package org.springframework.security.oauth2.server.authorization;

import com.alibaba.druid.wall.violation.ErrorCode;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.nio.charset.StandardCharsets;
import java.sql.DatabaseMetaData;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.function.Function;
import org.springframework.aot.hint.RuntimeHints;
import org.springframework.aot.hint.RuntimeHintsRegistrar;
import org.springframework.context.annotation.ImportRuntimeHints;
import org.springframework.core.io.ClassPathResource;
import org.springframework.dao.DataRetrievalFailureException;
import org.springframework.jdbc.core.ArgumentPreparedStatementSetter;
import org.springframework.jdbc.core.JdbcOperations;
import org.springframework.jdbc.core.RowMapper;
import org.springframework.jdbc.core.SqlParameterValue;
import org.springframework.jdbc.support.lob.DefaultLobHandler;
import org.springframework.jdbc.support.lob.LobCreator;
import org.springframework.jdbc.support.lob.LobHandler;
import org.springframework.lang.Nullable;
import org.springframework.security.jackson2.SecurityJackson2Modules;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2DeviceCode;
import org.springframework.security.oauth2.core.OAuth2RefreshToken;
import org.springframework.security.oauth2.core.OAuth2Token;
import org.springframework.security.oauth2.core.OAuth2UserCode;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.core.oidc.OidcIdToken;
import org.springframework.security.oauth2.core.oidc.endpoint.OidcParameterNames;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.jackson2.OAuth2AuthorizationServerJackson2Module;
import org.springframework.util.Assert;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;

@ImportRuntimeHints({JdbcOAuth2AuthorizationServiceRuntimeHintsRegistrar.class})
/* loaded from: input_file:BOOT-INF/lib/spring-security-oauth2-authorization-server-1.3.2.jar:org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService.class */
public class JdbcOAuth2AuthorizationService implements OAuth2AuthorizationService {
    private static final String COLUMN_NAMES = "id, registered_client_id, principal_name, authorization_grant_type, authorized_scopes, attributes, state, authorization_code_value, authorization_code_issued_at, authorization_code_expires_at,authorization_code_metadata,access_token_value,access_token_issued_at,access_token_expires_at,access_token_metadata,access_token_type,access_token_scopes,oidc_id_token_value,oidc_id_token_issued_at,oidc_id_token_expires_at,oidc_id_token_metadata,refresh_token_value,refresh_token_issued_at,refresh_token_expires_at,refresh_token_metadata,user_code_value,user_code_issued_at,user_code_expires_at,user_code_metadata,device_code_value,device_code_issued_at,device_code_expires_at,device_code_metadata";
    private static final String TABLE_NAME = "oauth2_authorization";
    private static final String PK_FILTER = "id = ?";
    private static final String UNKNOWN_TOKEN_TYPE_FILTER = "state = ? OR authorization_code_value = ? OR access_token_value = ? OR oidc_id_token_value = ? OR refresh_token_value = ? OR user_code_value = ? OR device_code_value = ?";
    private static final String STATE_FILTER = "state = ?";
    private static final String AUTHORIZATION_CODE_FILTER = "authorization_code_value = ?";
    private static final String ACCESS_TOKEN_FILTER = "access_token_value = ?";
    private static final String ID_TOKEN_FILTER = "oidc_id_token_value = ?";
    private static final String REFRESH_TOKEN_FILTER = "refresh_token_value = ?";
    private static final String USER_CODE_FILTER = "user_code_value = ?";
    private static final String DEVICE_CODE_FILTER = "device_code_value = ?";
    private static final String LOAD_AUTHORIZATION_SQL = "SELECT id, registered_client_id, principal_name, authorization_grant_type, authorized_scopes, attributes, state, authorization_code_value, authorization_code_issued_at, authorization_code_expires_at,authorization_code_metadata,access_token_value,access_token_issued_at,access_token_expires_at,access_token_metadata,access_token_type,access_token_scopes,oidc_id_token_value,oidc_id_token_issued_at,oidc_id_token_expires_at,oidc_id_token_metadata,refresh_token_value,refresh_token_issued_at,refresh_token_expires_at,refresh_token_metadata,user_code_value,user_code_issued_at,user_code_expires_at,user_code_metadata,device_code_value,device_code_issued_at,device_code_expires_at,device_code_metadata FROM oauth2_authorization WHERE ";
    private static final String SAVE_AUTHORIZATION_SQL = "INSERT INTO oauth2_authorization (id, registered_client_id, principal_name, authorization_grant_type, authorized_scopes, attributes, state, authorization_code_value, authorization_code_issued_at, authorization_code_expires_at,authorization_code_metadata,access_token_value,access_token_issued_at,access_token_expires_at,access_token_metadata,access_token_type,access_token_scopes,oidc_id_token_value,oidc_id_token_issued_at,oidc_id_token_expires_at,oidc_id_token_metadata,refresh_token_value,refresh_token_issued_at,refresh_token_expires_at,refresh_token_metadata,user_code_value,user_code_issued_at,user_code_expires_at,user_code_metadata,device_code_value,device_code_issued_at,device_code_expires_at,device_code_metadata) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
    private static final String UPDATE_AUTHORIZATION_SQL = "UPDATE oauth2_authorization SET registered_client_id = ?, principal_name = ?, authorization_grant_type = ?, authorized_scopes = ?, attributes = ?, state = ?, authorization_code_value = ?, authorization_code_issued_at = ?, authorization_code_expires_at = ?, authorization_code_metadata = ?, access_token_value = ?, access_token_issued_at = ?, access_token_expires_at = ?, access_token_metadata = ?, access_token_type = ?, access_token_scopes = ?, oidc_id_token_value = ?, oidc_id_token_issued_at = ?, oidc_id_token_expires_at = ?, oidc_id_token_metadata = ?, refresh_token_value = ?, refresh_token_issued_at = ?, refresh_token_expires_at = ?, refresh_token_metadata = ?, user_code_value = ?, user_code_issued_at = ?, user_code_expires_at = ?, user_code_metadata = ?, device_code_value = ?, device_code_issued_at = ?, device_code_expires_at = ?, device_code_metadata = ? WHERE id = ?";
    private static final String REMOVE_AUTHORIZATION_SQL = "DELETE FROM oauth2_authorization WHERE id = ?";
    private static Map<String, ColumnMetadata> columnMetadataMap;
    private final JdbcOperations jdbcOperations;
    private final LobHandler lobHandler;
    private RowMapper<OAuth2Authorization> authorizationRowMapper;
    private Function<OAuth2Authorization, List<SqlParameterValue>> authorizationParametersMapper;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/spring-security-oauth2-authorization-server-1.3.2.jar:org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService$ColumnMetadata.class */
    public static final class ColumnMetadata {
        private final String columnName;
        private final int dataType;

