package org.springframework.security.web.reactive.result.method.annotation;

import java.lang.annotation.Annotation;
import org.reactivestreams.Publisher;
import org.springframework.core.MethodParameter;
import org.springframework.core.ReactiveAdapter;
import org.springframework.core.ReactiveAdapterRegistry;
import org.springframework.core.ResolvableType;
import org.springframework.core.annotation.AnnotationUtils;
import org.springframework.core.annotation.MergedAnnotations;
import org.springframework.expression.BeanResolver;
import org.springframework.expression.ExpressionParser;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.expression.spel.support.StandardEvaluationContext;
import org.springframework.security.core.annotation.AnnotationTemplateExpressionDefaults;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.core.annotation.SecurityAnnotationScanner;
import org.springframework.security.core.annotation.SecurityAnnotationScanners;
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.util.ClassUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.reactive.BindingContext;
import org.springframework.web.reactive.result.method.HandlerMethodArgumentResolverSupport;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/* loaded from: input_file:org/springframework/security/web/reactive/result/method/annotation/AuthenticationPrincipalArgumentResolver.class */
public class AuthenticationPrincipalArgumentResolver extends HandlerMethodArgumentResolverSupport {
    private ExpressionParser parser;
    private final Class<AuthenticationPrincipal> annotationType;
    private SecurityAnnotationScanner<AuthenticationPrincipal> scanner;
    private boolean useAnnotationTemplate;
    private BeanResolver beanResolver;

    public AuthenticationPrincipalArgumentResolver(ReactiveAdapterRegistry reactiveAdapterRegistry) {
        super(reactiveAdapterRegistry);
        this.parser = new SpelExpressionParser();
        this.annotationType = AuthenticationPrincipal.class;
        this.scanner = SecurityAnnotationScanners.requireUnique(this.annotationType);
        this.useAnnotationTemplate = false;
    }

    public void setBeanResolver(BeanResolver beanResolver) {
        this.beanResolver = beanResolver;
    }

    public boolean supportsParameter(MethodParameter methodParameter) {
        return findMethodAnnotation(methodParameter) != null;
    }

    public Mono<Object> resolveArgument(MethodParameter methodParameter, BindingContext bindingContext, ServerWebExchange serverWebExchange) {
        ReactiveAdapter adapter = getAdapterRegistry().getAdapter(methodParameter.getParameterType());
        return ReactiveSecurityContextHolder.getContext().map((v0) -> {
            return v0.getAuthentication();
        }).flatMap(authentication -> {
            Mono justOrEmpty = Mono.justOrEmpty(resolvePrincipal(methodParameter, authentication.getPrincipal()));
            return adapter != null ? Mono.just(adapter.fromPublisher(justOrEmpty)) : justOrEmpty;
        });
    }

    private Object resolvePrincipal(MethodParameter methodParameter, Object obj) {
        AuthenticationPrincipal findMethodAnnotation = findMethodAnnotation(methodParameter);
        String expression = findMethodAnnotation.expression();
        if (StringUtils.hasLength(expression)) {
            StandardEvaluationContext standardEvaluationContext = new StandardEvaluationContext();
            standardEvaluationContext.setRootObject(obj);
            standardEvaluationContext.setVariable("this", obj);
            standardEvaluationContext.setBeanResolver(this.beanResolver);
            obj = this.parser.parseExpression(expression).getValue(standardEvaluationContext);
        }
        if (!isInvalidType(methodParameter, obj)) {
            return obj;
        }
        if (findMethodAnnotation.errorOnInvalidType()) {
            throw new ClassCastException(String.valueOf(obj) + " is not assignable to " + String.valueOf(methodParameter.getParameterType()));
        }
        return null;
    }

    private boolean isInvalidType(MethodParameter methodParameter, Object obj) {
        if (obj == null) {
            return false;
        }
        Class parameterType = methodParameter.getParameterType();
        if (Publisher.class.isAssignableFrom(methodParameter.getParameterType())) {
            Class resolveGeneric = ResolvableType.forMethodParameter(methodParameter).resolveGeneric(new int[]{0});
            if (resolveGeneric == null) {
                return false;
            }
            parameterType = resolveGeneric;
        }
        return !ClassUtils.isAssignable(parameterType, obj.getClass());
    }

    public void setTemplateDefaults(AnnotationTemplateExpressionDefaults annotationTemplateExpressionDefaults) {
        this.useAnnotationTemplate = annotationTemplateExpressionDefaults != null;
        this.scanner = SecurityAnnotationScanners.requireUnique(AuthenticationPrincipal.class, annotationTemplateExpressionDefaults);
    }

    private AuthenticationPrincipal findMethodAnnotation(MethodParameter methodParameter) {
        if (this.useAnnotationTemplate) {
            return this.scanner.scan(methodParameter.getParameter());
        }
        AuthenticationPrincipal parameterAnnotation = methodParameter.getParameterAnnotation(this.annotationType);
        if (parameterAnnotation != null) {
            return parameterAnnotation;
        }
        for (Annotation annotation : methodParameter.getParameterAnnotations()) {
            if (AnnotationUtils.findAnnotation(annotation.annotationType(), this.annotationType) != null) {
                return MergedAnnotations.from(new Annotation[]{annotation}).get(this.annotationType).synthesize();
            }
        }
        return null;
    }
}
