package com.evolveum.midpoint.authentication.impl.module.configurer;

import com.evolveum.midpoint.authentication.api.AuthenticationChannel;
import com.evolveum.midpoint.authentication.api.util.AuthUtil;
import com.evolveum.midpoint.authentication.impl.entry.point.WicketLoginUrlAuthenticationEntryPoint;
import com.evolveum.midpoint.authentication.impl.filter.AttributeVerificationAuthenticationFilter;
import com.evolveum.midpoint.authentication.impl.filter.configurers.MidpointAttributeConfigurer;
import com.evolveum.midpoint.authentication.impl.filter.configurers.MidpointExceptionHandlingConfigurer;
import com.evolveum.midpoint.authentication.impl.handler.MidPointAuthenticationSuccessHandler;
import com.evolveum.midpoint.authentication.impl.handler.MidpointAuthenticationFailureHandler;
import com.evolveum.midpoint.authentication.impl.module.configuration.LoginFormModuleWebSecurityConfiguration;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AttributeVerificationAuthenticationModuleType;
import jakarta.servlet.Filter;
import jakarta.servlet.ServletRequest;
import org.apache.wicket.util.cookies.CookieUtils;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/* loaded from: input_file:BOOT-INF/lib/authentication-impl-4.8.9-SNAPSHOT.jar:com/evolveum/midpoint/authentication/impl/module/configurer/AttributeVerificationModuleWebSecurityConfigurer.class */
public class AttributeVerificationModuleWebSecurityConfigurer extends ModuleWebSecurityConfigurer<LoginFormModuleWebSecurityConfiguration, AttributeVerificationAuthenticationModuleType> {
    public AttributeVerificationModuleWebSecurityConfigurer(AttributeVerificationAuthenticationModuleType attributeVerificationAuthenticationModuleType, String str, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest servletRequest, AuthenticationProvider authenticationProvider) {
        super(attributeVerificationAuthenticationModuleType, str, authenticationChannel, objectPostProcessor, servletRequest, authenticationProvider);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.authentication.impl.module.configurer.ModuleWebSecurityConfigurer
    public void configure(HttpSecurity httpSecurity) throws Exception {
        super.configure(httpSecurity);
        AttributeVerificationAuthenticationFilter attributeVerificationAuthenticationFilter = new AttributeVerificationAuthenticationFilter();
        httpSecurity.securityMatcher(AuthUtil.stripEndingSlashes(getPrefix()) + "/**");
        ((MidpointAttributeConfigurer) getOrApply(httpSecurity, new MidpointAttributeConfigurer(attributeVerificationAuthenticationFilter))).loginPage("/attributeVerification").loginProcessingUrl(AuthUtil.stripEndingSlashes(getPrefix()) + "/spring_security_login").failureHandler(new MidpointAuthenticationFailureHandler()).successHandler((AuthenticationSuccessHandler) getObjectPostProcessor().postProcess(new MidPointAuthenticationSuccessHandler())).permitAll();
        ((MidpointExceptionHandlingConfigurer) getOrApply(httpSecurity, new MidpointExceptionHandlingConfigurer())).authenticationEntryPoint(new WicketLoginUrlAuthenticationEntryPoint("/attributeVerification"));
        httpSecurity.logout().clearAuthentication(true).logoutRequestMatcher(getLogoutMatcher(httpSecurity, getPrefix() + "/logout")).invalidateHttpSession(true).deleteCookies(CookieUtils.DEFAULT_SESSIONID_COOKIE_NAME).logoutSuccessHandler(createLogoutHandler());
        httpSecurity.addFilterBefore((Filter) attributeVerificationAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
    }
}
