package leap.web.security;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import leap.core.AppConfig;
import leap.core.BeanFactory;
import leap.core.annotation.ConfigProperty;
import leap.core.annotation.Configurable;
import leap.core.annotation.Inject;
import leap.core.ioc.BeanList;
import leap.core.ioc.PostConfigureBean;
import leap.core.security.crypto.PasswordEncoder;
import leap.core.web.RequestIgnore;
import leap.lang.Args;
import leap.lang.Strings;
import leap.lang.path.AntPathPattern;
import leap.web.security.csrf.CsrfStore;
import leap.web.security.path.SecuredPaths;
import leap.web.security.user.UserStore;

@Configurable(prefix = "websecurity")
/* loaded from: input_file:leap/web/security/DefaultSecurityConfig.class */
public class DefaultSecurityConfig implements SecurityConfig, SecurityConfigurator, PostConfigureBean {

    @Inject
    protected SecuredPaths securedPaths;

    @Inject
    protected PasswordEncoder passwordEncoder;

    @Inject
    protected UserStore userStore;

    @Inject
    protected CsrfStore csrfStore;

    @Inject
    protected BeanList<SecurityInterceptor> interceptors;
    protected BeanFactory factory = null;
    protected boolean enabled = false;
    protected boolean crossContext = false;
    protected Boolean csrfEnabled = null;
    protected boolean loginEnabled = true;
    protected boolean logoutEnabled = true;
    protected boolean authenticateAnyRequests = true;
    protected boolean authorizeAnyRequests = false;
    protected int defaultAuthenticationExpires = SecurityConstants.DEFAULT_AUTHENTICATION_EXPIRES;
    protected String returnUrlParameterName = SecurityConstants.DEFAULT_RETURN_URL_PARAMETER;
    protected boolean rememberMeEnabled = true;
    protected String rememberMeSecret = null;
    protected String rememberMeCookieName = "remember_me";
    protected String rememberMeParameterName = "remember_me";
    protected String rememberMeExpiresParameterName = SecurityConstants.DEFAULT_REMEMBERME_EXPIRES_PARAMETER;
    protected String loginUrl = null;
    protected String loginAction = SecurityConstants.DEFAULT_LOGIN_ACTION;
    protected String logoutAction = SecurityConstants.DEFAULT_LOGOUT_ACTION;
    protected String logoutSuccessUrl = SecurityConstants.DEFAULT_LOGOUT_SUCCESS_URL;
    protected int defaultRememberMeExpires = SecurityConstants.DEFAULT_REMEMBERME_EXPIRES;
    protected String csrfHeaderName = SecurityConstants.DEFAULT_CSRF_HEADER;
    protected String csrfParameterName = SecurityConstants.DEFAULT_CSRF_PARAMETER;
    protected boolean authenticationTokenEnabled = true;
    protected String authenticationTokenCookieName = SecurityConstants.DEFAULT_TOKEN_AUTHENTICATION_COOKIE;
    protected String authenticationTokenHeaderName = SecurityConstants.DEFAULT_TOKEN_AUTHENTICATION_HEADER;
    protected String authenticationTokenType = SecurityConstants.DEFAULT_TOKEN_TYPE;
    protected String tokenSecret = null;
    protected String cookieDomain = null;
    protected String[] ignorePaths = new String[0];
    protected List<RequestIgnore> ignores = new ArrayList();
    protected Map<String, SecurityFailureHandler> pathPrefixFailureHandlers = new TreeMap(String.CASE_INSENSITIVE_ORDER);
    private RequestIgnore[] ignoresArray = new RequestIgnore[0];
    private SecurityInterceptor[] interceptorArray = new SecurityInterceptor[0];
    private final Object interceptorLock = new Object();

    @Override // leap.web.security.SecurityConfigurator
    public SecurityConfig config() {
        return this;
    }

    @Override // leap.web.security.SecurityConfigurator
    public SecuredPaths paths() {
        return this.securedPaths;
    }

    @Override // leap.web.security.SecurityConfig
    public boolean isEnabled() {
        return this.enabled;
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public SecurityConfigurator setEnabled(boolean z) {
        this.enabled = z;
        return this;
    }

    @Override // leap.web.security.SecurityConfigurator
    public BeanList<SecurityInterceptor> interceptors() {
        return this.interceptors;
    }

    @Override // leap.web.security.SecurityConfig
    public SecurityInterceptor[] getInterceptors() {
        if (this.interceptorArray.length != this.interceptors.size()) {
            synchronized (this.interceptorLock) {
                if (this.interceptorArray.length != this.interceptors.size()) {
                    this.interceptorArray = (SecurityInterceptor[]) this.interceptors.toArray(new SecurityInterceptor[this.interceptors.size()]);
                }
            }
        }
        return this.interceptorArray;
    }