        private ColumnMetadata(String str, int i) {
            this.columnName = str;
            this.dataType = i;
        }

        private String getColumnName() {
            return this.columnName;
        }

        private int getDataType() {
            return this.dataType;
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/spring-security-oauth2-authorization-server-1.3.2.jar:org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService$JdbcOAuth2AuthorizationServiceRuntimeHintsRegistrar.class */
    static class JdbcOAuth2AuthorizationServiceRuntimeHintsRegistrar implements RuntimeHintsRegistrar {
        JdbcOAuth2AuthorizationServiceRuntimeHintsRegistrar() {
        }

        @Override // org.springframework.aot.hint.RuntimeHintsRegistrar
        public void registerHints(RuntimeHints runtimeHints, ClassLoader classLoader) {
            runtimeHints.resources().registerResource(new ClassPathResource("org/springframework/security/oauth2/server/authorization/oauth2-authorization-schema.sql"));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/spring-security-oauth2-authorization-server-1.3.2.jar:org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService$LobCreatorArgumentPreparedStatementSetter.class */
    public static final class LobCreatorArgumentPreparedStatementSetter extends ArgumentPreparedStatementSetter {
        private final LobCreator lobCreator;

        private LobCreatorArgumentPreparedStatementSetter(LobCreator lobCreator, Object[] objArr) {
            super(objArr);
            this.lobCreator = lobCreator;
        }

        protected void doSetValue(PreparedStatement preparedStatement, int i, Object obj) throws SQLException {
            if (obj instanceof SqlParameterValue) {
                SqlParameterValue sqlParameterValue = (SqlParameterValue) obj;
                if (sqlParameterValue.getSqlType() == 2004) {
                    if (sqlParameterValue.getValue() != null) {
                        Assert.isInstanceOf((Class<?>) byte[].class, sqlParameterValue.getValue(), "Value of blob parameter must be byte[]");
                    }
                    this.lobCreator.setBlobAsBytes(preparedStatement, i, (byte[]) sqlParameterValue.getValue());
                    return;
                }
                if (sqlParameterValue.getSqlType() == 2005) {
                    if (sqlParameterValue.getValue() != null) {
                        Assert.isInstanceOf((Class<?>) String.class, sqlParameterValue.getValue(), "Value of clob parameter must be String");
                    }
                    this.lobCreator.setClobAsString(preparedStatement, i, (String) sqlParameterValue.getValue());
                    return;
                }
            }
            super.doSetValue(preparedStatement, i, obj);
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/spring-security-oauth2-authorization-server-1.3.2.jar:org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService$OAuth2AuthorizationParametersMapper.class */
    public static class OAuth2AuthorizationParametersMapper implements Function<OAuth2Authorization, List<SqlParameterValue>> {
        private ObjectMapper objectMapper = new ObjectMapper();

