package org.springframework.boot.autoconfigure.security.oauth2.authserver;

import java.util.Arrays;
import java.util.Collections;
import java.util.UUID;
import javax.annotation.PostConstruct;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.security.oauth2.OAuth2ClientProperties;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.oauth2.config.annotation.builders.ClientDetailsServiceBuilder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.client.BaseClientDetails;
import org.springframework.security.oauth2.provider.token.TokenStore;

@EnableConfigurationProperties({AuthorizationServerProperties.class})
@Configuration
@ConditionalOnClass({EnableAuthorizationServer.class})
@ConditionalOnMissingBean({AuthorizationServerConfigurer.class})
@ConditionalOnBean({AuthorizationServerEndpointsConfiguration.class})
/* loaded from: input_file:lib/spring-boot-autoconfigure-1.3.2.RELEASE.jar:org/springframework/boot/autoconfigure/security/oauth2/authserver/OAuth2AuthorizationServerConfiguration.class */
public class OAuth2AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
    private static final Log logger = LogFactory.getLog(OAuth2AuthorizationServerConfiguration.class);

    @Autowired
    private BaseClientDetails details;

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired(required = false)
    private TokenStore tokenStore;

    @Autowired
    private AuthorizationServerProperties properties;

    @ConditionalOnMissingBean({BaseClientDetails.class})
    @Configuration
    /* loaded from: input_file:lib/spring-boot-autoconfigure-1.3.2.RELEASE.jar:org/springframework/boot/autoconfigure/security/oauth2/authserver/OAuth2AuthorizationServerConfiguration$BaseClientDetailsConfiguration.class */
    protected static class BaseClientDetailsConfiguration {

        @Autowired
        private OAuth2ClientProperties client;

        protected BaseClientDetailsConfiguration() {
        }

        @ConfigurationProperties("security.oauth2.client")
        @Bean
        public BaseClientDetails oauth2ClientDetails() {
            BaseClientDetails baseClientDetails = new BaseClientDetails();
            if (this.client.getClientId() == null) {
                this.client.setClientId(UUID.randomUUID().toString());
            }
            baseClientDetails.setClientId(this.client.getClientId());
            baseClientDetails.setClientSecret(this.client.getClientSecret());
            baseClientDetails.setAuthorizedGrantTypes(Arrays.asList("authorization_code", "password", "client_credentials", "implicit", "refresh_token"));
            baseClientDetails.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER"));
            baseClientDetails.setRegisteredRedirectUri(Collections.emptySet());
            return baseClientDetails;
        }
    }

    @Configuration
    /* loaded from: input_file:lib/spring-boot-autoconfigure-1.3.2.RELEASE.jar:org/springframework/boot/autoconfigure/security/oauth2/authserver/OAuth2AuthorizationServerConfiguration$ClientDetailsLogger.class */
    protected static class ClientDetailsLogger {

        @Autowired
        private OAuth2ClientProperties credentials;

        protected ClientDetailsLogger() {
        }

        @PostConstruct
        public void init() {
            boolean isDefaultSecret = this.credentials.isDefaultSecret();
            Log log = OAuth2AuthorizationServerConfiguration.logger;
            Object[] objArr = new Object[4];
            objArr[0] = "security.oauth2.client";
            objArr[1] = this.credentials.getClientId();
            objArr[2] = "security.oauth2.client";
            objArr[3] = isDefaultSecret ? this.credentials.getClientSecret() : "****";
            log.info(String.format("Initialized OAuth2 Client\n\n%s.clientId = %s\n%s.secret = %s\n\n", objArr));
        }
    }

    public void configure(ClientDetailsServiceConfigurer clientDetailsServiceConfigurer) throws Exception {
        ClientDetailsServiceBuilder.ClientBuilder withClient = clientDetailsServiceConfigurer.inMemory().withClient(this.details.getClientId());
        withClient.secret(this.details.getClientSecret()).resourceIds((String[]) this.details.getResourceIds().toArray(new String[0])).authorizedGrantTypes((String[]) this.details.getAuthorizedGrantTypes().toArray(new String[0])).authorities((String[]) AuthorityUtils.authorityListToSet(this.details.getAuthorities()).toArray(new String[0])).scopes((String[]) this.details.getScope().toArray(new String[0]));
        if (this.details.getAutoApproveScopes() != null) {
            withClient.autoApprove((String[]) this.details.getAutoApproveScopes().toArray(new String[0]));
        }
        if (this.details.getAccessTokenValiditySeconds() != null) {
            withClient.accessTokenValiditySeconds(this.details.getAccessTokenValiditySeconds().intValue());
        }
        if (this.details.getRefreshTokenValiditySeconds() != null) {
            withClient.refreshTokenValiditySeconds(this.details.getRefreshTokenValiditySeconds().intValue());
        }
        if (this.details.getRegisteredRedirectUri() != null) {
            withClient.redirectUris((String[]) this.details.getRegisteredRedirectUri().toArray(new String[0]));
        }
    }

    public void configure(AuthorizationServerEndpointsConfigurer authorizationServerEndpointsConfigurer) throws Exception {
        if (this.tokenStore != null) {
            authorizationServerEndpointsConfigurer.tokenStore(this.tokenStore);
        }
        if (this.details.getAuthorizedGrantTypes().contains("password")) {
            authorizationServerEndpointsConfigurer.authenticationManager(this.authenticationManager);
        }
    }

    public void configure(AuthorizationServerSecurityConfigurer authorizationServerSecurityConfigurer) throws Exception {
        if (this.properties.getCheckTokenAccess() != null) {
            authorizationServerSecurityConfigurer.checkTokenAccess(this.properties.getCheckTokenAccess());
        }
        if (this.properties.getTokenKeyAccess() != null) {
            authorizationServerSecurityConfigurer.tokenKeyAccess(this.properties.getTokenKeyAccess());
        }
        if (this.properties.getRealm() != null) {
            authorizationServerSecurityConfigurer.realm(this.properties.getRealm());
        }
    }
}
