package org.springframework.security.config.annotation.web.configurers.openid;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import org.openid4java.consumer.ConsumerException;
import org.openid4java.consumer.ConsumerManager;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer;
import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
import org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.openid.AxFetchListFactory;
import org.springframework.security.openid.OpenID4JavaConsumer;
import org.springframework.security.openid.OpenIDAttribute;
import org.springframework.security.openid.OpenIDAuthenticationFilter;
import org.springframework.security.openid.OpenIDAuthenticationProvider;
import org.springframework.security.openid.OpenIDAuthenticationToken;
import org.springframework.security.openid.OpenIDConsumer;
import org.springframework.security.openid.RegexBasedAxFetchListFactory;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;

/* loaded from: input_file:BOOT-INF/lib/spring-security-config-5.1.7.RELEASE.jar:org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.class */
public final class OpenIDLoginConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractAuthenticationFilterConfigurer<H, OpenIDLoginConfigurer<H>, OpenIDAuthenticationFilter> {
    private OpenIDConsumer openIDConsumer;
    private ConsumerManager consumerManager;
    private AuthenticationUserDetailsService<OpenIDAuthenticationToken> authenticationUserDetailsService;
    private List<OpenIDLoginConfigurer<H>.AttributeExchangeConfigurer> attributeExchangeConfigurers;

    /* loaded from: input_file:BOOT-INF/lib/spring-security-config-5.1.7.RELEASE.jar:org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer$AttributeExchangeConfigurer.class */
    public final class AttributeExchangeConfigurer {
        private final String identifier;
        private List<OpenIDAttribute> attributes;
        private List<OpenIDLoginConfigurer<H>.AttributeExchangeConfigurer.AttributeConfigurer> attributeConfigurers;

        /* loaded from: input_file:BOOT-INF/lib/spring-security-config-5.1.7.RELEASE.jar:org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer$AttributeExchangeConfigurer$AttributeConfigurer.class */
        public final class AttributeConfigurer {
            private String name;
            private int count;
            private boolean required;
            private String type;

            private AttributeConfigurer(String str) {
                this.count = 1;
                this.required = false;
                this.name = str;
            }

            public OpenIDLoginConfigurer<H>.AttributeExchangeConfigurer.AttributeConfigurer count(int i) {
                this.count = i;
                return this;
            }

            public OpenIDLoginConfigurer<H>.AttributeExchangeConfigurer.AttributeConfigurer required(boolean z) {
                this.required = z;
                return this;
            }

            public OpenIDLoginConfigurer<H>.AttributeExchangeConfigurer.AttributeConfigurer type(String str) {
                this.type = str;
                return this;
            }

            public OpenIDLoginConfigurer<H>.AttributeExchangeConfigurer and() {
                return AttributeExchangeConfigurer.this;
            }

            /* JADX INFO: Access modifiers changed from: private */
            public OpenIDAttribute build() {
                OpenIDAttribute openIDAttribute = new OpenIDAttribute(this.name, this.type);
                openIDAttribute.setCount(this.count);
                openIDAttribute.setRequired(this.required);
                return openIDAttribute;
            }
        }

        private AttributeExchangeConfigurer(String str) {
            this.attributes = new ArrayList();
            this.attributeConfigurers = new ArrayList();
            this.identifier = str;
        }

        public OpenIDLoginConfigurer<H> and() {
            return OpenIDLoginConfigurer.this;
        }

        public OpenIDLoginConfigurer<H>.AttributeExchangeConfigurer attribute(OpenIDAttribute openIDAttribute) {
            this.attributes.add(openIDAttribute);
            return this;
        }

        public OpenIDLoginConfigurer<H>.AttributeExchangeConfigurer.AttributeConfigurer attribute(String str) {
            OpenIDLoginConfigurer<H>.AttributeExchangeConfigurer.AttributeConfigurer attributeConfigurer = new AttributeConfigurer(str);
            this.attributeConfigurers.add(attributeConfigurer);
            return attributeConfigurer;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public List<OpenIDAttribute> getAttributes() {
            Iterator<OpenIDLoginConfigurer<H>.AttributeExchangeConfigurer.AttributeConfigurer> it = this.attributeConfigurers.iterator();
            while (it.hasNext()) {
                this.attributes.add(it.next().build());
            }
            this.attributeConfigurers.clear();
            return this.attributes;
        }
    }

    public OpenIDLoginConfigurer() {
        super(new OpenIDAuthenticationFilter(), "/login/openid");
        this.attributeExchangeConfigurers = new ArrayList();
    }

