package com.cloudseal.client.spring.namespace;

import com.cloudseal.client.spring.CloudsealAuthenticationFilter;
import com.cloudseal.client.spring.CloudsealAuthenticationProvider;
import com.cloudseal.client.spring.CloudsealEntryPoint;
import com.cloudseal.client.spring.CloudsealLogoutSuccessHandler;
import com.cloudseal.client.spring.CloudsealManagerImpl;
import java.util.List;
import org.springframework.beans.MutablePropertyValues;
import org.springframework.beans.PropertyValue;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.beans.factory.config.BeanReference;
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
import org.springframework.beans.factory.support.BeanDefinitionRegistry;
import org.springframework.beans.factory.support.ManagedList;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.util.xml.DomUtils;
import org.w3c.dom.Element;

/* loaded from: input_file:com/cloudseal/client/spring/namespace/CloudsealBeanDefinitionParserInstance.class */
public class CloudsealBeanDefinitionParserInstance extends AbstractCloudsealParser {
    private static final String SPRING_AUTH_MANAGER_ID = "org.springframework.security.authenticationManager";
    private static final String ROOT_ENTRY_POINT_ID_ATTRIBUTE = "entry-point-id";
    private static final String ROOT_APP_ID_ATTRIBUTE = "app-id";
    private static final String ROOT_USER_DETAILS_SERVICE_REF_ATTRIBUTE = "user-details-service-ref";
    private static final String AUTHENTICATION_PROVIDER_NODE = "authentication-provider";
    private static final String AUTHENTICATION_PROVIDER_ID_ATTRIBUTE = "id";
    private static final String KEYSTORE_NODE = "keystore";
    private static final String LOCATION_ATTRIBUTE = "location";
    private static final String PASSWORD_ATTRIBUTE = "password";
    private static final String KEY = "key";
    private static final String NAME_ATTRIBUTE = "name";
    private static final String IDP_NODE = "idp";

    public CloudsealBeanDefinitionParserInstance(Element element, ParserContext parserContext) {
        super(element, parserContext);
        parse();
    }

    private void parse() {
        BeanDefinition createCloudsealManager = createCloudsealManager();
        createAndRegisterEntryPoint(createCloudsealManager);
        BeanDefinition createCloudsealFilter = createCloudsealFilter(createOrUpdateAuthenticationManager(createAuthenticationProvider(createCloudsealManager)));
        registerBean(createCloudsealFilter, "cloudsealFilter");
        createSecurityFilterChain(createCloudsealFilter, createLogoutIfRequired(this.rootNode));
    }

    private BeanDefinition createLogoutIfRequired(Element element) {
        if (DomUtils.getChildElementByTagName(element, "logout") == null) {
            return null;
        }
        BeanDefinitionBuilder createBean = createBean(CloudsealLogoutSuccessHandler.class);
        registerBean(createBean, "cloudsealLogoutHandler");
        BeanDefinition createLogoutFilter = createLogoutFilter(createBean.getBeanDefinition());
        registerBean(createLogoutFilter);
        return createLogoutFilter;
    }

    private BeanDefinition createCloudsealFilter(BeanDefinition beanDefinition) {
        BeanDefinitionBuilder createBean = createBean(CloudsealAuthenticationFilter.class);
        createBean.addPropertyValue("authenticationManager", beanDefinition);
        return createBean.getBeanDefinition();
    }

    private BeanDefinition createAuthenticationProvider(BeanDefinition beanDefinition) {
        BeanDefinitionBuilder createBean = createBean(CloudsealAuthenticationProvider.class);
        createBean.addPropertyValue("cloudsealManager", beanDefinition);
        String attribute = getAttribute(ROOT_USER_DETAILS_SERVICE_REF_ATTRIBUTE);
        if (attribute != null && attribute.length() > 0) {
            createBean.addPropertyReference("userDetailsService", attribute);
        }
        return createBean.getBeanDefinition();
    }

