package de.cidaas.interceptor;

import de.cidaas.interceptor.authentication.provider.IntrospectionAuthenticationProvider;
import de.cidaas.interceptor.authentication.provider.OfflineAuthenticationProvider;
import de.cidaas.interceptor.config.BearerSecurityContextRepository;
import de.cidaas.interceptor.config.JwtAccessDeniedHandler;
import de.cidaas.interceptor.config.JwtAuthenticationEntryPoint;
import de.cidaas.jwk.JwkProviderBuilder;
import de.cidaas.jwt.JWTValidation;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;

/* loaded from: input_file:de/cidaas/interceptor/JwtSpringInterceptor.class */
public class JwtSpringInterceptor {
    final AuthenticationProvider provider;

    private JwtSpringInterceptor(AuthenticationProvider authenticationProvider) {
        this.provider = authenticationProvider;
    }

    public static JwtSpringInterceptor offlineValidation(String str, String str2) {
        return new JwtSpringInterceptor(new OfflineAuthenticationProvider(str, str2, new JwkProviderBuilder(str2).build()));
    }

    public static JwtSpringInterceptor introspectionValidation(String str, String str2) {
        return new JwtSpringInterceptor(new IntrospectionAuthenticationProvider(str, str2, new JWTValidation()));
    }

    public HttpSecurity configure(HttpSecurity httpSecurity) throws Exception {
        return httpSecurity.authenticationProvider(this.provider).securityContext().securityContextRepository(new BearerSecurityContextRepository()).and().exceptionHandling().authenticationEntryPoint(new JwtAuthenticationEntryPoint()).and().exceptionHandling().accessDeniedHandler(new JwtAccessDeniedHandler()).and().httpBasic().disable().csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and();
    }
}
