package org.springframework.security.oauth2.config.annotation.web.configurers;

import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.springframework.http.MediaType;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.CompositeTokenGranter;
import org.springframework.security.oauth2.provider.DefaultOAuth2RequestFactory;
import org.springframework.security.oauth2.provider.InMemoryClientDetailsService;
import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
import org.springframework.security.oauth2.provider.TokenGranter;
import org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler;
import org.springframework.security.oauth2.provider.approval.UserApprovalHandler;
import org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter;
import org.springframework.security.oauth2.provider.client.ClientCredentialsTokenGranter;
import org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeTokenGranter;
import org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices;
import org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping;
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
import org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint;
import org.springframework.security.oauth2.provider.implicit.ImplicitGrantService;
import org.springframework.security.oauth2.provider.implicit.ImplicitTokenGranter;
import org.springframework.security.oauth2.provider.implicit.InMemoryImplicitGrantService;
import org.springframework.security.oauth2.provider.password.ResourceOwnerPasswordTokenGranter;
import org.springframework.security.oauth2.provider.refresh.RefreshTokenGranter;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.InMemoryTokenStore;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.DefaultSecurityFilterChain;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.security.web.context.NullSecurityContextRepository;
import org.springframework.security.web.util.matcher.MediaTypeRequestMatcher;
import org.springframework.web.accept.ContentNegotiationStrategy;
import org.springframework.web.accept.HeaderContentNegotiationStrategy;

/* loaded from: input_file:org/springframework/security/oauth2/config/annotation/web/configurers/OAuth2AuthorizationServerConfigurer.class */
public final class OAuth2AuthorizationServerConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
    private AuthorizationServerTokenServices tokenServices;
    private ConsumerTokenServices consumerTokenServices;
    private AuthorizationCodeServices authorizationCodeServices;
    private TokenStore tokenStore;
    private TokenGranter tokenGranter;
    private OAuth2RequestFactory requestFactory;
    private UserApprovalHandler userApprovalHandler;
    private AuthenticationManager authenticationManager;
    private ClientDetailsService clientDetailsService;
    private FrameworkEndpointHandlerMapping frameworkEndpointHandlerMapping;
    private AuthenticationEntryPoint authenticationEntryPoint = new OAuth2AuthenticationEntryPoint();
    private AccessDeniedHandler accessDeniedHandler = new OAuth2AccessDeniedHandler();
    private ImplicitGrantService implicitGrantService = new InMemoryImplicitGrantService();
    private String realm = "oauth2/client";
    private Map<String, String> patternMap = new HashMap();
    private boolean allowFormAuthenticationForClients = false;

    private ClientDetailsService clientDetails() {
        return (ClientDetailsService) getBuilder().getSharedObject(ClientDetailsService.class);
    }

    public AuthorizationServerTokenServices getTokenServices() {
        return this.tokenServices;
    }

    public TokenStore getTokenStore() {
        return this.tokenStore;
    }

    public ClientDetailsService getClientDetailsService() {
        return this.clientDetailsService;
    }

    public OAuth2RequestFactory getOAuth2RequestFactory() {
        return this.requestFactory;
    }

    public UserApprovalHandler getUserApprovalHandler() {
        return this.userApprovalHandler;
    }

    public OAuth2AuthorizationServerConfigurer allowFormAuthenticationForClients() {
        this.allowFormAuthenticationForClients = true;
        return this;
    }

    public OAuth2AuthorizationServerConfigurer tokenStore(TokenStore tokenStore) {
        this.tokenStore = tokenStore;
        return this;
    }

    public OAuth2AuthorizationServerConfigurer tokenService(AuthorizationServerTokenServices authorizationServerTokenServices) {
        this.tokenServices = authorizationServerTokenServices;
        return this;
    }

    public OAuth2AuthorizationServerConfigurer userApprovalHandler(UserApprovalHandler userApprovalHandler) {
        this.userApprovalHandler = userApprovalHandler;
        return this;
    }

    public OAuth2AuthorizationServerConfigurer realm(String str) {
        this.realm = str;
        return this;
    }

    public OAuth2AuthorizationServerConfigurer pathMapping(String str, String str2) {
        this.patternMap.put(str, str2);
        return this;
    }

