package flowable;

import com.unboundid.ldap.listener.InMemoryDirectoryServer;
import org.flowable.idm.api.IdmIdentityService;
import org.flowable.idm.api.Privilege;
import org.springframework.boot.CommandLineRunner;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;

@SpringBootApplication(proxyBeanMethods = false)
/* loaded from: input_file:flowable/SampleLdapApplication.class */
public class SampleLdapApplication {

    @Configuration(proxyBeanMethods = false)
    /* loaded from: input_file:flowable/SampleLdapApplication$ApiWebSecurityConfigurationAdapter.class */
    class ApiWebSecurityConfigurationAdapter {
        ApiWebSecurityConfigurationAdapter() {
        }

        @Bean
        @Order(99)
        public SecurityFilterChain apiSecurityFilterChain(HttpSecurity httpSecurity) throws Exception {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) httpSecurity.securityMatcher(AntPathRequestMatcher.antMatcher("/process-api/**")).authorizeHttpRequests().requestMatchers(new RequestMatcher[]{AntPathRequestMatcher.antMatcher("/process-api/repository/**")})).hasAnyAuthority(new String[]{"repository-privilege"}).requestMatchers(new RequestMatcher[]{AntPathRequestMatcher.antMatcher("/process-api/management/**")})).hasAnyAuthority(new String[]{"management-privilege"}).anyRequest()).authenticated().and().httpBasic();
            return (SecurityFilterChain) httpSecurity.build();
        }
    }

    public static void main(String[] strArr) {
        SpringApplication.run(SampleLdapApplication.class, strArr);
    }

    @ConditionalOnBean({InMemoryDirectoryServer.class})
    @Bean
    public CommandLineRunner initializePrivileges(IdmIdentityService idmIdentityService) {
        return strArr -> {
            Privilege createPrivilege = idmIdentityService.createPrivilege("repository-privilege");
            Privilege createPrivilege2 = idmIdentityService.createPrivilege("management-privilege");
            idmIdentityService.addGroupPrivilegeMapping(createPrivilege.getId(), "user");
            idmIdentityService.addGroupPrivilegeMapping(createPrivilege2.getId(), "admin");
            idmIdentityService.addUserPrivilegeMapping(createPrivilege2.getId(), "fozzie");
        };
    }
}
