package cronapp.framework.security;

import cronapp.framework.core.model.AppConfiguration;
import cronapp.framework.core.model.SocialNetwork;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.springframework.context.ApplicationContextInitializer;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.core.env.ConfigurableEnvironment;
import org.springframework.core.env.MapPropertySource;

@Configuration
@Order
/* loaded from: input_file:cronapp/framework/security/LegacyPropertyHandler.class */
public class LegacyPropertyHandler implements ApplicationContextInitializer<ConfigurableApplicationContext> {
    private static final String ENTITY_ID = "entityId";
    private static final String ACCESS_TOKEN_URI = "accessTokenUri";
    private int oauthRegistrationIndex = 0;

    public void initialize(ConfigurableApplicationContext configurableApplicationContext) {
        upgradeEnvironment(configurableApplicationContext.getEnvironment());
    }

    private void upgradeEnvironment(ConfigurableEnvironment configurableEnvironment) {
        HashMap hashMap = new HashMap();
        hashMap.putAll(upgradeCommonProperties(configurableEnvironment));
        hashMap.putAll(upgradeSamlProperties(configurableEnvironment));
        hashMap.putAll(upgradeOAuthProperties(configurableEnvironment));
        if (AppConfiguration.getInstance().getAuth().getSocialLogin().booleanValue()) {
            hashMap.putAll(upgradeGithubOAuthProperties());
            hashMap.putAll(upgradeGoogleOAuthProperties());
            hashMap.putAll(upgradeFacebookOAuthProperties());
            hashMap.putAll(upgradeLinkedinOAuthProperties());
        }
        if (hashMap.isEmpty()) {
            return;
        }
        configurableEnvironment.getPropertySources().addFirst(new MapPropertySource(getClass().getName(), hashMap));
    }

    private Map<String, String> getMappedProperties(ConfigurableEnvironment configurableEnvironment, Map<String, String> map) {
        return (Map) map.entrySet().stream().map(entry -> {
            String property = configurableEnvironment.getProperty((String) entry.getKey());
            if (property != null) {
                return Map.entry((String) entry.getValue(), property);
            }
            return null;
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).collect(Collectors.toMap((v0) -> {
            return v0.getKey();
        }, (v0) -> {
            return v0.getValue();
        }));
    }

    private Map<String, String> upgradeCommonProperties(ConfigurableEnvironment configurableEnvironment) {
        HashMap hashMap = new HashMap();
        Boolean bool = (Boolean) configurableEnvironment.getProperty("cronapp.security.authentication", Boolean.class);
        String type = AppConfiguration.getInstance().getAuth().getType();
        if (bool == null) {
            bool = Boolean.valueOf(type != null && type.equalsIgnoreCase("Token"));
        }
        if (StringUtils.equals(type, "Nenhuma")) {
            bool = false;
        }
        hashMap.put("cronapp.security.enabled", bool.toString());
        if (bool.booleanValue()) {
            hashMap.put("cronapp.security.forms.enabled", "true");
            hashMap.put("cronapp.security.token.enabled", "true");
        }
        return hashMap;
    }

    private Map<String, String> upgradeSamlProperties(ConfigurableEnvironment configurableEnvironment) {
        Map<String, String> mappedProperties = getMappedProperties(configurableEnvironment, Map.of("security.oauth2.saml.metadataUrl", "cronapp.security.saml.registrations[0].metadataUrl", "security.oauth2.saml.privateKey", "cronapp.security.saml.registrations[0].privateKeyAlias", "security.oauth2.saml.privateKeyPass", "cronapp.security.saml.registrations[0].privateKeyPass", "security.oauth2.saml.storeFile", "cronapp.security.saml.registrations[0].keystoreFile", "security.oauth2.saml.storePass", "cronapp.security.saml.registrations[0].keystorePass", "security.oauth2.saml.entityId", "cronapp.security.saml.registrations[0].entityId"));
        if (!mappedProperties.isEmpty() && !configurableEnvironment.getProperty("security.oauth2.saml.entityId", ENTITY_ID).equals(ENTITY_ID)) {
            mappedProperties.put("cronapp.security.saml.registrations[0].name", "default");
            mappedProperties.put("cronapp.security.saml.enabled", "true");
        }
        return mappedProperties;
    }

    private Map<String, String> upgradeOAuthProperties(ConfigurableEnvironment configurableEnvironment) {
        String str = "cronapp.security.oauth.registrations[" + this.oauthRegistrationIndex + "]";
        Map<String, String> of = Map.of("security.oauth2.client.clientId", str + ".clientId", "security.oauth2.client.clientSecret", str + ".clientSecret", "security.oauth2.client.userAuthorizationUri", str + ".authorizationUri", "security.oauth2.client.accessTokenUri", str + ".tokenUri", "security.oauth2.resource.userInfoUri", str + ".userInfoUri", "security.oauth2.client.scope", str + ".scope");
        String property = configurableEnvironment.getProperty("security.oauth2.client.accessTokenUri");
        if (property == null || property.equals(ACCESS_TOKEN_URI)) {
            return Map.of();
        }
        Map<String, String> mappedProperties = getMappedProperties(configurableEnvironment, of);
        mappedProperties.put("cronapp.security.oauth.enabled", "true");
        mappedProperties.put(str + ".name", "default");
        mappedProperties.put(str + ".nameAttributeKey", "preferred_username");
        mappedProperties.put(str + ".jwkSetUri", discoverJwkSetUri(property));
        this.oauthRegistrationIndex++;
        return mappedProperties;
    }

