package org.pac4j.spring.boot;

import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import java.util.List;
import org.pac4j.core.ext.authentication.AuthenticatingFailureCounter;
import org.pac4j.core.ext.authentication.UsernamePasswordCaptchaAuthenticator;
import org.pac4j.core.ext.authentication.UsernamePasswordCaptchaFormClient;
import org.pac4j.core.ext.authentication.captcha.CaptchaResolver;
import org.pac4j.core.ext.credentials.extractor.UsernamePasswordCaptchaCredentialsExtractor;
import org.pac4j.core.http.ajax.AjaxRequestResolver;
import org.pac4j.core.http.callback.CallbackUrlResolver;
import org.pac4j.core.http.url.UrlResolver;
import org.pac4j.http.client.direct.CookieClient;
import org.pac4j.http.client.direct.HeaderClient;
import org.pac4j.http.client.direct.ParameterClient;
import org.pac4j.jwt.config.encryption.EncryptionConfiguration;
import org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration;
import org.pac4j.jwt.config.signature.SecretSignatureConfiguration;
import org.pac4j.jwt.config.signature.SignatureConfiguration;
import org.pac4j.jwt.credentials.authenticator.JwtAuthenticator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.autoconfigure.web.ServerProperties;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@AutoConfigureBefore({Pac4jAutoConfiguration.class})
@EnableConfigurationProperties({Pac4jJwtProperties.class, Pac4jProperties.class, ServerProperties.class})
@Configuration
@ConditionalOnClass({CookieClient.class, ParameterClient.class, HeaderClient.class, JwtAuthenticator.class})
@ConditionalOnProperty(prefix = Pac4jJwtProperties.PREFIX, value = {"enabled"}, havingValue = "true")
/* loaded from: input_file:org/pac4j/spring/boot/Pac4jJwtConfiguration.class */
public class Pac4jJwtConfiguration {

    @Autowired
    private Pac4jJwtProperties jwtProperties;

    @ConditionalOnMissingBean
    @Bean
    public EncryptionConfiguration encryptionConfiguration() {
        return new SecretEncryptionConfiguration(this.jwtProperties.getEncryptSecret(), JWEAlgorithm.parse(this.jwtProperties.getJweAlgorithm().value()), EncryptionMethod.parse(this.jwtProperties.getEncryption().value()));
    }

    @ConditionalOnMissingBean
    @Bean
    public SignatureConfiguration signatureConfiguration() {
        return new SecretSignatureConfiguration(this.jwtProperties.getSignSecret(), JWSAlgorithm.parse(this.jwtProperties.getJwsAlgorithm().value()));
    }

    @ConditionalOnMissingBean
    @Bean
    public JwtAuthenticator jwtAuthenticator(List<SignatureConfiguration> list, List<EncryptionConfiguration> list2) {
        JwtAuthenticator jwtAuthenticator = new JwtAuthenticator();
        jwtAuthenticator.setEncryptionConfigurations(list2);
        jwtAuthenticator.setSignatureConfigurations(list);
        return jwtAuthenticator;
    }

    @Bean({"jwtUpcAuthenticator"})
    public UsernamePasswordCaptchaAuthenticator jwtUpcAuthenticator(CaptchaResolver captchaResolver, AuthenticatingFailureCounter authenticatingFailureCounter) {
        UsernamePasswordCaptchaAuthenticator usernamePasswordCaptchaAuthenticator = new UsernamePasswordCaptchaAuthenticator();
        usernamePasswordCaptchaAuthenticator.setCaptchaRequired(this.jwtProperties.isCaptchaRequired());
        usernamePasswordCaptchaAuthenticator.setCaptchaResolver(captchaResolver);
        usernamePasswordCaptchaAuthenticator.setFailureCounter(authenticatingFailureCounter);
        usernamePasswordCaptchaAuthenticator.setRetryTimesKeyAttribute(this.jwtProperties.getRetryTimesKeyAttribute());
        usernamePasswordCaptchaAuthenticator.setRetryTimesWhenAccessDenied(this.jwtProperties.getRetryTimesWhenAccessDenied());
        return usernamePasswordCaptchaAuthenticator;
    }

    @Bean({"jwtUpcCredentialsExtractor"})
    public UsernamePasswordCaptchaCredentialsExtractor jwtUpcCredentialsExtractor() {
        return new UsernamePasswordCaptchaCredentialsExtractor(this.jwtProperties.getUsernameParameterName(), this.jwtProperties.getPasswordParameterName(), this.jwtProperties.getCaptchaParamName(), this.jwtProperties.isPostOnly());
    }

