package com.appiancorp.security.auth.oidc;

import com.appiancorp.features.FeatureToggleClient;
import com.appiancorp.security.auth.OidcSSOsManager;
import com.appiancorp.security.auth.SsoProxyUrlRepairUtil;
import com.appiancorp.security.auth.oidc.persistence.service.OidcSettingsService;
import com.appiancorp.security.auth.oidc.test.OidcTestButtonSpringConfig;
import com.appiancorp.security.auth.oidc.test.OidcTestStateManager;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient;
import org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeAuthenticationProvider;
import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;

@Configuration
@Lazy
@Import({OidcFeatureTogglesSpringConfig.class, OidcTestButtonSpringConfig.class})
/* loaded from: input_file:com/appiancorp/security/auth/oidc/OidcFilterSpringConfig.class */
public class OidcFilterSpringConfig {

    @Autowired
    OidcSuiteConfiguration oidcSuiteConfiguration;

    @Autowired
    OidcConfiguration oidcConfiguration;

    @Autowired
    @Qualifier("oidcSettingsServiceAdminContextDecorator")
    OidcSettingsService oidcSettingsServiceAdminContextDecorator;

    @Autowired
    @Qualifier("appianRedirectStrategy")
    RedirectStrategy appianRedirectStrategy;

    @Autowired
    @Qualifier("appianAuthenticationSuccessHandler")
    AuthenticationSuccessHandler appianAuthenticationSuccessHandler;

    @Autowired
    @Qualifier("portalSessionAuthenticationStrategy")
    SessionAuthenticationStrategy portalSessionAuthenticationStrategy;

    @Autowired
    OidcEncryptionService oidcEncryptionService;

    @Autowired
    SsoProxyUrlRepairUtil ssoProxyUrlRepairUtil;

    @Autowired
    OidcTestStateManager oidcTestStateManager;

    @Bean
    public AppianOidcClientRegistrationRepository oidcClientRegistrationRepository(@Qualifier("oidcSettingsServiceTestStateDecorator") OidcSettingsService oidcSettingsService) {
        return new AppianOidcClientRegistrationRepository(this.oidcEncryptionService, oidcSettingsService, this.oidcTestStateManager);
    }

    @Bean
    public OidcFilterPredicate oidcFilterPredicate(FeatureToggleClient featureToggleClient, OidcSSOsManager oidcSSOsManager) {
        return new OidcFilterPredicate(this.oidcSuiteConfiguration, featureToggleClient, this.oidcConfiguration, oidcSSOsManager);
    }

    @Bean
    public AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository() {
        return new HttpSessionOAuth2AuthorizationRequestRepository();
    }

    @Bean
    public AppianOidcIdTokenDecoderFactory appianOidcIdTokenDecoderFactory() {
        return new AppianOidcIdTokenDecoderFactory(this.oidcSettingsServiceAdminContextDecorator);
    }

    @Bean
    public AuthenticationProvider oidcAuthorizationCodeAuthenticationProvider(AppianOidcIdTokenDecoderFactory appianOidcIdTokenDecoderFactory) {
        OidcAuthorizationCodeAuthenticationProvider oidcAuthorizationCodeAuthenticationProvider = new OidcAuthorizationCodeAuthenticationProvider(new DefaultAuthorizationCodeTokenResponseClient(), new OidcUserService());
        oidcAuthorizationCodeAuthenticationProvider.setJwtDecoderFactory(appianOidcIdTokenDecoderFactory);
        return oidcAuthorizationCodeAuthenticationProvider;
    }

    @Bean
    public OidcAuthCodeManager oidcAuthCodeManager(ClientRegistrationRepository clientRegistrationRepository, AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository, AuthenticationProvider authenticationProvider, OidcSuiteConfiguration oidcSuiteConfiguration, ExecutorService executorService) {
        return new OidcAuthCodeManagerImpl(clientRegistrationRepository, authorizationRequestRepository, authenticationProvider, oidcSuiteConfiguration, executorService);
    }

    @Bean
    public ExecutorService oidcExecutorService() {
        return Executors.newCachedThreadPool();
    }

    @Bean
    public OidcReturnUrlManager oidcReturnUrlManager() {
        return new OidcReturnUrlManager(this.ssoProxyUrlRepairUtil);
    }

    @Bean
    public OidcFilter oidcFilter(AuthenticationManager authenticationManager, ClientRegistrationRepository clientRegistrationRepository, OidcFilterPredicate oidcFilterPredicate, AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository, OidcAuthCodeManager oidcAuthCodeManager, OidcReturnUrlManager oidcReturnUrlManager) {
        return new OidcFilter(this.appianRedirectStrategy, authenticationManager, this.appianAuthenticationSuccessHandler, this.portalSessionAuthenticationStrategy, clientRegistrationRepository, authorizationRequestRepository, oidcFilterPredicate, oidcAuthCodeManager, oidcReturnUrlManager);
    }
}
