package io.hawt.springboot;

import io.hawt.system.ConfigManager;
import io.hawt.web.auth.AuthenticationConfiguration;
import io.hawt.web.auth.AuthenticationFilter;
import io.hawt.web.auth.LoginRedirectFilter;
import io.hawt.web.auth.LoginServlet;
import io.hawt.web.auth.LogoutServlet;
import io.hawt.web.auth.Redirector;
import io.hawt.web.auth.SessionExpiryFilter;
import io.hawt.web.auth.keycloak.KeycloakServlet;
import io.hawt.web.auth.keycloak.KeycloakUserServlet;
import io.hawt.web.filters.BaseTagHrefFilter;
import io.hawt.web.filters.CORSFilter;
import io.hawt.web.filters.CacheHeadersFilter;
import io.hawt.web.filters.ContentSecurityPolicyFilter;
import io.hawt.web.filters.FlightRecordingDownloadFacade;
import io.hawt.web.filters.PublicKeyPinningFilter;
import io.hawt.web.filters.StrictTransportSecurityFilter;
import io.hawt.web.filters.XContentTypeOptionsFilter;
import io.hawt.web.filters.XFrameOptionsFilter;
import io.hawt.web.filters.XXSSProtectionFilter;
import io.hawt.web.proxy.ProxyServlet;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import javax.servlet.DispatcherType;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import org.eclipse.jetty.util.security.Constraint;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.actuate.autoconfigure.jolokia.JolokiaEndpoint;
import org.springframework.boot.actuate.autoconfigure.jolokia.JolokiaEndpointAutoConfiguration;
import org.springframework.boot.actuate.autoconfigure.web.ManagementContextConfiguration;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletContextInitializer;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.web.servlet.handler.SimpleUrlHandlerMapping;
import org.springframework.web.servlet.mvc.AbstractUrlViewController;
import org.springframework.web.servlet.view.UrlBasedViewResolver;

@ManagementContextConfiguration
@ConditionalOnBean({HawtioEndpoint.class})
@AutoConfigureAfter({JolokiaEndpointAutoConfiguration.class})
/* loaded from: input_file:WEB-INF/lib/hawtio-springboot-2.15.0.jar:io/hawt/springboot/HawtioManagementConfiguration.class */
public class HawtioManagementConfiguration {
    private final String hawtioPath;

    /* loaded from: input_file:WEB-INF/lib/hawtio-springboot-2.15.0.jar:io/hawt/springboot/HawtioManagementConfiguration$JolokiaForwardingController.class */
    private class JolokiaForwardingController extends AbstractUrlViewController {
        private final String hawtioJolokiaPath;
        private final String jolokiaPath;

        JolokiaForwardingController(String str, String str2) {
            this.hawtioJolokiaPath = str;
            this.jolokiaPath = str2;
        }

        @Override // org.springframework.web.servlet.mvc.AbstractUrlViewController
        protected String getViewNameForRequest(HttpServletRequest httpServletRequest) {
            StringBuilder sb = new StringBuilder();
            sb.append(UrlBasedViewResolver.FORWARD_URL_PREFIX);
            sb.append(this.jolokiaPath);
            sb.append(httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length() + this.hawtioJolokiaPath.length()));
            if (httpServletRequest.getQueryString() != null) {
                sb.append('?').append(httpServletRequest.getQueryString());
            }
            return sb.toString();
        }
    }

    /* loaded from: input_file:WEB-INF/lib/hawtio-springboot-2.15.0.jar:io/hawt/springboot/HawtioManagementConfiguration$SilentSimpleUrlHandlerMapping.class */
    private static class SilentSimpleUrlHandlerMapping extends SimpleUrlHandlerMapping {
        private static final String DUMMY = "/<DUMMY>";

        private SilentSimpleUrlHandlerMapping() {
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.springframework.web.servlet.handler.AbstractUrlHandlerMapping
        public void registerHandler(String str, Object obj) {
            if (DUMMY.equals(str)) {
                return;
            }
            super.registerHandler(str, obj);
        }
    }

    public HawtioManagementConfiguration(EndpointPathResolver endpointPathResolver) {
        this.hawtioPath = endpointPathResolver.resolve("hawtio");
    }

    @Autowired
    public void initializeHawtioPlugins(HawtioEndpoint hawtioEndpoint, Optional<List<HawtioPlugin>> optional) {
        hawtioEndpoint.setPlugins(optional.orElse(Collections.emptyList()));
    }

    @Bean
    public ConfigManager hawtioConfigManager(HawtioProperties hawtioProperties) {
        Map<String, String> map = hawtioProperties.get();
        Objects.requireNonNull(map);
        return new ConfigManager((v1) -> {
            return r2.get(v1);
        });
    }

    @ConditionalOnExposedEndpoint(name = "jolokia")
    @ConditionalOnBean({JolokiaEndpoint.class})
    @Bean
    public SimpleUrlHandlerMapping hawtioUrlMapping(EndpointPathResolver endpointPathResolver) {
        String resolve = endpointPathResolver.resolve("jolokia");
        String resolve2 = endpointPathResolver.resolve("hawtio");
        SilentSimpleUrlHandlerMapping silentSimpleUrlHandlerMapping = new SilentSimpleUrlHandlerMapping();
        HashMap hashMap = new HashMap();
        if (resolve2.isEmpty()) {
            hashMap.put("/<DUMMY>", null);
        } else {
            hashMap.put(endpointPathResolver.resolveUrlMapping("hawtio", "jolokia", Constraint.ANY_AUTH), new JolokiaForwardingController(resolve2 + "/jolokia", resolve));
            silentSimpleUrlHandlerMapping.setOrder(Integer.MIN_VALUE);
        }
        silentSimpleUrlHandlerMapping.setUrlMap(hashMap);
        return silentSimpleUrlHandlerMapping;
    }

