package org.egov.edcr.security.oauth2.config;

import java.io.IOException;
import org.apache.log4j.Logger;
import org.codehaus.jackson.annotate.JsonAutoDetect;
import org.codehaus.jackson.annotate.JsonMethod;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.map.SerializationConfig;
import org.egov.edcr.security.oauth2.entity.SecuredClient;
import org.egov.infra.exception.ApplicationRuntimeException;
import org.egov.infra.rest.support.CustomTokenEnhancer;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.builders.InMemoryClientDetailsServiceBuilder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.token.TokenStore;

@Configuration
@EnableAuthorizationServer
/* loaded from: input_file:lib/egov-edcr-4.0.0.jar:org/egov/edcr/security/oauth2/config/AuthorizationServerConfiguration.class */
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
    private static final Logger LOGGER = Logger.getLogger(AuthorizationServerConfiguration.class);
    private static final String CLIENTS_CONFIG = "config/restapi-secured-clients-config.json";
    private static final String CLIENTS_CONFIG_OVERRIDE = "config/restapi-secured-clients-config-override.json";
    private static final String SCOPE_WRITE = "write";
    private static final String SCOPE_READ = "read";
    private static final String GRANT_TYPE_PASSWORD = "password";
    private static final String GRANT_TYPE_REFRESH_TOKEN = "refresh_token";
    private static final String GRANT_TYPE_AUTHORIZATION_CODE = "authorization_code";
    private static final String RESOURCE_ID = "egov-edcr";

    @Autowired
    @Qualifier("authenticationManagerBean")
    private AuthenticationManager authenticationManager;

    @Autowired
    private ClientDetailsService clientDetailsService;

    @Autowired
    private TokenStore tokenStore;

    @Autowired
    private CustomTokenEnhancer customTokenEnhancer;

    @Override // org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter, org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer
    public void configure(ClientDetailsServiceConfigurer clientDetailsServiceConfigurer) throws Exception {
        InMemoryClientDetailsServiceBuilder inMemory = clientDetailsServiceConfigurer.inMemory();
        getSecuredClientFromResource().getClients().forEach(clientDetail -> {
            try {
                if (LOGGER.isDebugEnabled()) {
                    LOGGER.debug("Client Id:" + clientDetail.getClientId());
                }
                inMemory.withClient(clientDetail.getClientId()).secret(clientDetail.getClientSecret()).authorizedGrantTypes(GRANT_TYPE_AUTHORIZATION_CODE, "refresh_token", "password").scopes(SCOPE_READ, "write").resourceIds(RESOURCE_ID).accessTokenValiditySeconds(clientDetail.getAccessTokenValidity().intValue() * 60).refreshTokenValiditySeconds(clientDetail.getRefreshTokenValidity().intValue() * 60);
            } catch (Exception e) {
                throw new ApplicationRuntimeException("Exception occured while configuring: ", e);
            }
        });
    }

    @Override // org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter, org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer
    public void configure(AuthorizationServerEndpointsConfigurer authorizationServerEndpointsConfigurer) {
        authorizationServerEndpointsConfigurer.tokenStore(this.tokenStore).tokenEnhancer(this.customTokenEnhancer).authenticationManager(this.authenticationManager).setClientDetailsService(this.clientDetailsService);
    }

    private SecuredClient getSecuredClientFromResource() throws IOException {
        ObjectMapper objectMapper = new ObjectMapper();
        objectMapper.setVisibility(JsonMethod.FIELD, JsonAutoDetect.Visibility.ANY);
        objectMapper.configure(SerializationConfig.Feature.AUTO_DETECT_FIELDS, true);
        return (SecuredClient) objectMapper.readValue(getClientsConfig().getInputStream(), SecuredClient.class);
    }

    private Resource getClientsConfig() {
        ClassPathResource classPathResource = new ClassPathResource(CLIENTS_CONFIG_OVERRIDE);
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Overridden config present:" + classPathResource.exists());
        }
        if (!classPathResource.exists()) {
            classPathResource = new ClassPathResource(CLIENTS_CONFIG);
        }
        return classPathResource;
    }
}
