package net.n2oapp.security.auth;

import javax.servlet.Filter;
import net.n2oapp.framework.access.data.SecurityProvider;
import net.n2oapp.framework.api.MetadataEnvironment;
import net.n2oapp.security.auth.context.SpringSecurityUserContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.FilterType;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;

@EnableWebSecurity
@ComponentScan(includeFilters = {@ComponentScan.Filter(type = FilterType.ASSIGNABLE_TYPE, value = {KeycloakLogoutHandler.class})})
/* loaded from: input_file:BOOT-INF/lib/security-auth-7.0.7.jar:net/n2oapp/security/auth/OpenIdSecurityCustomizer.class */
public abstract class OpenIdSecurityCustomizer extends N2oSecurityCustomizer {

    @Value("${access.keycloak.logout-uri:/}")
    private String ssoLogoutUri;

    @Value("${n2o.access.schema.id}")
    private String schemaId;

    @Value("${n2o.access.deny_urls}")
    private Boolean defaultUrlAccessDenied;

    @Autowired
    @Lazy
    private MetadataEnvironment environment;

    @Autowired
    private KeycloakLogoutHandler keycloakLogoutHandler;

    @Autowired
    private SecurityProvider securityProvider;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.n2oapp.security.auth.N2oSecurityCustomizer
    public void configureHttpSecurity(HttpSecurity httpSecurity) throws Exception {
        configureLogout(httpSecurity.logout());
        httpSecurity.oauth2Login();
        httpSecurity.addFilterAfter((Filter) new N2oUrlFilter(this.schemaId, this.defaultUrlAccessDenied, this.environment, this.securityProvider), FilterSecurityInterceptor.class);
    }

    @Override // net.n2oapp.security.auth.N2oSecurityCustomizer
    public SpringSecurityUserContext springSecurityUserContext() {
        return new SpringUserContextWithToken();
    }

    protected LogoutConfigurer<HttpSecurity> configureLogout(LogoutConfigurer<HttpSecurity> logoutConfigurer) {
        logoutConfigurer.logoutSuccessUrl(this.ssoLogoutUri);
        return logoutConfigurer.addLogoutHandler(this.keycloakLogoutHandler);
    }
}