    @Bean({"jwtAuthcClient"})
    public UsernamePasswordCaptchaFormClient jwtAuthcClient(AjaxRequestResolver ajaxRequestResolver, CallbackUrlResolver callbackUrlResolver, @Qualifier("jwtUpcAuthenticator") UsernamePasswordCaptchaAuthenticator usernamePasswordCaptchaAuthenticator, @Qualifier("jwtUpcCredentialsExtractor") UsernamePasswordCaptchaCredentialsExtractor usernamePasswordCaptchaCredentialsExtractor, UrlResolver urlResolver) {
        UsernamePasswordCaptchaFormClient usernamePasswordCaptchaFormClient = new UsernamePasswordCaptchaFormClient();
        usernamePasswordCaptchaFormClient.setAjaxRequestResolver(ajaxRequestResolver);
        usernamePasswordCaptchaFormClient.setAuthenticator(usernamePasswordCaptchaAuthenticator);
        usernamePasswordCaptchaFormClient.setCallbackUrl(this.jwtProperties.getCallbackUrl());
        usernamePasswordCaptchaFormClient.setCallbackUrlResolver(callbackUrlResolver);
        usernamePasswordCaptchaFormClient.setCredentialsExtractor(usernamePasswordCaptchaCredentialsExtractor);
        if (this.jwtProperties.getCustomProperties() != null) {
            usernamePasswordCaptchaFormClient.setCustomProperties(this.jwtProperties.getCustomProperties());
        }
        usernamePasswordCaptchaFormClient.setLoginUrl(this.jwtProperties.getLoginUrl());
        usernamePasswordCaptchaFormClient.setName(this.jwtProperties.getDefaultClientName());
        usernamePasswordCaptchaFormClient.setPasswordParameter(this.jwtProperties.getPasswordParameterName());
        usernamePasswordCaptchaFormClient.setUrlResolver(urlResolver);
        usernamePasswordCaptchaFormClient.setUsernameParameter(this.jwtProperties.getUsernameParameterName());
        return usernamePasswordCaptchaFormClient;
    }

    @Bean({"jwtCookieAuthzClient"})
    public CookieClient jwtCookieAuthzClient(JwtAuthenticator jwtAuthenticator) {
        CookieClient cookieClient = new CookieClient(this.jwtProperties.getAuthorizationCookieName(), jwtAuthenticator);
        if (this.jwtProperties.getCustomProperties() != null) {
            cookieClient.setCustomProperties(this.jwtProperties.getCustomProperties());
        }
        cookieClient.setName(this.jwtProperties.getCookieClientName());
        cookieClient.setCookieName(this.jwtProperties.getAuthorizationCookieName());
        return cookieClient;
    }

    @Bean({"jwtHeaderAuthzClient"})
    public HeaderClient jwtHeaderAuthzClient(JwtAuthenticator jwtAuthenticator) {
        HeaderClient headerClient = new HeaderClient(this.jwtProperties.getAuthorizationHeaderName(), jwtAuthenticator);
        if (this.jwtProperties.getCustomProperties() != null) {
            headerClient.setCustomProperties(this.jwtProperties.getCustomProperties());
        }
        headerClient.setName(this.jwtProperties.getHeaderClientName());
        headerClient.setHeaderName(this.jwtProperties.getAuthorizationHeaderName());
        headerClient.setPrefixHeader(this.jwtProperties.getAuthorizationHeaderPrefix());
        return headerClient;
    }

    @Bean
    public ParameterClient jwtParamAuthzClient(JwtAuthenticator jwtAuthenticator) {
        ParameterClient parameterClient = new ParameterClient(this.jwtProperties.getAuthorizationParamName(), jwtAuthenticator);
        if (this.jwtProperties.getCustomProperties() != null) {
            parameterClient.setCustomProperties(this.jwtProperties.getCustomProperties());
        }
        parameterClient.setName(this.jwtProperties.getParamClientName());
        parameterClient.setParameterName(this.jwtProperties.getAuthorizationParamName());
        parameterClient.setSupportGetRequest(this.jwtProperties.isSupportGetRequest());
        parameterClient.setSupportPostRequest(this.jwtProperties.isSupportPostRequest());
        return parameterClient;
    }
}
