package org.bremersee.actuator.security.authentication;

import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Set;
import java.util.TreeSet;
import java.util.function.Function;
import java.util.stream.Collectors;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import org.bremersee.security.authentication.AccessExpressionUtils;
import org.bremersee.security.authentication.AutoSecurityMode;
import org.bremersee.security.authentication.ClientCredentialsFlowProperties;
import org.springframework.boot.actuate.health.HealthEndpoint;
import org.springframework.boot.actuate.info.InfoEndpoint;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.util.StringUtils;
import org.springframework.validation.annotation.Validated;

@ConfigurationProperties(prefix = "bremersee.actuator.auth")
@Validated
/* loaded from: input_file:org/bremersee/actuator/security/authentication/ActuatorAuthProperties.class */
public class ActuatorAuthProperties {
    private String jwkSetUri;
    private String issuerUri;

    @NotNull
    private AutoSecurityMode enable = AutoSecurityMode.OTHER;
    private int order = 61;
    private boolean enableCors = true;

    @NotNull
    private List<Class<?>> unauthenticatedEndpoints = new ArrayList();

    @NotNull
    private List<String> adminRoles = new ArrayList();

    @NotNull
    private List<String> roles = new ArrayList();

    @NotNull
    private List<String> ipAddresses = new ArrayList();

    @NotEmpty
    private String jwsAlgorithm = "RS256";

    @NotEmpty
    private String rolesJsonPath = "$.realm_access.roles";
    private boolean rolesValueList = true;

    @NotNull
    private String rolesValueSeparator = " ";

    @NotNull
    private String rolePrefix = "ROLE_";

    @NotEmpty
    private String nameJsonPath = "$.preferred_username";

    @NotNull
    private ActuatorPasswordFlow passwordFlow = new ActuatorPasswordFlow();

    /* loaded from: input_file:org/bremersee/actuator/security/authentication/ActuatorAuthProperties$ActuatorPasswordFlow.class */
    public static class ActuatorPasswordFlow implements ClientCredentialsFlowProperties {
        private String tokenEndpoint;
        private String clientId;
        private String clientSecret;

        public String getTokenEndpoint() {
            return this.tokenEndpoint;
        }

        public String getClientId() {
            return this.clientId;
        }

        public String getClientSecret() {
            return this.clientSecret;
        }

        public void setTokenEndpoint(String str) {
            this.tokenEndpoint = str;
        }

        public void setClientId(String str) {
            this.clientId = str;
        }

        public void setClientSecret(String str) {
            this.clientSecret = str;
        }

        public String toString() {
            return "ActuatorAuthProperties.ActuatorPasswordFlow(tokenEndpoint=" + getTokenEndpoint() + ", clientId=" + getClientId() + ")";
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof ActuatorPasswordFlow)) {
                return false;
            }
            ActuatorPasswordFlow actuatorPasswordFlow = (ActuatorPasswordFlow) obj;
            if (!actuatorPasswordFlow.canEqual(this)) {
                return false;
            }
            String tokenEndpoint = getTokenEndpoint();
            String tokenEndpoint2 = actuatorPasswordFlow.getTokenEndpoint();
            if (tokenEndpoint == null) {
                if (tokenEndpoint2 != null) {
                    return false;
                }
            } else if (!tokenEndpoint.equals(tokenEndpoint2)) {
                return false;
            }
            String clientId = getClientId();
            String clientId2 = actuatorPasswordFlow.getClientId();
            return clientId == null ? clientId2 == null : clientId.equals(clientId2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof ActuatorPasswordFlow;
        }

        public int hashCode() {
            String tokenEndpoint = getTokenEndpoint();
            int hashCode = (1 * 59) + (tokenEndpoint == null ? 43 : tokenEndpoint.hashCode());
            String clientId = getClientId();
            return (hashCode * 59) + (clientId == null ? 43 : clientId.hashCode());
        }
    }

    @NotNull
    public List<Class<?>> unauthenticatedEndpointsOrDefaults() {
        if (this.unauthenticatedEndpoints.isEmpty()) {
            this.unauthenticatedEndpoints.add(HealthEndpoint.class);
            this.unauthenticatedEndpoints.add(InfoEndpoint.class);
        }
        return this.unauthenticatedEndpoints;
    }