        public OAuth2AuthorizationParametersMapper() {
            this.objectMapper.registerModules(SecurityJackson2Modules.getModules(JdbcOAuth2AuthorizationService.class.getClassLoader()));
            this.objectMapper.registerModule(new OAuth2AuthorizationServerJackson2Module());
        }

        @Override // java.util.function.Function
        public List<SqlParameterValue> apply(OAuth2Authorization oAuth2Authorization) {
            ArrayList arrayList = new ArrayList();
            arrayList.add(new SqlParameterValue(12, oAuth2Authorization.getId()));
            arrayList.add(new SqlParameterValue(12, oAuth2Authorization.getRegisteredClientId()));
            arrayList.add(new SqlParameterValue(12, oAuth2Authorization.getPrincipalName()));
            arrayList.add(new SqlParameterValue(12, oAuth2Authorization.getAuthorizationGrantType().getValue()));
            String str = null;
            if (!CollectionUtils.isEmpty(oAuth2Authorization.getAuthorizedScopes())) {
                str = StringUtils.collectionToDelimitedString(oAuth2Authorization.getAuthorizedScopes(), ",");
            }
            arrayList.add(new SqlParameterValue(12, str));
            arrayList.add(JdbcOAuth2AuthorizationService.mapToSqlParameter("attributes", writeMap(oAuth2Authorization.getAttributes())));
            String str2 = null;
            String str3 = (String) oAuth2Authorization.getAttribute(OAuth2ParameterNames.STATE);
            if (StringUtils.hasText(str3)) {
                str2 = str3;
            }
            arrayList.add(new SqlParameterValue(12, str2));
            arrayList.addAll(toSqlParameterList("authorization_code_value", "authorization_code_metadata", oAuth2Authorization.getToken(OAuth2AuthorizationCode.class)));
            OAuth2Authorization.Token token = oAuth2Authorization.getToken(OAuth2AccessToken.class);
            arrayList.addAll(toSqlParameterList("access_token_value", "access_token_metadata", token));
            String str4 = null;
            String str5 = null;
            if (token != null) {
                str4 = ((OAuth2AccessToken) token.getToken()).getTokenType().getValue();
                if (!CollectionUtils.isEmpty(((OAuth2AccessToken) token.getToken()).getScopes())) {
                    str5 = StringUtils.collectionToDelimitedString(((OAuth2AccessToken) token.getToken()).getScopes(), ",");
                }
            }
            arrayList.add(new SqlParameterValue(12, str4));
            arrayList.add(new SqlParameterValue(12, str5));
            arrayList.addAll(toSqlParameterList("oidc_id_token_value", "oidc_id_token_metadata", oAuth2Authorization.getToken(OidcIdToken.class)));
            arrayList.addAll(toSqlParameterList("refresh_token_value", "refresh_token_metadata", oAuth2Authorization.getRefreshToken()));
            arrayList.addAll(toSqlParameterList("user_code_value", "user_code_metadata", oAuth2Authorization.getToken(OAuth2UserCode.class)));
            arrayList.addAll(toSqlParameterList("device_code_value", "device_code_metadata", oAuth2Authorization.getToken(OAuth2DeviceCode.class)));
            return arrayList;
        }

        public final void setObjectMapper(ObjectMapper objectMapper) {
            Assert.notNull(objectMapper, "objectMapper cannot be null");
            this.objectMapper = objectMapper;
        }

        protected final ObjectMapper getObjectMapper() {
            return this.objectMapper;
        }