    @Override // leap.web.security.SecurityConfig
    public boolean isCrossContext() {
        return this.crossContext;
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public DefaultSecurityConfig setCrossContext(boolean z) {
        this.crossContext = z;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public boolean isCsrfEnabled() {
        return this.csrfEnabled == null ? this.enabled : this.csrfEnabled.booleanValue();
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public DefaultSecurityConfig setCsrfEnabled(boolean z) {
        this.csrfEnabled = Boolean.valueOf(z);
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public boolean isAuthenticateAnyRequests() {
        return this.authenticateAnyRequests;
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public DefaultSecurityConfig setAuthenticateAnyRequests(boolean z) {
        this.authenticateAnyRequests = z;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public boolean isAuthorizeAnyRequests() {
        return this.authorizeAnyRequests;
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public DefaultSecurityConfig setAuthorizeAnyRequests(boolean z) {
        this.authorizeAnyRequests = z;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public UserStore getUserStore() {
        return this.userStore;
    }

    @Override // leap.web.security.SecurityConfig
    public CsrfStore getCsrfStore() {
        return this.csrfStore;
    }

    @Override // leap.web.security.SecurityConfigurator
    public SecurityConfigurator setUserStore(UserStore userStore) {
        Args.notNull(userStore, "userStore");
        this.userStore = userStore;
        this.factory.setPrimaryBean(UserStore.class, userStore);
        return this;
    }

    @Override // leap.web.security.SecurityConfigurator
    public SecurityConfigurator setCsrfStore(CsrfStore csrfStore) {
        Args.notNull(csrfStore, "csrfStore");
        this.csrfStore = csrfStore;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public String getReturnUrlParameterName() {
        return this.returnUrlParameterName;
    }

    @ConfigProperty
    public DefaultSecurityConfig setReturnUrlParameterName(String str) {
        Args.notEmpty(str);
        this.returnUrlParameterName = str;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public boolean isRememberMeEnabled() {
        return this.rememberMeEnabled;
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public DefaultSecurityConfig setRememberMeEnabled(boolean z) {
        this.rememberMeEnabled = z;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public String getRememberMeSecret() {
        return this.rememberMeSecret;
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public DefaultSecurityConfig setRememberMeSecret(String str) {
        Args.notEmpty(str);
        this.rememberMeSecret = str;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public String getRememberMeCookieName() {
        return this.rememberMeCookieName;
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public DefaultSecurityConfig setRememberMeCookieName(String str) {
        Args.notEmpty(str);
        this.rememberMeCookieName = str;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public String getRememberMeParameterName() {
        return this.rememberMeParameterName;
    }

    @ConfigProperty
    public DefaultSecurityConfig setRememberMeParameterName(String str) {
        Args.notEmpty(str);
        this.rememberMeParameterName = str;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public String getRememberMeExpiresParameterName() {
        return this.rememberMeExpiresParameterName;
    }

    @ConfigProperty
    public DefaultSecurityConfig setRememberMeExpiresParameterName(String str) {
        Args.notEmpty(str);
        this.rememberMeExpiresParameterName = str;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public int getDefaultRememberMeExpires() {
        return this.defaultRememberMeExpires;
    }

    @ConfigProperty
    public DefaultSecurityConfig setDefaultRememberMeExpires(int i) {
        Args.assertTrue(i > 0, "Expires must be > 0");
        this.defaultRememberMeExpires = i;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public String getCsrfHeaderName() {
        return this.csrfHeaderName;
    }

    @Override // leap.web.security.SecurityConfig
    public String getCsrfParameterName() {
        return this.csrfParameterName;
    }

    @Override // leap.web.security.SecurityConfigurator
    public DefaultSecurityConfig setCsrfHeaderName(String str) {
        this.csrfHeaderName = str;
        return this;
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public DefaultSecurityConfig setCsrfParameterName(String str) {
        this.csrfParameterName = str;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public boolean isAuthenticationTokenEnabled() {
        return this.authenticationTokenEnabled;
    }

    @Override // leap.web.security.SecurityConfig
    public int getDefaultAuthenticationExpires() {
        return this.defaultAuthenticationExpires;
    }

    @Override // leap.web.security.SecurityConfig
    public String getAuthenticationTokenCookieName() {
        return this.authenticationTokenCookieName;
    }

    @Override // leap.web.security.SecurityConfig
    public String getAuthenticationTokenHeaderName() {
        return this.authenticationTokenHeaderName;
    }

    @ConfigProperty
    public void setAuthenticationTokenHeaderName(String str) {
        this.authenticationTokenHeaderName = str;
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public DefaultSecurityConfig setAuthenticationTokenEnabled(boolean z) {
        this.authenticationTokenEnabled = z;
        return this;
    }

