package de.ingrid.interfaces.csw.admin;

import de.ingrid.interfaces.csw.config.ApplicationProperties;
import de.ingrid.interfaces.csw.domain.constants.ConfigurationKeys;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;
import org.apache.derby.iapi.reference.Attribute;
import org.eclipse.jetty.security.authentication.FormAuthenticator;
import org.eclipse.jetty.server.session.SessionHandler;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.NegatedRequestMatcher;
import org.springframework.security.web.util.matcher.OrRequestMatcher;

@Configuration
/* loaded from: input_file:ingrid-interface-csw-7.2.3/lib/ingrid-interface-csw-7.2.3.jar:de/ingrid/interfaces/csw/admin/SecurityConfig.class */
public class SecurityConfig {

    @Configuration
    @Order(2)
    /* loaded from: input_file:ingrid-interface-csw-7.2.3/lib/ingrid-interface-csw-7.2.3.jar:de/ingrid/interfaces/csw/admin/SecurityConfig$App1ConfigurationAdapter.class */
    public static class App1ConfigurationAdapter {
        /* JADX WARN: Multi-variable type inference failed */
        @Bean
        public SecurityFilterChain generalSecurity(HttpSecurity httpSecurity) throws Exception {
            ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) httpSecurity.csrf().disable()).authorizeRequests().antMatchers(HttpMethod.GET, "/csw").permitAll().antMatchers(HttpMethod.POST, "/csw").permitAll().and()).requestMatchers().requestMatchers(new NegatedRequestMatcher(new OrRequestMatcher(new AntPathRequestMatcher("/csw-t"), new AntPathRequestMatcher("/error")))).and().authorizeRequests().anyRequest().hasRole("admin").and()).formLogin().loginPage("/login.html").usernameParameter(FormAuthenticator.__J_USERNAME).passwordParameter(FormAuthenticator.__J_PASSWORD).loginProcessingUrl("/j_spring_security_check").defaultSuccessUrl("/welcome.html", true).failureUrl("/loginFailure.html").and()).logout().logoutUrl("/perform_logout").deleteCookies(SessionHandler.__DefaultSessionCookie);
            return httpSecurity.build();
        }
    }

    @Configuration
    @Order(1)
    /* loaded from: input_file:ingrid-interface-csw-7.2.3/lib/ingrid-interface-csw-7.2.3.jar:de/ingrid/interfaces/csw/admin/SecurityConfig$App2ConfigurationAdapter.class */
    public static class App2ConfigurationAdapter {
        /* JADX WARN: Multi-variable type inference failed */
        @Bean
        public SecurityFilterChain cswtSecurity(HttpSecurity httpSecurity) throws Exception {
            ((HttpSecurity) ((HttpSecurity) httpSecurity.requestMatchers().antMatchers("/csw-t").and().authorizeRequests().anyRequest().hasAnyRole("admin", Attribute.USERNAME_ATTR).and()).httpBasic().and()).csrf().disable();
            return httpSecurity.build();
        }
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Bean
    public InMemoryUserDetailsManager userDetailsService() {
        UserDetails build = User.withUsername("admin").password(ApplicationProperties.get(ConfigurationKeys.INGRID_ADMIN_PASSWORD)).roles("admin").build();
        List<UserDetails> mapCswtUserConfigToUserDetails = mapCswtUserConfigToUserDetails(ApplicationProperties.get(ConfigurationKeys.CSWT_USERS, ",").split(","));
        mapCswtUserConfigToUserDetails.add(build);
        return new InMemoryUserDetailsManager(mapCswtUserConfigToUserDetails);
    }

    private static List<UserDetails> mapCswtUserConfigToUserDetails(String[] strArr) {
        return (List) Arrays.stream(strArr).map(str -> {
            String[] split = str.split("::");
            return User.withUsername(split[0]).password(split[1]).roles(Attribute.USERNAME_ATTR).build();
        }).collect(Collectors.toList());
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Bean
    @Order(0)
    SecurityFilterChain resources(HttpSecurity httpSecurity) throws Exception {
        ((HttpSecurity) httpSecurity.requestMatchers(requestMatcherConfigurer -> {
            requestMatcherConfigurer.antMatchers("/login*", "/css/**", "/images/**", "/js/**");
        }).authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            authorizationManagerRequestMatcherRegistry.anyRequest().permitAll();
        }).requestCache().disable().securityContext().disable()).sessionManagement().disable();
        return httpSecurity.build();
    }
}
