package city.smartb.i2.spring.boot.auth.config;

import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.authorization.AuthorizationContext;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.reactive.CorsConfigurationSource;
import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
import reactor.core.publisher.Mono;

/* compiled from: WebSecurityConfig.kt */
@Metadata(mv = {1, 6, 0}, k = 1, xi = 48, d1 = {"��>\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0010\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010$\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0004\bf\u0018�� \u00142\u00020\u0001:\u0001\u0014J\u0010\u0010\u0002\u001a\u00020\u00032\u0006\u0010\u0004\u001a\u00020\u0005H\u0016J\u0014\u0010\u0006\u001a\u000e\u0012\u0004\u0012\u00020\b\u0012\u0004\u0012\u00020\b0\u0007H\u0017J$\u0010\t\u001a\b\u0012\u0004\u0012\u00020\u000b0\n2\f\u0010\f\u001a\b\u0012\u0004\u0012\u00020\r0\n2\u0006\u0010\u000e\u001a\u00020\u000fH\u0002J\u0010\u0010\u0010\u001a\u00020\u00112\u0006\u0010\u0004\u001a\u00020\u0005H\u0017J\u0010\u0010\u0012\u001a\u00020\u00112\u0006\u0010\u0004\u001a\u00020\u0005H\u0017J\f\u0010\u0013\u001a\u00020\u0003*\u00020\u0005H\u0002¨\u0006\u0015"}, d2 = {"Lcity/smartb/i2/spring/boot/auth/config/WebSecurityConfig;", "", "addAuthenticationRules", "", "http", "Lorg/springframework/security/config/web/server/ServerHttpSecurity;", "authFilter", "", "", "authenticate", "Lreactor/core/publisher/Mono;", "Lorg/springframework/security/authorization/AuthorizationDecision;", "authentication", "Lorg/springframework/security/core/Authentication;", "context", "Lorg/springframework/security/web/server/authorization/AuthorizationContext;", "dummyAuthenticationProvider", "Lorg/springframework/security/web/server/SecurityWebFilterChain;", "oauthAuthenticationProvider", "corsConfig", "Companion", "i2-spring-boot-starter-auth"})
/* loaded from: input_file:city/smartb/i2/spring/boot/auth/config/WebSecurityConfig.class */
public interface WebSecurityConfig {

    @NotNull
    public static final Companion Companion = Companion.$$INSTANCE;

    @NotNull
    public static final String SPRING_SECURITY_FILTER_CHAIN = "springSecurityFilterChain";

    /* compiled from: WebSecurityConfig.kt */
    @Metadata(mv = {1, 6, 0}, k = 1, xi = 48, d1 = {"��\u0012\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0010\u000e\n��\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002R\u000e\u0010\u0003\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n��¨\u0006\u0005"}, d2 = {"Lcity/smartb/i2/spring/boot/auth/config/WebSecurityConfig$Companion;", "", "()V", "SPRING_SECURITY_FILTER_CHAIN", "", "i2-spring-boot-starter-auth"})
    /* loaded from: input_file:city/smartb/i2/spring/boot/auth/config/WebSecurityConfig$Companion.class */
    public static final class Companion {
        static final /* synthetic */ Companion $$INSTANCE = new Companion();

        @NotNull
        public static final String SPRING_SECURITY_FILTER_CHAIN = "springSecurityFilterChain";

        private Companion() {
        }
    }

    /* compiled from: WebSecurityConfig.kt */
    @Metadata(mv = {1, 6, 0}, k = 3, xi = 48)
    /* loaded from: input_file:city/smartb/i2/spring/boot/auth/config/WebSecurityConfig$DefaultImpls.class */
    public static final class DefaultImpls {
        @ConfigurationProperties(prefix = "i2.filter")
        @Bean
        @NotNull
        public static Map<String, String> authFilter(@NotNull WebSecurityConfig webSecurityConfig) {
            Intrinsics.checkNotNullParameter(webSecurityConfig, "this");
            return new HashMap();
        }

        @Bean({"springSecurityFilterChain"})
        @ConditionalOnExpression(ConfigurationConstantsKt.NO_AUTHENTICATION_REQUIRED_EXPRESSION)
        @NotNull
        public static SecurityWebFilterChain dummyAuthenticationProvider(@NotNull WebSecurityConfig webSecurityConfig, @NotNull ServerHttpSecurity serverHttpSecurity) {
            Intrinsics.checkNotNullParameter(webSecurityConfig, "this");
            Intrinsics.checkNotNullParameter(serverHttpSecurity, "http");
            serverHttpSecurity.authorizeExchange().anyExchange().permitAll();
            serverHttpSecurity.csrf().disable();
            corsConfig(webSecurityConfig, serverHttpSecurity);
            SecurityWebFilterChain build = serverHttpSecurity.build();
            Intrinsics.checkNotNullExpressionValue(build, "http.build()");
            return build;
        }