        private <T extends OAuth2Token> List<SqlParameterValue> toSqlParameterList(String str, String str2, OAuth2Authorization.Token<T> token) {
            ArrayList arrayList = new ArrayList();
            String str3 = null;
            Timestamp timestamp = null;
            Timestamp timestamp2 = null;
            String str4 = null;
            if (token != null) {
                str3 = token.getToken().getTokenValue();
                if (token.getToken().getIssuedAt() != null) {
                    timestamp = Timestamp.from(token.getToken().getIssuedAt());
                }
                if (token.getToken().getExpiresAt() != null) {
                    timestamp2 = Timestamp.from(token.getToken().getExpiresAt());
                }
                str4 = writeMap(token.getMetadata());
            }
            arrayList.add(JdbcOAuth2AuthorizationService.mapToSqlParameter(str, str3));
            arrayList.add(new SqlParameterValue(93, timestamp));
            arrayList.add(new SqlParameterValue(93, timestamp2));
            arrayList.add(JdbcOAuth2AuthorizationService.mapToSqlParameter(str2, str4));
            return arrayList;
        }

        private String writeMap(Map<String, Object> map) {
            try {
                return this.objectMapper.writeValueAsString(map);
            } catch (Exception e) {
                throw new IllegalArgumentException(e.getMessage(), e);
            }
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/spring-security-oauth2-authorization-server-1.3.2.jar:org/springframework/security/oauth2/server/authorization/JdbcOAuth2AuthorizationService$OAuth2AuthorizationRowMapper.class */
    public static class OAuth2AuthorizationRowMapper implements RowMapper<OAuth2Authorization> {
        private final RegisteredClientRepository registeredClientRepository;
        private LobHandler lobHandler = new DefaultLobHandler();
        private ObjectMapper objectMapper = new ObjectMapper();

        public OAuth2AuthorizationRowMapper(RegisteredClientRepository registeredClientRepository) {
            Assert.notNull(registeredClientRepository, "registeredClientRepository cannot be null");
            this.registeredClientRepository = registeredClientRepository;
            this.objectMapper.registerModules(SecurityJackson2Modules.getModules(JdbcOAuth2AuthorizationService.class.getClassLoader()));
            this.objectMapper.registerModule(new OAuth2AuthorizationServerJackson2Module());
        }

