package com.evolveum.midpoint.authentication.impl.module.configurer;

import com.evolveum.midpoint.authentication.api.AuthenticationChannel;
import com.evolveum.midpoint.authentication.impl.MidpointProviderManager;
import com.evolveum.midpoint.authentication.impl.entry.point.WicketLoginUrlAuthenticationEntryPoint;
import com.evolveum.midpoint.authentication.impl.filter.MidpointRequestHeaderAuthenticationFilter;
import com.evolveum.midpoint.authentication.impl.filter.configurers.MidpointExceptionHandlingConfigurer;
import com.evolveum.midpoint.authentication.impl.filter.configurers.MidpointFormLoginConfigurer;
import com.evolveum.midpoint.authentication.impl.handler.MidPointAuthenticationSuccessHandler;
import com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler;
import com.evolveum.midpoint.authentication.impl.module.configuration.HttpHeaderModuleWebSecurityConfiguration;
import com.evolveum.midpoint.web.security.MidPointApplication;
import com.evolveum.midpoint.xml.ns._public.common.common_3.HttpHeaderAuthenticationModuleType;
import jakarta.servlet.Filter;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter;

/* loaded from: input_file:BOOT-INF/lib/authentication-impl-4.8.7-SNAPSHOT.jar:com/evolveum/midpoint/authentication/impl/module/configurer/HttpHeaderModuleWebSecurityConfigurer.class */
public class HttpHeaderModuleWebSecurityConfigurer extends LoginFormModuleWebSecurityConfigurer<HttpHeaderModuleWebSecurityConfiguration, HttpHeaderAuthenticationModuleType> {

    @Autowired
    private MidpointProviderManager authenticationManager;

    public HttpHeaderModuleWebSecurityConfigurer(HttpHeaderAuthenticationModuleType httpHeaderAuthenticationModuleType, String str, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest servletRequest, AuthenticationProvider authenticationProvider) {
        super(httpHeaderAuthenticationModuleType, str, authenticationChannel, objectPostProcessor, servletRequest, authenticationProvider);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.authentication.impl.module.configurer.ModuleWebSecurityConfigurer
    public HttpHeaderModuleWebSecurityConfiguration buildConfiguration(HttpHeaderAuthenticationModuleType httpHeaderAuthenticationModuleType, String str, AuthenticationChannel authenticationChannel, ServletRequest servletRequest) {
        return HttpHeaderModuleWebSecurityConfiguration.build(httpHeaderAuthenticationModuleType, str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.evolveum.midpoint.authentication.impl.module.configurer.LoginFormModuleWebSecurityConfigurer, com.evolveum.midpoint.authentication.impl.module.configurer.ModuleWebSecurityConfigurer
    public void configure(HttpSecurity httpSecurity) throws Exception {
        super.configure(httpSecurity);
        ((MidpointFormLoginConfigurer) getOrApply(httpSecurity, getMidpointFormLoginConfigurer())).loginPage(MidPointApplication.MOUNT_UNAUTHORIZED_ERROR);
        ((MidpointExceptionHandlingConfigurer) getOrApply(httpSecurity, new MidpointExceptionHandlingConfigurer())).authenticationEntryPoint(new WicketLoginUrlAuthenticationEntryPoint(MidPointApplication.MOUNT_UNAUTHORIZED_ERROR));
        httpSecurity.addFilterBefore((Filter) requestHeaderAuthenticationFilter(), LogoutFilter.class);
        httpSecurity.logout().logoutSuccessHandler(createLogoutHandler(((HttpHeaderModuleWebSecurityConfiguration) getConfiguration()).getDefaultSuccessLogoutURL()));
    }

    /* JADX WARN: Multi-variable type inference failed */
    private RequestHeaderAuthenticationFilter requestHeaderAuthenticationFilter() {
        MidpointRequestHeaderAuthenticationFilter midpointRequestHeaderAuthenticationFilter = new MidpointRequestHeaderAuthenticationFilter();
        midpointRequestHeaderAuthenticationFilter.setPrincipalRequestHeader(((HttpHeaderModuleWebSecurityConfiguration) getConfiguration()).getPrincipalRequestHeader());
        midpointRequestHeaderAuthenticationFilter.setExceptionIfHeaderMissing(false);
        midpointRequestHeaderAuthenticationFilter.setAuthenticationManager(this.authenticationManager);
        midpointRequestHeaderAuthenticationFilter.setAuthenticationFailureHandler(new MidpointAuthenticationFailureHandler() { // from class: com.evolveum.midpoint.authentication.impl.module.configurer.HttpHeaderModuleWebSecurityConfigurer.1
            @Override // com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler
            protected String getPathAfterUnsuccessfulAuthentication(AuthenticationChannel authenticationChannel) {
                return MidPointApplication.MOUNT_UNAUTHORIZED_ERROR;
            }
        });
        midpointRequestHeaderAuthenticationFilter.setAuthenticationSuccessHandler((AuthenticationSuccessHandler) getObjectPostProcessor().postProcess(new MidPointAuthenticationSuccessHandler() { // from class: com.evolveum.midpoint.authentication.impl.module.configurer.HttpHeaderModuleWebSecurityConfigurer.2
            @Override // com.evolveum.midpoint.authentication.impl.handler.MidPointAuthenticationSuccessHandler, org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler, org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler, org.springframework.security.web.authentication.AuthenticationSuccessHandler
            public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws ServletException, IOException {
                if (getRequestCache().getRequest(httpServletRequest, httpServletResponse) == null) {
                    getRequestCache().saveRequest(httpServletRequest, httpServletResponse);
                }
                super.onAuthenticationSuccess(httpServletRequest, httpServletResponse, authentication);
            }
        }));
        midpointRequestHeaderAuthenticationFilter.setSessionRegistry(getSessionRegistry());
        return midpointRequestHeaderAuthenticationFilter;
    }
}
