package org.springdoc.security;

import io.swagger.v3.oas.models.Operation;
import io.swagger.v3.oas.models.PathItem;
import io.swagger.v3.oas.models.media.Content;
import io.swagger.v3.oas.models.media.MediaType;
import io.swagger.v3.oas.models.media.ObjectSchema;
import io.swagger.v3.oas.models.media.Schema;
import io.swagger.v3.oas.models.media.StringSchema;
import io.swagger.v3.oas.models.parameters.RequestBody;
import io.swagger.v3.oas.models.responses.ApiResponse;
import io.swagger.v3.oas.models.responses.ApiResponses;
import java.lang.reflect.Field;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Stream;
import javax.servlet.Filter;
import org.apache.commons.lang3.reflect.FieldUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springdoc.core.SpringDocConfiguration;
import org.springdoc.core.SpringDocUtils;
import org.springdoc.core.customizers.GlobalOpenApiCustomizer;
import org.springdoc.core.customizers.OpenApiCustomiser;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.web.FilterChainProxy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

@Configuration(proxyBeanMethods = false)
@ConditionalOnProperty(name = {"springdoc.api-docs.enabled"}, matchIfMissing = true)
@ConditionalOnBean({SpringDocConfiguration.class})
@Lazy(false)
/* loaded from: input_file:org/springdoc/security/SpringDocSecurityConfiguration.class */
public class SpringDocSecurityConfiguration {
    private static final Logger LOGGER = LoggerFactory.getLogger(SpringDocSecurityConfiguration.class);

    @Configuration(proxyBeanMethods = false)
    @ConditionalOnClass({OAuth2AuthorizationService.class})
    @Lazy(false)
    /* loaded from: input_file:org/springdoc/security/SpringDocSecurityConfiguration$SpringDocSecurityOAuth2Configuration.class */
    class SpringDocSecurityOAuth2Configuration {
        SpringDocSecurityOAuth2Configuration() {
        }

        @ConditionalOnProperty({"springdoc.show-oauth2-endpoints"})
        @Bean
        @Lazy(false)
        GlobalOpenApiCustomizer springDocSecurityOAuth2Customizer() {
            return new SpringDocSecurityOAuth2Customizer();
        }
    }

    @Configuration(proxyBeanMethods = false)
    @ConditionalOnClass({Filter.class})
    @Lazy(false)
    /* loaded from: input_file:org/springdoc/security/SpringDocSecurityConfiguration$SpringSecurityLoginEndpointConfiguration.class */
    class SpringSecurityLoginEndpointConfiguration {
        SpringSecurityLoginEndpointConfiguration() {
        }

