package org.springframework.security.oauth2.config.annotation.web.configuration;

import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping;
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
import org.springframework.security.oauth2.provider.expression.OAuth2WebSecurityExpressionHandler;
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.util.matcher.RequestMatcher;

@Configuration
/* loaded from: input_file:org/springframework/security/oauth2/config/annotation/web/configuration/ResourceServerConfiguration.class */
public class ResourceServerConfiguration extends WebSecurityConfigurerAdapter implements Ordered {

    @Autowired(required = false)
    private TokenStore tokenStore;

    @Autowired(required = false)
    private ResourceServerTokenServices tokenServices;

    @Autowired(required = false)
    private AuthorizationServerEndpointsConfiguration endpoints;
    private int order = 3;
    private List<ResourceServerConfigurer> configurers = Collections.emptyList();
    private AccessDeniedHandler accessDeniedHandler = new OAuth2AccessDeniedHandler();

    /* loaded from: input_file:org/springframework/security/oauth2/config/annotation/web/configuration/ResourceServerConfiguration$NotOAuthRequestMatcher.class */
    private static class NotOAuthRequestMatcher implements RequestMatcher {
        private FrameworkEndpointHandlerMapping mapping;

        public NotOAuthRequestMatcher(FrameworkEndpointHandlerMapping frameworkEndpointHandlerMapping) {
            this.mapping = frameworkEndpointHandlerMapping;
        }

        public boolean matches(HttpServletRequest httpServletRequest) {
            String requestPath = getRequestPath(httpServletRequest);
            Iterator<String> it = this.mapping.getPaths().iterator();
            while (it.hasNext()) {
                if (requestPath.startsWith(it.next())) {
                    return false;
                }
            }
            return true;
        }

        private String getRequestPath(HttpServletRequest httpServletRequest) {
            String servletPath = httpServletRequest.getServletPath();
            if (httpServletRequest.getPathInfo() != null) {
                servletPath = servletPath + httpServletRequest.getPathInfo();
            }
            return servletPath;
        }
    }

    public int getOrder() {
        return this.order;
    }

    public void setOrder(int i) {
        this.order = i;
    }

    @Autowired(required = false)
    public void setConfigurers(List<ResourceServerConfigurer> list) {
        this.configurers = list;
    }

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        HttpSecurity.RequestMatcherConfigurer requestMatchers = httpSecurity.requestMatchers();
        if (this.endpoints != null) {
            requestMatchers.requestMatchers(new RequestMatcher[]{new NotOAuthRequestMatcher(this.endpoints.oauth2EndpointHandlerMapping())});
        }
        httpSecurity.exceptionHandling().accessDeniedHandler(this.accessDeniedHandler).and().anonymous().disable().csrf().disable();
        Iterator<ResourceServerConfigurer> it = this.configurers.iterator();
        while (it.hasNext()) {
            it.next().configure(httpSecurity);
        }
        if (this.configurers.isEmpty()) {
            ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().anyRequest()).authenticated();
        }
        httpSecurity.authorizeRequests().expressionHandler(new OAuth2WebSecurityExpressionHandler());
        ResourceServerSecurityConfigurer resourceServerSecurityConfigurer = new ResourceServerSecurityConfigurer();
        httpSecurity.apply(resourceServerSecurityConfigurer);
        if (this.tokenServices != null) {
            resourceServerSecurityConfigurer.tokenServices(this.tokenServices);
        } else if (this.tokenStore != null) {
            resourceServerSecurityConfigurer.tokenStore(this.tokenStore);
        }
        Iterator<ResourceServerConfigurer> it2 = this.configurers.iterator();
        while (it2.hasNext()) {
            it2.next().configure(resourceServerSecurityConfigurer);
        }
    }
}
