package in.hocg.sso2.server.sample.config.security.config;

import com.google.common.collect.Lists;
import in.hocg.sso2.server.sample.config.security.BootTokenEnhancer;
import in.hocg.sso2.server.sample.config.security.autoconfiguration.SsoProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.builders.InMemoryClientDetailsServiceBuilder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenEnhancer;
import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;

@Configuration
@EnableAuthorizationServer
/* loaded from: input_file:in/hocg/sso2/server/sample/config/security/config/AuthorizationServerConfig.class */
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
    private final AuthenticationManager authenticationManager;
    private final PasswordEncoder passwordEncoder;
    private final UserDetailsService userDetailsService;
    private final SsoProperties properties;
    private final BootTokenEnhancer tokenEnhancer;

    public void configure(ClientDetailsServiceConfigurer clientDetailsServiceConfigurer) throws Exception {
        InMemoryClientDetailsServiceBuilder inMemory = clientDetailsServiceConfigurer.inMemory();
        for (SsoProperties.Client client : this.properties.getClients()) {
            inMemory.withClient(client.getClientId()).secret(this.passwordEncoder.encode(client.getClientSecret())).authorizedGrantTypes(new String[]{"client_credentials", "authorization_code", "refresh_token", "password"}).scopes(new String[]{"all"}).redirectUris(client.getRedirectUris()).autoApprove(true);
        }
    }

    public void configure(AuthorizationServerSecurityConfigurer authorizationServerSecurityConfigurer) throws Exception {
        authorizationServerSecurityConfigurer.tokenKeyAccess("isAuthenticated()");
    }

    public void configure(AuthorizationServerEndpointsConfigurer authorizationServerEndpointsConfigurer) throws Exception {
        new TokenEnhancerChain().setTokenEnhancers(Lists.newArrayList(new TokenEnhancer[]{this.tokenEnhancer}));
        authorizationServerEndpointsConfigurer.userDetailsService(this.userDetailsService).tokenStore(tokenStore()).accessTokenConverter(accessTokenConverter());
    }

    @Bean
    public JwtAccessTokenConverter accessTokenConverter() {
        JwtAccessTokenConverter jwtAccessTokenConverter = new JwtAccessTokenConverter();
        jwtAccessTokenConverter.setSigningKey("hocgin");
        return jwtAccessTokenConverter;
    }

    @Bean
    public TokenStore tokenStore() {
        return new JwtTokenStore(accessTokenConverter());
    }

    @Lazy
    public AuthorizationServerConfig(AuthenticationManager authenticationManager, PasswordEncoder passwordEncoder, UserDetailsService userDetailsService, SsoProperties ssoProperties, BootTokenEnhancer bootTokenEnhancer) {
        this.authenticationManager = authenticationManager;
        this.passwordEncoder = passwordEncoder;
        this.userDetailsService = userDetailsService;
        this.properties = ssoProperties;
        this.tokenEnhancer = bootTokenEnhancer;
    }
}