        /* renamed from: mapRow, reason: merged with bridge method [inline-methods] */
        public OAuth2Authorization m9423mapRow(ResultSet resultSet, int i) throws SQLException {
            String string = resultSet.getString("registered_client_id");
            RegisteredClient findById = this.registeredClientRepository.findById(string);
            if (findById == null) {
                throw new DataRetrievalFailureException("The RegisteredClient with id '" + string + "' was not found in the RegisteredClientRepository.");
            }
            OAuth2Authorization.Builder withRegisteredClient = OAuth2Authorization.withRegisteredClient(findById);
            String string2 = resultSet.getString("id");
            String string3 = resultSet.getString("principal_name");
            String string4 = resultSet.getString("authorization_grant_type");
            Set<String> emptySet = Collections.emptySet();
            String string5 = resultSet.getString("authorized_scopes");
            if (string5 != null) {
                emptySet = StringUtils.commaDelimitedListToSet(string5);
            }
            Map<String, Object> parseMap = parseMap(getLobValue(resultSet, "attributes"));
            withRegisteredClient.id(string2).principalName(string3).authorizationGrantType(new AuthorizationGrantType(string4)).authorizedScopes(emptySet).attributes(map -> {
                map.putAll(parseMap);
            });
            String string6 = resultSet.getString(OAuth2ParameterNames.STATE);
            if (StringUtils.hasText(string6)) {
                withRegisteredClient.attribute(OAuth2ParameterNames.STATE, string6);
            }
            String lobValue = getLobValue(resultSet, "authorization_code_value");
            if (StringUtils.hasText(lobValue)) {
                Instant instant = resultSet.getTimestamp("authorization_code_issued_at").toInstant();
                Instant instant2 = resultSet.getTimestamp("authorization_code_expires_at").toInstant();
                Map<String, Object> parseMap2 = parseMap(getLobValue(resultSet, "authorization_code_metadata"));
                withRegisteredClient.token(new OAuth2AuthorizationCode(lobValue, instant, instant2), map2 -> {
                    map2.putAll(parseMap2);
                });
            }
            String lobValue2 = getLobValue(resultSet, "access_token_value");
            if (StringUtils.hasText(lobValue2)) {
                Instant instant3 = resultSet.getTimestamp("access_token_issued_at").toInstant();
                Instant instant4 = resultSet.getTimestamp("access_token_expires_at").toInstant();
                Map<String, Object> parseMap3 = parseMap(getLobValue(resultSet, "access_token_metadata"));
                OAuth2AccessToken.TokenType tokenType = null;
                if (OAuth2AccessToken.TokenType.BEARER.getValue().equalsIgnoreCase(resultSet.getString("access_token_type"))) {
                    tokenType = OAuth2AccessToken.TokenType.BEARER;
                }
                Set<String> emptySet2 = Collections.emptySet();
                String string7 = resultSet.getString("access_token_scopes");
                if (string7 != null) {
                    emptySet2 = StringUtils.commaDelimitedListToSet(string7);
                }
                withRegisteredClient.token(new OAuth2AccessToken(tokenType, lobValue2, instant3, instant4, emptySet2), map3 -> {
                    map3.putAll(parseMap3);
                });
            }
            String lobValue3 = getLobValue(resultSet, "oidc_id_token_value");
            if (StringUtils.hasText(lobValue3)) {
                Instant instant5 = resultSet.getTimestamp("oidc_id_token_issued_at").toInstant();
                Instant instant6 = resultSet.getTimestamp("oidc_id_token_expires_at").toInstant();
                Map<String, Object> parseMap4 = parseMap(getLobValue(resultSet, "oidc_id_token_metadata"));
                withRegisteredClient.token(new OidcIdToken(lobValue3, instant5, instant6, (Map) parseMap4.get(OAuth2Authorization.Token.CLAIMS_METADATA_NAME)), map4 -> {
                    map4.putAll(parseMap4);
                });
            }
            String lobValue4 = getLobValue(resultSet, "refresh_token_value");
            if (StringUtils.hasText(lobValue4)) {
                Instant instant7 = resultSet.getTimestamp("refresh_token_issued_at").toInstant();
                Instant instant8 = null;
                Timestamp timestamp = resultSet.getTimestamp("refresh_token_expires_at");
                if (timestamp != null) {
                    instant8 = timestamp.toInstant();
                }
                Map<String, Object> parseMap5 = parseMap(getLobValue(resultSet, "refresh_token_metadata"));
                withRegisteredClient.token(new OAuth2RefreshToken(lobValue4, instant7, instant8), map5 -> {
                    map5.putAll(parseMap5);
                });
            }
            String lobValue5 = getLobValue(resultSet, "user_code_value");
            if (StringUtils.hasText(lobValue5)) {
                Instant instant9 = resultSet.getTimestamp("user_code_issued_at").toInstant();
                Instant instant10 = resultSet.getTimestamp("user_code_expires_at").toInstant();
                Map<String, Object> parseMap6 = parseMap(getLobValue(resultSet, "user_code_metadata"));
                withRegisteredClient.token(new OAuth2UserCode(lobValue5, instant9, instant10), map6 -> {
                    map6.putAll(parseMap6);
                });
            }
            String lobValue6 = getLobValue(resultSet, "device_code_value");
            if (StringUtils.hasText(lobValue6)) {
                Instant instant11 = resultSet.getTimestamp("device_code_issued_at").toInstant();
                Instant instant12 = resultSet.getTimestamp("device_code_expires_at").toInstant();
                Map<String, Object> parseMap7 = parseMap(getLobValue(resultSet, "device_code_metadata"));
                withRegisteredClient.token(new OAuth2DeviceCode(lobValue6, instant11, instant12), map7 -> {
                    map7.putAll(parseMap7);
                });
            }
            return withRegisteredClient.build();
        }

        private String getLobValue(ResultSet resultSet, String str) throws SQLException {
            String str2 = null;
            ColumnMetadata columnMetadata = JdbcOAuth2AuthorizationService.columnMetadataMap.get(str);
            if (2004 == columnMetadata.getDataType()) {
                byte[] blobAsBytes = this.lobHandler.getBlobAsBytes(resultSet, str);
                if (blobAsBytes != null) {
                    str2 = new String(blobAsBytes, StandardCharsets.UTF_8);
                }
            } else {
                str2 = 2005 == columnMetadata.getDataType() ? this.lobHandler.getClobAsString(resultSet, str) : resultSet.getString(str);
            }
            return str2;
        }

        public final void setLobHandler(LobHandler lobHandler) {
            Assert.notNull(lobHandler, "lobHandler cannot be null");
            this.lobHandler = lobHandler;
        }

        public final void setObjectMapper(ObjectMapper objectMapper) {
            Assert.notNull(objectMapper, "objectMapper cannot be null");
            this.objectMapper = objectMapper;
        }

        protected final RegisteredClientRepository getRegisteredClientRepository() {
            return this.registeredClientRepository;
        }

