package org.springframework.security.oauth2.config.xml;

import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.config.TypedStringValue;
import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
import org.springframework.beans.factory.support.ManagedList;
import org.springframework.beans.factory.support.ManagedMap;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.security.config.BeanIds;
import org.springframework.security.oauth2.provider.CompositeTokenGranter;
import org.springframework.security.oauth2.provider.approval.DefaultUserApprovalHandler;
import org.springframework.security.oauth2.provider.client.ClientCredentialsTokenGranter;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeTokenGranter;
import org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices;
import org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint;
import org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint;
import org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping;
import org.springframework.security.oauth2.provider.endpoint.TokenEndpoint;
import org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint;
import org.springframework.security.oauth2.provider.implicit.ImplicitTokenGranter;
import org.springframework.security.oauth2.provider.password.ResourceOwnerPasswordTokenGranter;
import org.springframework.security.oauth2.provider.refresh.RefreshTokenGranter;
import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;
import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestValidator;
import org.springframework.util.StringUtils;
import org.springframework.util.xml.DomUtils;
import org.w3c.dom.Element;

/* loaded from: input_file:BOOT-INF/lib/spring-security-oauth2-2.0.14.RELEASE.jar:org/springframework/security/oauth2/config/xml/AuthorizationServerBeanDefinitionParser.class */
public class AuthorizationServerBeanDefinitionParser extends ProviderBeanDefinitionParser {
    @Override // org.springframework.security.oauth2.config.xml.ProviderBeanDefinitionParser
    protected AbstractBeanDefinition parseEndpointAndReturnFilter(Element element, ParserContext parserContext, String str, String str2) {
        String attribute = element.getAttribute("client-details-service-ref");
        String attribute2 = element.getAttribute("authorization-request-manager-ref");
        String attribute3 = element.getAttribute("token-endpoint-url");
        String attribute4 = element.getAttribute("check-token-endpoint-url");
        String attribute5 = element.getAttribute("check-token-enabled");
        String attribute6 = element.getAttribute("authorization-endpoint-url");
        String attribute7 = element.getAttribute("token-granter-ref");
        String attribute8 = element.getAttribute("redirect-strategy-ref");
        String attribute9 = element.getAttribute("user-approval-handler-ref");
        String attribute10 = element.getAttribute("user-approval-page");
        String attribute11 = element.getAttribute("error-page");
        String attribute12 = element.getAttribute("approval-parameter-name");
        String attribute13 = element.getAttribute("redirect-resolver-ref");
        String attribute14 = element.getAttribute("request-validator-ref");
        BeanDefinitionBuilder rootBeanDefinition = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) AuthorizationEndpoint.class);
        if (!StringUtils.hasText(attribute)) {
            parserContext.getReaderContext().error("ClientDetailsService must be provided", element);
            return null;
        }
        if (!StringUtils.hasText(attribute14)) {
            attribute14 = "defaultOAuth2RequestValidator";
            parserContext.getRegistry().registerBeanDefinition(attribute14, BeanDefinitionBuilder.rootBeanDefinition((Class<?>) DefaultOAuth2RequestValidator.class).getBeanDefinition());
        }
        rootBeanDefinition.addPropertyReference("oAuth2RequestValidator", attribute14);
        if (!StringUtils.hasText(attribute2)) {
            attribute2 = "oAuth2AuthorizationRequestManager";
            BeanDefinitionBuilder rootBeanDefinition2 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) DefaultOAuth2RequestFactory.class);
            rootBeanDefinition2.addConstructorArgReference(attribute);
            parserContext.getRegistry().registerBeanDefinition(attribute2, rootBeanDefinition2.getBeanDefinition());
        }
        ManagedList managedList = null;
        if (!StringUtils.hasText(attribute7)) {
            attribute7 = "oauth2TokenGranter";
            BeanDefinitionBuilder rootBeanDefinition3 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) CompositeTokenGranter.class);
            parserContext.getRegistry().registerBeanDefinition(attribute7, rootBeanDefinition3.getBeanDefinition());
            managedList = new ManagedList();
            rootBeanDefinition3.addConstructorArgValue(managedList);
        }
