package org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization;

import java.util.ArrayList;
import java.util.List;
import javax.servlet.Filter;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.authentication.ClientSecretAuthenticationProvider;
import org.springframework.security.oauth2.server.authorization.authentication.JwtClientAssertionAuthenticationProvider;
import org.springframework.security.oauth2.server.authorization.authentication.PublicClientAuthenticationProvider;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.config.ProviderSettings;
import org.springframework.security.oauth2.server.authorization.web.OAuth2ClientAuthenticationFilter;
import org.springframework.security.web.authentication.AuthenticationConverter;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.OrRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert;

/* loaded from: input_file:org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2ClientAuthenticationConfigurer.class */
public final class OAuth2ClientAuthenticationConfigurer extends AbstractOAuth2Configurer {
    private RequestMatcher requestMatcher;
    private AuthenticationConverter authenticationConverter;
    private final List<AuthenticationProvider> authenticationProviders;
    private AuthenticationSuccessHandler authenticationSuccessHandler;
    private AuthenticationFailureHandler errorResponseHandler;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OAuth2ClientAuthenticationConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {
        super(objectPostProcessor);
        this.authenticationProviders = new ArrayList();
    }

    public OAuth2ClientAuthenticationConfigurer authenticationConverter(AuthenticationConverter authenticationConverter) {
        this.authenticationConverter = authenticationConverter;
        return this;
    }

    public OAuth2ClientAuthenticationConfigurer authenticationProvider(AuthenticationProvider authenticationProvider) {
        Assert.notNull(authenticationProvider, "authenticationProvider cannot be null");
        this.authenticationProviders.add(authenticationProvider);
        return this;
    }

    public OAuth2ClientAuthenticationConfigurer authenticationSuccessHandler(AuthenticationSuccessHandler authenticationSuccessHandler) {
        this.authenticationSuccessHandler = authenticationSuccessHandler;
        return this;
    }

    public OAuth2ClientAuthenticationConfigurer errorResponseHandler(AuthenticationFailureHandler authenticationFailureHandler) {
        this.errorResponseHandler = authenticationFailureHandler;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.AbstractOAuth2Configurer
    public <B extends HttpSecurityBuilder<B>> void init(B b) {
        ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(b);
        this.requestMatcher = new OrRequestMatcher(new RequestMatcher[]{new AntPathRequestMatcher(providerSettings.getTokenEndpoint(), HttpMethod.POST.name()), new AntPathRequestMatcher(providerSettings.getTokenIntrospectionEndpoint(), HttpMethod.POST.name()), new AntPathRequestMatcher(providerSettings.getTokenRevocationEndpoint(), HttpMethod.POST.name())});
        (!this.authenticationProviders.isEmpty() ? this.authenticationProviders : createDefaultAuthenticationProviders(b)).forEach(authenticationProvider -> {
            b.authenticationProvider((AuthenticationProvider) postProcess(authenticationProvider));
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.AbstractOAuth2Configurer
    public <B extends HttpSecurityBuilder<B>> void configure(B b) {
        OAuth2ClientAuthenticationFilter oAuth2ClientAuthenticationFilter = new OAuth2ClientAuthenticationFilter((AuthenticationManager) b.getSharedObject(AuthenticationManager.class), this.requestMatcher);
        if (this.authenticationConverter != null) {
            oAuth2ClientAuthenticationFilter.setAuthenticationConverter(this.authenticationConverter);
        }
        if (this.authenticationSuccessHandler != null) {
            oAuth2ClientAuthenticationFilter.setAuthenticationSuccessHandler(this.authenticationSuccessHandler);
        }
        if (this.errorResponseHandler != null) {
            oAuth2ClientAuthenticationFilter.setAuthenticationFailureHandler(this.errorResponseHandler);
        }
        b.addFilterAfter((Filter) postProcess(oAuth2ClientAuthenticationFilter), AbstractPreAuthenticatedProcessingFilter.class);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.AbstractOAuth2Configurer
    public RequestMatcher getRequestMatcher() {
        return this.requestMatcher;
    }

    private <B extends HttpSecurityBuilder<B>> List<AuthenticationProvider> createDefaultAuthenticationProviders(B b) {
        ArrayList arrayList = new ArrayList();
        RegisteredClientRepository registeredClientRepository = OAuth2ConfigurerUtils.getRegisteredClientRepository(b);
        OAuth2AuthorizationService authorizationService = OAuth2ConfigurerUtils.getAuthorizationService(b);
        arrayList.add(new JwtClientAssertionAuthenticationProvider(registeredClientRepository, authorizationService));
        ClientSecretAuthenticationProvider clientSecretAuthenticationProvider = new ClientSecretAuthenticationProvider(registeredClientRepository, authorizationService);
        PasswordEncoder passwordEncoder = (PasswordEncoder) OAuth2ConfigurerUtils.getOptionalBean(b, PasswordEncoder.class);
        if (passwordEncoder != null) {
            clientSecretAuthenticationProvider.setPasswordEncoder(passwordEncoder);
        }
        arrayList.add(clientSecretAuthenticationProvider);
        arrayList.add(new PublicClientAuthenticationProvider(registeredClientRepository, authorizationService));
        return arrayList;
    }
}
