package org.opensingular.requirement.module.spring.security.config.cas;

import com.google.common.base.Joiner;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Optional;
import javax.inject.Inject;
import javax.inject.Named;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import org.opensingular.lib.commons.base.SingularProperties;
import org.opensingular.lib.support.spring.util.AutoScanDisabled;
import org.opensingular.requirement.module.config.IServerContext;
import org.opensingular.requirement.module.exception.SingularServerException;
import org.opensingular.requirement.module.spring.security.AbstractSingularSpringSecurityAdapter;
import org.opensingular.requirement.module.spring.security.SingularUserDetailsService;
import org.opensingular.requirement.module.spring.security.config.SingularLogoutHandler;
import org.opensingular.requirement.module.spring.security.config.cas.util.SSOConfigurableFilter;
import org.opensingular.requirement.module.spring.security.config.cas.util.SSOFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider;
import org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter;

@Configuration
@AutoScanDisabled
/* loaded from: input_file:org/opensingular/requirement/module/spring/security/config/cas/SingularCASSpringSecurityConfig.class */
public abstract class SingularCASSpringSecurityConfig extends AbstractSingularSpringSecurityAdapter {

    @Inject
    @Named("peticionamentoUserDetailService")
    protected Optional<SingularUserDetailsService> peticionamentoUserDetailService;

    @Inject
    private ServletContext servletContext;

    @Bean
    public SingularLogoutHandler singularLogoutHandler() {
        return new SingularCASLogoutHandler(getCASLogoutURL());
    }

    @Override // org.opensingular.requirement.module.spring.security.AbstractSingularSpringSecurityAdapter
    public void configure(WebSecurity webSecurity) throws Exception {
        if (SingularProperties.get().isTrue("singular.development")) {
        }
        super.configure(webSecurity);
    }

    public void configure(HttpSecurity httpSecurity) throws Exception {
        AuthenticationProvider preAuthenticatedAuthenticationProvider = new PreAuthenticatedAuthenticationProvider();
        preAuthenticatedAuthenticationProvider.setPreAuthenticatedUserDetailsService(new UserDetailsByNameServiceWrapper(this.peticionamentoUserDetailService.orElseThrow(() -> {
            return SingularServerException.rethrow(String.format("Bean %s do tipo %s não pode ser nulo. Para utilizar a configuração de segurança %s é preciso declarar um bean do tipo %s identificado pelo nome %s .", UserDetailsService.class.getName(), "peticionamentoUserDetailService", SingularCASSpringSecurityConfig.class.getName(), UserDetailsService.class.getName(), "peticionamentoUserDetailService"));
        })));
        ProviderManager providerManager = new ProviderManager(Arrays.asList(preAuthenticatedAuthenticationProvider));
        J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter = new J2eePreAuthenticatedProcessingFilter();
        j2eePreAuthenticatedProcessingFilter.setAuthenticationManager(providerManager);
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.addFilterBefore(newSSOFilter(), J2eePreAuthenticatedProcessingFilter.class).regexMatcher(getContext().getPathRegex()).exceptionHandling().authenticationEntryPoint((httpServletRequest, httpServletResponse, authenticationException) -> {
            httpServletResponse.sendRedirect("/login");
        }).and().csrf().disable().headers().frameOptions().sameOrigin().and().jee().j2eePreAuthenticatedProcessingFilter(j2eePreAuthenticatedProcessingFilter).and().authorizeRequests().antMatchers(new String[]{getContext().getContextPath()})).authenticated();
    }

    protected SSOFilter newSSOFilter() throws ServletException {
        IServerContext context = getContext();
        SSOFilter sSOFilter = new SSOFilter();
        final String str = "SSOFilter" + context.getName();
        this.servletContext.setAttribute(str, context);
        final HashMap hashMap = new HashMap();
        hashMap.put(SSOConfigurableFilter.SINGULAR_CONTEXT_ATTRIBUTE, str);
        hashMap.put(SSOFilter.CLIENT_LOGOUT_URL, context.getUrlPath() + "/logout");
        hashMap.put(SSOFilter.URL_EXCLUDE_PATTERN_PARAM, getExcludeUrlRegex());
        sSOFilter.init(new FilterConfig() { // from class: org.opensingular.requirement.module.spring.security.config.cas.SingularCASSpringSecurityConfig.1
            public String getFilterName() {
                return str;
            }

            public ServletContext getServletContext() {
                return SingularCASSpringSecurityConfig.this.servletContext;
            }

            public String getInitParameter(String str2) {
                return (String) hashMap.get(str2);
            }

            public Enumeration<String> getInitParameterNames() {
                return Collections.enumeration(hashMap.keySet());
            }
        });
        return sSOFilter;
    }

    protected String getCASLogoutURL() {
        return "";
    }

    protected final String getExcludeUrlRegex() {
        return Joiner.on(",").join(this.singularModuleConfiguration.getPublicUrls()).replaceAll("\\*", ".*");
    }
}
