package org.seedstack.seed.security;

import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import org.apache.shiro.authc.Authenticator;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;
import org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy;
import org.apache.shiro.authc.pam.AuthenticationStrategy;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.cache.MemoryConstrainedCacheManager;
import org.apache.shiro.mgt.SessionStorageEvaluator;
import org.apache.shiro.mgt.SubjectDAO;
import org.apache.shiro.mgt.SubjectFactory;
import org.apache.shiro.session.mgt.SessionValidationScheduler;
import org.apache.shiro.subject.SubjectContext;
import org.seedstack.coffig.Config;
import org.seedstack.coffig.SingleValue;
import org.seedstack.seed.security.internal.SeedSessionStorageEvaluator;

@Config("security")
/* loaded from: input_file:org/seedstack/seed/security/SecurityConfig.class */
public class SecurityConfig {
    private SessionConfig sessions = new SessionConfig();
    private CacheConfig cache = new CacheConfig();
    private AuthenticationConfig authentication = new AuthenticationConfig();
    private SubjectConfig subject = new SubjectConfig();
    private List<RealmConfig> realms = new ArrayList();
    private Map<String, UserConfig> users = new HashMap();
    private Map<String, Set<String>> roles = new HashMap();
    private Map<String, Set<String>> permissions = new HashMap();

    @Config("authentication")
    /* loaded from: input_file:org/seedstack/seed/security/SecurityConfig$AuthenticationConfig.class */
    public static class AuthenticationConfig {

        @SingleValue
        private Class<? extends AuthenticationStrategy> strategy = AtLeastOneSuccessfulStrategy.class;
        private Class<? extends Authenticator> authenticator = ModularRealmAuthenticator.class;
        private Class<? extends CredentialsMatcher> credentialsMatcher = SimpleCredentialsMatcher.class;

        public Class<? extends Authenticator> getAuthenticator() {
            return this.authenticator;
        }

        public AuthenticationConfig setAuthenticator(Class<? extends Authenticator> cls) {
            this.authenticator = cls;
            return this;
        }

        public Class<? extends AuthenticationStrategy> getStrategy() {
            return this.strategy;
        }

        public AuthenticationConfig setStrategy(Class<? extends AuthenticationStrategy> cls) {
            this.strategy = cls;
            return this;
        }

        public Class<? extends CredentialsMatcher> getCredentialsMatcher() {
            return this.credentialsMatcher;
        }

        public AuthenticationConfig setCredentialsMatcher(Class<? extends CredentialsMatcher> cls) {
            this.credentialsMatcher = cls;
            return this;
        }
    }

    @Config("cache")
    /* loaded from: input_file:org/seedstack/seed/security/SecurityConfig$CacheConfig.class */
    public static class CacheConfig {

        @SingleValue
        private boolean enabled = true;
        private ItemCacheConfig authentication = new ItemCacheConfig();
        private ItemCacheConfig authorization = new ItemCacheConfig();
        private Class<? extends CacheManager> manager = MemoryConstrainedCacheManager.class;

        /* loaded from: input_file:org/seedstack/seed/security/SecurityConfig$CacheConfig$ItemCacheConfig.class */
        public static class ItemCacheConfig {

            @SingleValue
            private boolean enabled = true;
            private String name;

            public boolean isEnabled() {
                return this.enabled;
            }

            public ItemCacheConfig setEnabled(boolean z) {
                this.enabled = z;
                return this;
            }

            public String getName() {
                return this.name;
            }

            public ItemCacheConfig setName(String str) {
                this.name = str;
                return this;
            }
        }

        public boolean isEnabled() {
            return this.enabled;
        }

        public CacheConfig setEnabled(boolean z) {
            this.enabled = z;
            return this;
        }

        public ItemCacheConfig authentication() {
            return this.authentication;
        }

        public ItemCacheConfig authorization() {
            return this.authorization;
        }

        public Class<? extends CacheManager> getManager() {
            return this.manager;
        }

        public CacheConfig setManager(Class<? extends CacheManager> cls) {
            this.manager = cls;
            return this;
        }
    }

    /* loaded from: input_file:org/seedstack/seed/security/SecurityConfig$RealmConfig.class */
    public static class RealmConfig {

        @SingleValue
        private String name;
        private String roleMapper;
        private String permissionResolver;

        public String getName() {
            return this.name;
        }

        public RealmConfig setName(String str) {
            this.name = str;
            return this;
        }

        public String getRoleMapper() {
            return this.roleMapper;
        }

        public RealmConfig setRoleMapper(String str) {
            this.roleMapper = str;
            return this;
        }

        public String getPermissionResolver() {
            return this.permissionResolver;
        }

        public RealmConfig setPermissionResolver(String str) {
            this.permissionResolver = str;
            return this;
        }
    }

