package com.evolveum.midpoint.authentication.impl.module.authentication;

import com.evolveum.midpoint.authentication.api.util.AuthenticationModuleNameConstants;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AuthenticationSequenceModuleType;
import java.util.LinkedHashMap;
import org.apache.activemq.artemis.api.config.ActiveMQDefaultConfiguration;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.server.resource.BearerTokenError;
import org.springframework.util.StringUtils;

/* loaded from: input_file:BOOT-INF/lib/authentication-impl-4.6.2-SNAPSHOT.jar:com/evolveum/midpoint/authentication/impl/module/authentication/OidcResourceServerModuleAuthentication.class */
public class OidcResourceServerModuleAuthentication extends HttpModuleAuthentication {
    public OidcResourceServerModuleAuthentication(AuthenticationSequenceModuleType authenticationSequenceModuleType) {
        super(AuthenticationModuleNameConstants.OIDC, authenticationSequenceModuleType);
    }

    @Override // com.evolveum.midpoint.authentication.impl.module.authentication.HttpModuleAuthentication, com.evolveum.midpoint.authentication.impl.module.authentication.CredentialModuleAuthenticationImpl, com.evolveum.midpoint.authentication.impl.module.authentication.ModuleAuthenticationImpl
    /* renamed from: clone */
    public ModuleAuthenticationImpl mo253clone() {
        OidcResourceServerModuleAuthentication oidcResourceServerModuleAuthentication = new OidcResourceServerModuleAuthentication(getSequenceModule());
        clone(oidcResourceServerModuleAuthentication);
        return oidcResourceServerModuleAuthentication;
    }

    @Override // com.evolveum.midpoint.authentication.impl.module.authentication.HttpModuleAuthentication
    public String getRealmFroHeader(AuthenticationException authenticationException) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        if (authenticationException instanceof OAuth2AuthenticationException) {
            OAuth2Error error = ((OAuth2AuthenticationException) authenticationException).getError();
            linkedHashMap.put("error", error.getErrorCode());
            if (StringUtils.hasText(error.getDescription())) {
                linkedHashMap.put(OAuth2ParameterNames.ERROR_DESCRIPTION, error.getDescription());
            }
            if (StringUtils.hasText(error.getUri())) {
                linkedHashMap.put(OAuth2ParameterNames.ERROR_URI, error.getUri());
            }
            if (error instanceof BearerTokenError) {
                BearerTokenError bearerTokenError = (BearerTokenError) error;
                if (StringUtils.hasText(bearerTokenError.getScope())) {
                    linkedHashMap.put("scope", bearerTokenError.getScope());
                }
            }
        }
        StringBuilder sb = new StringBuilder(super.getRealmFroHeader(authenticationException));
        if (!linkedHashMap.isEmpty()) {
            linkedHashMap.forEach((str, str2) -> {
                sb.append(", ");
                sb.append(str).append("=\"").append(str2).append(ActiveMQDefaultConfiguration.BROKER_PROPERTIES_KEY_SURROUND);
            });
        }
        return sb.toString();
    }
}
