package com.inscada.mono.config;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.inscada.mono.auth.security.UnauthorizedEntryPoint;
import com.inscada.mono.auth.security.filters.AuthTokenAuthenticationFilter;
import com.inscada.mono.auth.security.filters.OtpCodeValidationFilter;
import com.inscada.mono.auth.security.filters.RefreshTokenFilter;
import com.inscada.mono.auth.security.handlers.ForbiddenAccessDeniedHandler;
import com.inscada.mono.auth.security.handlers.LoggingAuthenticationFailureHandler;
import com.inscada.mono.auth.security.handlers.LoggingLogoutSuccessHandler;
import com.inscada.mono.auth.security.handlers.OtpCodeAuthenticationSuccessHandler;
import com.inscada.mono.auth.security.handlers.TokenClearingLogoutHandler;
import com.inscada.mono.auth.security.handlers.UsernamePasswordAuthenticationSuccessHandler;
import com.inscada.mono.auth.security.model.AuthDetails;
import com.inscada.mono.auth.security.providers.AuthTokenAuthenticationProvider;
import com.inscada.mono.auth.security.providers.LimitingUsernamePasswordAuthenticationProvider;
import com.inscada.mono.auth.security.providers.OtpCodeAuthenticationProvider;
import com.inscada.mono.auth.security.q.c_hha;
import com.inscada.mono.auth.services.c_ega;
import com.inscada.mono.auth.services.c_uha;
import com.inscada.mono.auth.services.q.g.c_fga;
import com.inscada.mono.user.q.c_ea;
import com.inscada.mono.user.repositories.UserRepository;
import java.util.Arrays;
import java.util.List;
import javax.servlet.Filter;
import org.apache.commons.compress.compressors.CompressorStreamFactory;
import org.influxdb.querybuilder.time.DurationLiteral;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

/* compiled from: aba */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
/* loaded from: input_file:BOOT-INF/classes/com/inscada/mono/config/SecurityConfig.class */
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    private final ObjectMapper I;
    private final c_fga E;
    private final c_uha e;
    private final c_ea F;
    private final c_ega i;
    private final UserRepository j;

    @Bean
    public UsernamePasswordAuthenticationSuccessHandler usernamePasswordAuthenticationSuccessHandler() {
        return new UsernamePasswordAuthenticationSuccessHandler(this.e, this.i, this.E, this.I);
    }

    @Bean
    @Qualifier("limitingUsernamePasswordAuthenticationProvider")
    public AuthenticationProvider limitingUsernamePasswordAuthenticationProvider() {
        return new LimitingUsernamePasswordAuthenticationProvider(this.i, this.F);
    }

    @Bean
    public AccessDeniedHandler forbiddenAccessDeniedHandler() {
        return new ForbiddenAccessDeniedHandler(this.I);
    }

    @Bean
    public LogoutHandler logoutHandler() {
        return new TokenClearingLogoutHandler(this.e);
    }

    @Bean
    public LoggingAuthenticationFailureHandler loggingAuthenticationFailureHandler() {
        return new LoggingAuthenticationFailureHandler(this.i, unauthorizedEntryPoint());
    }

    @Bean
    @Qualifier("otpCodeAuthenticationProvider")
    public AuthenticationProvider otpCodeAuthenticationProvider() {
        return new OtpCodeAuthenticationProvider(this.E, this.i, this.j);
    }

    public SecurityConfig(c_ega c_egaVar, c_ea c_eaVar, c_uha c_uhaVar, c_fga c_fgaVar, UserRepository userRepository, ObjectMapper objectMapper) {
        this.i = c_egaVar;
        this.F = c_eaVar;
        this.e = c_uhaVar;
        this.E = c_fgaVar;
        this.j = userRepository;
        this.I = objectMapper;
    }

    @Bean
    public OtpCodeAuthenticationSuccessHandler otpCodeAuthenticationSuccessHandler() {
        return new OtpCodeAuthenticationSuccessHandler(this.e, this.i, this.I);
    }

    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) {
        authenticationManagerBuilder.authenticationProvider(authTokenAuthenticationProvider()).authenticationProvider(limitingUsernamePasswordAuthenticationProvider()).authenticationProvider(otpCodeAuthenticationProvider());
    }

