package net.n2oapp.security.auth;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.n2oapp.framework.access.data.SecurityProvider;
import net.n2oapp.framework.api.MetadataEnvironment;
import net.n2oapp.security.auth.context.SpringSecurityUserContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2SsoProperties;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;

@EnableOAuth2Sso
/* loaded from: input_file:net/n2oapp/security/auth/OpenIdSecurityConfigurerAdapter.class */
public abstract class OpenIdSecurityConfigurerAdapter extends N2oSecurityConfigurerAdapter {

    @Value("${security.oauth2.sso.logout-uri}")
    private String ssoLogoutUri;

    @Value("${n2o.access.schema.id}")
    private String schemaId;

    @Value("${n2o.access.deny_urls}")
    private Boolean defaultUrlAccessDenied;

    @Autowired
    @Lazy
    private MetadataEnvironment environment;

    @Autowired
    private SecurityProvider securityProvider;

    @Autowired
    private OAuth2SsoProperties sso;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:net/n2oapp/security/auth/OpenIdSecurityConfigurerAdapter$AutoRedirectLogoutSuccessHandler.class */
    public static class AutoRedirectLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {
        protected AutoRedirectLogoutSuccessHandler() {
        }

        protected String determineTargetUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
            StringBuffer requestURL = httpServletRequest.getRequestURL();
            return super.determineTargetUrl(httpServletRequest, httpServletResponse) + requestURL.substring(0, requestURL.lastIndexOf(httpServletRequest.getServletPath()));
        }
    }

    @Override // net.n2oapp.security.auth.N2oSecurityConfigurerAdapter
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        authorize(beforeAuthorize(httpSecurity));
        configureExceptionHandling(httpSecurity.exceptionHandling());
        configureLogout(httpSecurity.logout());
        httpSecurity.addFilterAfter(new N2oUrlFilter(this.schemaId, this.defaultUrlAccessDenied, this.environment, this.securityProvider), FilterSecurityInterceptor.class);
        httpSecurity.csrf().disable();
    }

    @Override // net.n2oapp.security.auth.N2oSecurityConfigurerAdapter
    public SpringSecurityUserContext springSecurityUserContext() {
        return new SpringSecurityUserContext() { // from class: net.n2oapp.security.auth.OpenIdSecurityConfigurerAdapter.1
            @Override // net.n2oapp.security.auth.context.SpringSecurityUserContext
            public Object get(String str) {
                OAuth2AuthenticationDetails authenticationDetails;
                return (!"token".equals(str) || (authenticationDetails = OpenIdSecurityConfigurerAdapter.this.getAuthenticationDetails()) == null) ? super.get(str) : authenticationDetails.getTokenValue();
            }
        };
    }

    protected LogoutConfigurer<HttpSecurity> configureLogout(LogoutConfigurer<HttpSecurity> logoutConfigurer) throws Exception {
        if (this.ssoLogoutUri == null) {
            return logoutConfigurer.logoutSuccessUrl("/logout");
        }
        AutoRedirectLogoutSuccessHandler autoRedirectLogoutSuccessHandler = new AutoRedirectLogoutSuccessHandler();
        autoRedirectLogoutSuccessHandler.setDefaultTargetUrl(this.ssoLogoutUri);
        return logoutConfigurer.logoutSuccessHandler(autoRedirectLogoutSuccessHandler);
    }

    private OAuth2AuthenticationDetails getAuthenticationDetails() {
        Authentication authentication;
        SecurityContext context = SecurityContextHolder.getContext();
        if (context == null || (authentication = context.getAuthentication()) == null) {
            return null;
        }
        Object details = authentication.getDetails();
        if (details instanceof OAuth2AuthenticationDetails) {
            return (OAuth2AuthenticationDetails) details;
        }
        return null;
    }
}