        @ConditionalOnProperty({"springdoc.show-login-endpoint"})
        @Bean
        @Lazy(false)
        OpenApiCustomiser springSecurityLoginEndpointCustomiser(ApplicationContext applicationContext) {
            FilterChainProxy filterChainProxy = (FilterChainProxy) applicationContext.getBean("springSecurityFilterChain", FilterChainProxy.class);
            return openAPI -> {
                String str;
                for (SecurityFilterChain securityFilterChain : filterChainProxy.getFilterChains()) {
                    Stream stream = securityFilterChain.getFilters().stream();
                    Class<UsernamePasswordAuthenticationFilter> cls = UsernamePasswordAuthenticationFilter.class;
                    Objects.requireNonNull(UsernamePasswordAuthenticationFilter.class);
                    Stream filter = stream.filter((v1) -> {
                        return r1.isInstance(v1);
                    });
                    Class<UsernamePasswordAuthenticationFilter> cls2 = UsernamePasswordAuthenticationFilter.class;
                    Objects.requireNonNull(UsernamePasswordAuthenticationFilter.class);
                    Optional findAny = filter.map((v1) -> {
                        return r1.cast(v1);
                    }).findAny();
                    Stream stream2 = securityFilterChain.getFilters().stream();
                    Class<DefaultLoginPageGeneratingFilter> cls3 = DefaultLoginPageGeneratingFilter.class;
                    Objects.requireNonNull(DefaultLoginPageGeneratingFilter.class);
                    Stream filter2 = stream2.filter((v1) -> {
                        return r1.isInstance(v1);
                    });
                    Class<DefaultLoginPageGeneratingFilter> cls4 = DefaultLoginPageGeneratingFilter.class;
                    Objects.requireNonNull(DefaultLoginPageGeneratingFilter.class);
                    Optional findAny2 = filter2.map((v1) -> {
                        return r1.cast(v1);
                    }).findAny();
                    if (findAny.isPresent()) {
                        UsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter = (UsernamePasswordAuthenticationFilter) findAny.get();
                        Operation operation = new Operation();
                        Schema addProperty = new ObjectSchema().addProperty(usernamePasswordAuthenticationFilter.getUsernameParameter(), new StringSchema()).addProperty(usernamePasswordAuthenticationFilter.getPasswordParameter(), new StringSchema());
                        str = "application/json";
                        if (findAny2.isPresent()) {
                            try {
                                str = ((Boolean) FieldUtils.getDeclaredField(DefaultLoginPageGeneratingFilter.class, "formLoginEnabled", true).get((DefaultLoginPageGeneratingFilter) findAny2.get())).booleanValue() ? "application/x-www-form-urlencoded" : "application/json";
                            } catch (IllegalAccessException e) {
                                SpringDocSecurityConfiguration.LOGGER.warn(e.getMessage());
                            }
                        }
                        operation.requestBody(new RequestBody().content(new Content().addMediaType(str, new MediaType().schema(addProperty))));
                        ApiResponses apiResponses = new ApiResponses();
                        apiResponses.addApiResponse(String.valueOf(HttpStatus.OK.value()), new ApiResponse().description(HttpStatus.OK.getReasonPhrase()));
                        apiResponses.addApiResponse(String.valueOf(HttpStatus.FORBIDDEN.value()), new ApiResponse().description(HttpStatus.FORBIDDEN.getReasonPhrase()));
                        operation.responses(apiResponses);
                        operation.addTagsItem("login-endpoint");
                        PathItem post = new PathItem().post(operation);
                        try {
                            Field declaredField = AbstractAuthenticationProcessingFilter.class.getDeclaredField("requiresAuthenticationRequestMatcher");
                            declaredField.setAccessible(true);
                            String pattern = ((AntPathRequestMatcher) declaredField.get(usernamePasswordAuthenticationFilter)).getPattern();
                            declaredField.setAccessible(false);
                            openAPI.getPaths().addPathItem(pattern, post);
                        } catch (ClassCastException | IllegalAccessException | NoSuchFieldException e2) {
                            SpringDocSecurityConfiguration.LOGGER.trace(e2.getMessage());
                        }
                    }
                }
            };
        }
    }

    @Configuration(proxyBeanMethods = false)
    @ConditionalOnBean({FrameworkEndpointHandlerMapping.class})
    @Lazy(false)
    /* loaded from: input_file:org/springdoc/security/SpringDocSecurityConfiguration$SpringSecurityOAuth2ProviderConfiguration.class */
    class SpringSecurityOAuth2ProviderConfiguration {
        SpringSecurityOAuth2ProviderConfiguration() {
        }

        @ConditionalOnMissingBean
        @Bean
        @Lazy(false)
        SpringSecurityOAuth2LegacyProvider springSecurityOAuth2Provider(FrameworkEndpointHandlerMapping frameworkEndpointHandlerMapping) {
            return new SpringSecurityOAuth2LegacyProvider(frameworkEndpointHandlerMapping);
        }
    }

    static {
        SpringDocUtils.getConfig().addRequestWrapperToIgnore(new Class[]{Authentication.class}).addResponseTypeToIgnore(Authentication.class).addAnnotationsToIgnore(new Class[]{AuthenticationPrincipal.class});
    }
}
