package cn.herodotus.engine.oauth2.server.authorization.customizer;

import cn.herodotus.engine.security.core.definition.domain.HerodotusUser;
import java.util.HashMap;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.ObjectUtils;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.core.OAuth2TokenType;
import org.springframework.security.oauth2.server.authorization.JwtEncodingContext;
import org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;

/* loaded from: input_file:cn/herodotus/engine/oauth2/server/authorization/customizer/HerodotusTokenCustomizer.class */
public class HerodotusTokenCustomizer implements OAuth2TokenCustomizer<JwtEncodingContext> {
    public void customize(JwtEncodingContext jwtEncodingContext) {
        OAuth2ClientAuthenticationToken oAuth2ClientAuthenticationToken = null;
        OAuth2ClientAuthenticationToken authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication instanceof OAuth2ClientAuthenticationToken) {
            oAuth2ClientAuthenticationToken = authentication;
        }
        if (ObjectUtils.isNotEmpty(oAuth2ClientAuthenticationToken) && oAuth2ClientAuthenticationToken.isAuthenticated() && OAuth2TokenType.ACCESS_TOKEN.equals(jwtEncodingContext.getTokenType())) {
            OAuth2ClientAuthenticationToken principal = jwtEncodingContext.getPrincipal();
            if (ObjectUtils.isNotEmpty(principal)) {
                if (principal instanceof UsernamePasswordAuthenticationToken) {
                    HerodotusUser herodotusUser = (HerodotusUser) principal.getPrincipal();
                    String userId = herodotusUser.getUserId();
                    Set set = (Set) herodotusUser.getAuthorities().stream().map((v0) -> {
                        return v0.getAuthority();
                    }).collect(Collectors.toSet());
                    Set authorizedScopes = jwtEncodingContext.getAuthorizedScopes();
                    HashMap hashMap = new HashMap();
                    hashMap.put("openid", userId);
                    hashMap.put("authorities", set);
                    if (CollectionUtils.isNotEmpty(authorizedScopes)) {
                        hashMap.put("scope", authorizedScopes);
                    }
                    jwtEncodingContext.getClaims().claims(map -> {
                        map.putAll(hashMap);
                    });
                }
                if (!(principal instanceof OAuth2ClientAuthenticationToken) || !MapUtils.isEmpty(principal.getAdditionalParameters())) {
                }
            }
        }
    }
}
