package io.quarkus.oidc.redis.token.state.manager.runtime;

import io.quarkus.oidc.AuthorizationCodeTokens;
import io.quarkus.oidc.OidcRequestContext;
import io.quarkus.oidc.OidcTenantConfig;
import io.quarkus.oidc.TokenStateManager;
import io.quarkus.redis.datasource.ReactiveRedisDataSource;
import io.quarkus.redis.datasource.value.SetArgs;
import io.quarkus.security.AuthenticationCompletionException;
import io.quarkus.security.AuthenticationFailedException;
import io.smallrye.mutiny.Uni;
import io.vertx.ext.web.RoutingContext;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.time.Instant;
import java.util.UUID;
import java.util.function.Function;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:io/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager.class */
public final class OidcRedisTokenStateManager implements TokenStateManager {
    private static final String REDIS_KEY_PREFIX = "oidc:token:";
    private final ReactiveRedisDataSource dataSource;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:io/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord.class */
    public static final class AuthorizationCodeTokensRecord extends Record {
        private final String idToken;
        private final String accessToken;
        private final String refreshToken;
        private final Long accessTokenExpiresIn;
        private final String accessTokenScope;

        AuthorizationCodeTokensRecord(String str, String str2, String str3, Long l, String str4) {
            this.idToken = str;
            this.accessToken = str2;
            this.refreshToken = str3;
            this.accessTokenExpiresIn = l;
            this.accessTokenScope = str4;
        }

        private static AuthorizationCodeTokensRecord of(AuthorizationCodeTokens authorizationCodeTokens) {
            return new AuthorizationCodeTokensRecord(authorizationCodeTokens.getIdToken(), authorizationCodeTokens.getAccessToken(), authorizationCodeTokens.getRefreshToken(), authorizationCodeTokens.getAccessTokenExpiresIn(), authorizationCodeTokens.getAccessTokenScope());
        }

        private AuthorizationCodeTokens toTokens() {
            return new AuthorizationCodeTokens(this.idToken, this.accessToken, this.refreshToken, this.accessTokenExpiresIn, this.accessTokenScope);
        }

        @Override // java.lang.Record
        public final String toString() {
            return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, AuthorizationCodeTokensRecord.class), AuthorizationCodeTokensRecord.class, "idToken;accessToken;refreshToken;accessTokenExpiresIn;accessTokenScope", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->idToken:Ljava/lang/String;", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->accessToken:Ljava/lang/String;", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->refreshToken:Ljava/lang/String;", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->accessTokenExpiresIn:Ljava/lang/Long;", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->accessTokenScope:Ljava/lang/String;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final int hashCode() {
            return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, AuthorizationCodeTokensRecord.class), AuthorizationCodeTokensRecord.class, "idToken;accessToken;refreshToken;accessTokenExpiresIn;accessTokenScope", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->idToken:Ljava/lang/String;", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->accessToken:Ljava/lang/String;", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->refreshToken:Ljava/lang/String;", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->accessTokenExpiresIn:Ljava/lang/Long;", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->accessTokenScope:Ljava/lang/String;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final boolean equals(Object obj) {
            return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, AuthorizationCodeTokensRecord.class, Object.class), AuthorizationCodeTokensRecord.class, "idToken;accessToken;refreshToken;accessTokenExpiresIn;accessTokenScope", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->idToken:Ljava/lang/String;", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->accessToken:Ljava/lang/String;", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->refreshToken:Ljava/lang/String;", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->accessTokenExpiresIn:Ljava/lang/Long;", "FIELD:Lio/quarkus/oidc/redis/token/state/manager/runtime/OidcRedisTokenStateManager$AuthorizationCodeTokensRecord;->accessTokenScope:Ljava/lang/String;").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
        }

        public String idToken() {
            return this.idToken;
        }

        public String accessToken() {
            return this.accessToken;
        }

        public String refreshToken() {
            return this.refreshToken;
        }

        public Long accessTokenExpiresIn() {
            return this.accessTokenExpiresIn;
        }

        public String accessTokenScope() {
            return this.accessTokenScope;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OidcRedisTokenStateManager(ReactiveRedisDataSource reactiveRedisDataSource) {
        this.dataSource = reactiveRedisDataSource;
    }

    public Uni<String> createTokenState(RoutingContext routingContext, OidcTenantConfig oidcTenantConfig, AuthorizationCodeTokens authorizationCodeTokens, OidcRequestContext<String> oidcRequestContext) {
        return createTokenState(AuthorizationCodeTokensRecord.of(authorizationCodeTokens), 0, newSetArgs(routingContext)).onFailure().transform(AuthenticationFailedException::new);
    }

    public Uni<AuthorizationCodeTokens> getTokens(RoutingContext routingContext, OidcTenantConfig oidcTenantConfig, String str, OidcRequestContext<AuthorizationCodeTokens> oidcRequestContext) {
        return this.dataSource.value(AuthorizationCodeTokensRecord.class).get(toTokenKey(str)).onItem().ifNotNull().transform((v0) -> {
            return v0.toTokens();
        }).onFailure().transform(AuthenticationCompletionException::new);
    }

    public Uni<Void> deleteTokens(RoutingContext routingContext, OidcTenantConfig oidcTenantConfig, String str, OidcRequestContext<Void> oidcRequestContext) {
        return this.dataSource.key(String.class).del(new String[]{toTokenKey(str)}).onFailure().recoverWithNull().replaceWithVoid();
    }

    private Uni<String> createTokenState(final AuthorizationCodeTokensRecord authorizationCodeTokensRecord, final int i, final SetArgs setArgs) {
        if (i >= 3) {
            return Uni.createFrom().failure(new RuntimeException("Failed to store OIDC token state in Redis as generated key already existed"));
        }
        final String uuid = UUID.randomUUID().toString();
        return this.dataSource.value(AuthorizationCodeTokensRecord.class).setGet(toTokenKey(uuid), authorizationCodeTokensRecord, setArgs).flatMap(new Function<AuthorizationCodeTokensRecord, Uni<? extends String>>() { // from class: io.quarkus.oidc.redis.token.state.manager.runtime.OidcRedisTokenStateManager.1
            @Override // java.util.function.Function
            public Uni<? extends String> apply(AuthorizationCodeTokensRecord authorizationCodeTokensRecord2) {
                return authorizationCodeTokensRecord2 == null ? Uni.createFrom().item(uuid) : OidcRedisTokenStateManager.this.createTokenState(authorizationCodeTokensRecord, i + 1, setArgs);
            }
        });
    }

    private static String toTokenKey(String str) {
        return "oidc:token:" + str;
    }

    private static SetArgs newSetArgs(RoutingContext routingContext) {
        return new SetArgs().nx().exAt(expiresAt(routingContext));
    }

    private static Instant expiresAt(RoutingContext routingContext) {
        return Instant.now().plusSeconds(((Long) routingContext.get("session-max-age")).longValue());
    }
}
