package org.entur.jwt.spring.camel;

import java.util.ArrayList;
import org.apache.camel.component.spring.security.SpringSecurityAccessPolicy;
import org.apache.camel.component.spring.security.SpringSecurityAuthorizationPolicy;
import org.entur.jwt.spring.filter.JwtAuthorityMapper;
import org.entur.jwt.verifier.JwtClaimExtractor;
import org.entur.jwt.verifier.JwtVerifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.vote.AffirmativeBased;
import org.springframework.security.access.vote.AuthenticatedVoter;

@Configuration
/* loaded from: input_file:org/entur/jwt/spring/camel/JwtCamelAutoConfiguration.class */
public class JwtCamelAutoConfiguration {
    @Bean(name = {"validTokenAccessPolicy"})
    public SpringSecurityAuthorizationPolicy validTokenAccessPolicy() {
        SpringSecurityAuthorizationPolicy springSecurityAuthorizationPolicy = new SpringSecurityAuthorizationPolicy();
        springSecurityAuthorizationPolicy.setAccessDecisionManager(accessDecisionManager());
        springSecurityAuthorizationPolicy.setAuthenticationManager(new JwtAuthenticationManager());
        springSecurityAuthorizationPolicy.setUseThreadSecurityContext(false);
        springSecurityAuthorizationPolicy.setSpringSecurityAccessPolicy(new SpringSecurityAccessPolicy("IS_AUTHENTICATED_FULLY"));
        return springSecurityAuthorizationPolicy;
    }

    protected AccessDecisionManager accessDecisionManager() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(authenticatedVoter());
        return new AffirmativeBased(arrayList);
    }

    @ConditionalOnMissingBean({AuthenticatedVoter.class})
    @Bean
    public AuthenticatedVoter authenticatedVoter() {
        return new AuthenticatedVoter();
    }

    @ConditionalOnMissingBean({JwtAuthenticationProcessor.class})
    @ConditionalOnProperty(name = {"entur.jwt.enabled"}, havingValue = "true", matchIfMissing = false)
    @Bean
    public <T> JwtAuthenticationProcessor jwtAuthenticationProcessor(JwtVerifier<T> jwtVerifier, JwtAuthorityMapper<T> jwtAuthorityMapper, JwtClaimExtractor<T> jwtClaimExtractor) {
        return new DefaultJwtAuthenticationProcessor(jwtVerifier, jwtAuthorityMapper, jwtClaimExtractor);
    }
}