        protected final LobHandler getLobHandler() {
            return this.lobHandler;
        }

        protected final ObjectMapper getObjectMapper() {
            return this.objectMapper;
        }

        private Map<String, Object> parseMap(String str) {
            try {
                return (Map) this.objectMapper.readValue(str, new TypeReference<Map<String, Object>>() { // from class: org.springframework.security.oauth2.server.authorization.JdbcOAuth2AuthorizationService.OAuth2AuthorizationRowMapper.1
                });
            } catch (Exception e) {
                throw new IllegalArgumentException(e.getMessage(), e);
            }
        }
    }

    public JdbcOAuth2AuthorizationService(JdbcOperations jdbcOperations, RegisteredClientRepository registeredClientRepository) {
        this(jdbcOperations, registeredClientRepository, new DefaultLobHandler());
    }

    public JdbcOAuth2AuthorizationService(JdbcOperations jdbcOperations, RegisteredClientRepository registeredClientRepository, LobHandler lobHandler) {
        Assert.notNull(jdbcOperations, "jdbcOperations cannot be null");
        Assert.notNull(registeredClientRepository, "registeredClientRepository cannot be null");
        Assert.notNull(lobHandler, "lobHandler cannot be null");
        this.jdbcOperations = jdbcOperations;
        this.lobHandler = lobHandler;
        OAuth2AuthorizationRowMapper oAuth2AuthorizationRowMapper = new OAuth2AuthorizationRowMapper(registeredClientRepository);
        oAuth2AuthorizationRowMapper.setLobHandler(lobHandler);
        this.authorizationRowMapper = oAuth2AuthorizationRowMapper;
        this.authorizationParametersMapper = new OAuth2AuthorizationParametersMapper();
        initColumnMetadata(jdbcOperations);
    }

    @Override // org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService
    public void save(OAuth2Authorization oAuth2Authorization) {
        Assert.notNull(oAuth2Authorization, "authorization cannot be null");
        if (findById(oAuth2Authorization.getId()) == null) {
            insertAuthorization(oAuth2Authorization);
        } else {
            updateAuthorization(oAuth2Authorization);
        }
    }

    private void updateAuthorization(OAuth2Authorization oAuth2Authorization) {
        List<SqlParameterValue> apply = this.authorizationParametersMapper.apply(oAuth2Authorization);
        apply.add(apply.remove(0));
        LobCreator lobCreator = this.lobHandler.getLobCreator();
        try {
            this.jdbcOperations.update(UPDATE_AUTHORIZATION_SQL, new LobCreatorArgumentPreparedStatementSetter(lobCreator, apply.toArray()));
            if (lobCreator != null) {
                lobCreator.close();
            }
        } catch (Throwable th) {
            if (lobCreator != null) {
                try {
                    lobCreator.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void insertAuthorization(OAuth2Authorization oAuth2Authorization) {
        List<SqlParameterValue> apply = this.authorizationParametersMapper.apply(oAuth2Authorization);
        LobCreator lobCreator = this.lobHandler.getLobCreator();
        try {
            this.jdbcOperations.update(SAVE_AUTHORIZATION_SQL, new LobCreatorArgumentPreparedStatementSetter(lobCreator, apply.toArray()));
            if (lobCreator != null) {
                lobCreator.close();
            }
        } catch (Throwable th) {
            if (lobCreator != null) {
                try {
                    lobCreator.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Override // org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService
    public void remove(OAuth2Authorization oAuth2Authorization) {
        Assert.notNull(oAuth2Authorization, "authorization cannot be null");
        this.jdbcOperations.update(REMOVE_AUTHORIZATION_SQL, new ArgumentPreparedStatementSetter(new SqlParameterValue[]{new SqlParameterValue(12, oAuth2Authorization.getId())}));
    }

    @Override // org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService
    @Nullable
    public OAuth2Authorization findById(String str) {
        Assert.hasText(str, "id cannot be empty");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new SqlParameterValue(12, str));
        return findBy(PK_FILTER, arrayList);
    }

