package io.gardenerframework.camellia.authentication.server.configuration;

import io.gardenerframework.camellia.authentication.server.common.annotation.AuthenticationServerEngineComponent;
import io.gardenerframework.camellia.authentication.server.common.configuration.AuthenticationServerPathOption;
import io.gardenerframework.camellia.authentication.server.main.configuration.OAuth2ClientAuthenticationFilterRequestMatherConfigurer;
import io.gardenerframework.camellia.authentication.server.main.spring.AuthenticationEndpointAuthenticationFailureHandler;
import io.gardenerframework.camellia.authentication.server.main.spring.LoginAuthenticationRequestConverter;
import io.gardenerframework.camellia.authentication.server.main.spring.oauth2.OidcUserInfoMapper;
import io.gardenerframework.camellia.authentication.server.main.spring.oauth2.TokenEndpointAuthenticationConverterDelegate;
import java.lang.reflect.Field;
import java.util.Collection;
import java.util.Map;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsentService;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationEndpointConfigurer;
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer;
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2ClientAuthenticationConfigurer;
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2EndpointConfigurerRequestMatcherAccessor;
import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2AuthorizationCodeAuthenticationConverter;
import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2ClientCredentialsAuthenticationConverter;
import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2RefreshTokenAuthenticationConverter;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.CollectionUtils;

@AuthenticationServerEngineComponent
/* loaded from: input_file:io/gardenerframework/camellia/authentication/server/configuration/OAuth2AuthorizationServerConfigurerProxy.class */
public class OAuth2AuthorizationServerConfigurerProxy extends AuthenticationServerEngineSecurityConfigurer {
    private final AuthenticationServerPathOption authenticationServerPathOption;
    private final OAuth2AuthorizationConsentService oAuth2AuthorizationConsentService;
    private final OAuth2AuthorizationService oAuth2AuthorizationService;
    private final OidcUserInfoMapper oidcUserInfoMapper;
    private final AuthenticationEndpointAuthenticationFailureHandler authenticationEndpointAuthenticationFailureHandler;
    private final LoginAuthenticationRequestConverter loginAuthenticationRequestConverter;
    private final OAuth2AuthorizationServerConfigurer oAuth2AuthorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer();
    private final Collection<OAuth2ClientAuthenticationFilterRequestMatherConfigurer> clientAuthenticationFilterRequestMatherConfigurers;
    private final TokenEndpointAuthenticationConverterDelegate tokenEndpointAuthenticationConverterDelegate;
    private OAuth2AuthorizationEndpointConfigurer oAuth2AuthorizationEndpointConfigurer;
    private OAuth2ClientAuthenticationConfigurer oAuth2ClientAuthenticationConfigurer;

    public void init(HttpSecurity httpSecurity) throws Exception {
        this.oAuth2AuthorizationServerConfigurer.oidc(oidcConfigurer -> {
            oidcConfigurer.userInfoEndpoint(oidcUserInfoEndpointConfigurer -> {
                oidcUserInfoEndpointConfigurer.userInfoMapper(this.oidcUserInfoMapper);
            });
        });
        httpSecurity.apply(this.oAuth2AuthorizationServerConfigurer);
        httpSecurity.oauth2ResourceServer().jwt();
        Field declaredField = this.oAuth2AuthorizationServerConfigurer.getClass().getDeclaredField("configurers");
        declaredField.setAccessible(true);
        this.oAuth2AuthorizationEndpointConfigurer = (OAuth2AuthorizationEndpointConfigurer) ((Map) declaredField.get(this.oAuth2AuthorizationServerConfigurer)).get(OAuth2AuthorizationEndpointConfigurer.class);
        declaredField.setAccessible(false);
    }