    @NotNull
    public Set<String> rolesOrDefaults() {
        TreeSet treeSet = new TreeSet(this.roles);
        if (treeSet.isEmpty()) {
            treeSet.add("ROLE_ACTUATOR");
            treeSet.add("ROLE_ACTUATOR_ADMIN");
            treeSet.add("ROLE_ADMIN");
        }
        return (Set) treeSet.stream().map(this::ensureRolePrefix).collect(Collectors.toSet());
    }

    @NotNull
    public Set<String> adminRolesOrDefaults() {
        TreeSet treeSet = new TreeSet(this.adminRoles);
        if (treeSet.isEmpty()) {
            treeSet.add("ROLE_ACTUATOR_ADMIN");
            treeSet.add("ROLE_ADMIN");
        }
        return (Set) treeSet.stream().map(this::ensureRolePrefix).collect(Collectors.toSet());
    }

    @NotNull
    public String buildAccessExpression() {
        return AccessExpressionUtils.hasAuthorityOrIpAddressExpr(rolesOrDefaults(), (Function) null, this.ipAddresses);
    }

    @NotNull
    public String buildAdminAccessExpression() {
        return AccessExpressionUtils.hasAuthorityOrIpAddressExpr(adminRolesOrDefaults(), (Function) null, (Collection) null);
    }

    @NotNull
    public String ensureRolePrefix(@NotNull String str) {
        String trim = this.rolePrefix.trim();
        return (StringUtils.hasText(trim) && str.startsWith(trim)) ? str : trim + str;
    }

    public AutoSecurityMode getEnable() {
        return this.enable;
    }

    public int getOrder() {
        return this.order;
    }

    public boolean isEnableCors() {
        return this.enableCors;
    }

    public List<Class<?>> getUnauthenticatedEndpoints() {
        return this.unauthenticatedEndpoints;
    }

    public List<String> getAdminRoles() {
        return this.adminRoles;
    }

    public List<String> getRoles() {
        return this.roles;
    }

    public List<String> getIpAddresses() {
        return this.ipAddresses;
    }

    public String getJwkSetUri() {
        return this.jwkSetUri;
    }

    public String getJwsAlgorithm() {
        return this.jwsAlgorithm;
    }

    public String getIssuerUri() {
        return this.issuerUri;
    }

    public String getRolesJsonPath() {
        return this.rolesJsonPath;
    }

    public boolean isRolesValueList() {
        return this.rolesValueList;
    }

    public String getRolesValueSeparator() {
        return this.rolesValueSeparator;
    }

    public String getRolePrefix() {
        return this.rolePrefix;
    }

    public String getNameJsonPath() {
        return this.nameJsonPath;
    }

    public ActuatorPasswordFlow getPasswordFlow() {
        return this.passwordFlow;
    }

    public void setEnable(AutoSecurityMode autoSecurityMode) {
        this.enable = autoSecurityMode;
    }

    public void setOrder(int i) {
        this.order = i;
    }

    public void setEnableCors(boolean z) {
        this.enableCors = z;
    }

    public void setUnauthenticatedEndpoints(List<Class<?>> list) {
        this.unauthenticatedEndpoints = list;
    }

    public void setAdminRoles(List<String> list) {
        this.adminRoles = list;
    }

    public void setRoles(List<String> list) {
        this.roles = list;
    }

    public void setIpAddresses(List<String> list) {
        this.ipAddresses = list;
    }

    public void setJwkSetUri(String str) {
        this.jwkSetUri = str;
    }

    public void setJwsAlgorithm(String str) {
        this.jwsAlgorithm = str;
    }

    public void setIssuerUri(String str) {
        this.issuerUri = str;
    }

    public void setRolesJsonPath(String str) {
        this.rolesJsonPath = str;
    }

    public void setRolesValueList(boolean z) {
        this.rolesValueList = z;
    }

    public void setRolesValueSeparator(String str) {
        this.rolesValueSeparator = str;
    }

    public void setRolePrefix(String str) {
        this.rolePrefix = str;
    }

    public void setNameJsonPath(String str) {
        this.nameJsonPath = str;
    }

    public void setPasswordFlow(ActuatorPasswordFlow actuatorPasswordFlow) {
        this.passwordFlow = actuatorPasswordFlow;
    }

