package de.ingrid.ibus;

import de.ingrid.codelists.CodeListService;
import de.ingrid.codelists.comm.HttpCLCommunication;
import de.ingrid.codelists.comm.ICodeListCommunication;
import de.ingrid.codelists.persistency.XmlCodeListPersistency;
import de.ingrid.ibus.config.CodelistConfiguration;
import de.ingrid.ibus.config.ElasticsearchConfiguration;
import de.ingrid.ibus.config.IBusConfiguration;
import de.ingrid.ibus.service.SecurityService;
import java.util.ArrayList;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;

@EnableConfigurationProperties({CodelistConfiguration.class, ElasticsearchConfiguration.class, IBusConfiguration.class})
@Configuration
@EnableWebSecurity
/* loaded from: input_file:ingrid-ibus-5.2.0/lib/ingrid-ibus-backend-5.2.0.jar:de/ingrid/ibus/WebSecurityConfig.class */
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    private static Logger log = LogManager.getLogger((Class<?>) WebSecurityConfig.class);

    @Value("${development:false}")
    private boolean developmentMode;

    @Value("${codelistrepo.url:http://not-configured}")
    private String codelistUrl;

    @Value("${codelistrepo.username:}")
    private String codelistUsername;

    @Value("${codelistrepo.password:}")
    private String codelistPassword;
    private final SecurityService securityService;
    private final UserDetailsService userDetailsService;

    @Autowired
    public WebSecurityConfig(SecurityService securityService, UserDetailsService userDetailsService) {
        this.securityService = securityService;
        this.userDetailsService = userDetailsService;
    }

    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        if (this.developmentMode) {
            initDevelopmentMode(httpSecurity);
        } else {
            initProductionMode(httpSecurity);
        }
    }

    @Bean
    public static PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.userDetailsService(this.userDetailsService).passwordEncoder(passwordEncoder());
    }

    @Bean
    public CodeListService codelistService() {
        CodeListService codeListService = new CodeListService();
        codeListService.setComm(codelistCommunication());
        ArrayList arrayList = new ArrayList();
        XmlCodeListPersistency xmlCodeListPersistency = new XmlCodeListPersistency();
        xmlCodeListPersistency.setPathToXml("data/codelists");
        arrayList.add(xmlCodeListPersistency);
        codeListService.setPersistencies(arrayList);
        codeListService.setDefaultPersistency(0);
        return codeListService;
    }

    public void secureWebapp(String str) {
        this.securityService.isPasswordDefined = true;
        ((InMemoryUserDetailsManager) this.userDetailsService).updateUser(new User("admin", str, new ArrayList()));
    }

    private ICodeListCommunication codelistCommunication() {
        HttpCLCommunication httpCLCommunication = new HttpCLCommunication();
        httpCLCommunication.setRequestUrl(this.codelistUrl + "/rest/getCodelists");
        httpCLCommunication.setUsername(this.codelistUsername);
        httpCLCommunication.setPassword(this.codelistPassword);
        return httpCLCommunication;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void initProductionMode(HttpSecurity httpSecurity) throws Exception {
        ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) httpSecurity.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()).authorizeRequests().antMatchers("/css/**").permitAll().and()).authorizeRequests().antMatchers("/login*").permitAll().and()).authorizeRequests().anyRequest().access("@security.hasPermission(authentication)").and()).formLogin().loginPage(DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL).permitAll().and()).logout().permitAll();
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void initDevelopmentMode(HttpSecurity httpSecurity) throws Exception {
        log.info("======================================================");
        log.info("================== DEVELOPMENT MODE ==================");
        log.info("======================================================");
        ((HttpSecurity) ((HttpSecurity) httpSecurity.cors().and()).authorizeRequests().anyRequest().permitAll().and()).csrf().disable();
    }
}