    @Override // org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService
    @Nullable
    public OAuth2Authorization findByToken(String str, @Nullable OAuth2TokenType oAuth2TokenType) {
        Assert.hasText(str, "token cannot be empty");
        ArrayList arrayList = new ArrayList();
        if (oAuth2TokenType == null) {
            arrayList.add(new SqlParameterValue(12, str));
            arrayList.add(mapToSqlParameter("authorization_code_value", str));
            arrayList.add(mapToSqlParameter("access_token_value", str));
            arrayList.add(mapToSqlParameter("oidc_id_token_value", str));
            arrayList.add(mapToSqlParameter("refresh_token_value", str));
            arrayList.add(mapToSqlParameter("user_code_value", str));
            arrayList.add(mapToSqlParameter("device_code_value", str));
            return findBy(UNKNOWN_TOKEN_TYPE_FILTER, arrayList);
        }
        if (OAuth2ParameterNames.STATE.equals(oAuth2TokenType.getValue())) {
            arrayList.add(new SqlParameterValue(12, str));
            return findBy(STATE_FILTER, arrayList);
        }
        if ("code".equals(oAuth2TokenType.getValue())) {
            arrayList.add(mapToSqlParameter("authorization_code_value", str));
            return findBy(AUTHORIZATION_CODE_FILTER, arrayList);
        }
        if (OAuth2TokenType.ACCESS_TOKEN.equals(oAuth2TokenType)) {
            arrayList.add(mapToSqlParameter("access_token_value", str));
            return findBy(ACCESS_TOKEN_FILTER, arrayList);
        }
        if (OidcParameterNames.ID_TOKEN.equals(oAuth2TokenType.getValue())) {
            arrayList.add(mapToSqlParameter("oidc_id_token_value", str));
            return findBy(ID_TOKEN_FILTER, arrayList);
        }
        if (OAuth2TokenType.REFRESH_TOKEN.equals(oAuth2TokenType)) {
            arrayList.add(mapToSqlParameter("refresh_token_value", str));
            return findBy(REFRESH_TOKEN_FILTER, arrayList);
        }
        if (OAuth2ParameterNames.USER_CODE.equals(oAuth2TokenType.getValue())) {
            arrayList.add(mapToSqlParameter("user_code_value", str));
            return findBy(USER_CODE_FILTER, arrayList);
        }
        if (!OAuth2ParameterNames.DEVICE_CODE.equals(oAuth2TokenType.getValue())) {
            return null;
        }
        arrayList.add(mapToSqlParameter("device_code_value", str));
        return findBy(DEVICE_CODE_FILTER, arrayList);
    }

    private OAuth2Authorization findBy(String str, List<SqlParameterValue> list) {
        LobCreator lobCreator = getLobHandler().getLobCreator();
        try {
            List query = getJdbcOperations().query("SELECT id, registered_client_id, principal_name, authorization_grant_type, authorized_scopes, attributes, state, authorization_code_value, authorization_code_issued_at, authorization_code_expires_at,authorization_code_metadata,access_token_value,access_token_issued_at,access_token_expires_at,access_token_metadata,access_token_type,access_token_scopes,oidc_id_token_value,oidc_id_token_issued_at,oidc_id_token_expires_at,oidc_id_token_metadata,refresh_token_value,refresh_token_issued_at,refresh_token_expires_at,refresh_token_metadata,user_code_value,user_code_issued_at,user_code_expires_at,user_code_metadata,device_code_value,device_code_issued_at,device_code_expires_at,device_code_metadata FROM oauth2_authorization WHERE " + str, new LobCreatorArgumentPreparedStatementSetter(lobCreator, list.toArray()), getAuthorizationRowMapper());
            OAuth2Authorization oAuth2Authorization = !query.isEmpty() ? (OAuth2Authorization) query.get(0) : null;
            if (lobCreator != null) {
                lobCreator.close();
            }
            return oAuth2Authorization;
        } catch (Throwable th) {
            if (lobCreator != null) {
                try {
                    lobCreator.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    public final void setAuthorizationRowMapper(RowMapper<OAuth2Authorization> rowMapper) {
        Assert.notNull(rowMapper, "authorizationRowMapper cannot be null");
        this.authorizationRowMapper = rowMapper;
    }

    public final void setAuthorizationParametersMapper(Function<OAuth2Authorization, List<SqlParameterValue>> function) {
        Assert.notNull(function, "authorizationParametersMapper cannot be null");
        this.authorizationParametersMapper = function;
    }

    protected final JdbcOperations getJdbcOperations() {
        return this.jdbcOperations;
    }

    protected final LobHandler getLobHandler() {
        return this.lobHandler;
    }

    protected final RowMapper<OAuth2Authorization> getAuthorizationRowMapper() {
        return this.authorizationRowMapper;
    }

    protected final Function<OAuth2Authorization, List<SqlParameterValue>> getAuthorizationParametersMapper() {
        return this.authorizationParametersMapper;
    }

