package com.okta.spring.tests.oauth2.code;

import java.security.Principal;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingClass;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@ConditionalOnMissingClass({"com.okta.sdk.client.Client"})
@SpringBootApplication
@RestController
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
/* loaded from: input_file:com/okta/spring/tests/oauth2/code/BasicRedirectCodeFlowApplication.class */
public class BasicRedirectCodeFlowApplication {

    @Configuration
    /* loaded from: input_file:com/okta/spring/tests/oauth2/code/BasicRedirectCodeFlowApplication$WebConfig.class */
    static class WebConfig extends WebSecurityConfigurerAdapter {
        WebConfig() {
        }

        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().anyRequest()).authenticated().and().oauth2Client().and().oauth2Login();
            httpSecurity.csrf().disable();
        }
    }

    @GetMapping({"/"})
    @PreAuthorize("hasAuthority('SCOPE_email')")
    public String getMessageOfTheDay(Principal principal) {
        return "Welcome home, The message of the day is boring: " + principal.getName();
    }

    @GetMapping({"/everyone"})
    @PreAuthorize("hasAuthority('Everyone')")
    public String everyoneAccess(Principal principal) {
        return "Everyone has Access: " + principal.getName();
    }

    @GetMapping({"/invalidGroup"})
    @PreAuthorize("hasAuthority('invalidGroup')")
    public String invalidGroup() {
        throw new IllegalStateException("Test exception, user should not have access to this method");
    }

    public static void main(String[] strArr) {
        SpringApplication.run(BasicRedirectCodeFlowApplication.class, strArr);
    }
}
