package eu.dnetlib.uoaauthorizationlibrary.authorization.stateless;

import eu.dnetlib.uoaauthorizationlibrary.authorization.security.AuthorizationService;
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.EntryPoint;
import eu.dnetlib.uoaauthorizationlibrary.authorization.security.SecurityMode;
import java.util.Objects;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:eu/dnetlib/uoaauthorizationlibrary/authorization/stateless/StatelessSecurityMode.class */
public class StatelessSecurityMode implements SecurityMode {
    private final AuthorizationProvider provider;
    private final EntryPoint entryPoint;
    private final AuthorizationService service;

    @Autowired
    public StatelessSecurityMode(AuthorizationProvider authorizationProvider, EntryPoint entryPoint, AuthorizationService authorizationService) {
        this.provider = authorizationProvider;
        this.entryPoint = entryPoint;
        this.service = authorizationService;
    }

    @Override // eu.dnetlib.uoaauthorizationlibrary.authorization.security.SecurityMode
    public HttpSecurity security(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf((v0) -> {
            v0.disable();
        });
        httpSecurity.sessionManagement(sessionManagementConfigurer -> {
            sessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        });
        httpSecurity.addFilterBefore(new AuthorizationFilter(this.provider), BasicAuthenticationFilter.class);
        httpSecurity.exceptionHandling(exceptionHandlingConfigurer -> {
            exceptionHandlingConfigurer.authenticationEntryPoint(this.entryPoint);
        });
        httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            AuthorizeHttpRequestsConfigurer.AuthorizedUrl authorizedUrl = (AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers(new String[]{"/documentation/swagger-ui/**", "/v3/api-docs/**"});
            Objects.requireNonNull(this.service);
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizedUrl.hasAuthority("PORTAL_ADMINISTRATOR").anyRequest()).permitAll();
        });
        return httpSecurity;
    }
}
