package eu.dnetlib.loginservice.security;

import eu.dnetlib.loginservice.properties.Properties;
import eu.dnetlib.loginservice.security.oidc.OpenAIREAuthenticationFilter;
import eu.dnetlib.loginservice.security.oidc.OpenAIREAuthenticationSuccessHandler;
import eu.dnetlib.loginservice.security.oidc.OpenAIRELogoutHandler;
import eu.dnetlib.loginservice.security.oidc.OpenAIRELogoutSuccessHandler;
import eu.dnetlib.loginservice.utils.EntryPoint;
import javax.servlet.Filter;
import org.mitre.openid.connect.client.OIDCAuthenticationProvider;
import org.mitre.openid.connect.client.service.ClientConfigurationService;
import org.mitre.openid.connect.client.service.IssuerService;
import org.mitre.openid.connect.client.service.ServerConfigurationService;
import org.mitre.openid.connect.client.service.impl.PlainAuthRequestUrlBuilder;
import org.mitre.openid.connect.client.service.impl.StaticAuthRequestOptionsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, proxyTargetClass = true)
/* loaded from: input_file:WEB-INF/classes/eu/dnetlib/loginservice/security/WebSecurityConfig.class */
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    private final Properties properties;
    private final EntryPoint entryPoint;
    private final OIDCAuthenticationProvider provider;
    private final IssuerService issuerService;
    private final ServerConfigurationService serverConfigurationService;
    private final ClientConfigurationService clientConfigurationService;
    private final StaticAuthRequestOptionsService optionsService;
    private final PlainAuthRequestUrlBuilder builder;
    private final OpenAIREAuthenticationSuccessHandler authenticationSuccessHandler;
    private final OpenAIRELogoutHandler logoutHandler;
    private final OpenAIRELogoutSuccessHandler logoutSuccessHandler;

    @Autowired
    public WebSecurityConfig(Properties properties, EntryPoint entryPoint, OIDCAuthenticationProvider oIDCAuthenticationProvider, IssuerService issuerService, ServerConfigurationService serverConfigurationService, ClientConfigurationService clientConfigurationService, StaticAuthRequestOptionsService staticAuthRequestOptionsService, PlainAuthRequestUrlBuilder plainAuthRequestUrlBuilder, OpenAIREAuthenticationSuccessHandler openAIREAuthenticationSuccessHandler, OpenAIRELogoutHandler openAIRELogoutHandler, OpenAIRELogoutSuccessHandler openAIRELogoutSuccessHandler) {
        this.properties = properties;
        this.entryPoint = entryPoint;
        this.provider = oIDCAuthenticationProvider;
        this.issuerService = issuerService;
        this.serverConfigurationService = serverConfigurationService;
        this.clientConfigurationService = clientConfigurationService;
        this.optionsService = staticAuthRequestOptionsService;
        this.builder = plainAuthRequestUrlBuilder;
        this.authenticationSuccessHandler = openAIREAuthenticationSuccessHandler;
        this.logoutHandler = openAIRELogoutHandler;
        this.logoutSuccessHandler = openAIRELogoutSuccessHandler;
    }

    public OpenAIREAuthenticationFilter initFilter() throws Exception {
        OpenAIREAuthenticationFilter openAIREAuthenticationFilter = new OpenAIREAuthenticationFilter(this.properties);
        openAIREAuthenticationFilter.setAuthenticationManager(authenticationManagerBean());
        openAIREAuthenticationFilter.afterPropertiesSet();
        openAIREAuthenticationFilter.setIssuerService(this.issuerService);
        openAIREAuthenticationFilter.setServerConfigurationService(this.serverConfigurationService);
        openAIREAuthenticationFilter.setClientConfigurationService(this.clientConfigurationService);
        openAIREAuthenticationFilter.setAuthRequestOptionsService(this.optionsService);
        openAIREAuthenticationFilter.setAuthRequestUrlBuilder(this.builder);
        openAIREAuthenticationFilter.setAuthenticationSuccessHandler(this.authenticationSuccessHandler);
        return openAIREAuthenticationFilter;
    }

    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf().disable();
        httpSecurity.authenticationProvider((AuthenticationProvider) this.provider);
        httpSecurity.addFilterBefore((Filter) initFilter(), BasicAuthenticationFilter.class);
        httpSecurity.httpBasic().authenticationEntryPoint(this.entryPoint);
        httpSecurity.logout().logoutUrl("/openid_logout").addLogoutHandler(this.logoutHandler).logoutSuccessHandler(this.logoutSuccessHandler).invalidateHttpSession(false);
        httpSecurity.authorizeRequests().anyRequest().permitAll();
    }
}
