package com.naturalprogrammer.spring.lemonreactive.security;

import com.naturalprogrammer.spring.lemon.commons.LemonProperties;
import com.naturalprogrammer.spring.lemon.commons.security.BlueTokenService;
import com.naturalprogrammer.spring.lemon.commons.security.UserDto;
import com.naturalprogrammer.spring.lemon.commonsreactive.security.LemonCommonsReactiveSecurityConfig;
import com.naturalprogrammer.spring.lemonreactive.domain.AbstractMongoUser;
import com.naturalprogrammer.spring.lemonreactive.util.LerUtils;
import com.nimbusds.jwt.JWTClaimsSet;
import java.io.Serializable;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.server.WebFilterExchange;
import org.springframework.security.web.server.authentication.WebFilterChainServerAuthenticationSuccessHandler;
import org.springframework.security.web.server.context.NoOpServerSecurityContextRepository;
import reactor.core.publisher.Mono;

/* loaded from: input_file:com/naturalprogrammer/spring/lemonreactive/security/LemonReactiveSecurityConfig.class */
public class LemonReactiveSecurityConfig<U extends AbstractMongoUser<ID>, ID extends Serializable> extends LemonCommonsReactiveSecurityConfig {
    private static final Log log = LogFactory.getLog(LemonReactiveSecurityConfig.class);
    protected LemonReactiveUserDetailsService<U, ID> userDetailsService;
    private LemonProperties properties;
    private ReactiveOAuth2AuthenticationSuccessHandler<U, ID> reactiveOAuth2AuthenticationSuccessHandler;

    public LemonReactiveSecurityConfig(BlueTokenService blueTokenService, LemonReactiveUserDetailsService<U, ID> lemonReactiveUserDetailsService, ReactiveOAuth2AuthenticationSuccessHandler<U, ID> reactiveOAuth2AuthenticationSuccessHandler, LemonProperties lemonProperties) {
        super(blueTokenService);
        this.userDetailsService = lemonReactiveUserDetailsService;
        this.reactiveOAuth2AuthenticationSuccessHandler = reactiveOAuth2AuthenticationSuccessHandler;
        this.properties = lemonProperties;
        log.info("Created");
    }

    protected void formLogin(ServerHttpSecurity serverHttpSecurity) {
        serverHttpSecurity.formLogin().securityContextRepository(NoOpServerSecurityContextRepository.getInstance()).loginPage(loginPage()).authenticationFailureHandler((webFilterExchange, authenticationException) -> {
            return Mono.error(authenticationException);
        }).authenticationSuccessHandler(new WebFilterChainServerAuthenticationSuccessHandler());
    }

    protected String loginPage() {
        return "/api/core/login";
    }

    protected void oauth2Login(ServerHttpSecurity serverHttpSecurity) {
        serverHttpSecurity.oauth2Login().securityContextRepository(NoOpServerSecurityContextRepository.getInstance()).authorizedClientRepository(new ReactiveCookieServerOAuth2AuthorizedClientRepository(this.properties)).authenticationSuccessHandler(this.reactiveOAuth2AuthenticationSuccessHandler).authenticationFailureHandler(this::onOauth2AuthenticationFailure);
    }

    protected Mono<UserDto> fetchUserDto(JWTClaimsSet jWTClaimsSet) {
        String subject = jWTClaimsSet.getSubject();
        return this.userDetailsService.findUserByUsername(subject).switchIfEmpty(Mono.defer(() -> {
            return Mono.error(new UsernameNotFoundException(subject));
        })).doOnNext(abstractMongoUser -> {
            log.debug("User found ...");
            LerUtils.ensureCredentialsUpToDate(jWTClaimsSet, abstractMongoUser);
        }).map((v0) -> {
            return v0.toUserDto();
        });
    }

    protected Mono<Void> onOauth2AuthenticationFailure(WebFilterExchange webFilterExchange, AuthenticationException authenticationException) {
        ReactiveCookieServerOAuth2AuthorizedClientRepository.deleteCookies(webFilterExchange.getExchange(), "lemon_oauth2_authorization_request", "lemon_redirect_uri");
        return Mono.error(authenticationException);
    }
}
