package org.citrusframework.simulator.ui.config;

import jakarta.annotation.Nullable;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import org.citrusframework.simulator.http.SimulatorRestAdapter;
import org.citrusframework.simulator.http.SimulatorRestConfigurationProperties;
import org.citrusframework.simulator.ui.filter.SpaWebFilter;
import org.citrusframework.simulator.ws.SimulatorWebServiceAdapter;
import org.citrusframework.simulator.ws.SimulatorWebServiceConfigurationProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.OrRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;

@Configuration
/* loaded from: input_file:org/citrusframework/simulator/ui/config/SecurityConfiguration.class */
public class SecurityConfiguration {

    @Nullable
    private final SimulatorRestConfigurationProperties simulatorRestConfigurationProperties;

    @Nullable
    private final SimulatorRestAdapter simulatorRestAdapter;

    @Nullable
    private final SimulatorWebServiceConfigurationProperties simulatorWebServiceConfigurationProperties;

    @Nullable
    private final SimulatorWebServiceAdapter simulatorWebServiceAdapter;
    private final String contentSecurityPolicy;
    private final String actuatorPath;
    private final String h2ConsolePath;

    public SecurityConfiguration(SimulatorUiConfigurationProperties simulatorUiConfigurationProperties, @Autowired(required = false) @Nullable SimulatorRestConfigurationProperties simulatorRestConfigurationProperties, @Autowired(required = false) @Nullable SimulatorRestAdapter simulatorRestAdapter, @Autowired(required = false) @Nullable SimulatorWebServiceConfigurationProperties simulatorWebServiceConfigurationProperties, @Autowired(required = false) @Nullable SimulatorWebServiceAdapter simulatorWebServiceAdapter, @Value("${management.endpoints.web.base-path:/api/manage}") String str, @Value("${spring.h2.console.path:/h2-console}") String str2) {
        this.simulatorRestConfigurationProperties = simulatorRestConfigurationProperties;
        this.simulatorRestAdapter = simulatorRestAdapter;
        this.simulatorWebServiceConfigurationProperties = simulatorWebServiceConfigurationProperties;
        this.simulatorWebServiceAdapter = simulatorWebServiceAdapter;
        this.contentSecurityPolicy = simulatorUiConfigurationProperties.getSecurity().getContentSecurityPolicy();
        this.actuatorPath = str;
        this.h2ConsolePath = str2;
    }

    private static AntPathRequestMatcher[] createMatchers(List<String> list) {
        List list2 = list.stream().map(AntPathRequestMatcher::new).toList();
        if (list2.isEmpty()) {
            list2.add(new AntPathRequestMatcher("/**/*"));
        }
        return (AntPathRequestMatcher[]) list2.toArray(new AntPathRequestMatcher[0]);
    }

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.cors((v0) -> {
            v0.disable();
        }).csrf((v0) -> {
            v0.disable();
        }).addFilterAfter(new SpaWebFilter(this.actuatorPath, this.h2ConsolePath, getSimulationEndpointsRequestMatcher()), BasicAuthenticationFilter.class).headers(headersConfigurer -> {
            headersConfigurer.contentSecurityPolicy(contentSecurityPolicyConfig -> {
                contentSecurityPolicyConfig.policyDirectives(this.contentSecurityPolicy);
            }).frameOptions((v0) -> {
                v0.sameOrigin();
            }).referrerPolicy(referrerPolicyConfig -> {
                referrerPolicyConfig.policy(ReferrerPolicyHeaderWriter.ReferrerPolicy.STRICT_ORIGIN_WHEN_CROSS_ORIGIN);
            }).permissionsPolicy(permissionsPolicyConfig -> {
                permissionsPolicyConfig.policy("camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()");
            });
        }).authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.anyRequest()).permitAll();
        }).formLogin((v0) -> {
            v0.disable();
        }).logout((v0) -> {
            v0.disable();
        });
        return (SecurityFilterChain) httpSecurity.build();
    }

    @ConditionalOnProperty(prefix = "spring.websecurity", name = {"debug"}, havingValue = "true")
    @Bean
    public WebSecurityCustomizer debuggingWebSecurityCustomizer() {
        return webSecurity -> {
            webSecurity.debug(true);
        };
    }

    private RequestMatcher getSimulationEndpointsRequestMatcher() {
        ArrayList arrayList = new ArrayList();
        addRestMatchers(arrayList);
        addWebServiceMatchers(arrayList);
        return new OrRequestMatcher(createMatchers(arrayList));
    }

    private void addWebServiceMatchers(List<String> list) {
        if (Objects.nonNull(this.simulatorWebServiceConfigurationProperties) && Objects.nonNull(this.simulatorWebServiceAdapter) && this.simulatorWebServiceAdapter.servletMappings(this.simulatorWebServiceConfigurationProperties) != null) {
            list.addAll(this.simulatorWebServiceAdapter.servletMappings(this.simulatorWebServiceConfigurationProperties));
        } else {
            if (!Objects.nonNull(this.simulatorWebServiceConfigurationProperties) || this.simulatorWebServiceConfigurationProperties.getServletMappings() == null) {
                return;
            }
            list.addAll(this.simulatorWebServiceConfigurationProperties.getServletMappings());
        }
    }

    private void addRestMatchers(List<String> list) {
        if (Objects.nonNull(this.simulatorRestConfigurationProperties) && Objects.nonNull(this.simulatorRestAdapter)) {
            list.addAll(this.simulatorRestAdapter.urlMappings(this.simulatorRestConfigurationProperties));
        } else if (Objects.nonNull(this.simulatorRestConfigurationProperties)) {
            list.addAll(this.simulatorRestConfigurationProperties.getUrlMappings());
        }
    }
}