    @Config("sessions")
    /* loaded from: input_file:org/seedstack/seed/security/SecurityConfig$SessionConfig.class */
    public static class SessionConfig {

        @SingleValue
        private boolean enabled = true;
        private long timeout = 900000;
        private long validationInterval = this.timeout / 2;
        private Class<? extends SessionStorageEvaluator> storageEvaluator = SeedSessionStorageEvaluator.class;
        private Class<? extends SessionValidationScheduler> validationScheduler;

        public boolean isEnabled() {
            return this.enabled;
        }

        public SessionConfig setEnabled(boolean z) {
            this.enabled = z;
            return this;
        }

        public long getTimeout() {
            return this.timeout;
        }

        public SessionConfig setTimeout(long j) {
            this.timeout = j * 1000;
            return this;
        }

        public Class<? extends SessionStorageEvaluator> getStorageEvaluator() {
            return this.storageEvaluator;
        }

        public SessionConfig setStorageEvaluator(Class<? extends SessionStorageEvaluator> cls) {
            this.storageEvaluator = cls;
            return this;
        }

        public Class<? extends SessionValidationScheduler> getValidationScheduler() {
            return this.validationScheduler;
        }

        public SessionConfig setValidationScheduler(Class<? extends SessionValidationScheduler> cls) {
            this.validationScheduler = cls;
            return this;
        }

        public long getValidationInterval() {
            return this.validationInterval;
        }

        public SessionConfig setValidationInterval(long j) {
            this.validationInterval = j;
            return this;
        }
    }

    @Config("subject")
    /* loaded from: input_file:org/seedstack/seed/security/SecurityConfig$SubjectConfig.class */
    public static class SubjectConfig {
        private Class<? extends SubjectDAO> dao;
        private Class<? extends SubjectContext> context;
        private Class<? extends SubjectFactory> factory;

        public Class<? extends SubjectDAO> getDao() {
            return this.dao;
        }

        public SubjectConfig setDao(Class<? extends SubjectDAO> cls) {
            this.dao = cls;
            return this;
        }

        public Class<? extends SubjectContext> getContext() {
            return this.context;
        }

        public SubjectConfig setContext(Class<? extends SubjectContext> cls) {
            this.context = cls;
            return this;
        }

        public Class<? extends SubjectFactory> getFactory() {
            return this.factory;
        }

        public SubjectConfig setFactory(Class<? extends SubjectFactory> cls) {
            this.factory = cls;
            return this;
        }
    }

    /* loaded from: input_file:org/seedstack/seed/security/SecurityConfig$UserConfig.class */
    public static class UserConfig {

        @SingleValue
        private String password = "";
        private Set<String> roles = new HashSet();

        public String getPassword() {
            return this.password;
        }

        public UserConfig setPassword(String str) {
            this.password = str;
            return this;
        }

        public Set<String> getRoles() {
            return Collections.unmodifiableSet(this.roles);
        }

        public UserConfig addRole(String str) {
            this.roles.add(str);
            return this;
        }
    }

    public SessionConfig sessions() {
        return this.sessions;
    }

    public CacheConfig cache() {
        return this.cache;
    }

    public AuthenticationConfig authentication() {
        return this.authentication;
    }

    public SubjectConfig subject() {
        return this.subject;
    }

    public List<RealmConfig> getRealms() {
        return Collections.unmodifiableList(this.realms);
    }

    public SecurityConfig addRealm(RealmConfig realmConfig) {
        this.realms.add(realmConfig);
        return this;
    }

    public Optional<RealmConfig> getRealm(String str) {
        return this.realms.stream().filter(realmConfig -> {
            return realmConfig.getName().equals(str);
        }).findFirst();
    }

    public Map<String, UserConfig> getUsers() {
        return Collections.unmodifiableMap(this.users);
    }

    public SecurityConfig addUser(String str, UserConfig userConfig) {
        this.users.put(str, userConfig);
        return this;
    }

    public Map<String, Set<String>> getRoles() {
        return Collections.unmodifiableMap(this.roles);
    }

    public SecurityConfig addRole(String str, Set<String> set) {
        this.roles.put(str, set);
        return this;
    }

    public Map<String, Set<String>> getPermissions() {
        return Collections.unmodifiableMap(this.permissions);
    }

    public SecurityConfig addRolePermissions(String str, Set<String> set) {
        this.permissions.put(str, set);
        return this;
    }
}
