package org.ikasan.web;

import java.util.ArrayList;
import java.util.List;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;

@Configuration
@EnableWebSecurity
@EnableMethodSecurity
@EnableWebMvc
/* loaded from: input_file:org/ikasan/web/WebSecurityConfig.class */
public class WebSecurityConfig {

    @Value("${ikasan.additional.unsecured.endpoint:}")
    private List<String> additionalUnsecuredEndpoints = new ArrayList();

    @Bean
    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
        return authenticationConfiguration.getAuthenticationManager();
    }

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        this.additionalUnsecuredEndpoints.addAll(List.of("/login.jsp", "/css/**", "/images/**", "/js/**", "/rest/**", "/actuator/**"));
        httpSecurity.httpBasic(httpBasicConfigurer -> {
        }).authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers((String[]) this.additionalUnsecuredEndpoints.toArray(new String[this.additionalUnsecuredEndpoints.size()]))).permitAll().requestMatchers(new String[]{"/admin/**"})).hasAnyAuthority(new String[]{"ALL", "WebServiceAdmin", "WriteBlueConsole"}).requestMatchers(new String[]{"/**"})).hasAnyAuthority(new String[]{"ALL", "ReadBlueConsole"}).anyRequest()).authenticated();
        }).formLogin(formLoginConfigurer -> {
            formLoginConfigurer.loginPage("/login.jsp").loginProcessingUrl("/j_spring_security_check").usernameParameter("j_username").passwordParameter("j_password").defaultSuccessUrl("/home.htm", true).permitAll();
        }).logout(logoutConfigurer -> {
            logoutConfigurer.logoutSuccessUrl("/").logoutUrl("/j_spring_security_logout").deleteCookies(new String[]{"JSESSIONID"});
        }).csrf(csrfConfigurer -> {
            csrfConfigurer.disable();
        }).headers(headersConfigurer -> {
            headersConfigurer.frameOptions(frameOptionsConfig -> {
                frameOptionsConfig.sameOrigin();
            });
        });
        return (SecurityFilterChain) httpSecurity.build();
    }
}
