map((v0) -> {
            return v0.currentUser();
        }).map(this::getAuthToken).map(str -> {
            return getTargetUrl(exchange, str);
        }).map(URI::create).flatMap(uri -> {
            return redirectStrategy.sendRedirect(exchange, uri);
        });
    }

    public Mono<LemonPrincipal> buildPrincipal(OAuth2User oAuth2User, String str) {
        Map<String, Object> attributes = oAuth2User.getAttributes();
        String oAuth2Email = this.lemonService.getOAuth2Email(str, attributes);
        LexUtils.validate(oAuth2Email != null, "com.naturalprogrammer.spring.oauth2EmailNeeded", new Object[]{str}).go();
        LexUtils.validate(this.lemonService.getOAuth2AccountVerified(str, attributes), "com.naturalprogrammer.spring.oauth2EmailNotVerified", new Object[]{str}).go();
        return this.userDetailsService.findUserByUsername(oAuth2Email).switchIfEmpty(newUser(oAuth2Email, str, attributes)).map((v0) -> {
            return v0.toUserDto();
        }).map(userDto -> {
            LemonPrincipal lemonPrincipal = new LemonPrincipal(userDto);
            lemonPrincipal.setAttributes(attributes);
            lemonPrincipal.setName(oAuth2User.getName());
            return lemonPrincipal;
        });
    }

    private Mono<U> newUser(String str, String str2, Map<String, Object> map) {
        U m3newUser = this.lemonService.m3newUser();
        m3newUser.setEmail(str);
        m3newUser.setPassword(this.passwordEncoder.encode(LecUtils.uid()));
        this.lemonService.fillAdditionalFields(str2, m3newUser, map);
        return this.userRepository.insert(m3newUser).doOnSuccess(abstractMongoUser -> {
            try {
                this.lemonService.mailForgotPasswordLink(m3newUser);
            } catch (Exception e) {
                log.error(ExceptionUtils.getStackTrace(e));
            }
        });
    }

    private String getAuthToken(UserDto userDto) {
        return this.blueTokenService.createToken("auth", userDto.getUsername(), Long.valueOf(this.properties.getJwt().getShortLivedMillis()));
    }

    private String getTargetUrl(ServerWebExchange serverWebExchange, String str) {
        String str2 = (String) LecrUtils.fetchCookie(serverWebExchange, "lemon_redirect_uri").map((v0) -> {
            return v0.getValue();
        }).orElse(this.properties.getOauth2AuthenticationSuccessUrl());
        ReactiveCookieServerOAuth2AuthorizedClientRepository.deleteCookies(serverWebExchange, "lemon_oauth2_authorization_request", "lemon_redirect_uri");
        return str2 + str;
    }

    public ReactiveOAuth2AuthenticationSuccessHandler(BlueTokenService blueTokenService, AbstractMongoUserRepository<U, ID> abstractMongoUserRepository, LemonReactiveUserDetailsService<U, ?> lemonReactiveUserDetailsService, LemonReactiveService<U, ?> lemonReactiveService, PasswordEncoder passwordEncoder, LemonProperties lemonProperties) {
        this.blueTokenService = blueTokenService;
        this.userRepository = abstractMongoUserRepository;
        this.userDetailsService = lemonReactiveUserDetailsService;
        this.lemonService = lemonReactiveService;
        this.passwordEncoder = passwordEncoder;
        this.properties = lemonProperties;
    }
}
