package com.github.ulisesbocchio.spring.boot.security.saml.configurer;

import com.github.ulisesbocchio.spring.boot.security.saml.properties.SAMLSSOProperties;
import com.github.ulisesbocchio.spring.boot.security.saml.util.FunctionalUtils;
import java.util.List;
import javax.servlet.Filter;
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.saml.SAMLAuthenticationProvider;
import org.springframework.security.saml.SAMLDiscovery;
import org.springframework.security.saml.SAMLEntryPoint;
import org.springframework.security.saml.SAMLLogoutFilter;
import org.springframework.security.saml.SAMLLogoutProcessingFilter;
import org.springframework.security.saml.SAMLProcessingFilter;
import org.springframework.security.saml.SAMLWebSSOHoKProcessingFilter;
import org.springframework.security.saml.key.KeyManager;
import org.springframework.security.saml.metadata.MetadataDisplayFilter;
import org.springframework.security.saml.metadata.MetadataGeneratorFilter;
import org.springframework.security.saml.metadata.MetadataManager;
import org.springframework.security.saml.processor.SAMLProcessor;
import org.springframework.security.saml.trust.httpclient.TLSProtocolConfigurer;
import org.springframework.security.web.DefaultSecurityFilterChain;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.security.web.util.matcher.RequestMatcher;

/* loaded from: input_file:com/github/ulisesbocchio/spring/boot/security/saml/configurer/ServiceProviderSecurityConfigurer.class */
public class ServiceProviderSecurityConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
    private SAMLSSOProperties config;
    private MetadataManager metadataManager;
    private SAMLAuthenticationProvider authenticationProvider;
    private SAMLProcessor samlProcessor;
    private SAMLLogoutFilter samlLogoutFilter;
    private SAMLLogoutProcessingFilter samlLogoutProcessingFilter;
    private MetadataDisplayFilter metadataDisplayFilter;
    private MetadataGeneratorFilter metadataGeneratorFilter;
    private SAMLProcessingFilter sAMLProcessingFilter;
    private SAMLWebSSOHoKProcessingFilter sAMLWebSSOHoKProcessingFilter;
    private SAMLDiscovery sAMLDiscovery;
    private SAMLEntryPoint sAMLEntryPoint;
    private KeyManager keyManager;
    private TLSProtocolConfigurer tlsProtocolConfigurer;
    private ServiceProviderEndpoints endpoints;
    private Class<? extends Filter> lastFilterClass = BasicAuthenticationFilter.class;
    private ServiceProviderSecurityBuilder securityConfigurerBuilder;
    private List<ServiceProviderConfigurer> serviceProviderConfigurers;

    public ServiceProviderSecurityConfigurer(ServiceProviderSecurityBuilder serviceProviderSecurityBuilder, List<ServiceProviderConfigurer> list) {
        this.securityConfigurerBuilder = serviceProviderSecurityBuilder;
        this.serviceProviderConfigurers = list;
    }

    public void init(HttpSecurity httpSecurity) throws Exception {
        this.serviceProviderConfigurers.forEach(FunctionalUtils.unchecked(serviceProviderConfigurer -> {
            serviceProviderConfigurer.configure(this.securityConfigurerBuilder);
        }));
        setFields((ServiceProviderSecurityConfigurerBeans) this.securityConfigurerBuilder.build());
        httpSecurity.httpBasic().disable();
        httpSecurity.csrf().disable();
        httpSecurity.exceptionHandling().authenticationEntryPoint(this.sAMLEntryPoint);
        httpSecurity.logout().disable();
        httpSecurity.authenticationProvider(this.authenticationProvider);
        addFilterAfter(httpSecurity, this.metadataGeneratorFilter);
        addFilterAfter(httpSecurity, this.metadataDisplayFilter);
        addFilterAfter(httpSecurity, this.sAMLEntryPoint);
        addFilterAfter(httpSecurity, this.sAMLProcessingFilter);
        addFilterAfter(httpSecurity, this.sAMLWebSSOHoKProcessingFilter);
        addFilterAfter(httpSecurity, this.samlLogoutProcessingFilter);
        addFilterAfter(httpSecurity, this.sAMLDiscovery);
        addFilterAfter(httpSecurity, this.samlLogoutFilter);
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().requestMatchers(new RequestMatcher[]{this.endpoints.getRequestMatcher()})).permitAll();
        this.serviceProviderConfigurers.forEach(FunctionalUtils.unchecked(serviceProviderConfigurer2 -> {
            serviceProviderConfigurer2.configure(httpSecurity);
        }));
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().anyRequest()).authenticated();
    }

    public void configure(HttpSecurity httpSecurity) throws Exception {
    }

    private void addFilterAfter(HttpSecurity httpSecurity, Filter filter) {
        if (filter != null) {
            httpSecurity.addFilterAfter(filter, this.lastFilterClass);
            this.lastFilterClass = filter.getClass();
        }
    }

    public void setFields(ServiceProviderSecurityConfigurerBeans serviceProviderSecurityConfigurerBeans) {
        this.config = serviceProviderSecurityConfigurerBeans.getConfig();
        this.metadataManager = serviceProviderSecurityConfigurerBeans.getMetadataManager();
        this.authenticationProvider = serviceProviderSecurityConfigurerBeans.getAuthenticationProvider();
        this.samlProcessor = serviceProviderSecurityConfigurerBeans.getSamlProcessor();
        this.samlLogoutFilter = serviceProviderSecurityConfigurerBeans.getSamlLogoutFilter();
        this.samlLogoutProcessingFilter = serviceProviderSecurityConfigurerBeans.getSamlLogoutProcessingFilter();
        this.metadataDisplayFilter = serviceProviderSecurityConfigurerBeans.getMetadataDisplayFilter();
        this.metadataGeneratorFilter = serviceProviderSecurityConfigurerBeans.getMetadataGeneratorFilter();
        this.sAMLProcessingFilter = serviceProviderSecurityConfigurerBeans.getSAMLProcessingFilter();
        this.sAMLWebSSOHoKProcessingFilter = serviceProviderSecurityConfigurerBeans.getSAMLWebSSOHoKProcessingFilter();
        this.sAMLDiscovery = serviceProviderSecurityConfigurerBeans.getSAMLDiscovery();
        this.sAMLEntryPoint = serviceProviderSecurityConfigurerBeans.getSAMLEntryPoint();
        this.keyManager = serviceProviderSecurityConfigurerBeans.getKeyManager();
        this.tlsProtocolConfigurer = serviceProviderSecurityConfigurerBeans.getTlsProtocolConfigurer();
        this.endpoints = serviceProviderSecurityConfigurerBeans.getEndpoints();
    }
}
