package com.evolveum.midpoint.authentication.impl.module.configurer;

import com.evolveum.midpoint.authentication.api.util.AuthUtil;
import com.evolveum.midpoint.authentication.impl.entry.point.WicketLoginUrlAuthenticationEntryPoint;
import com.evolveum.midpoint.authentication.impl.filter.MidpointUsernamePasswordAuthenticationFilter;
import com.evolveum.midpoint.authentication.impl.filter.configurers.MidpointExceptionHandlingConfigurer;
import com.evolveum.midpoint.authentication.impl.filter.configurers.MidpointFormLoginConfigurer;
import com.evolveum.midpoint.authentication.impl.handler.AuditedLogoutHandler;
import com.evolveum.midpoint.authentication.impl.handler.MidPointAuthenticationSuccessHandler;
import com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler;
import com.evolveum.midpoint.authentication.impl.module.configuration.LoginFormModuleWebSecurityConfiguration;
import java.util.Arrays;
import javax.servlet.Filter;
import org.apache.wicket.util.cookies.CookieUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.security.cas.web.CasAuthenticationFilter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;

/* loaded from: input_file:WEB-INF/lib/authentication-impl-4.5.1-SNAPSHOT.jar:com/evolveum/midpoint/authentication/impl/module/configurer/LoginFormModuleWebSecurityConfigurer.class */
public class LoginFormModuleWebSecurityConfigurer<C extends LoginFormModuleWebSecurityConfiguration> extends ModuleWebSecurityConfigurer<C> {

    @Autowired
    private AuditedLogoutHandler auditedLogoutHandler;

    @Autowired
    private SessionRegistry sessionRegistry;

    @Autowired
    private Environment environment;

    @Autowired(required = false)
    private RequestAttributeAuthenticationFilter requestAttributeAuthenticationFilter;

    @Autowired(required = false)
    private CasAuthenticationFilter casFilter;

    @Autowired(required = false)
    private LogoutFilter requestSingleLogoutFilter;
    private final C configuration;

    public LoginFormModuleWebSecurityConfigurer(C c) {
        super(c);
        this.configuration = c;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.authentication.impl.module.configurer.ModuleWebSecurityConfigurer, org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    public void configure(HttpSecurity httpSecurity) throws Exception {
        super.configure(httpSecurity);
        httpSecurity.antMatcher(AuthUtil.stripEndingSlashes(getPrefix()) + "/**");
        ((MidpointFormLoginConfigurer) getOrApply(httpSecurity, getMidpointFormLoginConfigurer())).loginPage(DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL).loginProcessingUrl(AuthUtil.stripEndingSlashes(getPrefix()) + "/spring_security_login").failureHandler(new MidpointAuthenticationFailureHandler()).successHandler((AuthenticationSuccessHandler) getObjectPostProcessor().postProcess(new MidPointAuthenticationSuccessHandler())).permitAll();
        ((MidpointExceptionHandlingConfigurer) getOrApply(httpSecurity, new MidpointExceptionHandlingConfigurer())).authenticationEntryPoint(new WicketLoginUrlAuthenticationEntryPoint(DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL));
        httpSecurity.logout().clearAuthentication(true).logoutRequestMatcher(getLogoutMatcher(httpSecurity, getPrefix() + "/logout")).invalidateHttpSession(true).deleteCookies(CookieUtils.DEFAULT_SESSIONID_COOKIE_NAME).logoutSuccessHandler(createLogoutHandler());
        if (Arrays.stream(this.environment.getActiveProfiles()).anyMatch(str -> {
            return str.equalsIgnoreCase("cas");
        })) {
            httpSecurity.addFilterAt(this.casFilter, CasAuthenticationFilter.class);
            httpSecurity.addFilterBefore((Filter) this.requestSingleLogoutFilter, LogoutFilter.class);
        }
        if (Arrays.stream(this.environment.getActiveProfiles()).anyMatch(str2 -> {
            return str2.equalsIgnoreCase("ssoenv");
        })) {
            httpSecurity.addFilterBefore((Filter) this.requestAttributeAuthenticationFilter, LogoutFilter.class);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public MidpointFormLoginConfigurer getMidpointFormLoginConfigurer() {
        return new MidpointFormLoginConfigurer(new MidpointUsernamePasswordAuthenticationFilter());
    }

    @Override // com.evolveum.midpoint.authentication.impl.module.configurer.ModuleWebSecurityConfigurer
    public C getConfiguration() {
        return this.configuration;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SessionRegistry getSessionRegistry() {
        return this.sessionRegistry;
    }
}
