package io.mosaicboot.core.auth.config;

import com.fasterxml.jackson.databind.ObjectMapper;
import io.mosaicboot.core.auth.controller.AuthController;
import io.mosaicboot.core.auth.service.AuthTokenService;
import io.mosaicboot.core.auth.service.AuthenticationService;
import io.mosaicboot.core.auth.service.CredentialService;
import io.mosaicboot.core.repository.AuthenticationRepositoryBase;
import io.mosaicboot.core.repository.TenantUserRepositoryBase;
import io.mosaicboot.core.repository.UserRepositoryBase;
import io.mosaicboot.core.user.auth.MosaicAuthenticationHandler;
import io.mosaicboot.core.user.auth.MosaicCookieAuthFilter;
import io.mosaicboot.core.user.auth.MosaicCredentialHandler;
import io.mosaicboot.core.user.auth.MosaicSha256CredentialHandler;
import io.mosaicboot.core.user.service.AuditService;
import io.mosaicboot.core.user.service.MosaicOAuth2UserService;
import io.mosaicboot.core.user.service.UserService;
import java.util.List;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.http.HttpStatus;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.config.annotation.web.configurers.CsrfConfigurer;
import org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer;
import org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer;
import org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer;
import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer;
import org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer;
import org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer;
import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.HttpStatusEntryPoint;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

/* compiled from: MosaicAuthConfig.kt */
@EnableConfigurationProperties({MosaicAuthProperties.class})
@Configuration(proxyBeanMethods = false)
@Metadata(mv = {1, 9, 0}, k = 1, xi = 48, d1 = {"��x\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010 \n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\b\u0017\u0018��2\u00020\u0001:\u0001&B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J,\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\b2\u0006\u0010\t\u001a\u00020\n2\u0006\u0010\u000b\u001a\u00020\f2\n\b\u0001\u0010\r\u001a\u0004\u0018\u00010\u000eH\u0017J\u0018\u0010\t\u001a\u00020\n2\u0006\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\u0012H\u0017JD\u0010\u0007\u001a\u00020\b2\n\u0010\u0013\u001a\u0006\u0012\u0002\b\u00030\u00142\n\u0010\u0015\u001a\u0006\u0012\u0002\b\u00030\u00162\n\u0010\u0017\u001a\u0006\u0012\u0002\b\u00030\u00182\u0006\u0010\u0019\u001a\u00020\u001a2\u0006\u0010\u001b\u001a\u00020\u001c2\u0006\u0010\u000f\u001a\u00020\u0010H\u0017J\u001e\u0010\u0019\u001a\u00020\u001a2\f\u0010\u001d\u001a\b\u0012\u0004\u0012\u00020\u001f0\u001e2\u0006\u0010\u000f\u001a\u00020\u0010H\u0017J&\u0010 \u001a\b\u0012\u0004\u0012\u00020\"0!2\u0006\u0010\u0002\u001a\u00020\u00032\u0006\u0010\t\u001a\u00020\n2\u0006\u0010\u000f\u001a\u00020\u0010H\u0017J\u001e\u0010\u000b\u001a\u00020\f2\u0006\u0010\u0002\u001a\u00020\u00032\f\u0010#\u001a\b\u0012\u0004\u0012\u00020\"0!H\u0017J\b\u0010$\u001a\u00020%H\u0017R\u000e\u0010\u0002\u001a\u00020\u0003X\u0092\u0004¢\u0006\u0002\n��¨\u0006'"}, d2 = {"Lio/mosaicboot/core/auth/config/MosaicAuthConfig;", "", "mosaicAuthProperties", "Lio/mosaicboot/core/auth/config/MosaicAuthProperties;", "(Lio/mosaicboot/core/auth/config/MosaicAuthProperties;)V", "authController", "Lio/mosaicboot/core/auth/controller/AuthController;", "authenticationService", "Lio/mosaicboot/core/auth/service/AuthenticationService;", "authTokenService", "Lio/mosaicboot/core/auth/service/AuthTokenService;", "mosaicAuthenticationHandler", "Lio/mosaicboot/core/user/auth/MosaicAuthenticationHandler;", "mosaicOAuth2UserService", "Lio/mosaicboot/core/user/service/MosaicOAuth2UserService;", "objectMapper", "Lcom/fasterxml/jackson/databind/ObjectMapper;", "userService", "Lio/mosaicboot/core/user/service/UserService;", "authenticationRepository", "Lio/mosaicboot/core/repository/AuthenticationRepositoryBase;", "userRepository", "Lio/mosaicboot/core/repository/UserRepositoryBase;", "tenantUserRepository", "Lio/mosaicboot/core/repository/TenantUserRepositoryBase;", "credentialService", "Lio/mosaicboot/core/auth/service/CredentialService;", "auditService", "Lio/mosaicboot/core/user/service/AuditService;", "credentialHandlers", "", "Lio/mosaicboot/core/user/auth/MosaicCredentialHandler;", "mosaicAuthFilter", "Lorg/springframework/boot/web/servlet/FilterRegistrationBean;", "Lio/mosaicboot/core/user/auth/MosaicCookieAuthFilter;", "mosaicCookieAuthFilter", "mosaicSha256CredentialHandler", "Lio/mosaicboot/core/user/auth/MosaicSha256CredentialHandler;", "WebConfig", "mosaic-boot-core"})
@ConditionalOnProperty(prefix = "mosaic.auth", name = {"enabled"}, havingValue = "true", matchIfMissing = true)
@Import({MosaicOAuth2Config.class})
/* loaded from: input_file:io/mosaicboot/core/auth/config/MosaicAuthConfig.class */
public class MosaicAuthConfig {