    public void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf().ignoringRequestMatchers(new RequestMatcher[]{this.oAuth2AuthorizationServerConfigurer.getEndpointsMatcher()});
        this.oAuth2AuthorizationServerConfigurer.authorizationEndpoint(oAuth2AuthorizationEndpointConfigurer -> {
            oAuth2AuthorizationEndpointConfigurer.consentPage(this.authenticationServerPathOption.getOAuth2AuthorizationConsentPage());
        });
        this.oAuth2AuthorizationServerConfigurer.authorizationService(this.oAuth2AuthorizationService);
        this.oAuth2AuthorizationServerConfigurer.authorizationConsentService(this.oAuth2AuthorizationConsentService);
        this.oAuth2AuthorizationServerConfigurer.tokenEndpoint(oAuth2TokenEndpointConfigurer -> {
            oAuth2TokenEndpointConfigurer.errorResponseHandler(this.authenticationEndpointAuthenticationFailureHandler);
            this.tokenEndpointAuthenticationConverterDelegate.addConverter(new OAuth2AuthorizationCodeAuthenticationConverter(), new OAuth2RefreshTokenAuthenticationConverter(), new OAuth2ClientCredentialsAuthenticationConverter(), this.loginAuthenticationRequestConverter);
            oAuth2TokenEndpointConfigurer.accessTokenRequestConverter(this.tokenEndpointAuthenticationConverterDelegate);
        });
        this.oAuth2AuthorizationServerConfigurer.clientAuthentication(oAuth2ClientAuthenticationConfigurer -> {
            this.setOAuth2ClientAuthenticationConfigurer(oAuth2ClientAuthenticationConfigurer);
            oAuth2ClientAuthenticationConfigurer.errorResponseHandler(this.authenticationEndpointAuthenticationFailureHandler);
        });
        if (CollectionUtils.isEmpty(this.clientAuthenticationFilterRequestMatherConfigurers)) {
            return;
        }
        try {
            Field declaredField = this.oAuth2ClientAuthenticationConfigurer.getClass().getDeclaredField("requestMatcher");
            declaredField.setAccessible(true);
            declaredField.setAccessible(false);
        } catch (IllegalAccessException | NoSuchFieldException e) {
            throw new IllegalStateException(e);
        }
    }

    public RequestMatcher getEndpointMatcher() {
        return this.oAuth2AuthorizationServerConfigurer.getEndpointsMatcher();
    }

    public RequestMatcher getAuthorizationEndpointMatcher() {
        return OAuth2EndpointConfigurerRequestMatcherAccessor.getAuthorizationEndpointRequestMatcher(this.oAuth2AuthorizationEndpointConfigurer);
    }

    public OAuth2AuthorizationServerConfigurerProxy(AuthenticationServerPathOption authenticationServerPathOption, OAuth2AuthorizationConsentService oAuth2AuthorizationConsentService, OAuth2AuthorizationService oAuth2AuthorizationService, OidcUserInfoMapper oidcUserInfoMapper, AuthenticationEndpointAuthenticationFailureHandler authenticationEndpointAuthenticationFailureHandler, LoginAuthenticationRequestConverter loginAuthenticationRequestConverter, Collection<OAuth2ClientAuthenticationFilterRequestMatherConfigurer> collection, TokenEndpointAuthenticationConverterDelegate tokenEndpointAuthenticationConverterDelegate) {
        this.authenticationServerPathOption = authenticationServerPathOption;
        this.oAuth2AuthorizationConsentService = oAuth2AuthorizationConsentService;
        this.oAuth2AuthorizationService = oAuth2AuthorizationService;
        this.oidcUserInfoMapper = oidcUserInfoMapper;
        this.authenticationEndpointAuthenticationFailureHandler = authenticationEndpointAuthenticationFailureHandler;
        this.loginAuthenticationRequestConverter = loginAuthenticationRequestConverter;
        this.clientAuthenticationFilterRequestMatherConfigurers = collection;
        this.tokenEndpointAuthenticationConverterDelegate = tokenEndpointAuthenticationConverterDelegate;
    }

    public void setOAuth2ClientAuthenticationConfigurer(OAuth2ClientAuthenticationConfigurer oAuth2ClientAuthenticationConfigurer) {
        this.oAuth2ClientAuthenticationConfigurer = oAuth2ClientAuthenticationConfigurer;
    }
}
