package io.gardenerframework.camellia.authentication.server.main.spring.oauth2;

import io.gardenerframework.camellia.authentication.server.common.annotation.AuthenticationServerEngineComponent;
import io.gardenerframework.camellia.authentication.server.main.schema.UserAuthenticatedAuthentication;
import io.gardenerframework.camellia.authentication.server.main.user.schema.User;
import java.security.Principal;
import java.util.Objects;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.core.OAuth2RefreshToken;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

@Aspect
@AuthenticationServerEngineComponent
/* loaded from: input_file:io/gardenerframework/camellia/authentication/server/main/spring/oauth2/OAuth2AuthorizationServiceProxy.class */
public class OAuth2AuthorizationServiceProxy {
    private static final Logger log = LoggerFactory.getLogger(OAuth2AuthorizationServiceProxy.class);
    private final EnhancedOAuth2TokenCustomizer tokenCustomizer;
    private final OAuth2AuthorizationIdModifier idModifier;

    @Around("execution(* org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService.save(..))")
    public Object onSave(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        OAuth2Authorization oAuth2Authorization = (OAuth2Authorization) proceedingJoinPoint.getArgs()[0];
        if (oAuth2Authorization != null && oAuth2Authorization.getAttribute(OAuth2AuthorizationServiceProxy.class.getName()) == null) {
            OAuth2RefreshToken oAuth2RefreshToken = null;
            OAuth2RefreshToken oAuth2RefreshToken2 = null;
            if (oAuth2Authorization.getRefreshToken() != null && oAuth2Authorization.getRefreshToken().getToken() != null) {
                EnhancedOAuth2TokenCustomizer enhancedOAuth2TokenCustomizer = this.tokenCustomizer;
                OAuth2RefreshToken oAuth2RefreshToken3 = (OAuth2RefreshToken) oAuth2Authorization.getRefreshToken().getToken();
                oAuth2RefreshToken = oAuth2RefreshToken3;
                oAuth2RefreshToken2 = enhancedOAuth2TokenCustomizer.customizeRefreshToken(oAuth2RefreshToken3);
            }
            String id = oAuth2Authorization.getId();
            UserAuthenticatedAuthentication userAuthenticatedAuthentication = (UserAuthenticatedAuthentication) oAuth2Authorization.getAttribute(Principal.class.getName());
            User user = userAuthenticatedAuthentication == null ? null : userAuthenticatedAuthentication.getUser();
            OAuth2ClientAuthenticationToken authentication = SecurityContextHolder.getContext().getAuthentication();
            RegisteredClient registeredClient = null;
            if (authentication instanceof OAuth2ClientAuthenticationToken) {
                registeredClient = authentication.getRegisteredClient();
            }
            String modify = this.idModifier.modify(id, ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest(), registeredClient, user);
            OAuth2Authorization.Builder attribute = OAuth2Authorization.from(oAuth2Authorization).attribute(OAuth2AuthorizationServiceProxy.class.getName(), true);
            if (!Objects.equals(modify, id)) {
                attribute.id(modify);
            }
            if (oAuth2RefreshToken2 != oAuth2RefreshToken && oAuth2RefreshToken2 != null) {
                attribute.refreshToken(oAuth2RefreshToken2);
            }
            oAuth2Authorization = attribute.build();
        }
        return proceedingJoinPoint.proceed(new Object[]{oAuth2Authorization});
    }

    public OAuth2AuthorizationServiceProxy(EnhancedOAuth2TokenCustomizer enhancedOAuth2TokenCustomizer, OAuth2AuthorizationIdModifier oAuth2AuthorizationIdModifier) {
        this.tokenCustomizer = enhancedOAuth2TokenCustomizer;
        this.idModifier = oAuth2AuthorizationIdModifier;
    }
}
