package com.bm.springboot.oidc.connect;

import javax.servlet.Filter;
import org.mitre.openid.connect.view.ClientInformationResponseView;
import org.mitre.openid.connect.web.DynamicClientRegistrationEndpoint;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint;
import org.springframework.security.web.context.SecurityContextPersistenceFilter;

@Configuration
@ConditionalOnProperty(havingValue = "true", name = {"openid.connect.endpoints.oidc.dynamicclientregistration.enabled"}, matchIfMissing = true)
@Order(200)
/* loaded from: input_file:com/bm/springboot/oidc/connect/DynamicClientRegistrationResourceServerConfig.class */
public class DynamicClientRegistrationResourceServerConfig extends ResourceServerConfigurerAdapter {
    String PATTERN = "/register/**";

    @Autowired
    @Qualifier("corsFilter")
    protected Filter corsFilter;

    @Autowired
    protected OAuth2AuthenticationEntryPoint authenticationEntryPoint;

    @ConditionalOnMissingBean({DynamicClientRegistrationEndpoint.class})
    @Bean
    protected DynamicClientRegistrationEndpoint DynamicClientRegistrationEndpoint() {
        return new DynamicClientRegistrationEndpoint();
    }

    @ConditionalOnMissingBean(name = {"clientInformationResponseView"})
    @Bean(name = {"clientInformationResponseView"})
    protected ClientInformationResponseView clientInformationResponseView() {
        return new ClientInformationResponseView();
    }

    public void configure(HttpSecurity httpSecurity) throws Exception {
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((HttpSecurity.RequestMatcherConfigurer) httpSecurity.requestMatchers().antMatchers(new String[]{this.PATTERN})).and().exceptionHandling().authenticationEntryPoint(this.authenticationEntryPoint).and().addFilterBefore(this.corsFilter, SecurityContextPersistenceFilter.class).sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().authorizeRequests().antMatchers(new String[]{this.PATTERN})).permitAll();
    }
}
