package org.seedstack.seed.web.security.internal;

import com.google.inject.Key;
import com.google.inject.Scopes;
import com.google.inject.name.Names;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.ServletContext;
import org.apache.shiro.config.ConfigurationException;
import org.apache.shiro.guice.web.GuiceShiroFilter;
import org.apache.shiro.util.StringUtils;
import org.apache.shiro.web.filter.PathMatchingFilter;
import org.seedstack.seed.security.internal.SecurityGuiceConfigurer;
import org.seedstack.seed.web.SecurityFilter;
import org.seedstack.seed.web.security.WebSecurityConfig;
import org.seedstack.seed.web.security.internal.shiro.ShiroWebModule;
import org.seedstack.seed.web.spi.AntiXsrfService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/seedstack/seed/web/security/internal/WebSecurityModule.class */
class WebSecurityModule extends ShiroWebModule {
    private static final Logger LOGGER = LoggerFactory.getLogger(ShiroWebModule.class);
    private static final Map<String, Key<? extends Filter>> DEFAULT_FILTERS = new HashMap();
    private final String applicationName;
    private final WebSecurityConfig securityConfig;
    private final Collection<Class<? extends Filter>> customFilters;
    private final SecurityGuiceConfigurer securityGuiceConfigurer;

    /* JADX INFO: Access modifiers changed from: package-private */
    public WebSecurityModule(ServletContext servletContext, WebSecurityConfig webSecurityConfig, Collection<Class<? extends Filter>> collection, String str, SecurityGuiceConfigurer securityGuiceConfigurer) {
        super(servletContext);
        this.securityConfig = webSecurityConfig;
        this.customFilters = collection;
        this.applicationName = str;
        this.securityGuiceConfigurer = securityGuiceConfigurer;
    }

    @Override // org.seedstack.seed.web.security.internal.shiro.ShiroWebModule
    protected void configureShiroWeb() {
        for (WebSecurityConfig.UrlConfig urlConfig : this.securityConfig.getUrls()) {
            String pattern = urlConfig.getPattern();
            List<String> filters = urlConfig.getFilters();
            LOGGER.trace("Binding {} to security filter chain {}", pattern, filters);
            addFilterChain(pattern, getFilterKeys(filters));
        }
        LOGGER.debug("{} URL(s) bound to security filters", Integer.valueOf(this.securityConfig.getUrls().size()));
        bind(WebSecurityConfig.class);
        bind(AntiXsrfFilter.class);
        for (Class<? extends Filter> cls : this.customFilters) {
            if (!PathMatchingFilter.class.isAssignableFrom(cls)) {
                bind(cls);
            }
        }
        bind(AntiXsrfService.class).to(StatelessAntiXsrfService.class);
        bindConstant().annotatedWith(Names.named("shiro.applicationName")).to(this.applicationName);
        this.securityGuiceConfigurer.configure(binder());
        bind(GuiceShiroFilter.class).in(Scopes.SINGLETON);
        expose(AntiXsrfService.class);
    }

    private ShiroWebModule.FilterKey[] getFilterKeys(List<String> list) {
        ShiroWebModule.FilterKey[] filterKeyArr = new ShiroWebModule.FilterKey[list.size()];
        int i = 0;
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            String[] nameConfigPair = toNameConfigPair(it.next());
            Key<? extends Filter> findKey = findKey(nameConfigPair[0]);
            if (findKey != null) {
                filterKeyArr[i] = new ShiroWebModule.FilterKey(findKey, nameConfigPair[1] == null ? "" : nameConfigPair[1]);
            } else {
                addError("The filter [" + nameConfigPair[0] + "] could not be found as a default filter or as a class annotated with SecurityFilter", new Object[0]);
            }
            i++;
        }
        return filterKeyArr;
    }

    private Key<? extends Filter> findKey(String str) {
        Key<? extends Filter> key = null;
        if (DEFAULT_FILTERS.containsKey(str)) {
            key = DEFAULT_FILTERS.get(str);
        } else {
            for (Class<? extends Filter> cls : this.customFilters) {
                if (str.equals(cls.getAnnotation(SecurityFilter.class).value())) {
                    key = Key.get(cls);
                }
            }
        }
        return key;
    }

    private String[] toNameConfigPair(String str) throws ConfigurationException {
        String clean;
        String[] split = str.split("\\[", 2);
        String clean2 = StringUtils.clean(split[0]);
        if (clean2 == null) {
            throw new IllegalArgumentException("Filter name not found for filter chain definition token: " + str);
        }
        String str2 = null;
        if (split.length == 2) {
            String clean3 = StringUtils.clean(split[1]);
            str2 = StringUtils.clean(clean3.substring(0, clean3.length() - 1));
            if (str2 != null && str2.startsWith("\"") && str2.endsWith("\"") && (clean = StringUtils.clean(str2.substring(1, str2.length() - 1))) != null && clean.indexOf(34) == -1) {
                str2 = clean;
            }
        }
        return new String[]{clean2, str2};
    }

    static {
        DEFAULT_FILTERS.put("anon", ANON);
        DEFAULT_FILTERS.put("authc", AUTHC);
        DEFAULT_FILTERS.put("authcBasic", AUTHC_BASIC);
        DEFAULT_FILTERS.put("logout", LOGOUT);
        DEFAULT_FILTERS.put("noSessionCreation", NO_SESSION_CREATION);
        DEFAULT_FILTERS.put("perms", PERMS);
        DEFAULT_FILTERS.put("port", PORT);
        DEFAULT_FILTERS.put("rest", REST);
        DEFAULT_FILTERS.put("roles", ROLES);
        DEFAULT_FILTERS.put("ssl", SSL);
        DEFAULT_FILTERS.put("user", USER);
        DEFAULT_FILTERS.put("xsrf", Key.get(AntiXsrfFilter.class));
        DEFAULT_FILTERS.put("cert", Key.get(X509CertificateFilter.class));
    }
}
