package cn.herodotus.engine.oauth2.authorization.autoconfigure.customizer;

import cn.herodotus.engine.oauth2.authentication.consumer.OAuth2AuthorizationCodeAuthenticationProviderConsumer;
import cn.herodotus.engine.oauth2.authentication.consumer.OAuth2ClientCredentialsAuthenticationProviderConsumer;
import cn.herodotus.engine.oauth2.authentication.oidc.HerodotusOidcUserInfoMapper;
import cn.herodotus.engine.oauth2.authentication.provider.OAuth2ResourceOwnerPasswordAuthenticationConverter;
import cn.herodotus.engine.oauth2.authentication.provider.OAuth2SocialCredentialsAuthenticationConverter;
import cn.herodotus.engine.oauth2.authentication.response.OAuth2AuthenticationFailureResponseHandler;
import cn.herodotus.engine.oauth2.core.definition.service.ClientDetailsService;
import cn.herodotus.engine.oauth2.management.response.OAuth2AccessTokenResponseHandler;
import cn.herodotus.engine.oauth2.management.response.OAuth2DeviceVerificationResponseHandler;
import cn.herodotus.engine.oauth2.management.response.OidcClientRegistrationResponseHandler;
import cn.herodotus.engine.rest.protect.crypto.processor.HttpCryptoProcessor;
import java.util.Arrays;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer;
import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2AuthorizationCodeAuthenticationConverter;
import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2ClientCredentialsAuthenticationConverter;
import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2DeviceCodeAuthenticationConverter;
import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2RefreshTokenAuthenticationConverter;
import org.springframework.security.web.authentication.DelegatingAuthenticationConverter;

/* loaded from: input_file:cn/herodotus/engine/oauth2/authorization/autoconfigure/customizer/OAuth2AuthorizationServerConfigurerCustomizer.class */
public class OAuth2AuthorizationServerConfigurerCustomizer implements Customizer<OAuth2AuthorizationServerConfigurer> {
    private final HttpSecurity httpSecurity;
    private final SessionRegistry sessionRegistry;
    private final ClientDetailsService clientDetailsService;
    private final HttpCryptoProcessor httpCryptoProcessor;
    private final OidcClientRegistrationResponseHandler oidcClientRegistrationResponseHandler;
    private final OAuth2AuthenticationFailureResponseHandler oauth2AuthenticationFailureResponseHandler = new OAuth2AuthenticationFailureResponseHandler();
    private final OAuth2DeviceVerificationResponseHandler oauth2DeviceVerificationResponseHandler;

    public OAuth2AuthorizationServerConfigurerCustomizer(HttpSecurity httpSecurity, SessionRegistry sessionRegistry, ClientDetailsService clientDetailsService, HttpCryptoProcessor httpCryptoProcessor, OidcClientRegistrationResponseHandler oidcClientRegistrationResponseHandler, OAuth2DeviceVerificationResponseHandler oAuth2DeviceVerificationResponseHandler) {
        this.httpSecurity = httpSecurity;
        this.sessionRegistry = sessionRegistry;
        this.clientDetailsService = clientDetailsService;
        this.httpCryptoProcessor = httpCryptoProcessor;
        this.oidcClientRegistrationResponseHandler = oidcClientRegistrationResponseHandler;
        this.oauth2DeviceVerificationResponseHandler = oAuth2DeviceVerificationResponseHandler;
    }

    public void customize(OAuth2AuthorizationServerConfigurer oAuth2AuthorizationServerConfigurer) {
        oAuth2AuthorizationServerConfigurer.clientAuthentication(oAuth2ClientAuthenticationConfigurer -> {
            oAuth2ClientAuthenticationConfigurer.errorResponseHandler(this.oauth2AuthenticationFailureResponseHandler);
            oAuth2ClientAuthenticationConfigurer.authenticationProviders(new OAuth2ClientCredentialsAuthenticationProviderConsumer(this.httpSecurity, this.clientDetailsService));
        }).authorizationEndpoint(oAuth2AuthorizationEndpointConfigurer -> {
            oAuth2AuthorizationEndpointConfigurer.errorResponseHandler(this.oauth2AuthenticationFailureResponseHandler);
            oAuth2AuthorizationEndpointConfigurer.consentPage("/oauth2/consent");
        }).deviceAuthorizationEndpoint(oAuth2DeviceAuthorizationEndpointConfigurer -> {
            oAuth2DeviceAuthorizationEndpointConfigurer.errorResponseHandler(this.oauth2AuthenticationFailureResponseHandler);
            oAuth2DeviceAuthorizationEndpointConfigurer.verificationUri("/oauth2/device_activation");
        }).deviceVerificationEndpoint(oAuth2DeviceVerificationEndpointConfigurer -> {
            oAuth2DeviceVerificationEndpointConfigurer.errorResponseHandler(this.oauth2AuthenticationFailureResponseHandler);
            oAuth2DeviceVerificationEndpointConfigurer.consentPage("/oauth2/consent");
            oAuth2DeviceVerificationEndpointConfigurer.deviceVerificationResponseHandler(this.oauth2DeviceVerificationResponseHandler);
        }).tokenEndpoint(oAuth2TokenEndpointConfigurer -> {
            oAuth2TokenEndpointConfigurer.accessTokenRequestConverter(new DelegatingAuthenticationConverter(Arrays.asList(new OAuth2AuthorizationCodeAuthenticationConverter(), new OAuth2RefreshTokenAuthenticationConverter(), new OAuth2ClientCredentialsAuthenticationConverter(), new OAuth2DeviceCodeAuthenticationConverter(), new OAuth2ResourceOwnerPasswordAuthenticationConverter(this.httpCryptoProcessor), new OAuth2SocialCredentialsAuthenticationConverter(this.httpCryptoProcessor))));
            oAuth2TokenEndpointConfigurer.errorResponseHandler(this.oauth2AuthenticationFailureResponseHandler);
            oAuth2TokenEndpointConfigurer.accessTokenResponseHandler(new OAuth2AccessTokenResponseHandler(this.httpCryptoProcessor));
            oAuth2TokenEndpointConfigurer.authenticationProviders(new OAuth2AuthorizationCodeAuthenticationProviderConsumer(this.httpSecurity, this.sessionRegistry));
        }).tokenIntrospectionEndpoint(oAuth2TokenIntrospectionEndpointConfigurer -> {
            oAuth2TokenIntrospectionEndpointConfigurer.errorResponseHandler(this.oauth2AuthenticationFailureResponseHandler);
        }).tokenRevocationEndpoint(oAuth2TokenRevocationEndpointConfigurer -> {
            oAuth2TokenRevocationEndpointConfigurer.errorResponseHandler(this.oauth2AuthenticationFailureResponseHandler);
        }).oidc(oidcConfigurer -> {
            oidcConfigurer.clientRegistrationEndpoint(oidcClientRegistrationEndpointConfigurer -> {
                oidcClientRegistrationEndpointConfigurer.errorResponseHandler(this.oauth2AuthenticationFailureResponseHandler);
                oidcClientRegistrationEndpointConfigurer.clientRegistrationResponseHandler(this.oidcClientRegistrationResponseHandler);
            }).userInfoEndpoint(oidcUserInfoEndpointConfigurer -> {
                oidcUserInfoEndpointConfigurer.userInfoMapper(new HerodotusOidcUserInfoMapper());
            });
        });
    }
}
