package io.gardenerframework.camellia.authentication.server.main.spring;

import io.gardenerframework.camellia.authentication.server.common.annotation.AuthenticationServerEngineComponent;
import io.gardenerframework.camellia.authentication.server.main.exception.NestedAuthenticationException;
import io.gardenerframework.camellia.authentication.server.main.exception.annotation.OAuth2ErrorCode;
import io.gardenerframework.camellia.authentication.server.main.utils.AuthenticationEndpointMatcher;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.annotation.AnnotationUtils;
import org.springframework.lang.Nullable;
import org.springframework.security.authentication.AccountStatusException;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.util.StringUtils;

@AuthenticationServerEngineComponent
/* loaded from: input_file:io/gardenerframework/camellia/authentication/server/main/spring/AuthenticationEndpointExceptionAdapter.class */
public class AuthenticationEndpointExceptionAdapter {
    private static final Map<Class<? extends Exception>, String> OAUTH2_ERROR_CODE_REGISTRY = new ConcurrentHashMap();
    private AuthenticationEndpointMatcher authenticationEndpointMatcher;

    @Nullable
    private static String lookupErrorCodeRegistry(Exception exc) {
        Class<?> cls = exc.getClass();
        for (Map.Entry<Class<? extends Exception>, String> entry : OAUTH2_ERROR_CODE_REGISTRY.entrySet()) {
            Class<? extends Exception> key = entry.getKey();
            String value = entry.getValue();
            if (key.isAssignableFrom(cls)) {
                return value;
            }
        }
        return null;
    }

    public AuthenticationException adapt(HttpServletRequest httpServletRequest, AuthenticationException authenticationException) {
        return (!this.authenticationEndpointMatcher.isTokenEndpoint(httpServletRequest) || (authenticationException instanceof OAuth2AuthenticationException)) ? authenticationException : convert(authenticationException);
    }

    public OAuth2AuthenticationException convert(AuthenticationException authenticationException) {
        return new OAuth2AuthenticationException(new OAuth2Error(foundOAuth2ErrorCode(authenticationException)), authenticationException);
    }

    private String foundOAuth2ErrorCode(Exception exc) {
        OAuth2ErrorCode findAnnotation = AnnotationUtils.findAnnotation(exc.getClass(), OAuth2ErrorCode.class);
        if (findAnnotation != null) {
            return findAnnotation.value();
        }
        String lookupErrorCodeRegistry = lookupErrorCodeRegistry(exc);
        return StringUtils.hasText(lookupErrorCodeRegistry) ? lookupErrorCodeRegistry : ((exc instanceof NestedAuthenticationException) && (exc.getCause() instanceof Exception)) ? foundOAuth2ErrorCode((Exception) exc.getCause()) : "server_error";
    }

    @Autowired
    private void setAuthenticationEndpointMatcher(AuthenticationEndpointMatcher authenticationEndpointMatcher) {
        this.authenticationEndpointMatcher = authenticationEndpointMatcher;
    }

    static {
        OAUTH2_ERROR_CODE_REGISTRY.put(BadCredentialsException.class, "unauthorized");
        OAUTH2_ERROR_CODE_REGISTRY.put(AccountStatusException.class, "unauthorized");
        OAUTH2_ERROR_CODE_REGISTRY.put(AuthenticationServiceException.class, "server_error");
    }
}