    @NotNull
    private final MosaicAuthProperties mosaicAuthProperties;

    /* compiled from: MosaicAuthConfig.kt */
    @Configuration(proxyBeanMethods = true)
    @Metadata(mv = {1, 9, 0}, k = 1, xi = 48, d1 = {"��$\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\b\u0017\u0018��2\u00020\u0001B\u0015\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005¢\u0006\u0002\u0010\u0006J\u0010\u0010\u0007\u001a\u00020\b2\u0006\u0010\t\u001a\u00020\nH\u0017R\u000e\u0010\u0002\u001a\u00020\u0003X\u0092\u0004¢\u0006\u0002\n��R\u000e\u0010\u0004\u001a\u00020\u0005X\u0092\u0004¢\u0006\u0002\n��¨\u0006\u000b"}, d2 = {"Lio/mosaicboot/core/auth/config/MosaicAuthConfig$WebConfig;", "Lorg/springframework/web/servlet/config/annotation/WebMvcConfigurer;", "mosaicAuthProperties", "Lio/mosaicboot/core/auth/config/MosaicAuthProperties;", "mosaicAuthenticationHandler", "Lio/mosaicboot/core/user/auth/MosaicAuthenticationHandler;", "(Lio/mosaicboot/core/auth/config/MosaicAuthProperties;Lio/mosaicboot/core/user/auth/MosaicAuthenticationHandler;)V", "mosaicAuthSecurityFilterChain", "Lorg/springframework/security/web/SecurityFilterChain;", "http", "Lorg/springframework/security/config/annotation/web/builders/HttpSecurity;", "mosaic-boot-core"})
    /* loaded from: input_file:io/mosaicboot/core/auth/config/MosaicAuthConfig$WebConfig.class */
    public static class WebConfig implements WebMvcConfigurer {

        @NotNull
        private final MosaicAuthProperties mosaicAuthProperties;

        @NotNull
        private final MosaicAuthenticationHandler mosaicAuthenticationHandler;

        public WebConfig(@NotNull MosaicAuthProperties mosaicAuthProperties, @NotNull MosaicAuthenticationHandler mosaicAuthenticationHandler) {
            Intrinsics.checkNotNullParameter(mosaicAuthProperties, "mosaicAuthProperties");
            Intrinsics.checkNotNullParameter(mosaicAuthenticationHandler, "mosaicAuthenticationHandler");
            this.mosaicAuthProperties = mosaicAuthProperties;
            this.mosaicAuthenticationHandler = mosaicAuthenticationHandler;
        }

