package com.github.ulisesbocchio.spring.boot.security.saml.configuration;

import com.github.ulisesbocchio.spring.boot.security.saml.bean.SAMLConfigurerBean;
import com.github.ulisesbocchio.spring.boot.security.saml.configurer.ServiceProviderBuilder;
import com.github.ulisesbocchio.spring.boot.security.saml.configurer.ServiceProviderConfigurer;
import com.github.ulisesbocchio.spring.boot.security.saml.configurer.ServiceProviderEndpoints;
import com.github.ulisesbocchio.spring.boot.security.saml.properties.SAMLSSOProperties;
import com.github.ulisesbocchio.spring.boot.security.saml.util.BeanRegistry;
import com.github.ulisesbocchio.spring.boot.security.saml.util.FunctionalUtils;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.assertj.core.util.Lists;
import org.opensaml.xml.parse.ParserPool;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.support.DefaultListableBeanFactory;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.core.io.ResourceLoader;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.saml.SAMLAuthenticationProvider;
import org.springframework.security.saml.context.SAMLContextProvider;
import org.springframework.security.saml.key.KeyManager;
import org.springframework.security.saml.metadata.ExtendedMetadata;
import org.springframework.security.saml.metadata.MetadataGenerator;
import org.springframework.security.saml.metadata.MetadataManager;
import org.springframework.security.saml.parser.ParserPoolHolder;
import org.springframework.security.saml.processor.SAMLProcessor;
import org.springframework.security.saml.websso.SingleLogoutProfile;
import org.springframework.security.saml.websso.WebSSOProfile;
import org.springframework.security.saml.websso.WebSSOProfileConsumer;
import org.springframework.security.saml.websso.WebSSOProfileConsumerHoKImpl;
import org.springframework.security.saml.websso.WebSSOProfileConsumerImpl;
import org.springframework.security.saml.websso.WebSSOProfileECPImpl;
import org.springframework.security.saml.websso.WebSSOProfileHoKImpl;
import org.springframework.security.web.util.matcher.RequestMatcher;

@EnableConfigurationProperties({SAMLSSOProperties.class})
@Configuration
/* loaded from: input_file:com/github/ulisesbocchio/spring/boot/security/saml/configuration/SAMLServiceProviderSecurityConfiguration.class */
public class SAMLServiceProviderSecurityConfiguration implements InitializingBean {

    @Autowired
    private ObjectPostProcessor<Object> objectPostProcessor;

    @Autowired
    private SAMLSSOProperties sAMLSsoProperties;

    @Autowired
    private ResourceLoader resourceLoader;

    @Autowired
    private DefaultListableBeanFactory beanFactory;

    @Autowired(required = false)
    private ExtendedMetadata extendedMetadata;

    @Autowired(required = false)
    private SAMLContextProvider samlContextProvider;

    @Autowired(required = false)
    private KeyManager keyManager;

    @Autowired(required = false)
    private MetadataManager metadataManager;

    @Autowired(required = false)
    private MetadataGenerator metadataGenerator;

    @Autowired(required = false)
    private SAMLProcessor samlProcessor;

    @Autowired(required = false)
    @Qualifier("webSSOprofileConsumer")
    private WebSSOProfileConsumer webSSOProfileConsumer;

    @Autowired(required = false)
    @Qualifier("hokWebSSOprofileConsumer")
    private WebSSOProfileConsumerHoKImpl hokWebSSOProfileConsumer;

    @Autowired(required = false)
    @Qualifier("webSSOprofile")
    private WebSSOProfile webSSOProfile;

    @Autowired(required = false)
    @Qualifier("ecpprofile")
    private WebSSOProfileECPImpl ecpProfile;

    @Autowired(required = false)
    @Qualifier("hokWebSSOProfile")
    private WebSSOProfileHoKImpl hokWebSSOProfile;

    @Autowired(required = false)
    private SingleLogoutProfile sloProfile;