    private BeanDefinition createOrUpdateAuthenticationManager(BeanDefinition beanDefinition) {
        Element childElementByTagName = DomUtils.getChildElementByTagName(this.rootNode, AUTHENTICATION_PROVIDER_NODE);
        if (childElementByTagName != null) {
            String requiredAttribute = getRequiredAttribute(childElementByTagName, AUTHENTICATION_PROVIDER_ID_ATTRIBUTE);
            if (!requiredAttribute.trim().isEmpty()) {
                registerBean(beanDefinition, requiredAttribute);
            }
        }
        BeanDefinitionRegistry registry = this.parserContext.getRegistry();
        if (!registry.containsBeanDefinition(SPRING_AUTH_MANAGER_ID)) {
            return createAuthenticationManager(beanDefinition);
        }
        BeanDefinition beanDefinition2 = registry.getBeanDefinition(SPRING_AUTH_MANAGER_ID);
        MutablePropertyValues propertyValues = beanDefinition2.getPropertyValues();
        PropertyValue propertyValue = propertyValues.getPropertyValue("providers");
        if (propertyValue == null) {
            ManagedList managedList = new ManagedList();
            managedList.add(beanDefinition);
            propertyValues.addPropertyValue("providers", managedList);
        } else {
            ((ManagedList) propertyValue.getValue()).add(beanDefinition);
        }
        return beanDefinition2;
    }

    private BeanDefinition createAndRegisterEntryPoint(BeanDefinition beanDefinition) {
        BeanDefinitionBuilder createBean = createBean(CloudsealEntryPoint.class);
        createBean.addPropertyValue("cloudsealManager", beanDefinition);
        return registerBean(createBean, getRequiredAttribute(this.rootNode, ROOT_ENTRY_POINT_ID_ATTRIBUTE));
    }

    private BeanDefinition createCloudsealManager() {
        Element requiredElement = getRequiredElement(this.rootNode, KEYSTORE_NODE);
        Element requiredElement2 = getRequiredElement(requiredElement, KEY);
        String requiredAttribute = getRequiredAttribute(getRequiredElement(this.rootNode, IDP_NODE), LOCATION_ATTRIBUTE);
        String requiredAttribute2 = getRequiredAttribute(requiredElement, LOCATION_ATTRIBUTE);
        String requiredAttribute3 = getRequiredAttribute(requiredElement, PASSWORD_ATTRIBUTE);
        String attribute = getAttribute("appId");
        BeanDefinitionBuilder createBean = createBean(CloudsealManagerImpl.class);
        createBean.addPropertyValue(KEYSTORE_NODE, requiredAttribute2);
        createBean.addPropertyValue("keystorePassword", requiredAttribute3);
        createBean.addPropertyValue("idpXml", requiredAttribute);
        createBean.addPropertyValue("appId", attribute);
        String requiredAttribute4 = getRequiredAttribute(requiredElement2, NAME_ATTRIBUTE);
        String requiredAttribute5 = getRequiredAttribute(requiredElement2, PASSWORD_ATTRIBUTE);
        createBean.addPropertyValue("keyName", requiredAttribute4);
        createBean.addPropertyValue("keyPassword", requiredAttribute5);
        return registerBean(createBean);
    }

    private BeanDefinition createAuthenticationManager(BeanDefinition beanDefinition) {
        ManagedList managedList = new ManagedList();
        managedList.add(beanDefinition);
        BeanDefinitionBuilder rootBeanDefinition = BeanDefinitionBuilder.rootBeanDefinition(ProviderManager.class);
        rootBeanDefinition.addPropertyValue("providers", managedList);
        return registerBean(rootBeanDefinition, SPRING_AUTH_MANAGER_ID);
    }

    private BeanDefinition createLogoutFilter(BeanDefinition beanDefinition) {
        BeanDefinitionBuilder createBean = createBean(SecurityContextLogoutHandler.class);
        registerBean(createBean);
        BeanDefinitionBuilder createBean2 = createBean(LogoutFilter.class);
        createBean2.addConstructorArgValue(beanDefinition);
        createBean2.addConstructorArgValue(createBean.getBeanDefinition());
        createBean2.addPropertyValue("filterProcessesUrl", "/cloudseal_acs/logout.jsonp");
        return createBean2.getBeanDefinition();
    }

    private void createSecurityFilterChain(BeanDefinition beanDefinition, BeanDefinition beanDefinition2) {
        ManagedList managedList = (ManagedList) this.parserContext.getRegistry().getBeanDefinition(((BeanReference) ((List) this.parserContext.getRegistry().getBeanDefinition("org.springframework.security.filterChains").getPropertyValues().getPropertyValue("sourceList").getValue()).get(0)).getBeanName()).getConstructorArgumentValues().getIndexedArgumentValue(1, ManagedList.class).getValue();
        if (beanDefinition2 != null) {
            managedList.add(0, beanDefinition2);
        }
        managedList.add(getBeanIndexToAddAfter(managedList, "^org\\.springframework\\.security\\.web\\.context\\."), beanDefinition);
    }
}