        rootBeanDefinition.addPropertyReference("tokenGranter", attribute7);
        boolean z = false;
        Element childElementByTagName = DomUtils.getChildElementByTagName(element, "authorization-code");
        if (childElementByTagName != null && !"true".equalsIgnoreCase(childElementByTagName.getAttribute("disabled"))) {
            String attribute15 = childElementByTagName.getAttribute("authorization-code-services-ref");
            String attribute16 = childElementByTagName.getAttribute("client-token-cache-ref");
            BeanDefinitionBuilder rootBeanDefinition4 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) AuthorizationCodeTokenGranter.class);
            if (StringUtils.hasText(str)) {
                rootBeanDefinition4.addConstructorArgReference(str);
            }
            if (!StringUtils.hasText(attribute15)) {
                attribute15 = "oauth2AuthorizationCodeServices";
                parserContext.getRegistry().registerBeanDefinition(attribute15, BeanDefinitionBuilder.rootBeanDefinition((Class<?>) InMemoryAuthorizationCodeServices.class).getBeanDefinition());
            }
            rootBeanDefinition.addPropertyReference("authorizationCodeServices", attribute15);
            rootBeanDefinition4.addConstructorArgReference(attribute15);
            rootBeanDefinition4.addConstructorArgReference(attribute);
            rootBeanDefinition4.addConstructorArgReference(attribute2);
            if (StringUtils.hasText(attribute16)) {
                rootBeanDefinition.addPropertyReference("clientTokenCache", attribute16);
            }
            if (StringUtils.hasText(attribute2)) {
                rootBeanDefinition.addPropertyReference("oAuth2RequestFactory", attribute2);
            }
            if (managedList != null) {
                managedList.add(rootBeanDefinition4.getBeanDefinition());
            }
            z = true;
        }
        if (managedList != null) {
            Element childElementByTagName2 = DomUtils.getChildElementByTagName(element, "refresh-token");
            if (childElementByTagName2 != null && !"true".equalsIgnoreCase(childElementByTagName2.getAttribute("disabled"))) {
                BeanDefinitionBuilder rootBeanDefinition5 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) RefreshTokenGranter.class);
                rootBeanDefinition5.addConstructorArgReference(str);
                rootBeanDefinition5.addConstructorArgReference(attribute);
                rootBeanDefinition5.addConstructorArgReference(attribute2);
                managedList.add(rootBeanDefinition5.getBeanDefinition());
            }
            Element childElementByTagName3 = DomUtils.getChildElementByTagName(element, "implicit");
            if (childElementByTagName3 != null && !"true".equalsIgnoreCase(childElementByTagName3.getAttribute("disabled"))) {
                BeanDefinitionBuilder rootBeanDefinition6 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) ImplicitTokenGranter.class);
                rootBeanDefinition6.addConstructorArgReference(str);
                rootBeanDefinition6.addConstructorArgReference(attribute);
                rootBeanDefinition6.addConstructorArgReference(attribute2);
                managedList.add(rootBeanDefinition6.getBeanDefinition());
                z = true;
            }
            Element childElementByTagName4 = DomUtils.getChildElementByTagName(element, "client-credentials");
            if (childElementByTagName4 != null && !"true".equalsIgnoreCase(childElementByTagName4.getAttribute("disabled"))) {
                BeanDefinitionBuilder rootBeanDefinition7 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) ClientCredentialsTokenGranter.class);
                rootBeanDefinition7.addConstructorArgReference(str);
                rootBeanDefinition7.addConstructorArgReference(attribute);
                rootBeanDefinition7.addConstructorArgReference(attribute2);
                managedList.add(rootBeanDefinition7.getBeanDefinition());
            }
            Element childElementByTagName5 = DomUtils.getChildElementByTagName(element, "password");
            if (childElementByTagName5 != null && !"true".equalsIgnoreCase(childElementByTagName5.getAttribute("disabled"))) {
                BeanDefinitionBuilder rootBeanDefinition8 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) ResourceOwnerPasswordTokenGranter.class);
                String attribute17 = childElementByTagName5.getAttribute("authentication-manager-ref");
                if (!StringUtils.hasText(attribute17)) {
                    attribute17 = BeanIds.AUTHENTICATION_MANAGER;
                }
                rootBeanDefinition8.addConstructorArgReference(attribute17);
                rootBeanDefinition8.addConstructorArgReference(str);
                rootBeanDefinition8.addConstructorArgReference(attribute);
                rootBeanDefinition8.addConstructorArgReference(attribute2);