    @Autowired(required = false)
    private SAMLAuthenticationProvider samlAuthenticationProvider;

    @Autowired(required = false)
    List<ServiceProviderConfigurer> serviceProviderConfigurers = Lists.newArrayList();

    @Autowired(required = false)
    SAMLConfigurerBean samlConfigurerBean;

    /* loaded from: input_file:com/github/ulisesbocchio/spring/boot/security/saml/configuration/SAMLServiceProviderSecurityConfiguration$NoWebSecurityConfigurerAdapter.class */
    private static class NoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter implements Ordered {
        private NoWebSecurityConfigurerAdapter() {
        }

        protected void configure(HttpSecurity httpSecurity) throws Exception {
            httpSecurity.requestMatcher(httpServletRequest -> {
                return false;
            });
        }

        public int getOrder() {
            return Integer.MAX_VALUE;
        }
    }

    /* loaded from: input_file:com/github/ulisesbocchio/spring/boot/security/saml/configuration/SAMLServiceProviderSecurityConfiguration$SAMLWebSecurityConfigurer.class */
    private static class SAMLWebSecurityConfigurer extends WebSecurityConfigurerAdapter implements Ordered {
        private List<ServiceProviderConfigurer> serviceProviderConfigurers;
        private ServiceProviderBuilderHolder builderHolder;

        public SAMLWebSecurityConfigurer(List<ServiceProviderConfigurer> list, ServiceProviderBuilderHolder serviceProviderBuilderHolder) {
            super(false);
            this.serviceProviderConfigurers = Collections.emptyList();
            this.serviceProviderConfigurers = list;
            this.builderHolder = serviceProviderBuilderHolder;
        }

        public void configure(WebSecurity webSecurity) throws Exception {
            this.serviceProviderConfigurers.forEach(FunctionalUtils.unchecked(serviceProviderConfigurer -> {
                serviceProviderConfigurer.configure(webSecurity);
            }));
        }

        protected void configure(HttpSecurity httpSecurity) throws Exception {
            this.builderHolder.getBuilder().setSharedObject(AuthenticationManager.class, authenticationManagerBean());
            SAMLConfigurerBean sAMLConfigurerBean = new SAMLConfigurerBean(this.builderHolder, authenticationManagerBean());
            httpSecurity.apply(sAMLConfigurerBean);
            ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((SAMLConfigurerBean) httpSecurity.httpBasic().disable().csrf().disable().anonymous().and().apply(sAMLConfigurerBean)).serviceProvider(this.serviceProviderConfigurers).http().authorizeRequests().requestMatchers(new RequestMatcher[]{sAMLConfigurerBean.endpointsMatcher()})).permitAll();
            this.serviceProviderConfigurers.forEach(FunctionalUtils.unchecked(serviceProviderConfigurer -> {
                serviceProviderConfigurer.configure(httpSecurity);
            }));
            ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().anyRequest()).authenticated();
        }

        public int getOrder() {
            return -17;
        }
    }

    /* loaded from: input_file:com/github/ulisesbocchio/spring/boot/security/saml/configuration/SAMLServiceProviderSecurityConfiguration$ServiceProviderBuilderHolder.class */
    public static class ServiceProviderBuilderHolder {
        private ServiceProviderBuilder builder = null;

        public ServiceProviderBuilder getBuilder() {
            return this.builder;
        }

        public void setBuilder(ServiceProviderBuilder serviceProviderBuilder) {
            this.builder = serviceProviderBuilder;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof ServiceProviderBuilderHolder)) {
                return false;
            }
            ServiceProviderBuilderHolder serviceProviderBuilderHolder = (ServiceProviderBuilderHolder) obj;
            if (!serviceProviderBuilderHolder.canEqual(this)) {
                return false;
            }
            ServiceProviderBuilder builder = getBuilder();
            ServiceProviderBuilder builder2 = serviceProviderBuilderHolder.getBuilder();
            return builder == null ? builder2 == null : builder.equals(builder2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof ServiceProviderBuilderHolder;
        }

        public int hashCode() {
            ServiceProviderBuilder builder = getBuilder();
            return (1 * 59) + (builder == null ? 43 : builder.hashCode());
        }

        public String toString() {
            return "SAMLServiceProviderSecurityConfiguration.ServiceProviderBuilderHolder(builder=" + getBuilder() + ")";
        }
    }

