package pl.touk.widerest.security;

import java.util.Collection;
import java.util.stream.Stream;
import javax.annotation.Resource;
import org.broadleafcommerce.openadmin.server.security.service.AdminUserDetailsServiceImpl;
import org.broadleafcommerce.profile.core.service.UserDetailsServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher;
import pl.touk.widerest.security.authentication.BackofficeAuthenticationToken;
import pl.touk.widerest.security.authentication.PrefixBasedAuthenticationManager;
import pl.touk.widerest.security.authentication.SiteAuthenticationToken;
import pl.touk.widerest.security.authentication.TokenTypeSelectedAuthenticationProvider;
import pl.touk.widerest.security.authentication.UsertypeFormLoginConfigurer;

@EnableWebMvcSecurity
@Configuration
/* loaded from: input_file:pl/touk/widerest/security/WebSecurityConfig.class */
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Resource
    Collection<AuthenticationProvider> authenticationProviders;

    @Configuration
    @ConditionalOnBean({AdminUserDetailsServiceImpl.class})
    /* loaded from: input_file:pl/touk/widerest/security/WebSecurityConfig$BackofficeAuthenticationConfig.class */
    public static class BackofficeAuthenticationConfig {

        @Autowired
        private AdminUserDetailsServiceImpl backofficeUserDetailsService;

        @Autowired
        private PasswordEncoder blAdminPasswordEncoder;

        @Bean
        public AuthenticationProvider backofficeAuthenticationProvider() {
            TokenTypeSelectedAuthenticationProvider tokenTypeSelectedAuthenticationProvider = new TokenTypeSelectedAuthenticationProvider(BackofficeAuthenticationToken.class);
            tokenTypeSelectedAuthenticationProvider.setUserDetailsService(this.backofficeUserDetailsService);
            tokenTypeSelectedAuthenticationProvider.setPasswordEncoder(this.blAdminPasswordEncoder);
            return tokenTypeSelectedAuthenticationProvider;
        }
    }

    @Configuration
    @ConditionalOnBean({UserDetailsServiceImpl.class})
    /* loaded from: input_file:pl/touk/widerest/security/WebSecurityConfig$SiteAuthenticationConfig.class */
    public static class SiteAuthenticationConfig {

        @Autowired
        private UserDetailsServiceImpl siteUserDetailsService;

        @Autowired
        private PasswordEncoder blPasswordEncoder;

        @Bean
        public AuthenticationProvider siteAuthenticationProvider() {
            TokenTypeSelectedAuthenticationProvider tokenTypeSelectedAuthenticationProvider = new TokenTypeSelectedAuthenticationProvider(SiteAuthenticationToken.class);
            tokenTypeSelectedAuthenticationProvider.setUserDetailsService(this.siteUserDetailsService);
            tokenTypeSelectedAuthenticationProvider.setPasswordEncoder(this.blPasswordEncoder);
            return tokenTypeSelectedAuthenticationProvider;
        }
    }

    public WebSecurityConfig() {
        super(false);
    }

    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        Stream<AuthenticationProvider> stream = this.authenticationProviders.stream();
        authenticationManagerBuilder.getClass();
        stream.forEach(authenticationManagerBuilder::authenticationProvider);
    }

    protected AuthenticationManager authenticationManager() throws Exception {
        return new PrefixBasedAuthenticationManager(super.authenticationManager());
    }

    @Bean(name = {"authenticationManager"})
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        ((UsertypeFormLoginConfigurer) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.headers().frameOptions().disable().authorizeRequests().anyRequest()).permitAll().and().formLogin().disable().apply(new UsertypeFormLoginConfigurer()).m7loginPage("/login").permitAll()).and().logout().permitAll().and().anonymous().and().csrf().disable().exceptionHandling().defaultAuthenticationEntryPointFor((httpServletRequest, httpServletResponse, authenticationException) -> {
            httpServletResponse.sendError(401, authenticationException.getMessage());
        }, new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest"));
    }
}
