package org.nuxeo.ecm.platform.oauth2.openid;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuxeo.ecm.platform.oauth2.providers.NuxeoOAuth2ServiceProvider;
import org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProviderRegistry;
import org.nuxeo.ecm.platform.ui.web.auth.LoginScreenHelper;
import org.nuxeo.runtime.api.Framework;
import org.nuxeo.runtime.model.ComponentContext;
import org.nuxeo.runtime.model.ComponentInstance;
import org.nuxeo.runtime.model.DefaultComponent;

/* loaded from: input_file:org/nuxeo/ecm/platform/oauth2/openid/OpenIDConnectProviderRegistryImpl.class */
public class OpenIDConnectProviderRegistryImpl extends DefaultComponent implements OpenIDConnectProviderRegistry {
    protected static final Log log = LogFactory.getLog(OpenIDConnectProviderRegistryImpl.class);
    public static final String PROVIDER_EP = "providers";
    protected Map<String, OpenIDConnectProvider> providers = new HashMap();
    protected OpenIDProviderFragmentRegistry pendingProviders = new OpenIDProviderFragmentRegistry();

    protected OAuth2ServiceProviderRegistry getOAuth2ServiceProviderRegistry() {
        return (OAuth2ServiceProviderRegistry) Framework.getLocalService(OAuth2ServiceProviderRegistry.class);
    }

    public void registerContribution(Object obj, String str, ComponentInstance componentInstance) throws Exception {
        if (PROVIDER_EP.equals(str)) {
            OpenIDConnectProviderDescriptor openIDConnectProviderDescriptor = (OpenIDConnectProviderDescriptor) obj;
            if (openIDConnectProviderDescriptor.getClientId() == null || openIDConnectProviderDescriptor.getClientSecret() == null) {
                log.info("OpenId provider for " + openIDConnectProviderDescriptor.getName() + " is disabled because clientId and/or clientSecret are empty (component id = " + componentInstance.getName().toString() + ")");
                openIDConnectProviderDescriptor.setEnabled(false);
            }
            log.info("OpenId provider for " + openIDConnectProviderDescriptor.getName() + " will be registred at application startup");
            this.pendingProviders.addContribution(openIDConnectProviderDescriptor);
        }
    }

    @Override // org.nuxeo.ecm.platform.oauth2.openid.OpenIDConnectProviderRegistry
    public Collection<OpenIDConnectProvider> getProviders() {
        return this.providers.values();
    }

    @Override // org.nuxeo.ecm.platform.oauth2.openid.OpenIDConnectProviderRegistry
    public Collection<OpenIDConnectProvider> getEnabledProviders() {
        ArrayList arrayList = new ArrayList();
        for (OpenIDConnectProvider openIDConnectProvider : getProviders()) {
            if (openIDConnectProvider.isEnabled()) {
                arrayList.add(openIDConnectProvider);
            }
        }
        return arrayList;
    }

    @Override // org.nuxeo.ecm.platform.oauth2.openid.OpenIDConnectProviderRegistry
    public OpenIDConnectProvider getProvider(String str) {
        return this.providers.get(str);
    }

    protected void registerPendingProviders() throws Exception {
        Iterator<OpenIDConnectProviderDescriptor> it = this.pendingProviders.getContribs().iterator();
        while (it.hasNext()) {
            registerOpenIdProvider(it.next());
        }
    }

    protected void registerOpenIdProvider(OpenIDConnectProviderDescriptor openIDConnectProviderDescriptor) throws Exception {
        OAuth2ServiceProviderRegistry oAuth2ServiceProviderRegistry = getOAuth2ServiceProviderRegistry();
        if (oAuth2ServiceProviderRegistry == null) {
            if (Framework.isTestModeSet()) {
                this.providers.put(openIDConnectProviderDescriptor.getName(), new OpenIDConnectProvider(null, openIDConnectProviderDescriptor.getAccessTokenKey(), openIDConnectProviderDescriptor.getUserInfoURL(), openIDConnectProviderDescriptor.getUserInfoClass(), openIDConnectProviderDescriptor.getIcon(), openIDConnectProviderDescriptor.isEnabled(), openIDConnectProviderDescriptor.getRedirectUriResolver().newInstance(), openIDConnectProviderDescriptor.getUserResolverClass()));
                return;
            } else {
                log.error("Can not register OAuth Provider since OAuth Registry is not available");
                return;
            }
        }
        NuxeoOAuth2ServiceProvider provider = oAuth2ServiceProviderRegistry.getProvider(openIDConnectProviderDescriptor.getName());
        if (provider == null) {
            provider = oAuth2ServiceProviderRegistry.addProvider(openIDConnectProviderDescriptor.getName(), openIDConnectProviderDescriptor.getTokenServerURL(), openIDConnectProviderDescriptor.getAuthorizationServerURL(), openIDConnectProviderDescriptor.getClientId(), openIDConnectProviderDescriptor.getClientSecret(), Arrays.asList(openIDConnectProviderDescriptor.getScopes()));
        } else {
            log.warn("Provider " + openIDConnectProviderDescriptor.getName() + " is already in the Database, XML contribution  won't overwrite it");
        }
        this.providers.put(openIDConnectProviderDescriptor.getName(), new OpenIDConnectProvider(provider, openIDConnectProviderDescriptor.getAccessTokenKey(), openIDConnectProviderDescriptor.getUserInfoURL(), openIDConnectProviderDescriptor.getUserInfoClass(), openIDConnectProviderDescriptor.getIcon(), openIDConnectProviderDescriptor.isEnabled(), openIDConnectProviderDescriptor.getRedirectUriResolver().newInstance(), openIDConnectProviderDescriptor.getUserResolverClass()));
        LoginScreenHelper.registerLoginProvider(openIDConnectProviderDescriptor.getName(), openIDConnectProviderDescriptor.getIcon(), openIDConnectProviderDescriptor.getUserInfoURL(), openIDConnectProviderDescriptor.getLabel(), openIDConnectProviderDescriptor.getDescription(), this.providers.get(openIDConnectProviderDescriptor.getName()));
    }

    public void applicationStarted(ComponentContext componentContext) throws Exception {
        super.applicationStarted(componentContext);
        registerPendingProviders();
    }
}
