package org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers;

import jakarta.servlet.Filter;
import java.util.ArrayList;
import java.util.List;
import java.util.function.Consumer;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsentService;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2DeviceAuthorizationConsentAuthenticationProvider;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2DeviceVerificationAuthenticationProvider;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
import org.springframework.security.oauth2.server.authorization.web.OAuth2DeviceVerificationEndpointFilter;
import org.springframework.security.oauth2.server.authorization.web.authentication.DelegatingAuthenticationConverter;
import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2DeviceAuthorizationConsentAuthenticationConverter;
import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2DeviceVerificationAuthenticationConverter;
import org.springframework.security.web.authentication.AuthenticationConverter;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.OrRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2DeviceVerificationEndpointConfigurer.class */
public final class OAuth2DeviceVerificationEndpointConfigurer extends AbstractOAuth2Configurer {
    private RequestMatcher requestMatcher;
    private final List<AuthenticationConverter> deviceVerificationRequestConverters;
    private Consumer<List<AuthenticationConverter>> deviceVerificationRequestConvertersConsumer;
    private final List<AuthenticationProvider> authenticationProviders;
    private Consumer<List<AuthenticationProvider>> authenticationProvidersConsumer;
    private AuthenticationSuccessHandler deviceVerificationResponseHandler;
    private AuthenticationFailureHandler errorResponseHandler;
    private String consentPage;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OAuth2DeviceVerificationEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
        super(objectPostProcessor);
        this.deviceVerificationRequestConverters = new ArrayList();
        this.deviceVerificationRequestConvertersConsumer = list -> {
        };
        this.authenticationProviders = new ArrayList();
        this.authenticationProvidersConsumer = list2 -> {
        };
    }

    public OAuth2DeviceVerificationEndpointConfigurer deviceVerificationRequestConverter(AuthenticationConverter authenticationConverter) {
        Assert.notNull(authenticationConverter, "deviceVerificationRequestConverter cannot be null");
        this.deviceVerificationRequestConverters.add(authenticationConverter);
        return this;
    }

    public OAuth2DeviceVerificationEndpointConfigurer deviceVerificationRequestConverters(Consumer<List<AuthenticationConverter>> consumer) {
        Assert.notNull(consumer, "deviceVerificationRequestConvertersConsumer cannot be null");
        this.deviceVerificationRequestConvertersConsumer = consumer;
        return this;
    }

    public OAuth2DeviceVerificationEndpointConfigurer authenticationProvider(AuthenticationProvider authenticationProvider) {
        Assert.notNull(authenticationProvider, "authenticationProvider cannot be null");
        this.authenticationProviders.add(authenticationProvider);
        return this;
    }

    public OAuth2DeviceVerificationEndpointConfigurer authenticationProviders(Consumer<List<AuthenticationProvider>> consumer) {
        Assert.notNull(consumer, "authenticationProvidersConsumer cannot be null");
        this.authenticationProvidersConsumer = consumer;
        return this;
    }

    public OAuth2DeviceVerificationEndpointConfigurer deviceVerificationResponseHandler(AuthenticationSuccessHandler authenticationSuccessHandler) {
        this.deviceVerificationResponseHandler = authenticationSuccessHandler;
        return this;
    }

    public OAuth2DeviceVerificationEndpointConfigurer errorResponseHandler(AuthenticationFailureHandler authenticationFailureHandler) {
        this.errorResponseHandler = authenticationFailureHandler;
        return this;
    }

    public OAuth2DeviceVerificationEndpointConfigurer consentPage(String str) {
        this.consentPage = str;
        return this;
    }

    @Override // org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.AbstractOAuth2Configurer
    public void init(HttpSecurity httpSecurity) {
        AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils.getAuthorizationServerSettings(httpSecurity);
        this.requestMatcher = new OrRequestMatcher(new RequestMatcher[]{new AntPathRequestMatcher(authorizationServerSettings.getDeviceVerificationEndpoint(), HttpMethod.GET.name()), new AntPathRequestMatcher(authorizationServerSettings.getDeviceVerificationEndpoint(), HttpMethod.POST.name())});
        List<AuthenticationProvider> createDefaultAuthenticationProviders = createDefaultAuthenticationProviders(httpSecurity);
        if (!this.authenticationProviders.isEmpty()) {
            createDefaultAuthenticationProviders.addAll(0, this.authenticationProviders);
        }
        this.authenticationProvidersConsumer.accept(createDefaultAuthenticationProviders);
        createDefaultAuthenticationProviders.forEach(authenticationProvider -> {
            httpSecurity.authenticationProvider((AuthenticationProvider) postProcess(authenticationProvider));
        });
    }

    @Override // org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.AbstractOAuth2Configurer
    public void configure(HttpSecurity httpSecurity) {
        OAuth2DeviceVerificationEndpointFilter oAuth2DeviceVerificationEndpointFilter = new OAuth2DeviceVerificationEndpointFilter((AuthenticationManager) httpSecurity.getSharedObject(AuthenticationManager.class), OAuth2ConfigurerUtils.getAuthorizationServerSettings(httpSecurity).getDeviceVerificationEndpoint());
        List<AuthenticationConverter> createDefaultAuthenticationConverters = createDefaultAuthenticationConverters();
        if (!this.deviceVerificationRequestConverters.isEmpty()) {
            createDefaultAuthenticationConverters.addAll(0, this.deviceVerificationRequestConverters);
        }
        this.deviceVerificationRequestConvertersConsumer.accept(createDefaultAuthenticationConverters);
        oAuth2DeviceVerificationEndpointFilter.setAuthenticationConverter(new DelegatingAuthenticationConverter(createDefaultAuthenticationConverters));
        if (this.deviceVerificationResponseHandler != null) {
            oAuth2DeviceVerificationEndpointFilter.setAuthenticationSuccessHandler(this.deviceVerificationResponseHandler);
        }
        if (this.errorResponseHandler != null) {
            oAuth2DeviceVerificationEndpointFilter.setAuthenticationFailureHandler(this.errorResponseHandler);
        }
        if (StringUtils.hasText(this.consentPage)) {
            oAuth2DeviceVerificationEndpointFilter.setConsentPage(this.consentPage);
        }
        httpSecurity.addFilterBefore((Filter) postProcess(oAuth2DeviceVerificationEndpointFilter), AbstractPreAuthenticatedProcessingFilter.class);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.AbstractOAuth2Configurer
    public RequestMatcher getRequestMatcher() {
        return this.requestMatcher;
    }

    private static List<AuthenticationConverter> createDefaultAuthenticationConverters() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new OAuth2DeviceVerificationAuthenticationConverter());
        arrayList.add(new OAuth2DeviceAuthorizationConsentAuthenticationConverter());
        return arrayList;
    }

    private static List<AuthenticationProvider> createDefaultAuthenticationProviders(HttpSecurity httpSecurity) {
        RegisteredClientRepository registeredClientRepository = OAuth2ConfigurerUtils.getRegisteredClientRepository(httpSecurity);
        OAuth2AuthorizationService authorizationService = OAuth2ConfigurerUtils.getAuthorizationService(httpSecurity);
        OAuth2AuthorizationConsentService authorizationConsentService = OAuth2ConfigurerUtils.getAuthorizationConsentService(httpSecurity);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new OAuth2DeviceVerificationAuthenticationProvider(registeredClientRepository, authorizationService, authorizationConsentService));
        arrayList.add(new OAuth2DeviceAuthorizationConsentAuthenticationProvider(registeredClientRepository, authorizationService, authorizationConsentService));
        return arrayList;
    }
}