    private String discoverJwkSetUri(String str) {
        return str.contains("login.microsoftonline.com") ? str.replace("/oauth2/v2.0/token", "/discovery/v2.0/keys") : str.replace("/token", "/certs");
    }

    private SocialNetwork getSocialNetworkConfiguration(String str) {
        AppConfiguration appConfiguration = AppConfiguration.getInstance();
        if (appConfiguration.getAuth() == null || appConfiguration.getAuth().getSocialNetworks() == null) {
            return null;
        }
        return (SocialNetwork) AppConfiguration.getInstance().getAuth().getSocialNetworks().stream().filter(socialNetwork -> {
            return socialNetwork.getName().equals(str);
        }).filter((v0) -> {
            return v0.getActive();
        }).findFirst().orElse(null);
    }

    private Map<String, String> upgradeGoogleOAuthProperties() {
        SocialNetwork socialNetworkConfiguration = getSocialNetworkConfiguration("google");
        if (socialNetworkConfiguration == null) {
            return Map.of();
        }
        String str = "cronapp.security.oauth.registrations[" + this.oauthRegistrationIndex + "]";
        this.oauthRegistrationIndex++;
        return Map.of(str + ".name", "google", str + ".clientId", socialNetworkConfiguration.getAppId(), str + ".clientSecret", socialNetworkConfiguration.getAppSecret(), str + ".authorizationUri", "https://accounts.google.com/o/oauth2/v2/auth", str + ".tokenUri", "https://oauth2.googleapis.com/token", str + ".userInfoUri", "https://openidconnect.googleapis.com/v1/userinfo", str + ".jwkSetUri", "https://www.googleapis.com/oauth2/v3/certs", str + ".scope", "openid profile email", "cronapp.security.oauth.enabled", "true");
    }

    private Map<String, String> upgradeGithubOAuthProperties() {
        SocialNetwork socialNetworkConfiguration = getSocialNetworkConfiguration("github");
        if (socialNetworkConfiguration == null) {
            return Map.of();
        }
        String str = "cronapp.security.oauth.registrations[" + this.oauthRegistrationIndex + "]";
        this.oauthRegistrationIndex++;
        return Map.of(str + ".name", "github", str + ".clientId", socialNetworkConfiguration.getAppId(), str + ".clientSecret", socialNetworkConfiguration.getAppSecret(), str + ".authorizationUri", "https://github.com/login/oauth/authorize", str + ".tokenUri", "https://github.com/login/oauth/access_token", str + ".userInfoUri", "https://api.github.com/user", str + ".jwkSetUri", "https://github.com/login/oauth/.well-known/jwks", str + ".nameAttributeKey", "id", str + ".scope", "read:user", "cronapp.security.oauth.enabled", "true");
    }

    private Map<String, String> upgradeFacebookOAuthProperties() {
        SocialNetwork socialNetworkConfiguration = getSocialNetworkConfiguration("facebook");
        if (socialNetworkConfiguration == null) {
            return Map.of();
        }
        String str = "cronapp.security.oauth.registrations[" + this.oauthRegistrationIndex + "]";
        this.oauthRegistrationIndex++;
        return Map.of(str + ".name", "facebook", str + ".clientId", socialNetworkConfiguration.getAppId(), str + ".clientSecret", socialNetworkConfiguration.getAppSecret(), str + ".authorizationUri", "https://www.facebook.com/v2.8/dialog/oauth", str + ".tokenUri", "https://graph.facebook.com/v2.8/oauth/access_token", str + ".userInfoUri", "https://graph.facebook.com/me?fields=id,name,email", str + ".jwkSetUri", "https://www.facebook.com/.well-known/oauth/openid/jwks", str + ".nameAttributeKey", "sub", str + ".scope", "openid public_profile email", "cronapp.security.oauth.enabled", "true");
    }

    private Map<String, String> upgradeLinkedinOAuthProperties() {
        SocialNetwork socialNetworkConfiguration = getSocialNetworkConfiguration("linkedin");
        if (socialNetworkConfiguration == null) {
            return Map.of();
        }
        String str = "cronapp.security.oauth.registrations[" + this.oauthRegistrationIndex + "]";
        this.oauthRegistrationIndex++;
        HashMap hashMap = new HashMap();
        hashMap.put(str + ".name", "linkedin");
        hashMap.put(str + ".clientId", socialNetworkConfiguration.getAppId());
        hashMap.put(str + ".clientSecret", socialNetworkConfiguration.getAppSecret());
        hashMap.put(str + ".authorizationUri", "https://www.linkedin.com/oauth/v2/authorization");
        hashMap.put(str + ".tokenUri", "https://www.linkedin.com/oauth/v2/accessToken");
        hashMap.put(str + ".userInfoUri", "https://api.linkedin.com/v2/userinfo");
        hashMap.put(str + ".jwkSetUri", "https://www.linkedin.com/oauth/openid/jwks");
        hashMap.put(str + ".nameAttributeKey", "sub");
        hashMap.put(str + ".scope", "openid profile email");
        hashMap.put(str + ".clientAuthenticationMethod", "client_secret_post");
        hashMap.put(str + ".removeNonce", "true");
        hashMap.put("cronapp.security.oauth.enabled", "true");
        return hashMap;
    }
}
