package org.finra.herd.app.config;

import java.util.ArrayList;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.http.HttpServletRequest;
import org.finra.herd.app.security.HerdUserDetailsService;
import org.finra.herd.app.security.HttpHeaderApplicationUserBuilder;
import org.finra.herd.app.security.HttpHeaderAuthenticationFilter;
import org.finra.herd.app.security.TrustedApplicationUserBuilder;
import org.finra.herd.app.security.TrustedUserAuthenticationFilter;
import org.finra.herd.core.ApplicationContextHolder;
import org.finra.herd.core.helper.ConfigurationHelper;
import org.finra.herd.dao.Log4jOverridableConfigurer;
import org.finra.herd.dao.config.DaoSpringModuleConfig;
import org.finra.herd.model.dto.ConfigurationValue;
import org.finra.herd.model.jpa.ConfigurationEntity;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.FilterType;
import org.springframework.core.env.Environment;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.vote.AffirmativeBased;
import org.springframework.security.access.vote.RoleVoter;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
import org.springframework.security.web.FilterChainProxy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider;
import org.springframework.security.web.context.SecurityContextPersistenceFilter;

@Configuration
@ComponentScan(value = {"org.finra.herd.app"}, excludeFilters = {@ComponentScan.Filter(type = FilterType.REGEX, pattern = {"org\\.finra\\.herd\\.app\\.config\\..*"})})
@EnableGlobalMethodSecurity(securedEnabled = true)
/* loaded from: input_file:WEB-INF/lib/herd-app-0.118.0.jar:org/finra/herd/app/config/AppSpringModuleConfig.class */
public class AppSpringModuleConfig extends GlobalMethodSecurityConfiguration {

    @Autowired
    private ConfigurationHelper configurationHelper;

    @Autowired
    private HerdUserDetailsService herdUserDetailsService;

    @Bean
    public static Log4jOverridableConfigurer log4jConfigurer() {
        Environment environment = ApplicationContextHolder.getApplicationContext().getEnvironment();
        Log4jOverridableConfigurer log4jOverridableConfigurer = new Log4jOverridableConfigurer();
        log4jOverridableConfigurer.setDataSource(DaoSpringModuleConfig.getHerdDataSource());
        log4jOverridableConfigurer.setTableName(ConfigurationEntity.TABLE_NAME);
        log4jOverridableConfigurer.setSelectColumn(ConfigurationEntity.COLUMN_VALUE_CLOB);
        log4jOverridableConfigurer.setWhereColumn(ConfigurationEntity.COLUMN_KEY);
        log4jOverridableConfigurer.setWhereValue(ConfigurationValue.LOG4J_OVERRIDE_CONFIGURATION.getKey());
        log4jOverridableConfigurer.setOverrideResourceLocation(ConfigurationHelper.getProperty(ConfigurationValue.LOG4J_OVERRIDE_RESOURCE_LOCATION, environment));
        log4jOverridableConfigurer.setDefaultResourceLocation("classpath:herd-log4j.xml");
        return log4jOverridableConfigurer;
    }

    @Bean
    public FilterChainProxy filterChainProxy(final TrustedUserAuthenticationFilter trustedUserAuthenticationFilter, final HttpHeaderAuthenticationFilter httpHeaderAuthenticationFilter) {
        return new FilterChainProxy(new SecurityFilterChain() { // from class: org.finra.herd.app.config.AppSpringModuleConfig.1
            @Override // org.springframework.security.web.SecurityFilterChain
            public boolean matches(HttpServletRequest httpServletRequest) {
                return true;
            }

            @Override // org.springframework.security.web.SecurityFilterChain
            public List<Filter> getFilters() {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new SecurityContextPersistenceFilter());
                arrayList.add(trustedUserAuthenticationFilter);
                if (Boolean.valueOf(AppSpringModuleConfig.this.configurationHelper.getProperty(ConfigurationValue.SECURITY_HTTP_HEADER_ENABLED)).booleanValue()) {
                    arrayList.add(httpHeaderAuthenticationFilter);
                }
                arrayList.add(new AnonymousAuthenticationFilter("AnonymousFilterKey"));
                return arrayList;
            }
        });
    }

    @Bean
    public TrustedUserAuthenticationFilter trustedUserAuthenticationFilter(AuthenticationManager authenticationManager, TrustedApplicationUserBuilder trustedApplicationUserBuilder) {
        return new TrustedUserAuthenticationFilter(authenticationManager, trustedApplicationUserBuilder);
    }

    @Bean
    public TrustedApplicationUserBuilder trustedApplicationUserBuilder() {
        return new TrustedApplicationUserBuilder();
    }

    @Bean
    public HttpHeaderAuthenticationFilter httpHeaderAuthenticationFilter(AuthenticationManager authenticationManager, HttpHeaderApplicationUserBuilder httpHeaderApplicationUserBuilder) {
        return new HttpHeaderAuthenticationFilter(authenticationManager, httpHeaderApplicationUserBuilder);
    }

    @Bean
    public HttpHeaderApplicationUserBuilder httpHeaderApplicationUserBuilder() {
        return new HttpHeaderApplicationUserBuilder();
    }

    @Override // org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
    @Bean
    public AuthenticationManager authenticationManager() {
        PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider = new PreAuthenticatedAuthenticationProvider();
        preAuthenticatedAuthenticationProvider.setPreAuthenticatedUserDetailsService(this.herdUserDetailsService);
        ArrayList arrayList = new ArrayList();
        arrayList.add(preAuthenticatedAuthenticationProvider);
        return new ProviderManager(arrayList);
    }

    @Override // org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration
    protected AccessDecisionManager accessDecisionManager() {
        ArrayList arrayList = new ArrayList();
        RoleVoter roleVoter = new RoleVoter();
        roleVoter.setRolePrefix("");
        arrayList.add(roleVoter);
        return new AffirmativeBased(arrayList);
    }
}
