package org.entur.jwt.spring.config;

import org.entur.jwt.spring.auth0.properties.AuthorizationProperties;
import org.entur.jwt.spring.auth0.properties.HttpMethodMatcher;
import org.entur.jwt.spring.auth0.properties.MatcherConfiguration;
import org.entur.jwt.spring.auth0.properties.PermitAll;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.web.server.ServerHttpSecurity;

/* loaded from: input_file:org/entur/jwt/spring/config/AuthorizationWebSecurityConfig.class */
public abstract class AuthorizationWebSecurityConfig {
    private static Logger log = LoggerFactory.getLogger(AuthorizationWebSecurityConfig.class);
    protected final AuthorizationProperties authorizationProperties;

    @Autowired
    public AuthorizationWebSecurityConfig(AuthorizationProperties authorizationProperties) {
        this.authorizationProperties = authorizationProperties;
    }

    public ServerHttpSecurity configure(ServerHttpSecurity serverHttpSecurity) throws Exception {
        log.info("Configure authorization filter");
        if (!this.authorizationProperties.isEnabled()) {
            return serverHttpSecurity.authorizeExchange().anyExchange().permitAll().and();
        }
        PermitAll permitAll = this.authorizationProperties.getPermitAll();
        if (permitAll.isActive()) {
            configurePermitAll(serverHttpSecurity, permitAll);
        }
        return serverHttpSecurity.authorizeExchange().anyExchange().authenticated().and();
    }

    protected void configurePermitAll(ServerHttpSecurity serverHttpSecurity, PermitAll permitAll) throws Exception {
        if (permitAll.getMvcMatcher().isActive()) {
            throw new IllegalStateException("MVC matches are not supported, use ant matchers");
        }
        MatcherConfiguration antMatcher = permitAll.getAntMatcher();
        if (antMatcher.isActive()) {
            configurePermitAllAntMatchers(serverHttpSecurity, antMatcher);
        }
    }

    protected void configurePermitAllAntMatchers(ServerHttpSecurity serverHttpSecurity, MatcherConfiguration matcherConfiguration) throws Exception {
        if (matcherConfiguration.hasPatterns()) {
            ((ServerHttpSecurity.AuthorizeExchangeSpec.Access) serverHttpSecurity.authorizeExchange().pathMatchers(matcherConfiguration.getPatternsAsArray())).permitAll();
        }
        for (HttpMethodMatcher httpMethodMatcher : matcherConfiguration.getMethod().getActiveMethods()) {
            if (httpMethodMatcher.isActive()) {
                ((ServerHttpSecurity.AuthorizeExchangeSpec.Access) serverHttpSecurity.authorizeExchange().pathMatchers(httpMethodMatcher.getVerb(), httpMethodMatcher.getPatternsAsArray())).permitAll();
            }
        }
    }
}
