package net.novosoft.tasker.security;

import com.vaadin.flow.component.Component;
import com.vaadin.flow.internal.AnnotationReader;
import com.vaadin.flow.router.Route;
import com.vaadin.flow.router.internal.RouteUtil;
import com.vaadin.flow.server.VaadinServletContext;
import com.vaadin.flow.spring.security.UidlRedirectStrategy;
import com.vaadin.flow.spring.security.VaadinSavedRequestAwareAuthenticationSuccessHandler;
import com.vaadin.flow.spring.security.VaadinWebSecurity;
import net.novosoft.tasker.ui.Login;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
import org.springframework.web.context.WebApplicationContext;

@EnableWebSecurity
@Configuration
/* loaded from: input_file:BOOT-INF/classes/net/novosoft/tasker/security/SecurityConfig.class */
public class SecurityConfig extends VaadinWebSecurity {

    @Autowired
    private ApplicationContext applicationContext;

    @Value("#{servletContext.contextPath}")
    private String servletContextPath;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.vaadin.flow.spring.security.VaadinWebSecurity
    public void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            authorizationManagerRequestMatcherRegistry.requestMatchers(AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/images/*.png")).permitAll();
        });
        super.configure(httpSecurity);
        setLoginView(httpSecurity, Login.class);
    }

    private VaadinSavedRequestAwareAuthenticationSuccessHandler getVaadinSavedRequestAwareAuthenticationSuccessHandler(HttpSecurity httpSecurity) {
        VaadinSavedRequestAwareAuthenticationSuccessHandler vaadinSavedRequestAwareAuthenticationSuccessHandler = new VaadinSavedRequestAwareAuthenticationSuccessHandler();
        vaadinSavedRequestAwareAuthenticationSuccessHandler.setDefaultTargetUrl(applyUrlMapping(""));
        RequestCache requestCache = (RequestCache) httpSecurity.getSharedObject(RequestCache.class);
        if (requestCache != null) {
            vaadinSavedRequestAwareAuthenticationSuccessHandler.setRequestCache(requestCache);
        }
        httpSecurity.setSharedObject(VaadinSavedRequestAwareAuthenticationSuccessHandler.class, vaadinSavedRequestAwareAuthenticationSuccessHandler);
        return vaadinSavedRequestAwareAuthenticationSuccessHandler;
    }

    @Override // com.vaadin.flow.spring.security.VaadinWebSecurity
    protected void setLoginView(HttpSecurity httpSecurity, Class<? extends Component> cls) throws Exception {
        setLoginView(httpSecurity, cls, getDefaultLogoutUrl());
    }

    @Override // com.vaadin.flow.spring.security.VaadinWebSecurity
    protected void setLoginView(HttpSecurity httpSecurity, Class<? extends Component> cls, String str) throws Exception {
        if (!AnnotationReader.getAnnotationFor(cls, Route.class).isPresent()) {
            throw new IllegalArgumentException("Unable find a @Route annotation on the login view " + cls.getName());
        }
        if (!(this.applicationContext instanceof WebApplicationContext)) {
            throw new RuntimeException("VaadinWebSecurity cannot be used without WebApplicationContext.");
        }
        String routePath = RouteUtil.getRoutePath(new VaadinServletContext(((WebApplicationContext) this.applicationContext).getServletContext()), cls);
        if (!routePath.startsWith("/")) {
            routePath = "/" + routePath;
        }
        String applyUrlMapping = applyUrlMapping(routePath);
        HBFormLoginConfigurer hBFormLoginConfigurer = (HBFormLoginConfigurer) httpSecurity.apply((HttpSecurity) new HBFormLoginConfigurer());
        hBFormLoginConfigurer.loginPage(applyUrlMapping).permitAll();
        hBFormLoginConfigurer.successHandler(getVaadinSavedRequestAwareAuthenticationSuccessHandler(httpSecurity));
        httpSecurity.csrf(csrfConfigurer -> {
            csrfConfigurer.ignoringRequestMatchers(new AntPathRequestMatcher(applyUrlMapping));
        });
        configureLogout(httpSecurity, str);
        httpSecurity.exceptionHandling(exceptionHandlingConfigurer -> {
            exceptionHandlingConfigurer.defaultAuthenticationEntryPointFor(new LoginUrlAuthenticationEntryPoint(applyUrlMapping), AnyRequestMatcher.INSTANCE);
        });
        getViewAccessChecker().setLoginView(cls);
    }

    private String getDefaultLogoutUrl() {
        return this.servletContextPath.startsWith("/") ? this.servletContextPath : "/" + this.servletContextPath;
    }

    private void configureLogout(HttpSecurity httpSecurity, String str) throws Exception {
        SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler = new SimpleUrlLogoutSuccessHandler();
        simpleUrlLogoutSuccessHandler.setDefaultTargetUrl(str);
        simpleUrlLogoutSuccessHandler.setRedirectStrategy(new UidlRedirectStrategy());
        httpSecurity.logout(logoutConfigurer -> {
            logoutConfigurer.logoutSuccessHandler(simpleUrlLogoutSuccessHandler);
        });
    }
}
