package org.rbtdesign.qvu.configuration;

import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import javax.annotation.PostConstruct;
import org.rbtdesign.qvu.configuration.security.BasicAuthSecurityProvider;
import org.rbtdesign.qvu.configuration.security.OidcConfiguration;
import org.rbtdesign.qvu.dto.SSLConfig;
import org.rbtdesign.qvu.util.Constants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.context.annotation.PropertySources;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.ClientRegistrations;
import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
import org.springframework.security.oauth2.core.oidc.OidcScopes;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

@EnableScheduling
@Configuration
@EnableWebSecurity
@PropertySources({@PropertySource({"classpath:default-application.properties"}), @PropertySource(value = {"file:${repository.folder}/config/application.properties"}, ignoreResourceNotFound = true)})
/* loaded from: input_file:BOOT-INF/classes/org/rbtdesign/qvu/configuration/QvuConfiguration.class */
public class QvuConfiguration {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) QvuConfiguration.class);

    @Autowired
    private ConfigurationHelper config;

    @Value("${server.ssl.enabled:false}")
    private boolean sslEnabled;

    @Value("${server.ssl.key-store:}")
    private String sslKeyStore;

    @Value("${server.ssl.key-store-type:}")
    private String sslKeyStoreType;

    @Value("${server.ssl.key-alias:}")
    private String sslKeyAlias;

    @Value("${server.ssl.key-store-password:}")
    private String sslKeyStorePassword;

    @Value("${server.ssl.key-password:}")
    private String sslKeyPassword;

    @Value("${server.port}")
    private Integer serverPort;

    @Value("${server.servlet.context-path}")
    private String servletContextPath;

    @Value("${security.type}")
    private String securityType;

    @Value("${cors.allowed.origins:*}")
    private String corsAllowedOrigins;

    @Value("${backup.folder:}")
    private String backupFolder;

    @Value("${default.page.size:letter}")
    private String defaultPageSize;

    @Value("${default.page.orientation:portrait}")
    private String defaultPageOrientation;

    @Value("${default.page.units:inch}")
    private String defaultPageUnits;

    @Value("#{'${default.page.border:0.5,0.5,0.5,0.5}'.split(',')}")
    private List<Double> defaultPageBorder;

    @Value("${default.header.height:1}")
    private Double defaultHeaderHeight;

    @Value("${default.footer.height:1}")
    private Double defaultFooterHeight;

    @Value("#{'${default.font.sizes:8,9,10,11,12,14,16,18,20,22}'.split(',')}")
    private List<Integer> defaultFontSizes;

    @Value("${default.component.background.color:white}")
    private String defaultCompoenetBackgroundColor;

    @Value("${default.component.foreground.color:black}")
    private String defaultCompoenetForegroundColor;

    @Value("#{'${default.float.formats:}'.split('\\|')}")
    private List<String> defaultFloatFormats;

    @Value("#{'${default.int.formats:}'.split('\\|')}")
    private List<String> defaultIntFormats;

    @Value("#{'${default.date.formats:yyyy-MM-dd\\|yyyy-MM-dd HH:mm}'.split('\\|')}")
    private List<String> defaultDateFormats;

    @Autowired
    private BasicAuthSecurityProvider basicAuthProvider;

    @PostConstruct
    private void init() {
        LOG.info("in QvuConfiguration.init()");
        LOG.info("server.port=" + this.serverPort);
        LOG.info("backup.folder=" + this.backupFolder);
        LOG.info("server.servlet.context-path=" + this.servletContextPath);
        LOG.info("security.type=" + this.securityType);
        LOG.info("cors.allowed.origins=" + this.corsAllowedOrigins);
        this.config.setBackupFolder(this.backupFolder);
        this.config.setSslConfig(getSslConfig());
        this.config.setServerPort(this.serverPort.intValue());
        this.config.setCorsAllowedOrigins(this.corsAllowedOrigins);
        this.config.setDefaultPageOrientation(this.defaultPageOrientation);
        this.config.setDefaultPageSize(this.defaultPageSize);
        this.config.setDefaultPageUnits(this.defaultPageUnits);
        this.config.setDefaultPageBorder(this.defaultPageBorder);
        this.config.setDefaultHeaderHeight(this.defaultHeaderHeight);
        this.config.setDefaultFooterHeight(this.defaultFooterHeight);
        this.config.setDefaultFontSizes(this.defaultFontSizes);
        this.config.setDefaultComponentBackgroundColor(this.defaultCompoenetBackgroundColor);
        this.config.setDefaultComponentForegroundColor(this.defaultCompoenetForegroundColor);
        this.config.setDefaultFloatFormats(this.defaultFloatFormats);
        this.config.setDefaultIntFormats(this.defaultIntFormats);
        this.config.setDefaultDateFormats(this.defaultDateFormats);
    }

