package de.codecamp.vaadin.security.spring.config;

import com.vaadin.flow.server.HandlerHelper;
import com.vaadin.flow.server.Version;
import de.codecamp.vaadin.security.spring.authentication.VaadinSecurityAuthenticationFailureHandler;
import de.codecamp.vaadin.security.spring.authentication.VaadinSecurityAuthenticationSuccessHandler;
import de.codecamp.vaadin.security.spring.autoconfigure.VaadinSecurityProperties;
import java.util.stream.Stream;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.web.util.matcher.RequestMatcher;

/* loaded from: input_file:de/codecamp/vaadin/security/spring/config/VaadinSecurityConfigurerAdapter.class */
public abstract class VaadinSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
    private String uiRootUrl;
    private String loginProcessingUrl;
    private String logoutUrl;
    private String logoutSuccessUrl;

    protected VaadinSecurityConfigurerAdapter() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public VaadinSecurityConfigurerAdapter(VaadinSecurityProperties vaadinSecurityProperties) {
        configure(vaadinSecurityProperties);
    }

    public void setUiRootUrl(String str) {
        this.uiRootUrl = str;
    }

    public void setLoginProcessingUrl(String str) {
        this.loginProcessingUrl = str;
    }

    public void setLogoutUrl(String str) {
        this.logoutUrl = str;
    }

    public void setLogoutSuccessUrl(String str) {
        this.logoutSuccessUrl = str;
    }

    public void configure(VaadinSecurityProperties vaadinSecurityProperties) {
        setUiRootUrl(vaadinSecurityProperties.getLocations().getUiRootUrl());
        setLoginProcessingUrl(vaadinSecurityProperties.getLocations().getLoginProcessingUrl());
        setLogoutUrl(vaadinSecurityProperties.getLocations().getLogoutUrl());
        setLogoutSuccessUrl(vaadinSecurityProperties.getLocations().getLogoutSuccessUrl());
    }

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf().disable();
        ((HttpSecurity.RequestMatcherConfigurer) ((HttpSecurity.RequestMatcherConfigurer) httpSecurity.requestMatchers().requestMatchers(new RequestMatcher[]{VaadinSecurityConfigurerAdapter::isFrameworkInternalRequest})).antMatchers(this.uiRootUrl.isEmpty() ? new String[]{"/**"} : new String[]{this.uiRootUrl, this.uiRootUrl + "/**"})).antMatchers(new String[]{"/VAADIN/**"});
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().anyRequest()).permitAll();
        httpSecurity.formLogin().loginPage(this.loginProcessingUrl).permitAll().successHandler(new VaadinSecurityAuthenticationSuccessHandler()).failureHandler(new VaadinSecurityAuthenticationFailureHandler());
        httpSecurity.logout().logoutUrl(this.logoutUrl).logoutSuccessUrl((String) StringUtils.defaultIfBlank(this.logoutSuccessUrl, (String) StringUtils.defaultIfBlank(this.uiRootUrl, "/")));
    }

    public static boolean isFrameworkInternalRequest(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("v-r");
        if (parameter == null) {
            return false;
        }
        return (Version.getMajorVersion() < 2 || Version.getMinorVersion() < 2) ? Stream.of((Object[]) new String[]{"uidl", "heartbeat", "push"}).anyMatch(str -> {
            return str.equals(parameter);
        }) : Stream.of((Object[]) HandlerHelper.RequestType.values()).anyMatch(requestType -> {
            return requestType.getIdentifier().equals(parameter);
        });
    }
}
