package org.alfresco.hxi_connector.live_ingester.adapters.auth;

import jakarta.annotation.PostConstruct;
import java.time.Duration;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.function.Supplier;
import org.alfresco.hxi_connector.live_ingester.adapters.config.IntegrationProperties;
import org.alfresco.hxi_connector.live_ingester.adapters.config.properties.Authorization;
import org.alfresco.hxi_connector.live_ingester.domain.exception.LiveIngesterRuntimeException;
import org.apache.camel.CamelContext;
import org.apache.camel.Exchange;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties;
import org.springframework.scheduling.TaskScheduler;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
import org.springframework.security.scheduling.DelegatingSecurityContextTaskScheduler;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:docker/live-ingester/alfresco-hxinsight-connector-live-ingester-0.0.6-app.jar:BOOT-INF/classes/org/alfresco/hxi_connector/live_ingester/adapters/auth/AuthenticationService.class */
public class AuthenticationService {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) AuthenticationService.class);
    private static final String CLIENT_REGISTRATION_ID = "hyland-experience-auth";
    private static final String APP_NAME_ATTRIBUTE_KEY = "applicationName";
    private static final String SERVICE_USER_ATTRIBUTE_KEY = "serviceUser";
    public static final String ENVIRONMENT_KEY_ATTRIBUTE_KEY = "hxAiEnvironmentKey";
    private static final String ENVIRONMENT_KEY_HEADER = "hxai-environment";
    private static final int WAIT_FOR_PAUSE_TIME_MILLIS = 100;
    private final OAuth2ClientProperties oAuth2ClientProperties;
    private final IntegrationProperties integrationProperties;
    private final AuthenticationManager authenticationManager;
    private final TaskScheduler taskScheduler;
    private final CamelContext camelContext;

    @PostConstruct
    public void authenticationSchedule() {
        if (isTokenUriNotBlank()) {
            new DelegatingSecurityContextTaskScheduler(this.taskScheduler, SecurityContextHolder.getContext()).scheduleWithFixedDelay(() -> {
                CamelContext camelContext = this.camelContext;
                Objects.requireNonNull(camelContext);
                waitFor(camelContext::isStarted);
                authenticate();
            }, Duration.ofMinutes(this.integrationProperties.hylandExperience().authentication().refreshDelayMinutes()));
        }
    }

    public void authenticate() {
        SecurityContextHolder.getContext().setAuthentication(this.authenticationManager.authenticate(createOAuth2AuthenticationToken(this.oAuth2ClientProperties.getRegistration().get(CLIENT_REGISTRATION_ID).getClientName())));
    }

    public static void setAuthorizationToken(Exchange exchange) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (!(authentication instanceof OAuth2LoginAuthenticationToken)) {
            log.warn("Spring security context does not contain authentication principal of type " + OAuth2LoginAuthenticationToken.class.getSimpleName());
            return;
        }
        OAuth2LoginAuthenticationToken oAuth2LoginAuthenticationToken = (OAuth2LoginAuthenticationToken) authentication;
        OAuth2AccessToken accessToken = oAuth2LoginAuthenticationToken.getAccessToken();
        Map<String, Object> attributes = oAuth2LoginAuthenticationToken.getPrincipal().getAttributes();
        exchange.getIn().setHeaders(Map.of("Authorization", accessToken.getTokenType().getValue() + " " + accessToken.getTokenValue(), ENVIRONMENT_KEY_HEADER, attributes.get(ENVIRONMENT_KEY_ATTRIBUTE_KEY)));
        log.debug("Authorization :: auth header added");
    }

    private OAuth2AuthenticationToken createOAuth2AuthenticationToken(String str) {
        Authorization authorization = this.integrationProperties.hylandExperience().authorization();
        Map of = Map.of(APP_NAME_ATTRIBUTE_KEY, str, SERVICE_USER_ATTRIBUTE_KEY, authorization.serviceUser(), ENVIRONMENT_KEY_ATTRIBUTE_KEY, authorization.environmentKey());
        OAuth2UserAuthority oAuth2UserAuthority = new OAuth2UserAuthority(of);
        return new OAuth2AuthenticationToken(new DefaultOAuth2User(Set.of(oAuth2UserAuthority), of, APP_NAME_ATTRIBUTE_KEY), Set.of(oAuth2UserAuthority), CLIENT_REGISTRATION_ID);
    }

    private boolean isTokenUriNotBlank() {
        return this.oAuth2ClientProperties.getProvider().containsKey(CLIENT_REGISTRATION_ID) && StringUtils.isNotBlank(this.oAuth2ClientProperties.getProvider().get(CLIENT_REGISTRATION_ID).getTokenUri());
    }

    private static void waitFor(Supplier<Boolean> supplier) {
        while (!supplier.get().booleanValue()) {
            try {
                Thread.sleep(100L);
            } catch (InterruptedException e) {
                throw new LiveIngesterRuntimeException(e);
            }
        }
    }

    public AuthenticationService(OAuth2ClientProperties oAuth2ClientProperties, IntegrationProperties integrationProperties, AuthenticationManager authenticationManager, TaskScheduler taskScheduler, CamelContext camelContext) {
        this.oAuth2ClientProperties = oAuth2ClientProperties;
        this.integrationProperties = integrationProperties;
        this.authenticationManager = authenticationManager;
        this.taskScheduler = taskScheduler;
        this.camelContext = camelContext;
    }
}