        @Bean
        @NotNull
        public SecurityFilterChain mosaicAuthSecurityFilterChain(@NotNull HttpSecurity httpSecurity) {
            Intrinsics.checkNotNullParameter(httpSecurity, "http");
            httpSecurity.securityMatcher(new String[]{this.mosaicAuthProperties.getApi().getPath() + "/**"}).sessionManagement(WebConfig::mosaicAuthSecurityFilterChain$lambda$0).securityContext(WebConfig::mosaicAuthSecurityFilterChain$lambda$1).anonymous(WebConfig::mosaicAuthSecurityFilterChain$lambda$2).httpBasic(WebConfig::mosaicAuthSecurityFilterChain$lambda$3).formLogin(WebConfig::mosaicAuthSecurityFilterChain$lambda$4).csrf(WebConfig::mosaicAuthSecurityFilterChain$lambda$5).oauth2Login(WebConfig::mosaicAuthSecurityFilterChain$lambda$6).authorizeHttpRequests((v1) -> {
                mosaicAuthSecurityFilterChain$lambda$7(r1, v1);
            }).logout((v1) -> {
                mosaicAuthSecurityFilterChain$lambda$9(r1, v1);
            }).exceptionHandling(WebConfig::mosaicAuthSecurityFilterChain$lambda$10);
            Object build = httpSecurity.build();
            Intrinsics.checkNotNullExpressionValue(build, "build(...)");
            return (SecurityFilterChain) build;
        }

        private static final void mosaicAuthSecurityFilterChain$lambda$0(SessionManagementConfigurer sessionManagementConfigurer) {
            sessionManagementConfigurer.disable();
        }

        private static final void mosaicAuthSecurityFilterChain$lambda$1(SecurityContextConfigurer securityContextConfigurer) {
            securityContextConfigurer.disable();
        }

        private static final void mosaicAuthSecurityFilterChain$lambda$2(AnonymousConfigurer anonymousConfigurer) {
            anonymousConfigurer.disable();
        }

        private static final void mosaicAuthSecurityFilterChain$lambda$3(HttpBasicConfigurer httpBasicConfigurer) {
            httpBasicConfigurer.disable();
        }

        private static final void mosaicAuthSecurityFilterChain$lambda$4(FormLoginConfigurer formLoginConfigurer) {
            formLoginConfigurer.disable();
        }

        private static final void mosaicAuthSecurityFilterChain$lambda$5(CsrfConfigurer csrfConfigurer) {
            csrfConfigurer.disable();
        }

        private static final void mosaicAuthSecurityFilterChain$lambda$6(OAuth2LoginConfigurer oAuth2LoginConfigurer) {
            oAuth2LoginConfigurer.disable();
        }

        private static final void mosaicAuthSecurityFilterChain$lambda$7(WebConfig webConfig, AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry authorizationManagerRequestMatcherRegistry) {
            Intrinsics.checkNotNullParameter(webConfig, "this$0");
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers(new String[]{webConfig.mosaicAuthProperties.getApi().getPath() + "/current"})).authenticated();
        }

        private static final void mosaicAuthSecurityFilterChain$lambda$9(WebConfig webConfig, LogoutConfigurer logoutConfigurer) {
            Intrinsics.checkNotNullParameter(webConfig, "this$0");
            LogoutConfigurer addLogoutHandler = logoutConfigurer.logoutUrl(webConfig.mosaicAuthProperties.getApi().getPath() + "/logout").addLogoutHandler(webConfig.mosaicAuthenticationHandler);
            LogoutSuccessHandler simpleUrlLogoutSuccessHandler = new SimpleUrlLogoutSuccessHandler();
            simpleUrlLogoutSuccessHandler.setTargetUrlParameter("finish_to");
            addLogoutHandler.logoutSuccessHandler(simpleUrlLogoutSuccessHandler);
        }

        private static final void mosaicAuthSecurityFilterChain$lambda$10(ExceptionHandlingConfigurer exceptionHandlingConfigurer) {
            exceptionHandlingConfigurer.authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED));
        }
    }

    public MosaicAuthConfig(@NotNull MosaicAuthProperties mosaicAuthProperties) {
        Intrinsics.checkNotNullParameter(mosaicAuthProperties, "mosaicAuthProperties");
        this.mosaicAuthProperties = mosaicAuthProperties;
    }

    @Bean
    @NotNull
    public MosaicSha256CredentialHandler mosaicSha256CredentialHandler() {
        return new MosaicSha256CredentialHandler();
    }

