package com.evolveum.midpoint.authentication.impl.module.configurer;

import com.evolveum.midpoint.authentication.api.AuthenticationChannel;
import com.evolveum.midpoint.authentication.api.util.AuthUtil;
import com.evolveum.midpoint.authentication.impl.MidpointAuthenticationTrustResolverImpl;
import com.evolveum.midpoint.authentication.impl.authorization.evaluator.MidpointHttpAuthorizationEvaluator;
import com.evolveum.midpoint.authentication.impl.entry.point.HttpAuthenticationEntryPoint;
import com.evolveum.midpoint.authentication.impl.entry.point.HttpSecurityQuestionsAuthenticationEntryPoint;
import com.evolveum.midpoint.authentication.impl.filter.HttpSecurityQuestionsAuthenticationFilter;
import com.evolveum.midpoint.authentication.impl.filter.SequenceAuditFilter;
import com.evolveum.midpoint.authentication.impl.filter.configurers.MidpointExceptionHandlingConfigurer;
import com.evolveum.midpoint.authentication.impl.module.configuration.ModuleWebSecurityConfigurationImpl;
import com.evolveum.midpoint.model.api.ModelService;
import com.evolveum.midpoint.security.api.SecurityContextManager;
import com.evolveum.midpoint.security.enforcer.api.SecurityEnforcer;
import com.evolveum.midpoint.task.api.TaskManager;
import com.evolveum.midpoint.xml.ns._public.common.common_3.HttpSecQAuthenticationModuleType;
import jakarta.servlet.Filter;
import jakarta.servlet.ServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

/* loaded from: input_file:BOOT-INF/lib/authentication-impl-4.9.2-SNAPSHOT.jar:com/evolveum/midpoint/authentication/impl/module/configurer/HttpSecurityQuestionsModuleWebSecurityConfigurer.class */
public class HttpSecurityQuestionsModuleWebSecurityConfigurer extends ModuleWebSecurityConfigurer<ModuleWebSecurityConfigurationImpl, HttpSecQAuthenticationModuleType> {

    @Autowired
    private ModelService model;

    @Autowired
    private SecurityEnforcer securityEnforcer;

    @Autowired
    private SecurityContextManager securityContextManager;

    @Autowired
    private TaskManager taskManager;

    @Autowired
    private ApplicationContext applicationContext;

    public HttpSecurityQuestionsModuleWebSecurityConfigurer(HttpSecQAuthenticationModuleType httpSecQAuthenticationModuleType, String str, AuthenticationChannel authenticationChannel, ObjectPostProcessor<Object> objectPostProcessor, ServletRequest servletRequest, AuthenticationProvider authenticationProvider) {
        super(httpSecQAuthenticationModuleType, str, authenticationChannel, objectPostProcessor, servletRequest, authenticationProvider);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.authentication.impl.module.configurer.ModuleWebSecurityConfigurer
    public ModuleWebSecurityConfigurationImpl buildConfiguration(HttpSecQAuthenticationModuleType httpSecQAuthenticationModuleType, String str, AuthenticationChannel authenticationChannel, ServletRequest servletRequest) {
        ModuleWebSecurityConfigurationImpl moduleWebSecurityConfigurationImpl = (ModuleWebSecurityConfigurationImpl) ModuleWebSecurityConfigurationImpl.build(httpSecQAuthenticationModuleType, str);
        moduleWebSecurityConfigurationImpl.setSequenceSuffix(str);
        return moduleWebSecurityConfigurationImpl;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.evolveum.midpoint.authentication.impl.module.configurer.ModuleWebSecurityConfigurer
    public void configure(HttpSecurity httpSecurity) throws Exception {
        super.configure(httpSecurity);
        HttpAuthenticationEntryPoint httpAuthenticationEntryPoint = (HttpAuthenticationEntryPoint) getObjectPostProcessor().postProcess(new HttpSecurityQuestionsAuthenticationEntryPoint());
        httpSecurity.securityMatcher(AuthUtil.stripEndingSlashes(getPrefix()) + "/**");
        httpSecurity.authorizeRequests().accessDecisionManager(new MidpointHttpAuthorizationEvaluator(this.securityEnforcer, this.securityContextManager, this.taskManager, this.model, this.applicationContext));
        HttpSecurityQuestionsAuthenticationFilter httpSecurityQuestionsAuthenticationFilter = (HttpSecurityQuestionsAuthenticationFilter) getObjectPostProcessor().postProcess(new HttpSecurityQuestionsAuthenticationFilter(authenticationManager(), httpAuthenticationEntryPoint));
        RememberMeServices rememberMeServices = (RememberMeServices) httpSecurity.getSharedObject(RememberMeServices.class);
        if (rememberMeServices != null) {
            httpSecurityQuestionsAuthenticationFilter.setRememberMeServices(rememberMeServices);
        }
        httpSecurity.addFilterAt(httpSecurityQuestionsAuthenticationFilter, BasicAuthenticationFilter.class);
        ((HttpSecurity) httpSecurity.formLogin().disable()).csrf().disable();
        ((MidpointExceptionHandlingConfigurer) getOrApply(httpSecurity, new MidpointExceptionHandlingConfigurer())).authenticationEntryPoint(httpAuthenticationEntryPoint).authenticationTrustResolver(new MidpointAuthenticationTrustResolverImpl());
        SequenceAuditFilter sequenceAuditFilter = new SequenceAuditFilter();
        sequenceAuditFilter.setRecordOnEndOfChain(false);
        httpSecurity.addFilterAfter((Filter) getObjectPostProcessor().postProcess(sequenceAuditFilter), FilterSecurityInterceptor.class);
    }
}
