package pl.sparkbit.security.config;

import java.beans.ConstructorProperties;
import java.time.Clock;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.crypto.password.StandardPasswordEncoder;
import org.springframework.security.web.AuthenticationEntryPoint;
import pl.sparkbit.commons.util.IdGenerator;
import pl.sparkbit.security.Security;
import pl.sparkbit.security.callbacks.LoginResponseAdditionalDataCallback;
import pl.sparkbit.security.dao.CredentialsDao;
import pl.sparkbit.security.dao.SecurityChallengeDao;
import pl.sparkbit.security.dao.SessionDao;
import pl.sparkbit.security.dao.UserDetailsDao;
import pl.sparkbit.security.dao.impl.CredentialsDaoImpl;
import pl.sparkbit.security.dao.impl.SecurityChallengeDaoImpl;
import pl.sparkbit.security.dao.impl.SessionDaoImpl;
import pl.sparkbit.security.dao.impl.UserDetailsDaoImpl;
import pl.sparkbit.security.dao.mybatis.CredentialsMapper;
import pl.sparkbit.security.dao.mybatis.SecurityChallengeMapper;
import pl.sparkbit.security.dao.mybatis.SessionMapper;
import pl.sparkbit.security.dao.mybatis.UserDetailsMapper;
import pl.sparkbit.security.hooks.LoginHook;
import pl.sparkbit.security.hooks.LogoutHook;
import pl.sparkbit.security.login.LoginPrincipalFactory;
import pl.sparkbit.security.mvc.SecurityEndpointsRegistrations;
import pl.sparkbit.security.password.encoder.AuthTokenHasher;
import pl.sparkbit.security.password.encoder.AuthTokenHasherImpl;
import pl.sparkbit.security.password.encoder.PhpassPasswordEncoder;
import pl.sparkbit.security.password.policy.MinimalLengthPasswordPolicy;
import pl.sparkbit.security.password.policy.PasswordPolicy;
import pl.sparkbit.security.restauthn.AuthenticationTokenHelper;
import pl.sparkbit.security.service.ExtraAuthnCheckService;
import pl.sparkbit.security.service.SessionService;
import pl.sparkbit.security.service.UserDetailsService;
import pl.sparkbit.security.service.impl.SessionServiceImpl;
import pl.sparkbit.security.service.impl.UserDetailsServiceImpl;
import pl.sparkbit.security.util.SecureRandomStringGenerator;
import pl.sparkbit.security.util.SecureRandomStringGeneratorImpl;
import pl.sparkbit.security.util.SecurityChallenges;
import pl.sparkbit.security.util.SecurityChallengesImpl;

@Configuration
@MapperScan({"pl.sparkbit.security.dao.mybatis"})
@ConditionalOnWebApplication
@Import({SparkbitSecurityWebConfigurer.class, CorsConfigurer.class})
@ComponentScan({"pl.sparkbit.security.service.impl", "pl.sparkbit.security.mvc.controller", "pl.sparkbit.security.jobs"})
/* loaded from: input_file:pl/sparkbit/security/config/SparkbitSecurityAutoConfiguration.class */
public class SparkbitSecurityAutoConfiguration {
    private final SecurityProperties properties;

    @ConditionalOnMissingBean
    @Bean
    public AuthenticationEntryPoint authenticationEntryPoint() {
        return (httpServletRequest, httpServletResponse, authenticationException) -> {
            httpServletResponse.sendError(401, authenticationException.getMessage());
        };
    }

    @ConditionalOnMissingBean
    @Bean
    public CredentialsDao credentialsDao(CredentialsMapper credentialsMapper) {
        return new CredentialsDaoImpl(credentialsMapper, this.properties);
    }

    @ConditionalOnMissingBean
    @Bean
    public SecurityChallengeDao securityChallengeDao(SecurityChallengeMapper securityChallengeMapper) {
        return new SecurityChallengeDaoImpl(securityChallengeMapper, this.properties);
    }

    @ConditionalOnMissingBean
    @Bean
    public SessionDao sessionDao(SessionMapper sessionMapper) {
        return new SessionDaoImpl(sessionMapper, this.properties);
    }

