package com.azure.spring.cloud.autoconfigure.aad;

import com.azure.spring.cloud.autoconfigure.aad.configuration.AadPropertiesConfiguration;
import com.azure.spring.cloud.autoconfigure.aad.filter.AadAppRoleStatelessAuthenticationFilter;
import com.azure.spring.cloud.autoconfigure.aad.filter.AadAuthenticationFilter;
import com.azure.spring.cloud.autoconfigure.aad.filter.UserPrincipalManager;
import com.azure.spring.cloud.autoconfigure.aad.implementation.jwt.RestOperationsResourceRetriever;
import com.azure.spring.cloud.autoconfigure.aad.properties.AadApplicationType;
import com.azure.spring.cloud.autoconfigure.aad.properties.AadAuthenticationProperties;
import com.azure.spring.cloud.autoconfigure.aad.properties.AadAuthorizationServerEndpoints;
import com.nimbusds.jose.jwk.source.DefaultJWKSetCache;
import com.nimbusds.jose.jwk.source.JWKSetCache;
import com.nimbusds.jose.util.ResourceRetriever;
import java.util.concurrent.TimeUnit;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.boot.web.client.RestTemplateBuilder;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;

@ConditionalOnMissingClass({AadApplicationType.SPRING_SECURITY_OAUTH2_RESOURCE_SERVER_CLASS_NAME})
@Configuration(proxyBeanMethods = false)
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
@ConditionalOnExpression("${spring.cloud.azure.active-directory.enabled:false}")
@Import({AadPropertiesConfiguration.class})
/* loaded from: input_file:com/azure/spring/cloud/autoconfigure/aad/AadAuthenticationFilterAutoConfiguration.class */
public class AadAuthenticationFilterAutoConfiguration {
    private static final Logger LOGGER = LoggerFactory.getLogger(AadAuthenticationProperties.class);
    private final AadAuthenticationProperties properties;
    private final AadAuthorizationServerEndpoints endpoints;
    private final RestTemplateBuilder restTemplateBuilder;

    public AadAuthenticationFilterAutoConfiguration(AadAuthenticationProperties aadAuthenticationProperties, RestTemplateBuilder restTemplateBuilder) {
        this.properties = aadAuthenticationProperties;
        this.restTemplateBuilder = restTemplateBuilder;
        this.endpoints = new AadAuthorizationServerEndpoints(aadAuthenticationProperties.getProfile().getEnvironment().getActiveDirectoryEndpoint(), aadAuthenticationProperties.getProfile().getTenantId());
    }

    @ConditionalOnMissingBean({AadAuthenticationFilter.class})
    @Bean
    @ConditionalOnExpression("${spring.cloud.azure.active-directory.session-stateless:false} == false")
    public AadAuthenticationFilter aadAuthenticationFilter(ResourceRetriever resourceRetriever, JWKSetCache jWKSetCache) {
        LOGGER.info("AadAuthenticationFilter Constructor.");
        return new AadAuthenticationFilter(this.properties, this.endpoints, resourceRetriever, jWKSetCache, this.restTemplateBuilder);
    }

    @ConditionalOnMissingBean({AadAppRoleStatelessAuthenticationFilter.class})
    @Bean
    @ConditionalOnExpression("${spring.cloud.azure.active-directory.session-stateless:false} == true")
    public AadAppRoleStatelessAuthenticationFilter aadStatelessAuthFilter(ResourceRetriever resourceRetriever) {
        LOGGER.info("Creating AadStatelessAuthFilter bean.");
        return new AadAppRoleStatelessAuthenticationFilter(new UserPrincipalManager(this.endpoints, this.properties, resourceRetriever, true));
    }

    @ConditionalOnMissingBean({ResourceRetriever.class})
    @Bean
    public ResourceRetriever jwtResourceRetriever() {
        return new RestOperationsResourceRetriever(this.restTemplateBuilder);
    }

    @ConditionalOnMissingBean({JWKSetCache.class})
    @Bean
    public JWKSetCache jwkSetCache() {
        return new DefaultJWKSetCache(this.properties.getJwkSetCacheLifespan().toMillis(), this.properties.getJwkSetCacheRefreshTime().toMillis(), TimeUnit.MILLISECONDS);
    }
}