    @Bean
    ServiceProviderBuilderHolder serviceProviderBuilderHolder() {
        return new ServiceProviderBuilderHolder();
    }

    @Bean
    public WebSecurityConfigurer samlWebSecurityConfigurer() {
        return this.samlConfigurerBean == null ? new SAMLWebSecurityConfigurer(this.serviceProviderConfigurers, serviceProviderBuilderHolder()) : new NoWebSecurityConfigurerAdapter();
    }

    public void afterPropertiesSet() {
        ServiceProviderBuilder serviceProviderBuilder = new ServiceProviderBuilder(this.objectPostProcessor, this.beanFactory, beanRegistry());
        serviceProviderBuilder.setSharedObject(ParserPool.class, ParserPoolHolder.getPool());
        serviceProviderBuilder.setSharedObject(WebSSOProfileConsumerImpl.class, this.webSSOProfileConsumer);
        serviceProviderBuilder.setSharedObject(WebSSOProfileConsumerHoKImpl.class, this.hokWebSSOProfileConsumer);
        serviceProviderBuilder.setSharedObject(ServiceProviderEndpoints.class, new ServiceProviderEndpoints());
        serviceProviderBuilder.setSharedObject(ResourceLoader.class, this.resourceLoader);
        serviceProviderBuilder.setSharedObject(SAMLSSOProperties.class, this.sAMLSsoProperties);
        serviceProviderBuilder.setSharedObject(ExtendedMetadata.class, this.extendedMetadata);
        serviceProviderBuilder.setSharedObject(BeanRegistry.class, beanRegistry());
        serviceProviderBuilder.setSharedObject(SAMLAuthenticationProvider.class, this.samlAuthenticationProvider);
        serviceProviderBuilder.setSharedObject(SAMLContextProvider.class, this.samlContextProvider);
        serviceProviderBuilder.setSharedObject(KeyManager.class, this.keyManager);
        serviceProviderBuilder.setSharedObject(MetadataManager.class, this.metadataManager);
        serviceProviderBuilder.setSharedObject(MetadataGenerator.class, this.metadataGenerator);
        serviceProviderBuilder.setSharedObject(SAMLProcessor.class, this.samlProcessor);
        serviceProviderBuilder.setSharedObject(WebSSOProfile.class, this.webSSOProfile);
        serviceProviderBuilder.setSharedObject(WebSSOProfileECPImpl.class, this.ecpProfile);
        serviceProviderBuilder.setSharedObject(WebSSOProfileHoKImpl.class, this.hokWebSSOProfile);
        serviceProviderBuilder.setSharedObject(SingleLogoutProfile.class, this.sloProfile);
        serviceProviderBuilder.setSharedObject(WebSSOProfileConsumer.class, this.webSSOProfileConsumer);
        serviceProviderBuilder.setSharedObject(WebSSOProfileConsumerHoKImpl.class, this.hokWebSSOProfileConsumer);
        markBeansAsRegistered(serviceProviderBuilder.getSharedObjects());
        serviceProviderBuilderHolder().setBuilder(serviceProviderBuilder);
    }

    private void markBeansAsRegistered(Map<Class<?>, Object> map) {
        map.entrySet().forEach(entry -> {
            beanRegistry().addRegistered((Class) entry.getKey(), entry.getValue());
        });
    }

    @Bean
    public BeanRegistry beanRegistry() {
        return new BeanRegistry(this.beanFactory);
    }
}
