package no.fintlabs.util;

import java.util.List;
import no.vigoiks.resourceserver.security.FintJwtEndUserPrincipal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;

@Component
/* loaded from: input_file:no/fintlabs/util/AuthenticationUtil.class */
public class AuthenticationUtil {
    private static final Logger log = LoggerFactory.getLogger(AuthenticationUtil.class);

    @Value("${fint.kontroll.authorization.authorized-admin-role:admin}")
    private String adminRole;

    public String getUserName() {
        log.info("Getting user name");
        SecurityContext securityContext = getSecurityContext();
        log.info("Got security context {}", securityContext);
        FintJwtEndUserPrincipal from = FintJwtEndUserPrincipal.from((Jwt) securityContext.getAuthentication().getPrincipal());
        return from.getMail() != null ? from.getMail() : "";
    }

    public Boolean isAuthenticated() {
        log.info("Checking if user is authenticated");
        SecurityContext securityContext = getSecurityContext();
        log.info("Got security context {}", securityContext);
        return Boolean.valueOf(securityContext.getAuthentication().isAuthenticated());
    }

    private SecurityContext getSecurityContext() {
        return SecurityContextHolder.getContext();
    }

    public String getUrl() {
        log.info("Getting requested url");
        FintJwtEndUserPrincipal from = FintJwtEndUserPrincipal.from((Jwt) getSecurityContext().getAuthentication().getPrincipal());
        String orgId = from.getOrgId() != null ? from.getOrgId() : "";
        log.info("Found orgId: {}", orgId);
        if (RequestContextHolder.getRequestAttributes() == null) {
            return "";
        }
        String requestURI = RequestContextHolder.getRequestAttributes().getRequest().getRequestURI();
        log.info("Request URI: {}", requestURI);
        String replace = requestURI.replace("/" + orgId.replace(".", "-"), "").replace("/beta/fintlabs-no", "");
        log.info("Stripped request URI: {}", replace);
        return replace;
    }

    public boolean isAdmin() {
        log.info("Checking if user is admin");
        return hasAdminRole((JwtAuthenticationToken) getSecurityContext().getAuthentication());
    }

    boolean hasAdminRole(JwtAuthenticationToken jwtAuthenticationToken) {
        log.info("AuthUtil: Listing all roles found on jwt token");
        jwtAuthenticationToken.getAuthorities().forEach(grantedAuthority -> {
            log.info("Authorities in jwt: {}", grantedAuthority.getAuthority());
        });
        List list = (List) jwtAuthenticationToken.getTokenAttributes().get("roles");
        if (list != null) {
            log.info("Auth: Listing all roles found on token attributes");
            list.forEach(str -> {
                log.info("Roles in token attributes: {}", str);
            });
        }
        boolean anyMatch = jwtAuthenticationToken.getAuthorities().stream().anyMatch(grantedAuthority2 -> {
            return grantedAuthority2.getAuthority().equals("ROLE_" + this.adminRole);
        });
        log.info("AuthUtil: Has admin role: {}", Boolean.valueOf(anyMatch));
        return anyMatch;
    }
}
