package org.frankframework.ladybug.config;

import jakarta.servlet.ServletContext;
import java.lang.reflect.Method;
import java.util.stream.Collectors;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.frankframework.lifecycle.DynamicRegistration;
import org.frankframework.lifecycle.servlets.AuthenticationType;
import org.frankframework.lifecycle.servlets.IAuthenticator;
import org.frankframework.lifecycle.servlets.ServletConfiguration;
import org.frankframework.util.ClassUtils;
import org.frankframework.util.EnumUtils;
import org.frankframework.util.SpringUtils;
import org.frankframework.util.StringUtil;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.context.EnvironmentAware;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.core.env.Environment;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.web.context.ServletContextAware;

@Configuration
@EnableWebSecurity
@EnableMethodSecurity(jsr250Enabled = true, prePostEnabled = false)
@Order(Integer.MIN_VALUE)
/* loaded from: input_file:org/frankframework/ladybug/config/LadybugSecurityChainConfigurer.class */
public class LadybugSecurityChainConfigurer implements ApplicationContextAware, EnvironmentAware, ServletContextAware {
    private static final Logger APPLICATION_LOG = LogManager.getLogger("APPLICATION");
    private static final String HTTP_SECURITY_BEAN_NAME = "org.springframework.security.config.annotation.web.configuration.HttpSecurityConfiguration.httpSecurity";
    private ApplicationContext applicationContext;
    private Environment environment;
    private ServletContext servletContext;

    private IAuthenticator createAuthenticator() {
        try {
            Class authenticator = EnumUtils.parse(AuthenticationType.class, this.environment.getProperty("application.security.testtool.authentication." + "type", AuthenticationType.SEALED.name())).getAuthenticator();
            IAuthenticator iAuthenticator = (IAuthenticator) SpringUtils.createBean(this.applicationContext, authenticator);
            for (Method method : authenticator.getMethods()) {
                if (method.getName().startsWith("set") && method.getParameterTypes().length == 1) {
                    String property = this.environment.getProperty("application.security.testtool.authentication." + StringUtil.lcFirst(method.getName().substring(3)));
                    if (StringUtils.isNotEmpty(property)) {
                        ClassUtils.invokeSetter(iAuthenticator, method, property);
                    }
                }
            }
            return iAuthenticator;
        } catch (IllegalArgumentException e) {
            throw new IllegalStateException("invalid authenticator type", e);
        }
    }

    @Bean
    public SecurityFilterChain createLadybugSecurityChain(HttpSecurity httpSecurity) throws Exception {
        return configureChain();
    }

    private SecurityFilterChain configureChain() throws Exception {
        IAuthenticator createAuthenticator = createAuthenticator();
        APPLICATION_LOG.info("Securing Ladybug TestTool using {}", ClassUtils.classNameOf(createAuthenticator));
        createAuthenticator.registerServlet(createServletConfig("ladybugApiServletBean"));
        createAuthenticator.registerServlet(createServletConfig("ladybugFrontendServletBean"));
        createAuthenticator.registerServlet(createServletConfig("testtoolServletBean"));
        HttpSecurity httpSecurity = (HttpSecurity) this.applicationContext.getBean(HTTP_SECURITY_BEAN_NAME, HttpSecurity.class);
        httpSecurity.csrf((v0) -> {
            v0.disable();
        });
        httpSecurity.formLogin((v0) -> {
            v0.disable();
        });
        httpSecurity.logout((v0) -> {
            v0.disable();
        });
        httpSecurity.headers(headersConfigurer -> {
            headersConfigurer.frameOptions((v0) -> {
                v0.sameOrigin();
            });
        });
        return createAuthenticator.configureHttpSecurity(httpSecurity);
    }

    private ServletConfiguration createServletConfig(String str) {
        ServletRegistrationBean servletRegistrationBean = (ServletRegistrationBean) this.applicationContext.getBean(str, ServletRegistrationBean.class);
        ServletConfiguration servletConfiguration = (ServletConfiguration) SpringUtils.createBean(this.applicationContext, ServletConfiguration.class);
        servletConfiguration.setSecurityRoles(DynamicRegistration.ALL_IBIS_USER_ROLES);
        servletConfiguration.setUrlMapping((String) servletRegistrationBean.getUrlMappings().stream().collect(Collectors.joining(",")));
        return servletConfiguration;
    }

    @Generated
    public void setApplicationContext(ApplicationContext applicationContext) {
        this.applicationContext = applicationContext;
    }

    @Generated
    public void setEnvironment(Environment environment) {
        this.environment = environment;
    }

    @Generated
    public void setServletContext(ServletContext servletContext) {
        this.servletContext = servletContext;
    }
}
