package eu.dnetlib.openaire.user.login.utils;

import java.util.Collection;
import java.util.Map;
import org.apache.log4j.Logger;
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.session.ExpiringSession;
import org.springframework.session.FindByIndexNameSessionRepository;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:eu/dnetlib/openaire/user/login/utils/AuthoritiesUpdater.class */
public class AuthoritiesUpdater extends HttpSessionSecurityContextRepository {
    private static final Logger logger = Logger.getLogger(AuthoritiesUpdater.class);

    @Autowired
    FindByIndexNameSessionRepository sessions;

    /* loaded from: input_file:eu/dnetlib/openaire/user/login/utils/AuthoritiesUpdater$Update.class */
    public interface Update {
        Collection<? extends GrantedAuthority> authorities(Collection<? extends GrantedAuthority> collection);
    }

    public void update(String str, Update update) {
        if (this.sessions != null) {
            Map findByIndexNameAndIndexValue = this.sessions.findByIndexNameAndIndexValue(FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME, str);
            logger.debug(Integer.valueOf(findByIndexNameAndIndexValue.values().toArray().length));
            for (ExpiringSession expiringSession : findByIndexNameAndIndexValue.values()) {
                logger.debug(expiringSession.getId());
                if (!expiringSession.isExpired()) {
                    SecurityContext securityContext = (SecurityContext) expiringSession.getAttribute("SPRING_SECURITY_CONTEXT");
                    OIDCAuthenticationToken authentication = securityContext.getAuthentication();
                    if (authentication instanceof OIDCAuthenticationToken) {
                        OIDCAuthenticationToken oIDCAuthenticationToken = authentication;
                        Collection<? extends GrantedAuthority> authorities = update.authorities(authentication.getAuthorities());
                        logger.debug(authorities);
                        securityContext.setAuthentication(new OIDCAuthenticationToken(oIDCAuthenticationToken.getSub(), oIDCAuthenticationToken.getIssuer(), oIDCAuthenticationToken.getUserInfo(), authorities, oIDCAuthenticationToken.getIdToken(), oIDCAuthenticationToken.getAccessTokenValue(), oIDCAuthenticationToken.getRefreshTokenValue()));
                        logger.debug("Update authorities");
                        expiringSession.setAttribute("SPRING_SECURITY_CONTEXT", securityContext);
                        this.sessions.save(expiringSession);
                    }
                }
            }
        }
    }
}
