package com.vertexinc.ws.config;

import com.vertexinc.common.fw.rba.ipersist.AppRolePersister;
import com.vertexinc.common.fw.rba.ipersist.AppUserPersister;
import com.vertexinc.common.fw.rba.ipersist.ClientClaimMappingPersister;
import com.vertexinc.common.fw.rba.ipersist.SubjectClaimMappingPersister;
import com.vertexinc.oseries.security.CustomJwtAuthenticationConverter;
import com.vertexinc.oseries.security.CustomJwtAuthenticationManagerResolver;
import com.vertexinc.oseries.security.CustomJwtIssuerAuthenticationManagerResolver;
import com.vertexinc.oseries.security.SigningKeyEnhancer;
import com.vertexinc.oseries.security.service.SecurityHelper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManagerResolver;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;

@Configuration
@EnableWebSecurity
/* loaded from: input_file:patchedFiles.zip:web/vertex-ws.war:WEB-INF/classes/com/vertexinc/ws/config/ResourceServerConfigurer.class */
public class ResourceServerConfigurer extends WebSecurityConfigurerAdapter {

    @Value("${security.jwt.signingKey:}")
    String secretSigningKey;

    @Value("${spring.security.oauth2.resourceserver.jwt.jwk-set-uri:}")
    String jwkSetUri;

    @Value("${jwt.issuers:}")
    String jwtIssuers;

    @Autowired
    AppUserPersister appUserPersister;

    @Autowired
    AppRolePersister appRolePersister;

    @Autowired
    SecurityHelper securityHelper;

    @Autowired
    SubjectClaimMappingPersister subjectClaimMappingPersister;

    @Autowired
    ClientClaimMappingPersister clientClaimMappingPersister;

    @Autowired
    RestAuthenticationEntryPoint restAuthenticationEntryPoint;

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    public void configure(HttpSecurity httpSecurity) throws Exception {
        CustomJwtAuthenticationConverter customJwtAuthenticationConverter = new CustomJwtAuthenticationConverter(this.appUserPersister, this.appRolePersister, this.securityHelper, this.subjectClaimMappingPersister, this.clientClaimMappingPersister);
        String enhance = SigningKeyEnhancer.enhance(this.secretSigningKey);
        AuthenticationManagerResolver customJwtIssuerAuthenticationManagerResolver = isMultipleIssuerSupportOn() ? new CustomJwtIssuerAuthenticationManagerResolver(enhance, this.jwtIssuers, customJwtAuthenticationConverter) : new CustomJwtAuthenticationManagerResolver(enhance, this.jwkSetUri, customJwtAuthenticationConverter);
        ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) httpSecurity.cors().and()).csrf().disable()).sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()).authorizeRequests().anyRequest().fullyAuthenticated().and()).oauth2ResourceServer(oAuth2ResourceServerConfigurer -> {
            oAuth2ResourceServerConfigurer.authenticationManagerResolver(customJwtIssuerAuthenticationManagerResolver).authenticationEntryPoint(this.restAuthenticationEntryPoint);
        }).exceptionHandling();
    }

    protected boolean isMultipleIssuerSupportOn() {
        return this.jwtIssuers != null && this.jwtIssuers.trim().length() > 0;
    }
}
