package io.quarkus.oidc.db.token.state.manager.runtime;

import io.quarkus.oidc.AuthorizationCodeTokens;
import io.quarkus.oidc.OidcRequestContext;
import io.quarkus.oidc.OidcTenantConfig;
import io.quarkus.oidc.TokenStateManager;
import io.quarkus.security.AuthenticationCompletionException;
import io.quarkus.security.AuthenticationFailedException;
import io.smallrye.mutiny.Uni;
import io.vertx.ext.web.RoutingContext;
import io.vertx.sqlclient.Pool;
import io.vertx.sqlclient.Row;
import io.vertx.sqlclient.RowIterator;
import io.vertx.sqlclient.RowSet;
import io.vertx.sqlclient.Tuple;
import java.time.Instant;
import java.util.UUID;
import java.util.function.Function;
import org.jboss.logging.Logger;

/* loaded from: input_file:io/quarkus/oidc/db/token/state/manager/runtime/OidcDbTokenStateManager.class */
public class OidcDbTokenStateManager implements TokenStateManager {
    private static final Logger LOG = Logger.getLogger(OidcDbTokenStateManager.class);
    private static final String TOKEN_STATE_INSERT_FAILED = "Failed to insert token state into database";
    private static final String FAILED_TO_ACQUIRE_TOKEN = "Failed to acquire authorization code tokens";
    private static final String ID_TOKEN_COLUMN = "id_token";
    private static final String ACCESS_TOKEN_COLUMN = "access_token";
    private static final String ACCESS_TOKEN_EXPIRES_IN_COLUMN = "access_token_expires_in";
    private static final String REFRESH_TOKEN_COLUMN = "refresh_token";
    private final String insertStatement;
    private final String deleteStatement;
    private final String getQuery;
    private Pool pool;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OidcDbTokenStateManager(String str, String str2, String str3) {
        this.insertStatement = str;
        this.deleteStatement = str2;
        this.getQuery = str3;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSqlClientPool(Pool pool) {
        this.pool = pool;
    }

    public Uni<String> createTokenState(RoutingContext routingContext, OidcTenantConfig oidcTenantConfig, AuthorizationCodeTokens authorizationCodeTokens, OidcRequestContext<String> oidcRequestContext) {
        long now = now();
        UUID.randomUUID().toString();
        final String str = now + now;
        return Uni.createFrom().completionStage(this.pool.withTransaction(sqlConnection -> {
            return sqlConnection.preparedQuery(this.insertStatement).execute(Tuple.of(authorizationCodeTokens.getIdToken(), authorizationCodeTokens.getAccessToken(), authorizationCodeTokens.getRefreshToken(), authorizationCodeTokens.getAccessTokenExpiresIn(), Long.valueOf(expiresIn(routingContext)), str));
        }).toCompletionStage()).onFailure().transform(new Function<Throwable, Throwable>() { // from class: io.quarkus.oidc.db.token.state.manager.runtime.OidcDbTokenStateManager.2
            @Override // java.util.function.Function
            public Throwable apply(Throwable th) {
                return new AuthenticationFailedException(OidcDbTokenStateManager.TOKEN_STATE_INSERT_FAILED, th);
            }
        }).flatMap(new Function<RowSet<Row>, Uni<? extends String>>() { // from class: io.quarkus.oidc.db.token.state.manager.runtime.OidcDbTokenStateManager.1
            @Override // java.util.function.Function
            public Uni<? extends String> apply(RowSet<Row> rowSet) {
                return rowSet != null ? Uni.createFrom().item(str) : Uni.createFrom().failure(new AuthenticationFailedException(OidcDbTokenStateManager.TOKEN_STATE_INSERT_FAILED));
            }
        }).memoize().indefinitely();
    }

    public Uni<AuthorizationCodeTokens> getTokens(RoutingContext routingContext, OidcTenantConfig oidcTenantConfig, String str, OidcRequestContext<AuthorizationCodeTokens> oidcRequestContext) {
        return Uni.createFrom().completionStage(this.pool.preparedQuery(this.getQuery).execute(Tuple.of(str)).toCompletionStage()).onFailure().transform(new Function<Throwable, Throwable>() { // from class: io.quarkus.oidc.db.token.state.manager.runtime.OidcDbTokenStateManager.4
            @Override // java.util.function.Function
            public Throwable apply(Throwable th) {
                return new AuthenticationCompletionException(OidcDbTokenStateManager.FAILED_TO_ACQUIRE_TOKEN, th);
            }
        }).flatMap(new Function<RowSet<Row>, Uni<? extends AuthorizationCodeTokens>>() { // from class: io.quarkus.oidc.db.token.state.manager.runtime.OidcDbTokenStateManager.3
            @Override // java.util.function.Function
            public Uni<? extends AuthorizationCodeTokens> apply(RowSet<Row> rowSet) {
                if (rowSet != null) {
                    RowIterator it = rowSet.iterator();
                    if (it.hasNext()) {
                        Row row = (Row) it.next();
                        return Uni.createFrom().item(new AuthorizationCodeTokens(row.getString(OidcDbTokenStateManager.ID_TOKEN_COLUMN), row.getString(OidcDbTokenStateManager.ACCESS_TOKEN_COLUMN), row.getString(OidcDbTokenStateManager.REFRESH_TOKEN_COLUMN), row.getLong(OidcDbTokenStateManager.ACCESS_TOKEN_EXPIRES_IN_COLUMN)));
                    }
                }
                return Uni.createFrom().failure(new AuthenticationCompletionException(OidcDbTokenStateManager.FAILED_TO_ACQUIRE_TOKEN));
            }
        }).memoize().indefinitely();
    }

    public Uni<Void> deleteTokens(RoutingContext routingContext, OidcTenantConfig oidcTenantConfig, String str, OidcRequestContext<Void> oidcRequestContext) {
        return Uni.createFrom().completionStage(this.pool.preparedQuery(this.deleteStatement).execute(Tuple.of(str)).toCompletionStage()).replaceWithVoid().onFailure().recoverWithItem(new Function<Throwable, Void>() { // from class: io.quarkus.oidc.db.token.state.manager.runtime.OidcDbTokenStateManager.5
            @Override // java.util.function.Function
            public Void apply(Throwable th) {
                OidcDbTokenStateManager.LOG.debugf("Failed to delete tokens: %s", th.getMessage());
                return null;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static long now() {
        return Instant.now().getEpochSecond();
    }

    private static long expiresIn(RoutingContext routingContext) {
        return now() + ((Long) routingContext.get("session-max-age")).longValue();
    }
}