    private static void initColumnMetadata(JdbcOperations jdbcOperations) {
        columnMetadataMap = new HashMap();
        ColumnMetadata columnMetadata = getColumnMetadata(jdbcOperations, "attributes", ErrorCode.TABLE_DENY);
        columnMetadataMap.put(columnMetadata.getColumnName(), columnMetadata);
        ColumnMetadata columnMetadata2 = getColumnMetadata(jdbcOperations, "authorization_code_value", ErrorCode.TABLE_DENY);
        columnMetadataMap.put(columnMetadata2.getColumnName(), columnMetadata2);
        ColumnMetadata columnMetadata3 = getColumnMetadata(jdbcOperations, "authorization_code_metadata", ErrorCode.TABLE_DENY);
        columnMetadataMap.put(columnMetadata3.getColumnName(), columnMetadata3);
        ColumnMetadata columnMetadata4 = getColumnMetadata(jdbcOperations, "access_token_value", ErrorCode.TABLE_DENY);
        columnMetadataMap.put(columnMetadata4.getColumnName(), columnMetadata4);
        ColumnMetadata columnMetadata5 = getColumnMetadata(jdbcOperations, "access_token_metadata", ErrorCode.TABLE_DENY);
        columnMetadataMap.put(columnMetadata5.getColumnName(), columnMetadata5);
        ColumnMetadata columnMetadata6 = getColumnMetadata(jdbcOperations, "oidc_id_token_value", ErrorCode.TABLE_DENY);
        columnMetadataMap.put(columnMetadata6.getColumnName(), columnMetadata6);
        ColumnMetadata columnMetadata7 = getColumnMetadata(jdbcOperations, "oidc_id_token_metadata", ErrorCode.TABLE_DENY);
        columnMetadataMap.put(columnMetadata7.getColumnName(), columnMetadata7);
        ColumnMetadata columnMetadata8 = getColumnMetadata(jdbcOperations, "refresh_token_value", ErrorCode.TABLE_DENY);
        columnMetadataMap.put(columnMetadata8.getColumnName(), columnMetadata8);
        ColumnMetadata columnMetadata9 = getColumnMetadata(jdbcOperations, "refresh_token_metadata", ErrorCode.TABLE_DENY);
        columnMetadataMap.put(columnMetadata9.getColumnName(), columnMetadata9);
        ColumnMetadata columnMetadata10 = getColumnMetadata(jdbcOperations, "user_code_value", ErrorCode.TABLE_DENY);
        columnMetadataMap.put(columnMetadata10.getColumnName(), columnMetadata10);
        ColumnMetadata columnMetadata11 = getColumnMetadata(jdbcOperations, "user_code_metadata", ErrorCode.TABLE_DENY);
        columnMetadataMap.put(columnMetadata11.getColumnName(), columnMetadata11);
        ColumnMetadata columnMetadata12 = getColumnMetadata(jdbcOperations, "device_code_value", ErrorCode.TABLE_DENY);
        columnMetadataMap.put(columnMetadata12.getColumnName(), columnMetadata12);
        ColumnMetadata columnMetadata13 = getColumnMetadata(jdbcOperations, "device_code_metadata", ErrorCode.TABLE_DENY);
        columnMetadataMap.put(columnMetadata13.getColumnName(), columnMetadata13);
    }

    private static ColumnMetadata getColumnMetadata(JdbcOperations jdbcOperations, String str, int i) {
        Integer num = (Integer) jdbcOperations.execute(connection -> {
            DatabaseMetaData metaData = connection.getMetaData();
            ResultSet columns = metaData.getColumns(null, null, TABLE_NAME, str);
            if (columns.next()) {
                return Integer.valueOf(columns.getInt("DATA_TYPE"));
            }
            ResultSet columns2 = metaData.getColumns(null, null, TABLE_NAME.toUpperCase(), str.toUpperCase());
            if (columns2.next()) {
                return Integer.valueOf(columns2.getInt("DATA_TYPE"));
            }
            return null;
        });
        return new ColumnMetadata(str, num != null ? num.intValue() : i);
    }

    private static SqlParameterValue mapToSqlParameter(String str, String str2) {
        ColumnMetadata columnMetadata = columnMetadataMap.get(str);
        return (2004 == columnMetadata.getDataType() && StringUtils.hasText(str2)) ? new SqlParameterValue(ErrorCode.TABLE_DENY, str2.getBytes(StandardCharsets.UTF_8)) : new SqlParameterValue(columnMetadata.getDataType(), str2);
    }
}