    public OpenIDLoginConfigurer<H>.AttributeExchangeConfigurer attributeExchange(String str) {
        OpenIDLoginConfigurer<H>.AttributeExchangeConfigurer attributeExchangeConfigurer = new AttributeExchangeConfigurer(str);
        this.attributeExchangeConfigurers.add(attributeExchangeConfigurer);
        return attributeExchangeConfigurer;
    }

    public OpenIDLoginConfigurer<H> consumer(OpenIDConsumer openIDConsumer) {
        this.openIDConsumer = openIDConsumer;
        return this;
    }

    public OpenIDLoginConfigurer<H> consumerManager(ConsumerManager consumerManager) {
        this.consumerManager = consumerManager;
        return this;
    }

    public OpenIDLoginConfigurer<H> authenticationUserDetailsService(AuthenticationUserDetailsService<OpenIDAuthenticationToken> authenticationUserDetailsService) {
        this.authenticationUserDetailsService = authenticationUserDetailsService;
        return this;
    }

    @Override // org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
    public OpenIDLoginConfigurer<H> loginProcessingUrl(String str) {
        return (OpenIDLoginConfigurer) super.loginProcessingUrl(str);
    }

    @Override // org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
    public OpenIDLoginConfigurer<H> loginPage(String str) {
        return (OpenIDLoginConfigurer) super.loginPage(str);
    }

    @Override // org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer, org.springframework.security.config.annotation.SecurityConfigurerAdapter, org.springframework.security.config.annotation.SecurityConfigurer
    public void init(H h) throws Exception {
        super.init((OpenIDLoginConfigurer<H>) h);
        OpenIDAuthenticationProvider openIDAuthenticationProvider = new OpenIDAuthenticationProvider();
        openIDAuthenticationProvider.setAuthenticationUserDetailsService(getAuthenticationUserDetailsService(h));
        h.authenticationProvider((OpenIDAuthenticationProvider) postProcess(openIDAuthenticationProvider));
        initDefaultLoginFilter(h);
    }

    @Override // org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer, org.springframework.security.config.annotation.SecurityConfigurerAdapter, org.springframework.security.config.annotation.SecurityConfigurer
    public void configure(H h) throws Exception {
        getAuthenticationFilter().setConsumer(getConsumer());
        super.configure((OpenIDLoginConfigurer<H>) h);
    }

    @Override // org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer
    protected RequestMatcher createLoginProcessingUrlMatcher(String str) {
        return new AntPathRequestMatcher(str);
    }

    private OpenIDConsumer getConsumer() throws ConsumerException {
        if (this.openIDConsumer == null) {
            this.openIDConsumer = new OpenID4JavaConsumer(getConsumerManager(), attributesToFetchFactory());
        }
        return this.openIDConsumer;
    }

    private ConsumerManager getConsumerManager() {
        return this.consumerManager != null ? this.consumerManager : new ConsumerManager();
    }

    private AxFetchListFactory attributesToFetchFactory() {
        HashMap hashMap = new HashMap();
        for (OpenIDLoginConfigurer<H>.AttributeExchangeConfigurer attributeExchangeConfigurer : this.attributeExchangeConfigurers) {
            hashMap.put(((AttributeExchangeConfigurer) attributeExchangeConfigurer).identifier, attributeExchangeConfigurer.getAttributes());
        }
        return new RegexBasedAxFetchListFactory(hashMap);
    }

    private AuthenticationUserDetailsService<OpenIDAuthenticationToken> getAuthenticationUserDetailsService(H h) {
        return this.authenticationUserDetailsService != null ? this.authenticationUserDetailsService : new UserDetailsByNameServiceWrapper((UserDetailsService) h.getSharedObject(UserDetailsService.class));
    }

    private void initDefaultLoginFilter(H h) {
        DefaultLoginPageGeneratingFilter defaultLoginPageGeneratingFilter = (DefaultLoginPageGeneratingFilter) h.getSharedObject(DefaultLoginPageGeneratingFilter.class);
        if (defaultLoginPageGeneratingFilter == null || isCustomLoginPage()) {
            return;
        }
        defaultLoginPageGeneratingFilter.setOpenIdEnabled(true);
        defaultLoginPageGeneratingFilter.setOpenIDauthenticationUrl(getLoginProcessingUrl());
        if (defaultLoginPageGeneratingFilter.getLoginPageUrl() == null) {
            defaultLoginPageGeneratingFilter.setLoginPageUrl(getLoginPage());
            defaultLoginPageGeneratingFilter.setFailureUrl(getFailureUrl());
        }
        defaultLoginPageGeneratingFilter.setOpenIDusernameParameter("openid_identifier");
    }
}