    public OAuth2AuthorizationServerConfigurer authenticationEntryPoint(AuthenticationEntryPoint authenticationEntryPoint) {
        this.authenticationEntryPoint = authenticationEntryPoint;
        return this;
    }

    public OAuth2AuthorizationServerConfigurer authenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
        return this;
    }

    public OAuth2AuthorizationServerConfigurer clientDetailsService(ClientDetailsService clientDetailsService) {
        this.clientDetailsService = clientDetailsService;
        return this;
    }

    public void init(HttpSecurity httpSecurity) throws Exception {
        registerDefaultAuthenticationEntryPoint(httpSecurity);
        httpSecurity.userDetailsService(new ClientDetailsUserDetailsService(clientDetailsService())).securityContext().securityContextRepository(new NullSecurityContextRepository()).and().csrf().disable().httpBasic().realmName(this.realm);
    }

    private void registerDefaultAuthenticationEntryPoint(HttpSecurity httpSecurity) {
        ExceptionHandlingConfigurer configurer = httpSecurity.getConfigurer(ExceptionHandlingConfigurer.class);
        if (configurer == null) {
            return;
        }
        HeaderContentNegotiationStrategy headerContentNegotiationStrategy = (ContentNegotiationStrategy) httpSecurity.getSharedObject(ContentNegotiationStrategy.class);
        if (headerContentNegotiationStrategy == null) {
            headerContentNegotiationStrategy = new HeaderContentNegotiationStrategy();
        }
        MediaTypeRequestMatcher mediaTypeRequestMatcher = new MediaTypeRequestMatcher(headerContentNegotiationStrategy, new MediaType[]{MediaType.APPLICATION_ATOM_XML, MediaType.APPLICATION_FORM_URLENCODED, MediaType.APPLICATION_JSON, MediaType.APPLICATION_OCTET_STREAM, MediaType.APPLICATION_XML, MediaType.MULTIPART_FORM_DATA, MediaType.TEXT_XML});
        mediaTypeRequestMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL));
        configurer.defaultAuthenticationEntryPointFor((AuthenticationEntryPoint) postProcess(this.authenticationEntryPoint), mediaTypeRequestMatcher);
    }

    public void configure(HttpSecurity httpSecurity) throws Exception {
        this.tokenGranter = tokenGranter(httpSecurity);
        this.consumerTokenServices = consumerTokenServices(httpSecurity);
        this.userApprovalHandler = userApprovalHandler();
        frameworkEndpointHandlerMapping();
        if (this.allowFormAuthenticationForClients) {
            clientCredentialsTokenEndpointFilter(httpSecurity);
        }
        httpSecurity.exceptionHandling().accessDeniedHandler(this.accessDeniedHandler);
    }

    private ClientCredentialsTokenEndpointFilter clientCredentialsTokenEndpointFilter(HttpSecurity httpSecurity) {
        ClientCredentialsTokenEndpointFilter clientCredentialsTokenEndpointFilter = new ClientCredentialsTokenEndpointFilter(frameworkEndpointHandlerMapping().getPath("/oauth/token"));
        clientCredentialsTokenEndpointFilter.setAuthenticationManager((AuthenticationManager) httpSecurity.getSharedObject(AuthenticationManager.class));
        ClientCredentialsTokenEndpointFilter clientCredentialsTokenEndpointFilter2 = (ClientCredentialsTokenEndpointFilter) postProcess(clientCredentialsTokenEndpointFilter);
        httpSecurity.addFilterBefore(clientCredentialsTokenEndpointFilter2, BasicAuthenticationFilter.class);
        return clientCredentialsTokenEndpointFilter2;
    }

    public ConsumerTokenServices getConsumerTokenServices() {
        return this.consumerTokenServices;
    }

    public ImplicitGrantService getImplicitGrantService() {
        return this.implicitGrantService;
    }

    private ConsumerTokenServices consumerTokenServices(HttpSecurity httpSecurity) {
        if (this.consumerTokenServices == null) {
            DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
            defaultTokenServices.setClientDetailsService(clientDetails());
            defaultTokenServices.setTokenStore(tokenStore());
            this.consumerTokenServices = defaultTokenServices;
        }
        return this.consumerTokenServices;
    }

