package digital.nedra.commons.starter.keycloak.session.config;

import digital.nedra.commons.starter.common.config.properties.SecurityProperties;
import digital.nedra.commons.starter.keycloak.session.config.support.KeycloakLogoutHandler;
import digital.nedra.commons.starter.keycloak.session.config.support.KeycloakOauth2UserService;
import digital.nedra.commons.starter.keycloak.session.config.support.XhrCookieRequestCache;
import java.util.Objects;
import java.util.Set;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
/* loaded from: input_file:digital/nedra/commons/starter/keycloak/session/config/SecurityConfigurerAdapter.class */
public class SecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
    private final KeycloakLogoutHandler logoutHandler;
    private final XhrCookieRequestCache requestCache;
    private final KeycloakOauth2UserService keycloakOidcUserService;
    private final Customizer<ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry> authorizeRequestsCustomizer;
    private final SecurityProperties securityProperties;

    @Value("${spring.security.oauth2.client.registration.sso.provider}")
    private String oauth2Provider;

    @Autowired(required = false)
    private Customizer<AuthenticationManagerBuilder> authenticationManagerBuilderCustomizer;

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.authorizeRequests(this.authorizeRequestsCustomizer).oauth2Login(oAuth2LoginConfigurer -> {
            oAuth2LoginConfigurer.loginPage("/oauth2/authorization/" + this.oauth2Provider).userInfoEndpoint().oidcUserService(this.keycloakOidcUserService);
        }).oauth2Client().and().logout().addLogoutHandler(this.logoutHandler).and().csrf().disable().cors().and().requestCache(requestCacheConfigurer -> {
            requestCacheConfigurer.requestCache(this.requestCache);
        });
        if (this.authenticationManagerBuilderCustomizer != null) {
            httpSecurity.httpBasic();
        }
    }

    public void configure(WebSecurity webSecurity) {
        WebSecurity.IgnoredRequestConfigurer ignoring = webSecurity.ignoring();
        Set ignoredUrls = this.securityProperties.getIgnoredUrls();
        Objects.requireNonNull(ignoring);
        ignoredUrls.forEach(str -> {
        });
    }

    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) {
        if (this.authenticationManagerBuilderCustomizer != null) {
            this.authenticationManagerBuilderCustomizer.customize(authenticationManagerBuilder);
        }
    }

    public SecurityConfigurerAdapter(KeycloakLogoutHandler keycloakLogoutHandler, XhrCookieRequestCache xhrCookieRequestCache, KeycloakOauth2UserService keycloakOauth2UserService, Customizer<ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry> customizer, SecurityProperties securityProperties) {
        this.logoutHandler = keycloakLogoutHandler;
        this.requestCache = xhrCookieRequestCache;
        this.keycloakOidcUserService = keycloakOauth2UserService;
        this.authorizeRequestsCustomizer = customizer;
        this.securityProperties = securityProperties;
    }
}