    @Bean
    @ConditionalOnExpression("'${security.type}'=='basic'")
    AuthenticationManager basicAuthManager(HttpSecurity httpSecurity) throws Exception {
        LOG.debug("in basicAuthManager()");
        AuthenticationManagerBuilder authenticationManagerBuilder = (AuthenticationManagerBuilder) httpSecurity.getSharedObject(AuthenticationManagerBuilder.class);
        authenticationManagerBuilder.authenticationProvider((AuthenticationProvider) this.basicAuthProvider);
        return authenticationManagerBuilder.build();
    }

    @Bean
    @ConditionalOnExpression("'${security.type}'=='oidc'")
    ClientRegistrationRepository oidcRepository() throws Exception {
        LOG.debug("in oidcRepository()");
        HashSet hashSet = new HashSet();
        hashSet.add(OidcScopes.OPENID);
        hashSet.add("profile");
        hashSet.add("email");
        OidcConfiguration oidcConfiguration = this.config.getSecurityConfig().getOidcConfiguration();
        return new InMemoryClientRegistrationRepository(ClientRegistrations.fromOidcIssuerLocation(oidcConfiguration.getIssuerLocationUrl()).scope(hashSet).registrationId(Constants.OIDC_REGISTRATION_ID).clientId(oidcConfiguration.getClientId()).redirectUri(Constants.OIDC_REDIRECT_TEMPLATE).clientSecret(oidcConfiguration.getClientSecret()).build());
    }

    private CorsConfigurationSource getCorsConfigurationSource() {
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.setAllowedOrigins(Arrays.asList(this.corsAllowedOrigins));
        corsConfiguration.setAllowedMethods(Arrays.asList("*"));
        corsConfiguration.setAllowCredentials(true);
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
        return urlBasedCorsConfigurationSource;
    }

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        LOG.debug("in filterChain() - securityType=" + this.config.getSecurityType());
        httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            authorizationManagerRequestMatcherRegistry.anyRequest().authenticated();
        });
        if (Constants.OIDC_SECURITY_TYPE.equals(this.config.getSecurityType())) {
            LOG.debug("adding oidc login support");
            httpSecurity.oauth2Login(Customizer.withDefaults());
        } else if ("basic".equals(this.config.getSecurityType())) {
            LOG.debug("adding basic login support");
            httpSecurity.httpBasic(Customizer.withDefaults());
        }
        httpSecurity.cors(corsConfigurer -> {
            corsConfigurer.configurationSource(getCorsConfigurationSource());
        }).csrf(csrfConfigurer -> {
            csrfConfigurer.disable();
        });
        if (this.sslEnabled) {
            httpSecurity.requiresChannel(channelRequestMatcherRegistry -> {
                channelRequestMatcherRegistry.anyRequest().requiresSecure();
            });
        }
        return httpSecurity.build();
    }

    private SSLConfig getSslConfig() {
        SSLConfig sSLConfig = new SSLConfig();
        sSLConfig.setEnabled(this.sslEnabled);
        sSLConfig.setSslKeyAlias(this.sslKeyAlias);
        sSLConfig.setSslKeyPassword(this.sslKeyPassword);
        sSLConfig.setSslKeyStore(this.sslKeyStore);
        sSLConfig.setSslKeyStorePassword(this.sslKeyStorePassword);
        sSLConfig.setSslKeyStoreType(this.sslKeyStoreType);
        return sSLConfig;
    }
}
