package org.apereo.cas.config;

import jakarta.annotation.Nonnull;
import java.util.ArrayList;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.palantir.PalantirConstants;
import org.apereo.cas.palantir.controller.DashboardController;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.apereo.cas.web.CasWebSecurityConfigurer;
import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointProperties;
import org.springframework.boot.actuate.endpoint.web.EndpointLinksResolver;
import org.springframework.boot.actuate.endpoint.web.WebEndpointsSupplier;
import org.springframework.boot.actuate.endpoint.web.annotation.ControllerEndpointsSupplier;
import org.springframework.boot.actuate.endpoint.web.annotation.ServletEndpointsSupplier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration(value = "CasPalantirWebMvcConfiguration", proxyBeanMethods = false)
@ConditionalOnFeatureEnabled(feature = {CasFeatureModule.FeatureCatalog.Palantir})
/* loaded from: input_file:org/apereo/cas/config/CasPalantirWebMvcConfiguration.class */
class CasPalantirWebMvcConfiguration {
    CasPalantirWebMvcConfiguration() {
    }

    @ConditionalOnMissingBean(name = {"palantirDashboardController"})
    @Bean
    public DashboardController palantirDashboardController(WebEndpointsSupplier webEndpointsSupplier, ServletEndpointsSupplier servletEndpointsSupplier, ControllerEndpointsSupplier controllerEndpointsSupplier, WebEndpointProperties webEndpointProperties, CasConfigurationProperties casConfigurationProperties) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(webEndpointsSupplier.getEndpoints());
        arrayList.addAll(servletEndpointsSupplier.getEndpoints());
        arrayList.addAll(controllerEndpointsSupplier.getEndpoints());
        return new DashboardController(casConfigurationProperties, new EndpointLinksResolver(arrayList, webEndpointProperties.getBasePath()), webEndpointProperties);
    }

    @ConditionalOnMissingBean(name = {"palantirWebMvcConfigurer"})
    @Bean
    public WebMvcConfigurer palantirWebMvcConfigurer(CasConfigurationProperties casConfigurationProperties) {
        return new WebMvcConfigurer(this) { // from class: org.apereo.cas.config.CasPalantirWebMvcConfiguration.1
            public void addViewControllers(@Nonnull ViewControllerRegistry viewControllerRegistry) {
                viewControllerRegistry.addViewController("/adminlogin").setViewName("admin/casAdminLoginView");
            }
        };
    }

    @ConditionalOnMissingBean(name = {"palantirEndpointWebSecurityConfigurer"})
    @Bean
    public CasWebSecurityConfigurer<HttpSecurity> palantirEndpointWebSecurityConfigurer() {
        return new CasWebSecurityConfigurer<HttpSecurity>(this) { // from class: org.apereo.cas.config.CasPalantirWebMvcConfiguration.2
            public CasWebSecurityConfigurer<HttpSecurity> finish(HttpSecurity httpSecurity) throws Exception {
                SavedRequestAwareAuthenticationSuccessHandler savedRequestAwareAuthenticationSuccessHandler = new SavedRequestAwareAuthenticationSuccessHandler();
                savedRequestAwareAuthenticationSuccessHandler.setTargetUrlParameter("redirectTo");
                savedRequestAwareAuthenticationSuccessHandler.setDefaultTargetUrl(PalantirConstants.URL_PATH_PALANTIR);
                httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
                    ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers(new RequestMatcher[]{new AntPathRequestMatcher("/palantir/**")})).authenticated();
                }).formLogin(formLoginConfigurer -> {
                    formLoginConfigurer.loginPage("/adminlogin").permitAll().successHandler(savedRequestAwareAuthenticationSuccessHandler);
                });
                return this;
            }
        };
    }
}
