package org.keycloak.adapters.springsecurity.client;

import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.impl.client.HttpClients;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
import org.springframework.context.annotation.Scope;
import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

@Scope("prototype")
@Component
/* loaded from: input_file:BOOT-INF/lib/keycloak-spring-security-adapter-4.6.0.Final.jar:org/keycloak/adapters/springsecurity/client/KeycloakClientRequestFactory.class */
public class KeycloakClientRequestFactory extends HttpComponentsClientHttpRequestFactory implements ClientHttpRequestFactory {
    public static final String AUTHORIZATION_HEADER = "Authorization";

    public KeycloakClientRequestFactory() {
        super(HttpClients.custom().disableCookieManagement().build());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.springframework.http.client.HttpComponentsClientHttpRequestFactory
    public void postProcessHttpRequest(HttpUriRequest httpUriRequest) {
        httpUriRequest.setHeader("Authorization", "Bearer " + getKeycloakSecurityContext().getTokenString());
    }

    protected KeycloakSecurityContext getKeycloakSecurityContext() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            throw new IllegalStateException("Cannot set authorization header because there is no authenticated principal");
        }
        if (KeycloakAuthenticationToken.class.isAssignableFrom(authentication.getClass())) {
            return ((KeycloakAuthenticationToken) authentication).getAccount().getKeycloakSecurityContext();
        }
        throw new IllegalStateException(String.format("Cannot set authorization header because Authentication is of type %s but %s is required", authentication.getClass(), KeycloakAuthenticationToken.class));
    }
}