                managedList.add(rootBeanDefinition8.getBeanDefinition());
            }
            for (Element element2 : DomUtils.getChildElementsByTagName(element, "custom-grant")) {
                if (!"true".equalsIgnoreCase(element2.getAttribute("disabled"))) {
                    managedList.add(new RuntimeBeanReference(element2.getAttribute("token-granter-ref")));
                }
            }
        }
        if (z) {
            parserContext.getRegistry().registerBeanDefinition("oauth2ApprovalEndpoint", BeanDefinitionBuilder.rootBeanDefinition((Class<?>) WhitelabelApprovalEndpoint.class).getBeanDefinition());
            if (!StringUtils.hasText(attribute)) {
                parserContext.getReaderContext().error("A client details service is mandatory", element);
            }
            if (StringUtils.hasText(attribute8)) {
                rootBeanDefinition.addPropertyReference("redirectStrategy", attribute8);
            }
            if (StringUtils.hasText(attribute9)) {
                rootBeanDefinition.addPropertyReference("userApprovalHandler", attribute9);
            }
            rootBeanDefinition.addPropertyReference("clientDetailsService", attribute);
            if (StringUtils.hasText(attribute13)) {
                rootBeanDefinition.addPropertyReference("redirectResolver", attribute13);
            }
            if (StringUtils.hasText(attribute10)) {
                rootBeanDefinition.addPropertyValue("userApprovalPage", attribute10);
            }
            if (StringUtils.hasText(attribute11)) {
                rootBeanDefinition.addPropertyValue("errorPage", attribute11);
            }
            parserContext.getRegistry().registerBeanDefinition("oauth2AuthorizationEndpoint", rootBeanDefinition.getBeanDefinition());
        }
        BeanDefinitionBuilder rootBeanDefinition9 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) TokenEndpoint.class);
        rootBeanDefinition9.addPropertyReference("clientDetailsService", attribute);
        rootBeanDefinition9.addPropertyReference("tokenGranter", attribute7);
        rootBeanDefinition.addPropertyReference("oAuth2RequestValidator", attribute14);
        parserContext.getRegistry().registerBeanDefinition("oauth2TokenEndpoint", rootBeanDefinition9.getBeanDefinition());
        if (StringUtils.hasText(attribute2)) {
            rootBeanDefinition9.addPropertyReference("oAuth2RequestFactory", attribute2);
        }
        if (StringUtils.hasText(attribute14)) {
            rootBeanDefinition9.addPropertyReference("oAuth2RequestValidator", attribute14);
        }
        BeanDefinitionBuilder rootBeanDefinition10 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) FrameworkEndpointHandlerMapping.class);
        ManagedMap managedMap = new ManagedMap();
        if (StringUtils.hasText(attribute3) || StringUtils.hasText(attribute6)) {
            if (StringUtils.hasText(attribute3)) {
                managedMap.put("/oauth/token", new TypedStringValue(attribute3, (Class<?>) String.class));
            }
            if (StringUtils.hasText(attribute6)) {
                managedMap.put("/oauth/authorize", new TypedStringValue(attribute6, (Class<?>) String.class));
            }
            if (StringUtils.hasText(attribute10)) {
                managedMap.put("/oauth/confirm_access", new TypedStringValue(attribute10, (Class<?>) String.class));
            }
        }
        if (StringUtils.hasText(attribute5) && attribute5.equals("true")) {
            BeanDefinitionBuilder rootBeanDefinition11 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) CheckTokenEndpoint.class);
            rootBeanDefinition11.addConstructorArgReference(str);
            parserContext.getRegistry().registerBeanDefinition("oauth2CheckTokenEndpoint", rootBeanDefinition11.getBeanDefinition());
            if (StringUtils.hasText(attribute4)) {
                managedMap.put("/oauth/check_token", new TypedStringValue(attribute4, (Class<?>) String.class));
            }
        }
        if (!managedMap.isEmpty()) {
            rootBeanDefinition10.addPropertyValue("mappings", managedMap);
        }
        if (StringUtils.hasText(attribute12) && z) {
            if (!StringUtils.hasText(attribute9)) {
                BeanDefinitionBuilder rootBeanDefinition12 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) DefaultUserApprovalHandler.class);
                rootBeanDefinition12.addPropertyValue("approvalParameter", new TypedStringValue(attribute12, (Class<?>) String.class));
                rootBeanDefinition.addPropertyValue("userApprovalHandler", rootBeanDefinition12.getBeanDefinition());
            }
            rootBeanDefinition10.addPropertyValue("approvalParameter", attribute12);
        }
        parserContext.getRegistry().registerBeanDefinition("oauth2HandlerMapping", rootBeanDefinition10.getBeanDefinition());
        return null;
    }
}
