package org.activiti.services.identity.keycloak;

import ch.qos.logback.classic.ClassicConstants;
import org.keycloak.adapters.KeycloakConfigResolver;
import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
import org.keycloak.adapters.springsecurity.KeycloakSecurityComponents;
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.context.annotation.PropertySources;
import org.springframework.jdbc.datasource.init.ScriptUtils;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
import org.springframework.security.core.session.SessionRegistryImpl;
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;

@Configuration
@EnableWebSecurity
@PropertySources({@PropertySource({"classpath:application.properties"})})
@ComponentScan(basePackageClasses = {KeycloakSecurityComponents.class})
/* loaded from: input_file:BOOT-INF/lib/activiti-services-identity-keycloak-7-201709-EA.jar:org/activiti/services/identity/keycloak/SecurityConfig.class */
public class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
        keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());
        authenticationManagerBuilder.authenticationProvider((AuthenticationProvider) keycloakAuthenticationProvider);
    }

    @Override // org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter
    protected KeycloakAuthenticationProvider keycloakAuthenticationProvider() {
        return new KeycloakActivitiAuthenticationProvider();
    }

    @Bean
    public KeycloakConfigResolver KeycloakConfigResolver() {
        return new KeycloakSpringBootConfigResolver();
    }

    @Override // org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter
    @Bean
    protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
        return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter, org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    public void configure(HttpSecurity httpSecurity) throws Exception {
        super.configure(httpSecurity);
        ((HttpSecurity) ((HttpSecurity) httpSecurity.authorizeRequests().antMatchers(ScriptUtils.DEFAULT_BLOCK_COMMENT_START_DELIMITER).hasRole(ClassicConstants.USER_MDC_KEY).anyRequest().authenticated().and()).csrf().disable()).httpBasic().disable();
    }
}
