package org.minbox.framework.oauth;

import java.util.ArrayList;
import java.util.List;
import org.minbox.framework.oauth.grant.DefaultApiBootOauthTokenGranter;
import org.minbox.framework.oauth.grant.OAuth2TokenGranter;
import org.minbox.framework.oauth.services.MinBoxOAuth2TokenServices;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.CompositeTokenGranter;
import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
import org.springframework.security.oauth2.provider.TokenGranter;
import org.springframework.security.oauth2.provider.TokenRequest;
import org.springframework.security.oauth2.provider.client.ClientCredentialsTokenGranter;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeTokenGranter;
import org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices;
import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
import org.springframework.security.oauth2.provider.implicit.ImplicitTokenGranter;
import org.springframework.security.oauth2.provider.password.ResourceOwnerPasswordTokenGranter;
import org.springframework.security.oauth2.provider.refresh.RefreshTokenGranter;
import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;
import org.springframework.security.oauth2.provider.token.AccessTokenConverter;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
import org.springframework.security.oauth2.provider.token.TokenEnhancer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.util.ObjectUtils;

/* loaded from: input_file:org/minbox/framework/oauth/AuthorizationServerConfiguration.class */
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private TokenStore tokenStore;

    @Autowired
    private AccessTokenConverter accessTokenConverter;

    @Autowired
    private ClientDetailsService clientDetailsService;
    private List<OAuth2TokenGranter> oAuth2TokenGranters;

    @Autowired
    private WebResponseExceptionTranslator webResponseExceptionTranslator;

    @Autowired
    private OAuthConfigProperties authConfigProperties;

    public AuthorizationServerConfiguration(ObjectProvider<List<OAuth2TokenGranter>> objectProvider) {
        this.oAuth2TokenGranters = (List) objectProvider.getIfAvailable();
    }

    public void configure(AuthorizationServerSecurityConfigurer authorizationServerSecurityConfigurer) throws Exception {
        authorizationServerSecurityConfigurer.passwordEncoder(passwordEncoder()).tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
    }

    public void configure(AuthorizationServerEndpointsConfigurer authorizationServerEndpointsConfigurer) throws Exception {
        authorizationServerEndpointsConfigurer.authenticationManager(this.authenticationManager).tokenStore(this.tokenStore).exceptionTranslator(this.webResponseExceptionTranslator).tokenGranter(tokenGranter()).accessTokenConverter(this.accessTokenConverter);
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    private TokenGranter tokenGranter() {
        return new TokenGranter() { // from class: org.minbox.framework.oauth.AuthorizationServerConfiguration.1
            private CompositeTokenGranter delegate;

            public OAuth2AccessToken grant(String str, TokenRequest tokenRequest) {
                if (this.delegate == null) {
                    this.delegate = new CompositeTokenGranter(AuthorizationServerConfiguration.this.getDefaultTokenGranters());
                }
                return this.delegate.grant(str, tokenRequest);
            }
        };
    }

    private TokenEnhancer tokenEnhancer() {
        if (this.accessTokenConverter instanceof JwtAccessTokenConverter) {
            return this.accessTokenConverter;
        }
        return null;
    }

    protected AuthorizationServerTokenServices tokenServices() {
        MinBoxOAuth2TokenServices minBoxOAuth2TokenServices = new MinBoxOAuth2TokenServices();
        minBoxOAuth2TokenServices.setTokenStore(this.tokenStore);
        minBoxOAuth2TokenServices.setSupportRefreshToken(this.authConfigProperties.isSupportRefreshToken());
        minBoxOAuth2TokenServices.setReuseRefreshToken(this.authConfigProperties.isReuseRefreshToken());
        minBoxOAuth2TokenServices.setAlwaysCreateToken(this.authConfigProperties.isAlwaysCreateToken());
        minBoxOAuth2TokenServices.setAccessTokenValiditySeconds(this.authConfigProperties.getAccessTokenValiditySeconds());
        minBoxOAuth2TokenServices.setRefreshTokenValiditySeconds(this.authConfigProperties.getRefreshTokenValiditySeconds());
        minBoxOAuth2TokenServices.setClientDetailsService(this.clientDetailsService);
        minBoxOAuth2TokenServices.setTokenEnhancer(tokenEnhancer());
        return minBoxOAuth2TokenServices;
    }

    private AuthorizationCodeServices authorizationCodeServices() {
        return new InMemoryAuthorizationCodeServices();
    }

    private OAuth2RequestFactory requestFactory() {
        return new DefaultOAuth2RequestFactory(this.clientDetailsService);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<TokenGranter> getDefaultTokenGranters() {
        ClientDetailsService clientDetailsService = this.clientDetailsService;
        AuthorizationServerTokenServices authorizationServerTokenServices = tokenServices();
        AuthorizationCodeServices authorizationCodeServices = authorizationCodeServices();
        OAuth2RequestFactory requestFactory = requestFactory();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new AuthorizationCodeTokenGranter(authorizationServerTokenServices, authorizationCodeServices, clientDetailsService, requestFactory));
        arrayList.add(new RefreshTokenGranter(authorizationServerTokenServices, clientDetailsService, requestFactory));
        arrayList.add(new ImplicitTokenGranter(authorizationServerTokenServices, clientDetailsService, requestFactory));
        arrayList.add(new ClientCredentialsTokenGranter(authorizationServerTokenServices, clientDetailsService, requestFactory));
        if (this.authenticationManager != null) {
            arrayList.add(new ResourceOwnerPasswordTokenGranter(this.authenticationManager, authorizationServerTokenServices, clientDetailsService, requestFactory));
        }
        if (!ObjectUtils.isEmpty(this.oAuth2TokenGranters)) {
            this.oAuth2TokenGranters.stream().forEach(oAuth2TokenGranter -> {
                arrayList.add(new DefaultApiBootOauthTokenGranter(authorizationServerTokenServices, this.clientDetailsService, requestFactory, oAuth2TokenGranter));
            });
        }
        return arrayList;
    }
}
