package org.apereo.cas.oidc.config;

import java.util.List;
import org.apereo.cas.oidc.util.OidcRequestSupport;
import org.apereo.cas.throttle.AuthenticationThrottlingExecutionPlan;
import org.apereo.cas.throttle.AuthenticationThrottlingExecutionPlanConfigurer;
import org.apereo.cas.throttle.ThrottledRequestFilter;
import org.pac4j.core.context.JEEContext;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@AutoConfigureBefore({OidcConfiguration.class})
@Configuration(value = "oidcThrottleConfiguration", proxyBeanMethods = true)
/* loaded from: input_file:org/apereo/cas/oidc/config/OidcThrottleConfiguration.class */
public class OidcThrottleConfiguration {
    private static final List<String> THROTTLED_ENDPOINTS = List.of("oidcAccessToken", "oidcAuthorize", "oidcToken", "oidcProfile", "jwks", "clientConfig", "revoke", "introspect");

    @Autowired
    @Qualifier("authenticationThrottlingExecutionPlan")
    private ObjectProvider<AuthenticationThrottlingExecutionPlan> authenticationThrottlingExecutionPlan;

    @Autowired
    @Qualifier("oidcRequestSupport")
    private ObjectProvider<OidcRequestSupport> oidcRequestSupport;

    @ConditionalOnMissingBean(name = {"oidcThrottleWebMvcConfigurer"})
    @Bean
    public WebMvcConfigurer oidcThrottleWebMvcConfigurer() {
        return new WebMvcConfigurer() { // from class: org.apereo.cas.oidc.config.OidcThrottleConfiguration.1
            public void addInterceptors(InterceptorRegistry interceptorRegistry) {
                ((AuthenticationThrottlingExecutionPlan) OidcThrottleConfiguration.this.authenticationThrottlingExecutionPlan.getObject()).getAuthenticationThrottleInterceptors().forEach(handlerInterceptor -> {
                    interceptorRegistry.addInterceptor(handlerInterceptor).order(0).addPathPatterns(new String[]{"/oidc/**"});
                });
            }
        };
    }

    @ConditionalOnMissingBean(name = {"oidcAuthenticationThrottlingExecutionPlanConfigurer"})
    @Bean
    public AuthenticationThrottlingExecutionPlanConfigurer oidcAuthenticationThrottlingExecutionPlanConfigurer() {
        return authenticationThrottlingExecutionPlan -> {
            authenticationThrottlingExecutionPlan.registerAuthenticationThrottleFilter(oidcThrottledRequestFilter());
        };
    }

    @ConditionalOnMissingBean(name = {"oidcThrottledRequestFilter"})
    @Bean
    public ThrottledRequestFilter oidcThrottledRequestFilter() {
        return (httpServletRequest, httpServletResponse) -> {
            JEEContext jEEContext = new JEEContext(httpServletRequest, httpServletResponse);
            return THROTTLED_ENDPOINTS.stream().anyMatch(str -> {
                return ((OidcRequestSupport) this.oidcRequestSupport.getObject()).isValidIssuerForEndpoint(jEEContext, str);
            });
        };
    }
}