    public String toString() {
        return "ActuatorAuthProperties(enable=" + getEnable() + ", order=" + getOrder() + ", enableCors=" + isEnableCors() + ", unauthenticatedEndpoints=" + getUnauthenticatedEndpoints() + ", adminRoles=" + getAdminRoles() + ", roles=" + getRoles() + ", ipAddresses=" + getIpAddresses() + ", jwkSetUri=" + getJwkSetUri() + ", jwsAlgorithm=" + getJwsAlgorithm() + ", issuerUri=" + getIssuerUri() + ", rolesJsonPath=" + getRolesJsonPath() + ", rolesValueList=" + isRolesValueList() + ", rolesValueSeparator=" + getRolesValueSeparator() + ", rolePrefix=" + getRolePrefix() + ", nameJsonPath=" + getNameJsonPath() + ", passwordFlow=" + getPasswordFlow() + ")";
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof ActuatorAuthProperties)) {
            return false;
        }
        ActuatorAuthProperties actuatorAuthProperties = (ActuatorAuthProperties) obj;
        if (!actuatorAuthProperties.canEqual(this)) {
            return false;
        }
        AutoSecurityMode enable = getEnable();
        AutoSecurityMode enable2 = actuatorAuthProperties.getEnable();
        if (enable == null) {
            if (enable2 != null) {
                return false;
            }
        } else if (!enable.equals(enable2)) {
            return false;
        }
        if (getOrder() != actuatorAuthProperties.getOrder() || isEnableCors() != actuatorAuthProperties.isEnableCors()) {
            return false;
        }
        List<Class<?>> unauthenticatedEndpoints = getUnauthenticatedEndpoints();
        List<Class<?>> unauthenticatedEndpoints2 = actuatorAuthProperties.getUnauthenticatedEndpoints();
        if (unauthenticatedEndpoints == null) {
            if (unauthenticatedEndpoints2 != null) {
                return false;
            }
        } else if (!unauthenticatedEndpoints.equals(unauthenticatedEndpoints2)) {
            return false;
        }
        List<String> adminRoles = getAdminRoles();
        List<String> adminRoles2 = actuatorAuthProperties.getAdminRoles();
        if (adminRoles == null) {
            if (adminRoles2 != null) {
                return false;
            }
        } else if (!adminRoles.equals(adminRoles2)) {
            return false;
        }
        List<String> roles = getRoles();
        List<String> roles2 = actuatorAuthProperties.getRoles();
        if (roles == null) {
            if (roles2 != null) {
                return false;
            }
        } else if (!roles.equals(roles2)) {
            return false;
        }
        List<String> ipAddresses = getIpAddresses();
        List<String> ipAddresses2 = actuatorAuthProperties.getIpAddresses();
        if (ipAddresses == null) {
            if (ipAddresses2 != null) {
                return false;
            }
        } else if (!ipAddresses.equals(ipAddresses2)) {
            return false;
        }
        String jwkSetUri = getJwkSetUri();
        String jwkSetUri2 = actuatorAuthProperties.getJwkSetUri();
        if (jwkSetUri == null) {
            if (jwkSetUri2 != null) {
                return false;
            }
        } else if (!jwkSetUri.equals(jwkSetUri2)) {
            return false;
        }
        String jwsAlgorithm = getJwsAlgorithm();
        String jwsAlgorithm2 = actuatorAuthProperties.getJwsAlgorithm();
        if (jwsAlgorithm == null) {
            if (jwsAlgorithm2 != null) {
                return false;
            }
        } else if (!jwsAlgorithm.equals(jwsAlgorithm2)) {
            return false;
        }
        String issuerUri = getIssuerUri();
        String issuerUri2 = actuatorAuthProperties.getIssuerUri();
        if (issuerUri == null) {
            if (issuerUri2 != null) {
                return false;
            }
        } else if (!issuerUri.equals(issuerUri2)) {
            return false;
        }
        String rolesJsonPath = getRolesJsonPath();
        String rolesJsonPath2 = actuatorAuthProperties.getRolesJsonPath();
        if (rolesJsonPath == null) {
            if (rolesJsonPath2 != null) {
                return false;
            }
        } else if (!rolesJsonPath.equals(rolesJsonPath2)) {
            return false;
        }
        if (isRolesValueList() != actuatorAuthProperties.isRolesValueList()) {
            return false;
        }
        String rolesValueSeparator = getRolesValueSeparator();
        String rolesValueSeparator2 = actuatorAuthProperties.getRolesValueSeparator();
        if (rolesValueSeparator == null) {
            if (rolesValueSeparator2 != null) {
                return false;
            }
        } else if (!rolesValueSeparator.equals(rolesValueSeparator2)) {
            return false;
        }
        String rolePrefix = getRolePrefix();
        String rolePrefix2 = actuatorAuthProperties.getRolePrefix();
        if (rolePrefix == null) {
            if (rolePrefix2 != null) {
                return false;
            }
        } else if (!rolePrefix.equals(rolePrefix2)) {
            return false;
        }
        String nameJsonPath = getNameJsonPath();
        String nameJsonPath2 = actuatorAuthProperties.getNameJsonPath();
        if (nameJsonPath == null) {
            if (nameJsonPath2 != null) {
                return false;
            }
        } else if (!nameJsonPath.equals(nameJsonPath2)) {
            return false;
        }
        ActuatorPasswordFlow passwordFlow = getPasswordFlow();
        ActuatorPasswordFlow passwordFlow2 = actuatorAuthProperties.getPasswordFlow();
        return passwordFlow == null ? passwordFlow2 == null : passwordFlow.equals(passwordFlow2);
    }

