package io.micronaut.security.oauth2.endpoint.token.request.password;

import io.micronaut.security.authentication.AuthenticationProvider;
import io.micronaut.security.authentication.AuthenticationRequest;
import io.micronaut.security.authentication.AuthenticationResponse;
import io.micronaut.security.oauth2.configuration.OauthClientConfiguration;
import io.micronaut.security.oauth2.configuration.endpoints.SecureEndpointConfiguration;
import io.micronaut.security.oauth2.endpoint.AuthenticationMethod;
import io.micronaut.security.oauth2.endpoint.DefaultSecureEndpoint;
import io.micronaut.security.oauth2.endpoint.SecureEndpoint;
import io.micronaut.security.oauth2.endpoint.token.request.TokenEndpointClient;
import io.micronaut.security.oauth2.endpoint.token.request.context.OauthPasswordTokenRequestContext;
import io.micronaut.security.oauth2.endpoint.token.response.OauthAuthenticationMapper;
import java.util.Collections;
import java.util.Objects;
import org.reactivestreams.Publisher;
import reactor.core.publisher.Flux;

/* loaded from: input_file:META-INF/rewrite/classpath/micronaut-security-oauth2-4.0.0.jar:io/micronaut/security/oauth2/endpoint/token/request/password/OauthPasswordAuthenticationProvider.class */
public class OauthPasswordAuthenticationProvider<T> implements AuthenticationProvider<T> {
    private final TokenEndpointClient tokenEndpointClient;
    private final SecureEndpoint secureEndpoint;
    private final OauthClientConfiguration clientConfiguration;
    private final OauthAuthenticationMapper authenticationMapper;

    public OauthPasswordAuthenticationProvider(TokenEndpointClient tokenEndpointClient, OauthClientConfiguration oauthClientConfiguration, OauthAuthenticationMapper oauthAuthenticationMapper) {
        this.tokenEndpointClient = tokenEndpointClient;
        this.clientConfiguration = oauthClientConfiguration;
        this.authenticationMapper = oauthAuthenticationMapper;
        this.secureEndpoint = getTokenEndpoint(oauthClientConfiguration);
    }

    @Override // io.micronaut.security.authentication.AuthenticationProvider
    public Publisher<AuthenticationResponse> authenticate(T t, AuthenticationRequest<?, ?> authenticationRequest) {
        return Flux.from(this.tokenEndpointClient.sendRequest(new OauthPasswordTokenRequestContext(authenticationRequest, this.secureEndpoint, this.clientConfiguration))).switchMap(tokenResponse -> {
            Flux from = Flux.from(this.authenticationMapper.createAuthenticationResponse(tokenResponse, null));
            Class<AuthenticationResponse> cls = AuthenticationResponse.class;
            Objects.requireNonNull(AuthenticationResponse.class);
            return from.map((v1) -> {
                return r1.cast(v1);
            });
        });
    }

    protected SecureEndpoint getTokenEndpoint(OauthClientConfiguration oauthClientConfiguration) {
        SecureEndpointConfiguration orElseThrow = oauthClientConfiguration.getToken().orElseThrow(() -> {
            return new IllegalArgumentException("Token endpoint configuration is missing for provider [" + oauthClientConfiguration.getName() + "]");
        });
        return new DefaultSecureEndpoint(orElseThrow.getUrl().orElseThrow(() -> {
            return new IllegalArgumentException("Token endpoint URL is null for provider [" + oauthClientConfiguration.getName() + "]");
        }), Collections.singletonList(orElseThrow.getAuthMethod().orElse(AuthenticationMethod.CLIENT_SECRET_BASIC)));
    }
}
