package se.ikama.bauta.config;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.File;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import se.ikama.bauta.security.SecurityConfig;
import se.ikama.bauta.security.SecurityUtils;
import se.ikama.bauta.security.User;

@EnableWebSecurity
@Configuration
/* loaded from: input_file:BOOT-INF/lib/bauta-core-0.0.69.jar:se/ikama/bauta/config/SecurityConfiguration.class */
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) SecurityConfiguration.class);
    private static final String LOGIN_PROCESSING_URL = "/ui/login";
    private static final String LOGIN_FAILURE_URL = "/ui/login?error=login_failed";
    private static final String LOGIN_URL = "/ui/login";
    private static final String LOGOUT_SUCCESS_URL = "/ui/login";
    private static final String LOGIN_SUCCESS_URL = "/ui/";

    @Value("${bauta.security.enabled:false}")
    private boolean securityEnabled;

    @Value("${bauta.security.configFilePath:}")
    private String securityConfigFilePath;

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        if (this.securityEnabled) {
            ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) httpSecurity.csrf().disable()).requestCache().requestCache(new CustomRequestCache()).and()).authorizeRequests().requestMatchers(SecurityUtils::isFrameworkInternalRequest).permitAll().anyRequest().authenticated().and()).formLogin().loginPage("/ui/login").permitAll().loginProcessingUrl("/ui/login").failureUrl(LOGIN_FAILURE_URL).defaultSuccessUrl(LOGIN_SUCCESS_URL).and()).logout().logoutSuccessUrl("/ui/login");
        } else {
            log.info("Security is disabled");
            httpSecurity.authorizeRequests().anyRequest().permitAll();
        }
    }

    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        if (this.securityEnabled) {
            authenticationManagerBuilder.userDetailsService(userDetailsService());
        }
    }

    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    @Bean
    public UserDetailsService userDetailsService() {
        if (!this.securityEnabled || !StringUtils.isNotEmpty(this.securityConfigFilePath)) {
            return new InMemoryUserDetailsManager();
        }
        File file = new File(this.securityConfigFilePath);
        if (!file.exists()) {
            throw new RuntimeException("bauta.security.configFilePath points to a file that does not exist: " + this.securityConfigFilePath);
        }
        try {
            SecurityConfig securityConfig = (SecurityConfig) new ObjectMapper().readValue(file, SecurityConfig.class);
            InMemoryUserDetailsManager inMemoryUserDetailsManager = new InMemoryUserDetailsManager();
            for (User user : securityConfig.getUsers()) {
                inMemoryUserDetailsManager.createUser(org.springframework.security.core.userdetails.User.withUsername(user.getUsername()).password(user.getPassword()).roles(user.getRoles()).build());
            }
            return inMemoryUserDetailsManager;
        } catch (Exception e) {
            throw new RuntimeException("Failed to read security config file", e);
        }
    }

    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter, org.springframework.security.config.annotation.SecurityConfigurer
    public void configure(WebSecurity webSecurity) {
        if (this.securityEnabled) {
            webSecurity.ignoring().antMatchers("/ui/VAADIN/**", "/VAADIN/**", "/favicon.ico", "/robots.txt", "/manifest.webmanifest", "/sw.js", "/offline-page.html", "/icons/**", "/images/**", "**/frontend/**", "/webjars/**", "/static/**", "/frontend-es5/**", "/frontend-es6/**");
        } else {
            webSecurity.ignoring().anyRequest();
        }
    }
}