    @ConditionalOnMissingBean
    @Bean
    public SecurityChallenges securityChallenges(IdGenerator idGenerator, Clock clock, SecurityChallengeDao securityChallengeDao, SecureRandomStringGenerator secureRandomStringGenerator) {
        return new SecurityChallengesImpl(idGenerator, clock, securityChallengeDao, secureRandomStringGenerator, this.properties);
    }

    @ConditionalOnMissingBean
    @Bean
    public UserDetailsDao userDetailsDao(UserDetailsMapper userDetailsMapper) {
        return new UserDetailsDaoImpl(userDetailsMapper, this.properties);
    }

    @ConditionalOnMissingBean
    @Bean
    public AuthTokenHasher authTokenHasher() {
        return new AuthTokenHasherImpl();
    }

    @ConditionalOnMissingBean
    @ConditionalOnProperty(value = {SecurityProperties.DEFAULT_PASSWORD_POLICY_ENABLED}, havingValue = "true", matchIfMissing = true)
    @Bean
    public PasswordPolicy passwordPolicy() {
        return new MinimalLengthPasswordPolicy(this.properties);
    }

    @ConditionalOnMissingBean
    @Bean
    public LoginPrincipalFactory loginPrincipalFactory(SecurityProperties securityProperties) {
        return new LoginPrincipalFactory(securityProperties.getExpectedAuthnAttributes());
    }

    @ConditionalOnMissingBean
    @Bean
    public SecurityEndpointsRegistrations mvcEndpointsRegistrations() {
        return new SecurityEndpointsRegistrations(this.properties.getPaths());
    }

    @ConditionalOnMissingBean
    @Bean
    public AuthenticationTokenHelper authenticationTokenHelper() {
        return new AuthenticationTokenHelper(this.properties);
    }

    @ConditionalOnMissingBean
    @Bean
    public PasswordEncoder passwordEncoder() {
        switch (this.properties.getPasswordEncoderType()) {
            case STANDARD:
                return new StandardPasswordEncoder();
            case BCRYPT:
                return new BCryptPasswordEncoder();
            case PHPASS:
                return new PhpassPasswordEncoder();
            default:
                return new BCryptPasswordEncoder();
        }
    }

    @ConditionalOnMissingBean
    @Bean
    public UserDetailsServiceImpl userDetailsService(UserDetailsDao userDetailsDao, AuthTokenHasher authTokenHasher, LoginPrincipalFactory loginPrincipalFactory) {
        return new UserDetailsServiceImpl(userDetailsDao, authTokenHasher, loginPrincipalFactory);
    }

    @ConditionalOnMissingBean
    @Bean
    public DaoAuthenticationProvider daoAuthenticationProvider(UserDetailsService userDetailsService) {
        DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
        daoAuthenticationProvider.setUserDetailsService(userDetailsService);
        daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());
        return daoAuthenticationProvider;
    }

    @ConditionalOnMissingBean
    @Bean
    public SessionService sessionService(SessionDao sessionDao, AuthTokenHasher authTokenHasher, Clock clock, Security security, SecureRandomStringGenerator secureRandomStringGenerator, SecurityProperties securityProperties, ObjectProvider<LoginHook> objectProvider, ObjectProvider<LogoutHook> objectProvider2, ObjectProvider<LoginResponseAdditionalDataCallback> objectProvider3, ObjectProvider<ExtraAuthnCheckService> objectProvider4) {
        return new SessionServiceImpl(sessionDao, authTokenHasher, clock, security, secureRandomStringGenerator, securityProperties, objectProvider, objectProvider2, objectProvider3, objectProvider4);
    }

    @ConditionalOnMissingBean
    @Bean
    public Security security() {
        return new Security();
    }

    @ConditionalOnMissingBean
    @Bean
    public SecureRandomStringGenerator secureRandomStringGenerator() {
        return new SecureRandomStringGeneratorImpl();
    }

    @ConstructorProperties({"properties"})
    public SparkbitSecurityAutoConfiguration(SecurityProperties securityProperties) {
        this.properties = securityProperties;
    }
}