    @ConfigProperty
    public void setAuthenticationTokenCookieName(String str) {
        this.authenticationTokenCookieName = str;
    }

    @Override // leap.web.security.SecurityConfig
    public String getAuthenticationTokenType() {
        return this.authenticationTokenType;
    }

    @ConfigProperty
    public void setAuthenticationTokenType(String str) {
        this.authenticationTokenType = str;
    }

    @Override // leap.web.security.SecurityConfig
    public String getSecret() {
        return this.tokenSecret;
    }

    @ConfigProperty
    public void setTokenSecret(String str) {
        this.tokenSecret = str;
    }

    public String[] getIgnorePaths() {
        return this.ignorePaths;
    }

    @ConfigProperty
    public void setIgnorePaths(String[] strArr) {
        this.ignorePaths = strArr;
    }

    @Override // leap.web.security.SecurityConfig
    public String getCookieDomain() {
        return this.cookieDomain;
    }

    @ConfigProperty
    public void setCookieDomain(String str) {
        this.cookieDomain = str;
    }

    @Override // leap.web.security.SecurityConfig
    public boolean isLoginEnabled() {
        return this.loginEnabled;
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public SecurityConfigurator setLoginEnabled(boolean z) {
        this.loginEnabled = z;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public boolean isLogoutEnabled() {
        return this.logoutEnabled;
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public SecurityConfigurator setLogoutEnabled(boolean z) {
        this.logoutEnabled = z;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public String getLoginUrl() {
        return null == this.loginUrl ? "action:" + this.loginAction : this.loginUrl;
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public DefaultSecurityConfig setLoginUrl(String str) {
        this.loginUrl = str;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public String getLoginAction() {
        return this.loginAction;
    }

    @Override // leap.web.security.SecurityConfig
    public String getLogoutAction() {
        return this.logoutAction;
    }

    @Override // leap.web.security.SecurityConfig
    public String getLogoutSuccessUrl() {
        return this.logoutSuccessUrl;
    }

    @Override // leap.web.security.SecurityConfigurator
    @ConfigProperty
    public SecurityConfigurator setLoginAction(String str) {
        this.loginAction = str;
        return this;
    }

    @Override // leap.web.security.SecurityConfigurator
    public SecurityConfigurator setLogoutAction(String str) {
        this.logoutAction = str;
        return this;
    }

    @ConfigProperty
    public DefaultSecurityConfig setLogoutSuccessUrl(String str) {
        Args.notEmpty(str);
        this.logoutSuccessUrl = str;
        return this;
    }

    @Override // leap.web.security.SecurityConfigurator
    public SecurityConfigurator setPathPrefixFailureHandler(String str, SecurityFailureHandler securityFailureHandler) {
        this.pathPrefixFailureHandlers.put(str, securityFailureHandler);
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public RequestIgnore[] getIgnores() {
        return this.ignoresArray;
    }

    @Override // leap.web.security.SecurityConfig
    public Map<String, SecurityFailureHandler> getPathPrefixFailureHandlers() {
        return this.pathPrefixFailureHandlers;
    }

    @Override // leap.web.security.SecurityConfig
    public SecuredPaths getSecuredPaths() {
        return this.securedPaths;
    }

    @Override // leap.web.security.SecurityConfigurator
    public SecurityConfigurator ignore(String str) {
        AntPathPattern antPathPattern = new AntPathPattern(str);
        this.ignores.add(requestBase -> {
            return antPathPattern.matches(requestBase.getPath());
        });
        this.ignoresArray = (RequestIgnore[]) this.ignores.toArray(new RequestIgnore[this.ignores.size()]);
        return this;
    }

    @Override // leap.web.security.SecurityConfigurator
    public SecurityConfigurator setPasswordEncoder(PasswordEncoder passwordEncoder) {
        Args.notNull(passwordEncoder, "password encoder");
        this.passwordEncoder = passwordEncoder;
        return this;
    }

    @Override // leap.web.security.SecurityConfig
    public PasswordEncoder getPasswordEncoder() {
        return this.passwordEncoder;
    }

    public void postConfigure(BeanFactory beanFactory, AppConfig appConfig) throws Throwable {
        this.factory = beanFactory;
        if (Strings.isEmpty(this.tokenSecret)) {
            this.tokenSecret = appConfig.ensureGetSecret();
        }
        if (Strings.isEmpty(this.rememberMeSecret)) {
            this.rememberMeSecret = this.tokenSecret;
        }
        if (Strings.isEmpty(this.rememberMeSecret)) {
            this.rememberMeSecret = appConfig.ensureGetSecret();
        }
        for (String str : getIgnorePaths()) {
            ignore(str);
        }
    }
}
