package net.optionfactory.spring.oidc.authcode;

import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.function.BiFunction;
import java.util.stream.Collectors;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.oauth2.client.http.OAuth2ErrorResponseErrorHandler;
import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest;
import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService;
import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.web.client.RestTemplate;

/* loaded from: input_file:net/optionfactory/spring/oidc/authcode/ConfigurableOauth2UserService.class */
public class ConfigurableOauth2UserService<U extends OidcUser> implements OAuth2UserService<OidcUserRequest, OidcUser> {
    private final OidcUserService delegate;
    private final BiFunction<Set<GrantedAuthority>, OidcUser, U> userFactory;

    public ConfigurableOauth2UserService(HttpComponentsClientHttpRequestFactory httpComponentsClientHttpRequestFactory, ApplicationEventPublisher applicationEventPublisher, BiFunction<Set<GrantedAuthority>, OidcUser, U> biFunction) {
        RestTemplate restTemplate = new RestTemplate(httpComponentsClientHttpRequestFactory);
        restTemplate.setErrorHandler(new OAuth2ErrorResponseErrorHandler());
        DefaultOAuth2UserService defaultOAuth2UserService = new DefaultOAuth2UserService();
        defaultOAuth2UserService.setRestOperations(restTemplate);
        this.delegate = new OidcUserService();
        this.delegate.setOauth2UserService(defaultOAuth2UserService);
        this.userFactory = biFunction;
    }

    public OidcUser loadUser(OidcUserRequest oidcUserRequest) throws OAuth2AuthenticationException {
        OidcUser loadUser = this.delegate.loadUser(oidcUserRequest);
        HashSet hashSet = new HashSet();
        hashSet.addAll(loadUser.getAuthorities());
        List list = (List) loadUser.getAttribute("groups");
        if (list != null) {
            hashSet.addAll((Set) list.stream().map(str -> {
                return String.format("ROLE_GROUP_%s", str.toUpperCase().replace("-", "_"));
            }).map(SimpleGrantedAuthority::new).collect(Collectors.toSet()));
        }
        return this.userFactory.apply(hashSet, loadUser);
    }
}
