package org.springframework.security.config.annotation.web.configurers;

import javax.servlet.http.HttpServletRequest;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
import org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.Http403ForbiddenEntryPoint;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails;
import org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor;
import org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter;
import org.springframework.security.web.authentication.preauth.x509.X509PrincipalExtractor;

/* loaded from: input_file:BOOT-INF/lib/spring-security-config-5.3.10.RELEASE.jar:org/springframework/security/config/annotation/web/configurers/X509Configurer.class */
public final class X509Configurer<H extends HttpSecurityBuilder<H>> extends AbstractHttpConfigurer<X509Configurer<H>, H> {
    private X509AuthenticationFilter x509AuthenticationFilter;
    private X509PrincipalExtractor x509PrincipalExtractor;
    private AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> authenticationUserDetailsService;
    private AuthenticationDetailsSource<HttpServletRequest, PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails> authenticationDetailsSource;

    public X509Configurer<H> x509AuthenticationFilter(X509AuthenticationFilter x509AuthenticationFilter) {
        this.x509AuthenticationFilter = x509AuthenticationFilter;
        return this;
    }

    public X509Configurer<H> x509PrincipalExtractor(X509PrincipalExtractor x509PrincipalExtractor) {
        this.x509PrincipalExtractor = x509PrincipalExtractor;
        return this;
    }

    public X509Configurer<H> authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails> authenticationDetailsSource) {
        this.authenticationDetailsSource = authenticationDetailsSource;
        return this;
    }

    public X509Configurer<H> userDetailsService(UserDetailsService userDetailsService) {
        UserDetailsByNameServiceWrapper userDetailsByNameServiceWrapper = new UserDetailsByNameServiceWrapper();
        userDetailsByNameServiceWrapper.setUserDetailsService(userDetailsService);
        return authenticationUserDetailsService(userDetailsByNameServiceWrapper);
    }

    public X509Configurer<H> authenticationUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> authenticationUserDetailsService) {
        this.authenticationUserDetailsService = authenticationUserDetailsService;
        return this;
    }

    public X509Configurer<H> subjectPrincipalRegex(String str) {
        SubjectDnX509PrincipalExtractor subjectDnX509PrincipalExtractor = new SubjectDnX509PrincipalExtractor();
        subjectDnX509PrincipalExtractor.setSubjectDnRegex(str);
        this.x509PrincipalExtractor = subjectDnX509PrincipalExtractor;
        return this;
    }

    @Override // org.springframework.security.config.annotation.SecurityConfigurerAdapter, org.springframework.security.config.annotation.SecurityConfigurer
    public void init(H h) {
        PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider = new PreAuthenticatedAuthenticationProvider();
        preAuthenticatedAuthenticationProvider.setPreAuthenticatedUserDetailsService(getAuthenticationUserDetailsService(h));
        h.authenticationProvider(preAuthenticatedAuthenticationProvider).setSharedObject(AuthenticationEntryPoint.class, new Http403ForbiddenEntryPoint());
    }

    @Override // org.springframework.security.config.annotation.SecurityConfigurerAdapter, org.springframework.security.config.annotation.SecurityConfigurer
    public void configure(H h) {
        h.addFilter(getFilter((AuthenticationManager) h.getSharedObject(AuthenticationManager.class)));
    }

    private X509AuthenticationFilter getFilter(AuthenticationManager authenticationManager) {
        if (this.x509AuthenticationFilter == null) {
            this.x509AuthenticationFilter = new X509AuthenticationFilter();
            this.x509AuthenticationFilter.setAuthenticationManager(authenticationManager);
            if (this.x509PrincipalExtractor != null) {
                this.x509AuthenticationFilter.setPrincipalExtractor(this.x509PrincipalExtractor);
            }
            if (this.authenticationDetailsSource != null) {
                this.x509AuthenticationFilter.setAuthenticationDetailsSource(this.authenticationDetailsSource);
            }
            this.x509AuthenticationFilter = (X509AuthenticationFilter) postProcess(this.x509AuthenticationFilter);
        }
        return this.x509AuthenticationFilter;
    }

    private AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> getAuthenticationUserDetailsService(H h) {
        if (this.authenticationUserDetailsService == null) {
            userDetailsService((UserDetailsService) h.getSharedObject(UserDetailsService.class));
        }
        return this.authenticationUserDetailsService;
    }
}