    protected boolean canEqual(Object obj) {
        return obj instanceof ActuatorAuthProperties;
    }

    public int hashCode() {
        AutoSecurityMode enable = getEnable();
        int hashCode = (((((1 * 59) + (enable == null ? 43 : enable.hashCode())) * 59) + getOrder()) * 59) + (isEnableCors() ? 79 : 97);
        List<Class<?>> unauthenticatedEndpoints = getUnauthenticatedEndpoints();
        int hashCode2 = (hashCode * 59) + (unauthenticatedEndpoints == null ? 43 : unauthenticatedEndpoints.hashCode());
        List<String> adminRoles = getAdminRoles();
        int hashCode3 = (hashCode2 * 59) + (adminRoles == null ? 43 : adminRoles.hashCode());
        List<String> roles = getRoles();
        int hashCode4 = (hashCode3 * 59) + (roles == null ? 43 : roles.hashCode());
        List<String> ipAddresses = getIpAddresses();
        int hashCode5 = (hashCode4 * 59) + (ipAddresses == null ? 43 : ipAddresses.hashCode());
        String jwkSetUri = getJwkSetUri();
        int hashCode6 = (hashCode5 * 59) + (jwkSetUri == null ? 43 : jwkSetUri.hashCode());
        String jwsAlgorithm = getJwsAlgorithm();
        int hashCode7 = (hashCode6 * 59) + (jwsAlgorithm == null ? 43 : jwsAlgorithm.hashCode());
        String issuerUri = getIssuerUri();
        int hashCode8 = (hashCode7 * 59) + (issuerUri == null ? 43 : issuerUri.hashCode());
        String rolesJsonPath = getRolesJsonPath();
        int hashCode9 = (((hashCode8 * 59) + (rolesJsonPath == null ? 43 : rolesJsonPath.hashCode())) * 59) + (isRolesValueList() ? 79 : 97);
        String rolesValueSeparator = getRolesValueSeparator();
        int hashCode10 = (hashCode9 * 59) + (rolesValueSeparator == null ? 43 : rolesValueSeparator.hashCode());
        String rolePrefix = getRolePrefix();
        int hashCode11 = (hashCode10 * 59) + (rolePrefix == null ? 43 : rolePrefix.hashCode());
        String nameJsonPath = getNameJsonPath();
        int hashCode12 = (hashCode11 * 59) + (nameJsonPath == null ? 43 : nameJsonPath.hashCode());
        ActuatorPasswordFlow passwordFlow = getPasswordFlow();
        return (hashCode12 * 59) + (passwordFlow == null ? 43 : passwordFlow.hashCode());
    }
}
