package org.flowable.app.conf;

import java.util.Collections;
import javax.servlet.Filter;
import org.flowable.app.filter.FlowableCookieFilter;
import org.flowable.app.security.AjaxLogoutSuccessHandler;
import org.flowable.app.security.ClearFlowableCookieLogoutHandler;
import org.flowable.app.security.DefaultPrivileges;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.header.writers.XXssProtectionHeaderWriter;

@Configuration
@EnableWebSecurity
/* loaded from: input_file:WEB-INF/lib/flowable-ui-modeler-conf-6.0.0.jar:org/flowable/app/conf/SecurityConfiguration.class */
public class SecurityConfiguration {
    public static final String REST_ENDPOINTS_PREFIX = "/app/rest";

    @Configuration
    @Order(10)
    /* loaded from: input_file:WEB-INF/lib/flowable-ui-modeler-conf-6.0.0.jar:org/flowable/app/conf/SecurityConfiguration$FormLoginWebSecurityConfigurerAdapter.class */
    public static class FormLoginWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {

        @Autowired
        protected FlowableCookieFilter flowableCookieFilter;

        @Autowired
        protected AjaxLogoutSuccessHandler ajaxLogoutSuccessHandler;

        /* JADX WARN: Multi-variable type inference failed */
        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) httpSecurity.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()).addFilterBefore((Filter) this.flowableCookieFilter, UsernamePasswordAuthenticationFilter.class).logout().logoutUrl("/app/logout").logoutSuccessHandler(this.ajaxLogoutSuccessHandler).addLogoutHandler(new ClearFlowableCookieLogoutHandler()).and()).csrf().disable()).headers().frameOptions().sameOrigin().addHeaderWriter(new XXssProtectionHeaderWriter()).and()).authorizeRequests().antMatchers("/app/rest/**").hasAuthority(DefaultPrivileges.ACCESS_MODELER);
        }
    }

    @Bean
    public FlowableCookieFilter flowableCookieFilter() {
        FlowableCookieFilter flowableCookieFilter = new FlowableCookieFilter();
        flowableCookieFilter.setRequiredPrivileges(Collections.singletonList(DefaultPrivileges.ACCESS_MODELER));
        return flowableCookieFilter;
    }
}