    private AuthorizationServerTokenServices tokenServices(HttpSecurity httpSecurity) {
        if (this.tokenServices != null) {
            return this.tokenServices;
        }
        DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
        defaultTokenServices.setTokenStore(tokenStore());
        defaultTokenServices.setSupportRefreshToken(true);
        defaultTokenServices.setClientDetailsService(clientDetails());
        this.tokenServices = defaultTokenServices;
        return defaultTokenServices;
    }

    private TokenStore tokenStore() {
        if (this.tokenStore == null) {
            this.tokenStore = new InMemoryTokenStore();
        }
        return this.tokenStore;
    }

    private ClientDetailsService clientDetailsService() {
        if (this.clientDetailsService == null) {
            this.clientDetailsService = new InMemoryClientDetailsService();
        }
        return this.clientDetailsService;
    }

    private UserApprovalHandler userApprovalHandler() {
        if (this.userApprovalHandler == null) {
            TokenStoreUserApprovalHandler tokenStoreUserApprovalHandler = new TokenStoreUserApprovalHandler();
            tokenStoreUserApprovalHandler.setTokenStore(tokenStore());
            tokenStoreUserApprovalHandler.setClientDetailsService(clientDetails());
            tokenStoreUserApprovalHandler.setRequestFactory(new DefaultOAuth2RequestFactory(clientDetailsService()));
            this.userApprovalHandler = tokenStoreUserApprovalHandler;
        }
        return this.userApprovalHandler;
    }

    public AuthorizationCodeServices getAuthorizationCodeServices() {
        return this.authorizationCodeServices;
    }

    private AuthorizationCodeServices authorizationCodeServices(HttpSecurity httpSecurity) {
        if (this.authorizationCodeServices == null) {
            this.authorizationCodeServices = new InMemoryAuthorizationCodeServices();
        }
        return this.authorizationCodeServices;
    }

    private OAuth2RequestFactory requestFactory(HttpSecurity httpSecurity) {
        if (this.requestFactory != null) {
            return this.requestFactory;
        }
        this.requestFactory = new DefaultOAuth2RequestFactory(clientDetails());
        return this.requestFactory;
    }

    public TokenGranter getTokenGranter() {
        return this.tokenGranter;
    }

    private TokenGranter tokenGranter(HttpSecurity httpSecurity) throws Exception {
        if (this.tokenGranter == null) {
            ClientDetailsService clientDetails = clientDetails();
            AuthorizationServerTokenServices authorizationServerTokenServices = tokenServices(httpSecurity);
            AuthorizationCodeServices authorizationCodeServices = authorizationCodeServices(httpSecurity);
            OAuth2RequestFactory requestFactory = requestFactory(httpSecurity);
            ArrayList arrayList = new ArrayList();
            arrayList.add(new AuthorizationCodeTokenGranter(authorizationServerTokenServices, authorizationCodeServices, clientDetails, requestFactory));
            arrayList.add(new RefreshTokenGranter(authorizationServerTokenServices, clientDetails, requestFactory));
            ImplicitTokenGranter implicitTokenGranter = new ImplicitTokenGranter(authorizationServerTokenServices, clientDetails, requestFactory);
            implicitTokenGranter.setImplicitGrantService(this.implicitGrantService);
            arrayList.add(implicitTokenGranter);
            arrayList.add(new ClientCredentialsTokenGranter(authorizationServerTokenServices, clientDetails, requestFactory));
            if (this.authenticationManager != null) {
                arrayList.add(new ResourceOwnerPasswordTokenGranter(this.authenticationManager, authorizationServerTokenServices, clientDetails, requestFactory));
            }
            this.tokenGranter = new CompositeTokenGranter(arrayList);
        }
        return this.tokenGranter;
    }

    public FrameworkEndpointHandlerMapping getFrameworkEndpointHandlerMapping() {
        return frameworkEndpointHandlerMapping();
    }

    private FrameworkEndpointHandlerMapping frameworkEndpointHandlerMapping() {
        if (this.frameworkEndpointHandlerMapping == null) {
            this.frameworkEndpointHandlerMapping = new FrameworkEndpointHandlerMapping();
            this.frameworkEndpointHandlerMapping.setMappings(this.patternMap);
        }
        return this.frameworkEndpointHandlerMapping;
    }
}
