package org.apereo.cas.config;

import jakarta.annotation.Nonnull;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.palantir.PalantirConstants;
import org.apereo.cas.palantir.controller.DashboardController;
import org.apereo.cas.palantir.controller.SchemaController;
import org.apereo.cas.palantir.controller.ServicesController;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.services.util.RegisteredServiceJsonSerializer;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.apereo.cas.web.CasWebSecurityConfigurer;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@AutoConfiguration
@ConditionalOnFeatureEnabled(feature = {CasFeatureModule.FeatureCatalog.Palantir})
/* loaded from: input_file:org/apereo/cas/config/CasPalantirConfiguration.class */
public class CasPalantirConfiguration {
    @ConditionalOnMissingBean(name = {"palantirDashboardController"})
    @Bean
    public DashboardController palantirDashboardController() {
        return new DashboardController();
    }

    @ConditionalOnMissingBean(name = {"palantirSchemaController"})
    @Bean
    public SchemaController palantirSchemaController() {
        return new SchemaController();
    }

    @ConditionalOnMissingBean(name = {"palantirServicesController"})
    @Bean
    public ServicesController palantirServicesController(@Qualifier("servicesManager") ObjectProvider<ServicesManager> objectProvider, ConfigurableApplicationContext configurableApplicationContext) {
        return new ServicesController(objectProvider, new RegisteredServiceJsonSerializer(configurableApplicationContext));
    }

    @ConditionalOnMissingBean(name = {"palantirWebMvcConfigurer"})
    @Bean
    public WebMvcConfigurer palantirWebMvcConfigurer(CasConfigurationProperties casConfigurationProperties) {
        return new WebMvcConfigurer(this) { // from class: org.apereo.cas.config.CasPalantirConfiguration.1
            public void addViewControllers(@Nonnull ViewControllerRegistry viewControllerRegistry) {
                viewControllerRegistry.addViewController("/adminlogin").setViewName("admin/casAdminLoginView");
            }
        };
    }

    @ConditionalOnMissingBean(name = {"palantirEndpointWebSecurityConfigurer"})
    @Bean
    public CasWebSecurityConfigurer<HttpSecurity> palantirEndpointWebSecurityConfigurer() {
        return new CasWebSecurityConfigurer<HttpSecurity>(this) { // from class: org.apereo.cas.config.CasPalantirConfiguration.2
            public CasWebSecurityConfigurer<HttpSecurity> finish(HttpSecurity httpSecurity) throws Exception {
                SavedRequestAwareAuthenticationSuccessHandler savedRequestAwareAuthenticationSuccessHandler = new SavedRequestAwareAuthenticationSuccessHandler();
                savedRequestAwareAuthenticationSuccessHandler.setTargetUrlParameter("redirectTo");
                savedRequestAwareAuthenticationSuccessHandler.setDefaultTargetUrl(PalantirConstants.URL_PATH_PALANTIR);
                httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
                    ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers(new RequestMatcher[]{new AntPathRequestMatcher("/assets/**")})).authenticated().requestMatchers(new RequestMatcher[]{new AntPathRequestMatcher("/palantir/**")})).authenticated();
                }).formLogin(formLoginConfigurer -> {
                    formLoginConfigurer.loginPage("/adminlogin").permitAll().successHandler(savedRequestAwareAuthenticationSuccessHandler);
                });
                return this;
            }
        };
    }
}
