package io.quantics.multitenant.oauth2.config;

import java.lang.reflect.InvocationTargetException;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;

@Configuration
/* loaded from: input_file:io/quantics/multitenant/oauth2/config/MultiTenantResourceServerWebSecurityConfiguration.class */
public class MultiTenantResourceServerWebSecurityConfiguration {
    @Conditional({HeaderCondition.class})
    @Bean
    WebSecurityConfigurerAdapter multiTenantDisabledAuthWebSecurity() {
        return new WebSecurityConfigurerAdapter() { // from class: io.quantics.multitenant.oauth2.config.MultiTenantResourceServerWebSecurityConfiguration.1
            protected void configure(HttpSecurity httpSecurity) throws Exception {
                ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().anyRequest()).permitAll();
            }
        };
    }

    @Conditional({JwtCondition.class, AuthoritiesConverterCondition.class})
    @Bean
    WebSecurityConfigurerAdapter multiTenantJwtAuthenticationConverterWebSecurity(final MultiTenantResourceServerProperties multiTenantResourceServerProperties) {
        return new WebSecurityConfigurerAdapter() { // from class: io.quantics.multitenant.oauth2.config.MultiTenantResourceServerWebSecurityConfiguration.2
            protected void configure(HttpSecurity httpSecurity) throws Exception {
                httpSecurity.authorizeRequests(expressionInterceptUrlRegistry -> {
                    ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) expressionInterceptUrlRegistry.anyRequest()).authenticated();
                });
                httpSecurity.oauth2ResourceServer(oAuth2ResourceServerConfigurer -> {
                    oAuth2ResourceServerConfigurer.jwt(jwtConfigurer -> {
                        jwtConfigurer.jwtAuthenticationConverter(jwtAuthenticationConverter());
                    });
                });
            }

            private JwtAuthenticationConverter jwtAuthenticationConverter() {
                JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
                try {
                    jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter((AbstractJwtGrantedAuthoritiesConverter) Class.forName(multiTenantResourceServerProperties.getJwt().getAuthoritiesConverter()).getConstructor(new Class[0]).newInstance(new Object[0]));
                    return jwtAuthenticationConverter;
                } catch (ClassNotFoundException | IllegalAccessException | InstantiationException | NoSuchMethodException | InvocationTargetException e) {
                    throw new RuntimeException(e);
                }
            }
        };
    }

    @ConditionalOnMissingBean({WebSecurityConfigurerAdapter.class})
    @ConditionalOnBean({JwtDecoder.class})
    @Bean
    WebSecurityConfigurerAdapter multiTenantJwtDecoderWebSecurity(final JwtDecoder jwtDecoder) {
        return new WebSecurityConfigurerAdapter() { // from class: io.quantics.multitenant.oauth2.config.MultiTenantResourceServerWebSecurityConfiguration.3
            protected void configure(HttpSecurity httpSecurity) throws Exception {
                httpSecurity.authorizeRequests(expressionInterceptUrlRegistry -> {
                    ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) expressionInterceptUrlRegistry.anyRequest()).authenticated();
                });
                JwtDecoder jwtDecoder2 = jwtDecoder;
                httpSecurity.oauth2ResourceServer(oAuth2ResourceServerConfigurer -> {
                    oAuth2ResourceServerConfigurer.jwt(jwtConfigurer -> {
                        jwtConfigurer.decoder(jwtDecoder2);
                    });
                });
            }
        };
    }
}
