package org.onetwo.boot.module.oauth2.ssoclient.tokeninfo;

import org.apache.commons.lang3.StringUtils;
import org.onetwo.boot.module.oauth2.ssoclient.EnableOauth2SsoCondition;
import org.onetwo.boot.module.oauth2.ssoclient.OAuth2SsoClientProperties;
import org.onetwo.common.apiclient.impl.RestExecutorConfiguration;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
import org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.http.HttpMethod;
import org.springframework.security.oauth2.provider.token.AccessTokenConverter;
import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;

@EnableConfigurationProperties({OAuth2SsoClientProperties.class})
@Configuration
@ConditionalOnClass({EnableOAuth2Sso.class})
@Conditional({EnableOauth2SsoCondition.class})
@ConditionalOnProperty({OAuth2SsoClientProperties.ENABLED_TOKEN_INFO_CUSTOM})
@Import({RestExecutorConfiguration.class})
/* loaded from: input_file:org/onetwo/boot/module/oauth2/ssoclient/tokeninfo/SsoClientCustomTokenInfoUriConfiguration.class */
public class SsoClientCustomTokenInfoUriConfiguration {
    private final ResourceServerProperties resource;

    @Autowired
    private SSoUserDetailsService userDetailsService;

    @Autowired
    private OAuth2SsoClientProperties ssoClientProperties;

    protected SsoClientCustomTokenInfoUriConfiguration(ResourceServerProperties resourceServerProperties) {
        this.resource = resourceServerProperties;
    }

    @Bean
    public ResourceServerTokenServices remoteTokenServices() {
        OAuth2SsoClientProperties.TokenInfoProps tokenInfo = this.ssoClientProperties.getTokenInfo();
        AccessTokenConverter defaultAccessTokenConverter = new DefaultAccessTokenConverter();
        CustomSsoClientUserAuthenticationConverter customSsoClientUserAuthenticationConverter = new CustomSsoClientUserAuthenticationConverter();
        customSsoClientUserAuthenticationConverter.setSsoUserDetailService(this.userDetailsService);
        defaultAccessTokenConverter.setUserTokenConverter(customSsoClientUserAuthenticationConverter);
        if (!tokenInfo.isUseCustomMode()) {
            RemoteTokenServices remoteTokenServices = new RemoteTokenServices();
            remoteTokenServices.setCheckTokenEndpointUrl(this.resource.getTokenInfoUri());
            remoteTokenServices.setClientId(this.resource.getClientId());
            remoteTokenServices.setClientSecret(this.resource.getClientSecret());
            remoteTokenServices.setAccessTokenConverter(defaultAccessTokenConverter);
            return remoteTokenServices;
        }
        SSORemoteTokenServices sSORemoteTokenServices = new SSORemoteTokenServices();
        sSORemoteTokenServices.setCheckTokenEndpointUrl(this.resource.getTokenInfoUri());
        sSORemoteTokenServices.setClientId(this.resource.getClientId());
        sSORemoteTokenServices.setClientSecret(this.resource.getClientSecret());
        sSORemoteTokenServices.setAccessTokenConverter(defaultAccessTokenConverter);
        sSORemoteTokenServices.setAuthorizationHeader(tokenInfo.isAuthorizationHeader());
        sSORemoteTokenServices.setAuthorizationHeaderScheme(tokenInfo.getAuthorizationHeaderScheme());
        if (StringUtils.isNotBlank(tokenInfo.getTokenName())) {
            sSORemoteTokenServices.setTokenName(tokenInfo.getTokenName());
        }
        if (StringUtils.isNotBlank(tokenInfo.getHttpMethod())) {
            sSORemoteTokenServices.setHttpMethod(HttpMethod.resolve(tokenInfo.getHttpMethod().toUpperCase()));
        }
        return sSORemoteTokenServices;
    }
}