    @Bean
    public Redirector redirector() {
        Redirector redirector = new Redirector();
        redirector.setApplicationContextPath(this.hawtioPath);
        return redirector;
    }

    @Bean
    public FilterRegistrationBean sessionExpiryFilter() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new SessionExpiryFilter());
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/*");
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean cacheFilter() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new CacheHeadersFilter());
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/*");
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean hawtioCorsFilter() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new CORSFilter());
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/*");
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean xframeOptionsFilter() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new XFrameOptionsFilter());
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/*");
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean xxssProtectionFilter() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new XXSSProtectionFilter());
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/*");
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean xContentTypeOptionsFilter() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new XContentTypeOptionsFilter());
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/*");
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean contentSecurityPolicyFilter() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new ContentSecurityPolicyFilter());
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/*");
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean strictTransportSecurityFilter() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new StrictTransportSecurityFilter());
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/*");
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean publicKeyPinningFilter() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new PublicKeyPinningFilter());
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/*");
        return filterRegistrationBean;
    }

    @ConditionalOnExposedEndpoint(name = "jolokia")
    @ConditionalOnBean({JolokiaEndpoint.class})
    @Bean
    public FilterRegistrationBean authenticationFilter(EndpointPathResolver endpointPathResolver) {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new AuthenticationFilter());
        filterRegistrationBean.addUrlPatterns(endpointPathResolver.resolveUrlMapping("jolokia", "*"));
        filterRegistrationBean.setDispatcherTypes(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.REQUEST);
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean loginRedirectFilter(Redirector redirector) {
        String[] prependContextPath = prependContextPath(AuthenticationConfiguration.UNSECURED_PATHS);
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        LoginRedirectFilter loginRedirectFilter = new LoginRedirectFilter(prependContextPath);
        loginRedirectFilter.setRedirector(redirector);
        filterRegistrationBean.setFilter(loginRedirectFilter);
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/*");
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean baseTagHrefFilter(EndpointPathResolver endpointPathResolver) {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new BaseTagHrefFilter());
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/");
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/index.html");
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/login.html");
        filterRegistrationBean.setDispatcherTypes(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.REQUEST);
        filterRegistrationBean.addInitParameter(BaseTagHrefFilter.PARAM_APPLICATION_CONTEXT_PATH, endpointPathResolver.resolve("hawtio"));
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean flightRecorderDownloadFacade(EndpointPathResolver endpointPathResolver) {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new FlightRecordingDownloadFacade());
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/jolokia/*");
        filterRegistrationBean.addUrlPatterns(this.hawtioPath + "/proxy/*");
        filterRegistrationBean.setDispatcherTypes(DispatcherType.ERROR, DispatcherType.FORWARD, DispatcherType.REQUEST);
        return filterRegistrationBean;
    }

    @Bean
    public ServletRegistrationBean jolokiaProxyServlet() {
        return new ServletRegistrationBean(new ProxyServlet(), this.hawtioPath + "/proxy/*");
    }

    @Bean
    public ServletRegistrationBean userServlet() {
        return new ServletRegistrationBean(new KeycloakUserServlet(), this.hawtioPath + "/user/*");
    }

    @Bean
    public ServletRegistrationBean loginServlet(Redirector redirector) {
        LoginServlet loginServlet = new LoginServlet();
        loginServlet.setRedirector(redirector);
        return new ServletRegistrationBean(loginServlet, this.hawtioPath + AuthenticationConfiguration.LOGIN_URL);
    }

    @Bean
    public ServletRegistrationBean logoutServlet(Redirector redirector) {
        LogoutServlet logoutServlet = new LogoutServlet();
        logoutServlet.setRedirector(redirector);
        return new ServletRegistrationBean(logoutServlet, this.hawtioPath + "/auth/logout");
    }

    @Bean
    public ServletRegistrationBean keycloakServlet() {
        return new ServletRegistrationBean(new KeycloakServlet(), this.hawtioPath + "/keycloak/*");
    }

    @Bean
    public ServletListenerRegistrationBean<?> hawtioContextListener(ConfigManager configManager) {
        return new ServletListenerRegistrationBean<>(new SpringHawtioContextListener(configManager, this.hawtioPath));
    }

    @Bean
    public ServletContextInitializer servletContextInitializer() {
        return new ServletContextInitializer() { // from class: io.hawt.springboot.HawtioManagementConfiguration.1
            @Override // org.springframework.boot.web.servlet.ServletContextInitializer
            public void onStartup(ServletContext servletContext) throws ServletException {
                servletContext.getSessionCookieConfig().setHttpOnly(true);
            }
        };
    }

    private String[] prependContextPath(String[] strArr) {
        return (String[]) Arrays.stream(strArr).map(str -> {
            return this.hawtioPath + str;
        }).toArray(i -> {
            return new String[i];
        });
    }
}
