package org.opensingular.requirement.module.spring.security.config;

import java.util.Collections;
import java.util.Optional;
import javax.annotation.PostConstruct;
import javax.inject.Inject;
import net.vidageek.mirror.dsl.Mirror;
import org.apache.commons.lang3.StringUtils;
import org.opensingular.lib.support.spring.util.AutoScanDisabled;
import org.opensingular.requirement.module.auth.AdminCredentialChecker;
import org.opensingular.requirement.module.auth.AdministrationAuthenticationProvider;
import org.opensingular.requirement.module.spring.security.AbstractSingularSpringSecurityAdapter;
import org.opensingular.requirement.module.spring.security.DefaultUserDetails;
import org.opensingular.requirement.module.spring.security.config.cas.SingularCASSpringSecurityConfig;
import org.opensingular.requirement.module.wicket.view.util.DispatcherPageUtil;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.util.matcher.RegexRequestMatcher;
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;

/* loaded from: input_file:org/opensingular/requirement/module/spring/security/config/SecurityConfigs.class */
public interface SecurityConfigs {

    /* loaded from: input_file:org/opensingular/requirement/module/spring/security/config/SecurityConfigs$AbstractSingularSpringSecurityWithFormAdapter.class */
    public static abstract class AbstractSingularSpringSecurityWithFormAdapter extends AbstractSingularSpringSecurityAdapter {

        @Inject
        private RequestMappingHandlerMapping requestMappingHandlerMapping;

        @PostConstruct
        public void setup() {
            this.requestMappingHandlerMapping.registerMapping(RequestMappingInfo.paths(new String[]{getContext().getUrlPath() + "/login"}).build(), loginController(), new Mirror().on(LoginController.class).reflect().method("getLoginView").withAnyArgs());
        }

        @Bean
        public LoginController loginController() {
            return new LoginController();
        }
    }

    @Configuration
    @AutoScanDisabled
    @Order(105)
    /* loaded from: input_file:org/opensingular/requirement/module/spring/security/config/SecurityConfigs$AdministrationSecurity.class */
    public static class AdministrationSecurity extends AbstractSingularSpringSecurityWithFormAdapter {

        @Inject
        private Optional<AdminCredentialChecker> credentialChecker;

        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.regexMatcher(getContext().getPathRegex()).authorizeRequests().antMatchers(new String[]{getContext().getContextPath()})).hasRole("ADMIN").and().exceptionHandling().accessDeniedPage("/public/error/403").and().csrf().disable().formLogin().permitAll().loginPage(getContext().getUrlPath() + "/login").and().logout().logoutRequestMatcher(new RegexRequestMatcher("/.*logout\\?{0,1}.*", HttpMethod.GET.name())).logoutSuccessUrl(DispatcherPageUtil.DISPATCHER_PAGE_PATH);
        }

        protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) {
            this.credentialChecker.ifPresent(adminCredentialChecker -> {
                authenticationManagerBuilder.authenticationProvider(new AdministrationAuthenticationProvider(adminCredentialChecker, getContext()));
            });
        }
    }

    /* loaded from: input_file:org/opensingular/requirement/module/spring/security/config/SecurityConfigs$AllowAllSecurity.class */
    public static abstract class AllowAllSecurity extends AbstractSingularSpringSecurityWithFormAdapter {
        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ChannelSecurityConfigurer.RequiresChannelUrl) httpSecurity.regexMatcher(getContext().getPathRegex()).requiresChannel().anyRequest()).requiresSecure().and().headers().frameOptions().sameOrigin().and().csrf().disable().authorizeRequests().anyRequest()).authenticated().and().formLogin().permitAll().loginPage(getContext().getUrlPath() + "/login").and().logout().logoutRequestMatcher(new RegexRequestMatcher("/.*logout\\?{0,1}.*", HttpMethod.GET.name())).logoutSuccessUrl(DispatcherPageUtil.DISPATCHER_PAGE_PATH);
        }

        protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) {
            authenticationManagerBuilder.authenticationProvider(new AbstractUserDetailsAuthenticationProvider() { // from class: org.opensingular.requirement.module.spring.security.config.SecurityConfigs.AllowAllSecurity.1
                protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
                }

                protected UserDetails retrieveUser(String str, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
                    if (StringUtils.isNotBlank(str)) {
                        return new DefaultUserDetails(str, Collections.emptyList(), str, AllowAllSecurity.this.getContext());
                    }
                    throw new BadCredentialsException("Não foi possivel autenticar o usuario informado");
                }
            });
        }
    }

    @Configuration
    @AutoScanDisabled
    @Order(104)
    /* loaded from: input_file:org/opensingular/requirement/module/spring/security/config/SecurityConfigs$CASAnalise.class */
    public static class CASAnalise extends SingularCASSpringSecurityConfig {
    }

    @Configuration
    @AutoScanDisabled
    @Order(103)
    /* loaded from: input_file:org/opensingular/requirement/module/spring/security/config/SecurityConfigs$CASPeticionamento.class */
    public static class CASPeticionamento extends SingularCASSpringSecurityConfig {
    }

    @Configuration
    @AutoScanDisabled
    @Order(106)
    /* loaded from: input_file:org/opensingular/requirement/module/spring/security/config/SecurityConfigs$RequirementSecurity.class */
    public static class RequirementSecurity extends AllowAllSecurity {
    }

    @Configuration
    @AutoScanDisabled
    @Order(107)
    /* loaded from: input_file:org/opensingular/requirement/module/spring/security/config/SecurityConfigs$WorklistSecurity.class */
    public static class WorklistSecurity extends AllowAllSecurity {
    }
}