        @Bean({"springSecurityFilterChain"})
        @ConditionalOnExpression(ConfigurationConstantsKt.AUTHENTICATION_REQUIRED_EXPRESSION)
        @NotNull
        public static SecurityWebFilterChain oauthAuthenticationProvider(@NotNull WebSecurityConfig webSecurityConfig, @NotNull ServerHttpSecurity serverHttpSecurity) {
            Intrinsics.checkNotNullParameter(webSecurityConfig, "this");
            Intrinsics.checkNotNullParameter(serverHttpSecurity, "http");
            webSecurityConfig.addAuthenticationRules(serverHttpSecurity);
            serverHttpSecurity.csrf().disable();
            corsConfig(webSecurityConfig, serverHttpSecurity);
            SecurityWebFilterChain build = serverHttpSecurity.build();
            Intrinsics.checkNotNullExpressionValue(build, "http.build()");
            return build;
        }

        public static void addAuthenticationRules(@NotNull WebSecurityConfig webSecurityConfig, @NotNull ServerHttpSecurity serverHttpSecurity) {
            Intrinsics.checkNotNullParameter(webSecurityConfig, "this");
            Intrinsics.checkNotNullParameter(serverHttpSecurity, "http");
            serverHttpSecurity.authorizeExchange().anyExchange().access((v1, v2) -> {
                return authenticate(r1, v1, v2);
            }).and().oauth2ResourceServer().jwt();
        }

        private static Mono<AuthorizationDecision> authenticate(WebSecurityConfig webSecurityConfig, Mono<Authentication> mono, AuthorizationContext authorizationContext) {
            Mono<AuthorizationDecision> map = mono.map((v1) -> {
                return m2authenticate$lambda1(r1, v1);
            }).map((v1) -> {
                return new AuthorizationDecision(v1);
            });
            Intrinsics.checkNotNullExpressionValue(map, "authentication.map { aut…(::AuthorizationDecision)");
            return map;
        }

        private static void corsConfig(WebSecurityConfig webSecurityConfig, ServerHttpSecurity serverHttpSecurity) {
            CorsConfiguration corsConfiguration = new CorsConfiguration();
            corsConfiguration.setAllowedOrigins(CollectionsKt.listOf("*"));
            corsConfiguration.setAllowCredentials(false);
            corsConfiguration.addAllowedMethod("*");
            corsConfiguration.addAllowedHeader("*");
            CorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
            urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
            serverHttpSecurity.cors().configurationSource(urlBasedCorsConfigurationSource);
        }

        /* renamed from: authenticate$lambda-1, reason: not valid java name */
        private static Boolean m2authenticate$lambda1(WebSecurityConfig webSecurityConfig, Authentication authentication) {
            boolean z;
            boolean z2;
            Intrinsics.checkNotNullParameter(webSecurityConfig, "this$0");
            if (!(authentication instanceof JwtAuthenticationToken) || ((JwtAuthenticationToken) authentication).getToken() == null) {
                return false;
            }
            Map<String, String> authFilter = webSecurityConfig.authFilter();
            if (!authFilter.isEmpty()) {
                if (!authFilter.isEmpty()) {
                    Iterator<Map.Entry<String, String>> it = authFilter.entrySet().iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            z2 = true;
                            break;
                        }
                        Map.Entry<String, String> next = it.next();
                        String key = next.getKey();
                        if (!Intrinsics.areEqual(((JwtAuthenticationToken) authentication).getToken().getClaims().get(key), next.getValue())) {
                            z2 = false;
                            break;
                        }
                    }
                } else {
                    z2 = true;
                }
                if (!z2) {
                    z = false;
                    return Boolean.valueOf(z);
                }
            }
            z = true;
            return Boolean.valueOf(z);
        }
    }

    @ConfigurationProperties(prefix = "i2.filter")
    @Bean
    @NotNull
    Map<String, String> authFilter();

    @Bean({"springSecurityFilterChain"})
    @ConditionalOnExpression(ConfigurationConstantsKt.NO_AUTHENTICATION_REQUIRED_EXPRESSION)
    @NotNull
    SecurityWebFilterChain dummyAuthenticationProvider(@NotNull ServerHttpSecurity serverHttpSecurity);

    @Bean({"springSecurityFilterChain"})
    @ConditionalOnExpression(ConfigurationConstantsKt.AUTHENTICATION_REQUIRED_EXPRESSION)
    @NotNull
    SecurityWebFilterChain oauthAuthenticationProvider(@NotNull ServerHttpSecurity serverHttpSecurity);

    void addAuthenticationRules(@NotNull ServerHttpSecurity serverHttpSecurity);
}
