package com.vaadin.snaplets.usermanager.demo.security;

import com.vaadin.flow.spring.security.VaadinWebSecurity;
import com.vaadin.snaplets.usermanager.demo.views.LoginView;
import com.vaadin.snaplets.usermanager.exception.UserDisabledException;
import com.vaadin.snaplets.usermanager.service.PersistentLoginService;
import java.util.HashMap;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler;
import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;

@EnableWebSecurity
@Configuration
@ComponentScan(basePackageClasses = {SecurityConfiguration.class})
/* loaded from: input_file:com/vaadin/snaplets/usermanager/demo/security/SecurityConfiguration.class */
public class SecurityConfiguration extends VaadinWebSecurity {
    public static final String LOGOUT_URL = "/";

    @Value("${com.vaadin.snaplets.usernamager.encoding.secret.key:1234567890}")
    private String secretKey;

    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private PersistentLoginService persistentLoginService;

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers(new RequestMatcher[]{AntPathRequestMatcher.antMatcher("/login*")})).permitAll().requestMatchers(new RequestMatcher[]{AntPathRequestMatcher.antMatcher("/login?error=.*")})).permitAll().requestMatchers(new RequestMatcher[]{AntPathRequestMatcher.antMatcher("/offline-stub.html")})).permitAll().requestMatchers(new RequestMatcher[]{AntPathRequestMatcher.antMatcher("/offline-page.html")})).permitAll();
        });
        httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry2 -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry2.requestMatchers(new RequestMatcher[]{AntPathRequestMatcher.antMatcher("/h2-console/**")})).permitAll();
        }).headers(headersConfigurer -> {
            headersConfigurer.frameOptions().disable();
        }).csrf(csrfConfigurer -> {
            csrfConfigurer.ignoringRequestMatchers(new RequestMatcher[]{AntPathRequestMatcher.antMatcher("/h2-console/**")});
        });
        super.configure(httpSecurity);
        httpSecurity.formLogin().failureHandler(authenticationFailureHandler());
        httpSecurity.rememberMe().rememberMeServices(getRememberMeServices()).tokenValiditySeconds(7200);
        setLoginView(httpSecurity, LoginView.class, LOGOUT_URL);
    }

    public void configure(WebSecurity webSecurity) throws Exception {
        super.configure(webSecurity);
        webSecurity.ignoring().requestMatchers(new RequestMatcher[]{AntPathRequestMatcher.antMatcher("/images/*.png"), AntPathRequestMatcher.antMatcher("/h2-console/**")});
    }

    public AuthenticationFailureHandler authenticationFailureHandler() {
        HashMap hashMap = new HashMap();
        hashMap.put(UserDisabledException.class.getCanonicalName(), "/login?error=disabled");
        hashMap.put(BadCredentialsException.class.getCanonicalName(), "/login?error=badcredentials");
        ExceptionMappingAuthenticationFailureHandler exceptionMappingAuthenticationFailureHandler = new ExceptionMappingAuthenticationFailureHandler();
        exceptionMappingAuthenticationFailureHandler.setExceptionMappings(hashMap);
        exceptionMappingAuthenticationFailureHandler.setDefaultFailureUrl("/login?error");
        return exceptionMappingAuthenticationFailureHandler;
    }

    @Bean
    public PersistentTokenBasedRememberMeServices getRememberMeServices() {
        return new PersistentTokenBasedRememberMeServices(this.secretKey, this.userDetailsService, this.persistentLoginService);
    }
}