    private /* synthetic */ CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.applyPermitDefaultValues();
        corsConfiguration.setAllowCredentials(true);
        corsConfiguration.addAllowedMethod(HttpMethod.PUT);
        corsConfiguration.addAllowedMethod(HttpMethod.PATCH);
        corsConfiguration.addAllowedMethod(HttpMethod.DELETE);
        corsConfiguration.addAllowedMethod(HttpMethod.OPTIONS);
        corsConfiguration.addExposedHeader("Location");
        corsConfiguration.addExposedHeader(c_hha.m);
        corsConfiguration.addExposedHeader(c_zh.m_pg("\u0013\u0007>\u001c5\u0006$E\u0014\u0001#\u0018?\u001b9\u001c9\u0007>"));
        corsConfiguration.setAllowedOrigins(List.of(c_gd.m_pg(DurationLiteral.HOUR)));
        corsConfiguration.setAllowedHeaders(List.of(c_zh.m_pg(CompressorStreamFactory.Z)));
        corsConfiguration.setAllowedMethods(Arrays.asList(c_gd.m_pg("\u0005r\u0016"), c_zh.m_pg("8\u001f;\u0004"), c_gd.m_pg("\u0012b\u0016"), c_zh.m_pg(",\u0015$\u0015<\u0015"), c_gd.m_pg("\u0012v\u0016t\n"), c_zh.m_pg("\u001f8\u0004!\u001f&\u0003")));
        corsConfiguration.setExposedHeaders(List.of(c_gd.m_pg(DurationLiteral.HOUR)));
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        urlBasedCorsConfigurationSource.registerCorsConfiguration(c_zh.m_pg("\u007fBz"), corsConfiguration);
        return urlBasedCorsConfigurationSource;
    }

    @Bean
    public LoggingLogoutSuccessHandler logoutSuccessHandler() {
        return new LoggingLogoutSuccessHandler(this.i);
    }

    @Bean
    public AuthenticationEntryPoint unauthorizedEntryPoint() {
        return new UnauthorizedEntryPoint(this.I);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) httpSecurity.authorizeRequests().antMatchers(c_gd.m_pg("\u0018+Z#P'Dm\u001dh"), c_zh.m_pg("G1\u001d4\u0001?\u001b\u007fBz"), c_gd.m_pg("\u0018.^ Dm\u001dh"), c_zh.m_pg("G=\u00111\u0018 F3\u001b#"), c_gd.m_pg("mZ;V2Gl]1"), c_zh.m_pg("G6\t&\u00013\u0007>F9\u000b?"), c_gd.m_pg("m^,S'Ol_6Z."), c_zh.m_pg("\u007f"), c_gd.m_pg("\u0018#G+\u0018*R.[-"), c_zh.m_pg("G1\u00189G&\r\"\u001b9\u0007>"), c_gd.m_pg("mV2^m[-P+YmD'C6^,P1"), c_zh.m_pg("\u007f\u001ecG1\u00189E4\u00073\u001b\u007fBz"), c_gd.m_pg("\u00181@#P%R0\u001a0R1X7E!R1"), c_zh.m_pg("\u007f\u001b'\t7\u000f5\u001a}\u001a5\u001b?\u001d\"\u000b5\u001b\u007fBz"), c_gd.m_pg("\u00181@#P%R0\u001a7^m\u001dh")).permitAll().anyRequest().authenticated().and()).cors().configurationSource(corsConfigurationSource()).and()).csrf().disable()).sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()).logout().addLogoutHandler(logoutHandler()).logoutSuccessHandler(logoutSuccessHandler()).and()).headers().frameOptions().disable().and()).exceptionHandling().authenticationEntryPoint(unauthorizedEntryPoint()).accessDeniedHandler(forbiddenAccessDeniedHandler());
        Filter authTokenAuthenticationFilter = new AuthTokenAuthenticationFilter(authenticationManagerBean());
        Filter refreshTokenFilter = new RefreshTokenFilter(this.e, this.I);
        UsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter = new UsernamePasswordAuthenticationFilter();
        usernamePasswordAuthenticationFilter.setAuthenticationDetailsSource(AuthDetails::new);
        OtpCodeValidationFilter otpCodeValidationFilter = new OtpCodeValidationFilter();
        usernamePasswordAuthenticationFilter.setAuthenticationManager(authenticationManagerBean());
        otpCodeValidationFilter.setAuthenticationManager(authenticationManagerBean());
        usernamePasswordAuthenticationFilter.setAuthenticationSuccessHandler(usernamePasswordAuthenticationSuccessHandler());
        otpCodeValidationFilter.setAuthenticationSuccessHandler(otpCodeAuthenticationSuccessHandler());
        usernamePasswordAuthenticationFilter.setAuthenticationFailureHandler(loggingAuthenticationFailureHandler());
        otpCodeValidationFilter.setAuthenticationFailureHandler(loggingAuthenticationFailureHandler());
        httpSecurity.addFilter((Filter) usernamePasswordAuthenticationFilter).addFilterBefore(authTokenAuthenticationFilter, LogoutFilter.class).addFilterBefore(refreshTokenFilter, LogoutFilter.class).addFilterAfter((Filter) otpCodeValidationFilter, UsernamePasswordAuthenticationFilter.class);
    }

    @Bean
    @Qualifier("authTokenAuthenticationProvider")
    public AuthenticationProvider authTokenAuthenticationProvider() {
        return new AuthTokenAuthenticationProvider(this.i, this.e, this.j);
    }
}
