package org.springdoc.core.configuration;

import io.swagger.v3.oas.models.Operation;
import io.swagger.v3.oas.models.PathItem;
import io.swagger.v3.oas.models.media.Content;
import io.swagger.v3.oas.models.media.ObjectSchema;
import io.swagger.v3.oas.models.media.Schema;
import io.swagger.v3.oas.models.media.StringSchema;
import io.swagger.v3.oas.models.parameters.RequestBody;
import io.swagger.v3.oas.models.responses.ApiResponse;
import io.swagger.v3.oas.models.responses.ApiResponses;
import jakarta.servlet.Filter;
import java.lang.reflect.Field;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Stream;
import org.apache.commons.lang3.reflect.FieldUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springdoc.core.configuration.hints.SpringDocSecurityHints;
import org.springdoc.core.customizers.GlobalOpenApiCustomizer;
import org.springdoc.core.customizers.OpenApiCustomizer;
import org.springdoc.core.utils.Constants;
import org.springdoc.core.utils.SpringDocUtils;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ImportRuntimeHints;
import org.springframework.context.annotation.Lazy;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.web.FilterChainProxy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

@Lazy(false)
@ConditionalOnWebApplication
@Configuration(proxyBeanMethods = false)
@ConditionalOnClass({SecurityFilterChain.class})
@ImportRuntimeHints({SpringDocSecurityHints.class})
@ConditionalOnBean({SpringDocConfiguration.class})
@ConditionalOnExpression("${springdoc.api-docs.enabled:true} and ${springdoc.enable-spring-security:true}")
/* loaded from: input_file:WEB-INF/lib/springdoc-openapi-starter-common-2.3.0.jar:org/springdoc/core/configuration/SpringDocSecurityConfiguration.class */
public class SpringDocSecurityConfiguration {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) SpringDocSecurityConfiguration.class);

    @Configuration(proxyBeanMethods = false)
    @ConditionalOnClass({OAuth2AuthorizationService.class})
    @Lazy(false)
    /* loaded from: input_file:WEB-INF/lib/springdoc-openapi-starter-common-2.3.0.jar:org/springdoc/core/configuration/SpringDocSecurityConfiguration$SpringDocSecurityOAuth2Configuration.class */
    class SpringDocSecurityOAuth2Configuration {
        SpringDocSecurityOAuth2Configuration() {
        }

        @ConditionalOnProperty({Constants.SPRINGDOC_SHOW_OAUTH2_ENDPOINTS})
        @Bean
        @Lazy(false)
        GlobalOpenApiCustomizer springDocSecurityOAuth2Customizer() {
            return new SpringDocSecurityOAuth2Customizer();
        }
    }

    @Configuration(proxyBeanMethods = false)
    @ConditionalOnClass({Filter.class})
    @Lazy(false)
    /* loaded from: input_file:WEB-INF/lib/springdoc-openapi-starter-common-2.3.0.jar:org/springdoc/core/configuration/SpringDocSecurityConfiguration$SpringSecurityLoginEndpointConfiguration.class */
    class SpringSecurityLoginEndpointConfiguration {
        SpringSecurityLoginEndpointConfiguration() {
        }

        @ConditionalOnProperty({Constants.SPRINGDOC_SHOW_LOGIN_ENDPOINT})
        @Bean
        @Lazy(false)
        OpenApiCustomizer springSecurityLoginEndpointCustomiser(ApplicationContext applicationContext) {
            FilterChainProxy filterChainProxy = (FilterChainProxy) applicationContext.getBean("springSecurityFilterChain", FilterChainProxy.class);
            return openAPI -> {
                String str;
                for (SecurityFilterChain securityFilterChain : filterChainProxy.getFilterChains()) {
                    Stream stream = securityFilterChain.getFilters().stream();
                    Class<UsernamePasswordAuthenticationFilter> cls = UsernamePasswordAuthenticationFilter.class;
                    Objects.requireNonNull(UsernamePasswordAuthenticationFilter.class);
                    Stream filter = stream.filter((v1) -> {
                        return r1.isInstance(v1);
                    });
                    Class<UsernamePasswordAuthenticationFilter> cls2 = UsernamePasswordAuthenticationFilter.class;
                    Objects.requireNonNull(UsernamePasswordAuthenticationFilter.class);
                    Optional findAny = filter.map((v1) -> {
                        return r1.cast(v1);
                    }).findAny();
                    Stream stream2 = securityFilterChain.getFilters().stream();
                    Class<DefaultLoginPageGeneratingFilter> cls3 = DefaultLoginPageGeneratingFilter.class;
                    Objects.requireNonNull(DefaultLoginPageGeneratingFilter.class);
                    Stream filter2 = stream2.filter((v1) -> {
                        return r1.isInstance(v1);
                    });
                    Class<DefaultLoginPageGeneratingFilter> cls4 = DefaultLoginPageGeneratingFilter.class;
                    Objects.requireNonNull(DefaultLoginPageGeneratingFilter.class);
                    Optional findAny2 = filter2.map((v1) -> {
                        return r1.cast(v1);
                    }).findAny();
                    if (findAny.isPresent()) {
                        UsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter = (UsernamePasswordAuthenticationFilter) findAny.get();
                        Operation operation = new Operation();
                        Schema addProperty = new ObjectSchema().addProperty(usernamePasswordAuthenticationFilter.getUsernameParameter(), new StringSchema()).addProperty(usernamePasswordAuthenticationFilter.getPasswordParameter(), new StringSchema());
                        str = "application/json";
                        if (findAny2.isPresent()) {
                            try {
                                str = ((Boolean) FieldUtils.getDeclaredField(DefaultLoginPageGeneratingFilter.class, "formLoginEnabled", true).get((DefaultLoginPageGeneratingFilter) findAny2.get())).booleanValue() ? MediaType.APPLICATION_FORM_URLENCODED_VALUE : "application/json";
                            } catch (IllegalAccessException e) {
                                SpringDocSecurityConfiguration.LOGGER.warn(e.getMessage());
                            }
                        }
                        operation.requestBody(new RequestBody().content(new Content().addMediaType(str, new io.swagger.v3.oas.models.media.MediaType().schema(addProperty))));
                        ApiResponses apiResponses = new ApiResponses();
                        apiResponses.addApiResponse(String.valueOf(HttpStatus.OK.value()), new ApiResponse().description(HttpStatus.OK.getReasonPhrase()));
                        apiResponses.addApiResponse(String.valueOf(HttpStatus.FORBIDDEN.value()), new ApiResponse().description(HttpStatus.FORBIDDEN.getReasonPhrase()));
                        operation.responses(apiResponses);
                        operation.addTagsItem("login-endpoint");
                        PathItem post = new PathItem().post(operation);
                        try {
                            Field declaredField = AbstractAuthenticationProcessingFilter.class.getDeclaredField("requiresAuthenticationRequestMatcher");
                            declaredField.setAccessible(true);
                            String pattern = ((AntPathRequestMatcher) declaredField.get(usernamePasswordAuthenticationFilter)).getPattern();
                            declaredField.setAccessible(false);
                            openAPI.getPaths().addPathItem(pattern, post);
                        } catch (ClassCastException | IllegalAccessException | NoSuchFieldException e2) {
                            SpringDocSecurityConfiguration.LOGGER.trace(e2.getMessage());
                        }
                    }
                }
            };
        }
    }

    static {
        SpringDocUtils.getConfig().addRequestWrapperToIgnore(Authentication.class).addResponseTypeToIgnore(Authentication.class).addAnnotationsToIgnore(AuthenticationPrincipal.class);
    }
}
