package de.digitalcollections.cudami.admin.config;

import de.digitalcollections.cudami.model.api.security.enums.Role;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configurers.provisioning.InMemoryUserDetailsManagerConfigurer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
import org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;

@Configuration
/* loaded from: input_file:BOOT-INF/classes/de/digitalcollections/cudami/admin/config/SpringConfigSecurity.class */
public class SpringConfigSecurity extends WebSecurityConfigurerAdapter {

    @Value("${spring.security.user.name}")
    private String actuatorUsername;

    @Value("${spring.security.user.password}")
    private String actuatorPassword;

    @Autowired(required = true)
    PersistentTokenRepository persistentTokenRepository;

    @Autowired(required = true)
    private UserDetailsService userDetailsService;

    /* JADX WARN: Multi-variable type inference failed */
    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        ((AuthenticationManagerBuilder) ((InMemoryUserDetailsManagerConfigurer) authenticationManagerBuilder.inMemoryAuthentication().passwordEncoder(passwordEncoderDummy())).withUser(User.withUsername(this.actuatorUsername).password(this.actuatorPassword).roles("ACTUATOR")).and()).authenticationProvider(authProvider());
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        ((HttpSecurity) httpSecurity.authorizeRequests().requestMatchers(EndpointRequest.to("info", "health")).permitAll().requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("ACTUATOR").and()).httpBasic();
        httpSecurity.authorizeRequests().requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll().antMatchers("/api/**", "/setup/**").permitAll();
        ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) httpSecurity.authorizeRequests().antMatchers("/users/**").hasAnyAuthority(Role.ADMIN.getAuthority()).anyRequest().authenticated().and()).formLogin().loginPage(DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL).permitAll().and()).logout().logoutUrl("/logout").permitAll().and()).rememberMe().tokenRepository(this.persistentTokenRepository).tokenValiditySeconds(AbstractRememberMeServices.TWO_WEEKS_S);
    }

    @Bean
    public AuthenticationProvider authProvider() {
        DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
        daoAuthenticationProvider.setPasswordEncoder(new BCryptPasswordEncoder());
        daoAuthenticationProvider.setUserDetailsService(this.userDetailsService);
        return daoAuthenticationProvider;
    }

    private PasswordEncoder passwordEncoderDummy() {
        return new PasswordEncoder() { // from class: de.digitalcollections.cudami.admin.config.SpringConfigSecurity.1
            @Override // org.springframework.security.crypto.password.PasswordEncoder
            public String encode(CharSequence charSequence) {
                return charSequence.toString();
            }

            @Override // org.springframework.security.crypto.password.PasswordEncoder
            public boolean matches(CharSequence charSequence, String str) {
                return charSequence.toString().equals(str);
            }
        };
    }

    @Bean
    public PersistentTokenRepository persistentTokenRepository() {
        return new InMemoryTokenRepositoryImpl();
    }
}
