package io.micronaut.security.token.jwt.cookie;

import edu.umd.cs.findbugs.annotations.NonNull;
import edu.umd.cs.findbugs.annotations.Nullable;
import io.micronaut.context.annotation.Requires;
import io.micronaut.core.util.StringUtils;
import io.micronaut.http.HttpRequest;
import io.micronaut.http.cookie.Cookie;
import io.micronaut.http.cookie.CookieConfiguration;
import io.micronaut.security.authentication.UserDetails;
import io.micronaut.security.config.RedirectConfiguration;
import io.micronaut.security.errors.OauthErrorResponseException;
import io.micronaut.security.errors.ObtainingAuthorizationErrorCode;
import io.micronaut.security.errors.PriorToLoginPersistence;
import io.micronaut.security.token.jwt.generator.AccessRefreshTokenGenerator;
import io.micronaut.security.token.jwt.generator.AccessTokenConfiguration;
import io.micronaut.security.token.jwt.render.AccessRefreshToken;
import java.time.Duration;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
import javax.inject.Inject;
import javax.inject.Singleton;

@Singleton
@Requires(property = "micronaut.security.authentication", value = "cookie")
/* loaded from: input_file:io/micronaut/security/token/jwt/cookie/JwtCookieLoginHandler.class */
public class JwtCookieLoginHandler extends CookieLoginHandler {
    protected final AccessRefreshTokenGenerator accessRefreshTokenGenerator;
    protected final RefreshTokenCookieConfiguration refreshTokenCookieConfiguration;
    protected final AccessTokenConfiguration accessTokenConfiguration;

    @Deprecated
    public JwtCookieLoginHandler(JwtCookieConfiguration jwtCookieConfiguration, AccessTokenConfiguration accessTokenConfiguration, AccessRefreshTokenGenerator accessRefreshTokenGenerator) {
        super(jwtCookieConfiguration, jwtCookieConfiguration.getLoginSuccessTargetUrl(), jwtCookieConfiguration.getCookieName());
        this.accessTokenConfiguration = accessTokenConfiguration;
        this.accessRefreshTokenGenerator = accessRefreshTokenGenerator;
        this.refreshTokenCookieConfiguration = createDefaultConfiguration(jwtCookieConfiguration);
    }

    @Deprecated
    public JwtCookieLoginHandler(RedirectConfiguration redirectConfiguration, JwtCookieConfiguration jwtCookieConfiguration, AccessTokenConfiguration accessTokenConfiguration, AccessRefreshTokenGenerator accessRefreshTokenGenerator, @Nullable PriorToLoginPersistence priorToLoginPersistence) {
        super(jwtCookieConfiguration, redirectConfiguration, priorToLoginPersistence);
        this.accessTokenConfiguration = accessTokenConfiguration;
        this.accessRefreshTokenGenerator = accessRefreshTokenGenerator;
        this.refreshTokenCookieConfiguration = createDefaultConfiguration(jwtCookieConfiguration);
    }

    @Inject
    public JwtCookieLoginHandler(RedirectConfiguration redirectConfiguration, AccessTokenCookieConfiguration accessTokenCookieConfiguration, RefreshTokenCookieConfiguration refreshTokenCookieConfiguration, AccessTokenConfiguration accessTokenConfiguration, AccessRefreshTokenGenerator accessRefreshTokenGenerator, @Nullable PriorToLoginPersistence priorToLoginPersistence) {
        super(accessTokenCookieConfiguration, redirectConfiguration, priorToLoginPersistence);
        this.refreshTokenCookieConfiguration = refreshTokenCookieConfiguration;
        this.accessTokenConfiguration = accessTokenConfiguration;
        this.accessRefreshTokenGenerator = accessRefreshTokenGenerator;
    }

    private static RefreshTokenCookieConfiguration createDefaultConfiguration(final JwtCookieConfiguration jwtCookieConfiguration) {
        return new RefreshTokenCookieConfiguration() { // from class: io.micronaut.security.token.jwt.cookie.JwtCookieLoginHandler.1
            @NonNull
            public String getCookieName() {
                return RefreshTokenCookieConfigurationProperties.DEFAULT_COOKIENAME;
            }

            public Optional<String> getCookieDomain() {
                return JwtCookieConfiguration.this.getCookieDomain();
            }

            public Optional<String> getCookiePath() {
                return JwtCookieConfiguration.this.getCookiePath();
            }

            public Optional<Boolean> isCookieHttpOnly() {
                return JwtCookieConfiguration.this.isCookieHttpOnly();
            }

            public Optional<Boolean> isCookieSecure() {
                return JwtCookieConfiguration.this.isCookieSecure();
            }

            public Optional<TemporalAmount> getCookieMaxAge() {
                return Optional.empty();
            }
        };
    }

    @Override // io.micronaut.security.token.jwt.cookie.CookieLoginHandler
    protected List<Cookie> getCookies(UserDetails userDetails, HttpRequest<?> httpRequest) {
        return getCookies(this.accessRefreshTokenGenerator.generate(userDetails).orElseThrow(() -> {
            return new OauthErrorResponseException(ObtainingAuthorizationErrorCode.SERVER_ERROR, "Cannot obtain an access token", (String) null);
        }), httpRequest);
    }

    @Override // io.micronaut.security.token.jwt.cookie.CookieLoginHandler
    protected List<Cookie> getCookies(UserDetails userDetails, String str, HttpRequest<?> httpRequest) {
        return getCookies(this.accessRefreshTokenGenerator.generate(str, userDetails).orElseThrow(() -> {
            return new OauthErrorResponseException(ObtainingAuthorizationErrorCode.SERVER_ERROR, "Cannot obtain an access token", (String) null);
        }), httpRequest);
    }

    protected List<Cookie> getCookies(AccessRefreshToken accessRefreshToken, HttpRequest<?> httpRequest) {
        ArrayList arrayList = new ArrayList(2);
        CookieConfiguration cookieConfiguration = this.accessTokenCookieConfiguration == null ? this.jwtCookieConfiguration : this.accessTokenCookieConfiguration;
        Cookie of = Cookie.of(cookieConfiguration.getCookieName(), accessRefreshToken.getAccessToken());
        of.configure(cookieConfiguration, httpRequest.isSecure());
        of.maxAge((TemporalAmount) cookieConfiguration.getCookieMaxAge().orElseGet(() -> {
            return Duration.ofSeconds(this.accessTokenConfiguration.getExpiration().intValue());
        }));
        arrayList.add(of);
        String refreshToken = accessRefreshToken.getRefreshToken();
        if (StringUtils.isNotEmpty(refreshToken)) {
            Cookie of2 = Cookie.of(this.refreshTokenCookieConfiguration.getCookieName(), refreshToken);
            of2.configure(this.refreshTokenCookieConfiguration, httpRequest.isSecure());
            of2.maxAge((TemporalAmount) this.refreshTokenCookieConfiguration.getCookieMaxAge().orElseGet(() -> {
                return Duration.ofDays(30L);
            }));
            arrayList.add(of2);
        }
        return arrayList;
    }
}