    @Bean
    @NotNull
    public AuthTokenService authTokenService(@NotNull ObjectMapper objectMapper, @NotNull UserService userService) {
        Intrinsics.checkNotNullParameter(objectMapper, "objectMapper");
        Intrinsics.checkNotNullParameter(userService, "userService");
        return new AuthTokenService(this.mosaicAuthProperties, objectMapper, userService);
    }

    @Bean
    @NotNull
    public CredentialService credentialService(@NotNull List<? extends MosaicCredentialHandler> list, @NotNull ObjectMapper objectMapper) {
        Intrinsics.checkNotNullParameter(list, "credentialHandlers");
        Intrinsics.checkNotNullParameter(objectMapper, "objectMapper");
        return new CredentialService(list, objectMapper);
    }

    @Bean
    @NotNull
    public AuthenticationService authenticationService(@NotNull AuthenticationRepositoryBase<?> authenticationRepositoryBase, @NotNull UserRepositoryBase<?> userRepositoryBase, @NotNull TenantUserRepositoryBase<?> tenantUserRepositoryBase, @NotNull CredentialService credentialService, @NotNull AuditService auditService, @NotNull ObjectMapper objectMapper) {
        Intrinsics.checkNotNullParameter(authenticationRepositoryBase, "authenticationRepository");
        Intrinsics.checkNotNullParameter(userRepositoryBase, "userRepository");
        Intrinsics.checkNotNullParameter(tenantUserRepositoryBase, "tenantUserRepository");
        Intrinsics.checkNotNullParameter(credentialService, "credentialService");
        Intrinsics.checkNotNullParameter(auditService, "auditService");
        Intrinsics.checkNotNullParameter(objectMapper, "objectMapper");
        return new AuthenticationService(authenticationRepositoryBase, userRepositoryBase, tenantUserRepositoryBase, credentialService, auditService, objectMapper);
    }

    @Bean
    @NotNull
    public FilterRegistrationBean<MosaicCookieAuthFilter> mosaicAuthFilter(@NotNull MosaicAuthProperties mosaicAuthProperties, @NotNull AuthTokenService authTokenService, @NotNull ObjectMapper objectMapper) {
        Intrinsics.checkNotNullParameter(mosaicAuthProperties, "mosaicAuthProperties");
        Intrinsics.checkNotNullParameter(authTokenService, "authTokenService");
        Intrinsics.checkNotNullParameter(objectMapper, "objectMapper");
        FilterRegistrationBean<MosaicCookieAuthFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new MosaicCookieAuthFilter(mosaicAuthProperties, authTokenService, objectMapper));
        filterRegistrationBean.setOrder(-101);
        return filterRegistrationBean;
    }

    @ConditionalOnProperty(prefix = "mosaic.auth.api", name = {"enabled"}, havingValue = "true", matchIfMissing = true)
    @Bean
    @NotNull
    public AuthController authController(@NotNull AuthenticationService authenticationService, @NotNull AuthTokenService authTokenService, @NotNull MosaicAuthenticationHandler mosaicAuthenticationHandler, @Autowired(required = false) @Nullable MosaicOAuth2UserService mosaicOAuth2UserService) {
        Intrinsics.checkNotNullParameter(authenticationService, "authenticationService");
        Intrinsics.checkNotNullParameter(authTokenService, "authTokenService");
        Intrinsics.checkNotNullParameter(mosaicAuthenticationHandler, "mosaicAuthenticationHandler");
        return new AuthController(authenticationService, authTokenService, mosaicAuthenticationHandler, mosaicOAuth2UserService);
    }

    @Bean
    @NotNull
    public MosaicAuthenticationHandler mosaicAuthenticationHandler(@NotNull MosaicAuthProperties mosaicAuthProperties, @NotNull FilterRegistrationBean<MosaicCookieAuthFilter> filterRegistrationBean) {
        Intrinsics.checkNotNullParameter(mosaicAuthProperties, "mosaicAuthProperties");
        Intrinsics.checkNotNullParameter(filterRegistrationBean, "mosaicCookieAuthFilter");
        MosaicCookieAuthFilter filter = filterRegistrationBean.getFilter();
        Intrinsics.checkNotNullExpressionValue(filter, "getFilter(...)");
        return new MosaicAuthenticationHandler(mosaicAuthProperties, filter);
    }
}
