package org.zowe.apiml.gateway.security.config;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.util.Set;
import javax.servlet.Filter;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.cloud.netflix.zuul.filters.discovery.DiscoveryClientRouteLocator;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.firewall.StrictHttpFirewall;
import org.springframework.security.web.util.matcher.RegexRequestMatcher;
import org.zowe.apiml.filter.AttlsFilter;
import org.zowe.apiml.filter.SecureConnectionFilter;
import org.zowe.apiml.gateway.controllers.SafResourceAccessController;
import org.zowe.apiml.gateway.error.InternalServerErrorController;
import org.zowe.apiml.gateway.security.login.x509.X509AuthenticationProvider;
import org.zowe.apiml.gateway.security.query.QueryFilter;
import org.zowe.apiml.gateway.security.query.SuccessfulQueryHandler;
import org.zowe.apiml.gateway.security.query.TokenAuthenticationProvider;
import org.zowe.apiml.gateway.security.refresh.SuccessfulRefreshHandler;
import org.zowe.apiml.gateway.security.service.AuthenticationService;
import org.zowe.apiml.gateway.security.ticket.SuccessfulTicketHandler;
import org.zowe.apiml.gateway.services.ServicesInfoController;
import org.zowe.apiml.security.common.config.AuthConfigurationProperties;
import org.zowe.apiml.security.common.config.CertificateAuthenticationProvider;
import org.zowe.apiml.security.common.config.HandlerInitializer;
import org.zowe.apiml.security.common.content.BasicContentFilter;
import org.zowe.apiml.security.common.content.CookieContentFilter;
import org.zowe.apiml.security.common.filter.ApimlX509Filter;
import org.zowe.apiml.security.common.login.LoginFilter;
import org.zowe.apiml.security.common.login.ShouldBeAlreadyAuthenticatedFilter;

@ConditionalOnProperty(name = {"apiml.security.filterChainConfiguration"}, havingValue = "new", matchIfMissing = false)
@Configuration
@EnableWebSecurity
/* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/security/config/NewSecurityConfiguration.class */
public class NewSecurityConfiguration {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) NewSecurityConfiguration.class);
    private String applicationContextPath = "/gateway";
    private static final String EXTRACT_USER_PRINCIPAL_FROM_COMMON_NAME = "CN=(.*?)(?:,|$)";
    private final ObjectMapper securityObjectMapper;
    private final AuthenticationService authenticationService;
    private final AuthConfigurationProperties authConfigurationProperties;
    private final HandlerInitializer handlerInitializer;
    private final SuccessfulQueryHandler successfulQueryHandler;
    private final SuccessfulTicketHandler successfulTicketHandler;
    private final SuccessfulRefreshHandler successfulRefreshHandler;

    @Qualifier("publicKeyCertificatesBase64")
    private final Set<String> publicKeyCertificatesBase64;
    private final X509AuthenticationProvider x509AuthenticationProvider;

    @Value("${server.attls.enabled:false}")
    private boolean isAttlsEnabled;

    @Value("${apiml.metrics.enabled:false}")
    private boolean isMetricsEnabled;

    @Configuration
    @Order(1)
    /* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/security/config/NewSecurityConfiguration$AuthenticationFunctionality.class */
    class AuthenticationFunctionality extends WebSecurityConfigurerAdapter {
        private final CompoundAuthProvider compoundAuthProvider;

        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) {
            authenticationManagerBuilder.authenticationProvider((AuthenticationProvider) this.compoundAuthProvider);
            authenticationManagerBuilder.authenticationProvider((AuthenticationProvider) new CertificateAuthenticationProvider());
        }

        /* JADX WARN: Multi-variable type inference failed */
        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) NewSecurityConfiguration.this.baseConfigure(httpSecurity.requestMatchers().antMatchers(NewSecurityConfiguration.this.authConfigurationProperties.getGatewayLoginEndpoint(), NewSecurityConfiguration.this.authConfigurationProperties.getGatewayLoginEndpointOldFormat(), NewSecurityConfiguration.this.authConfigurationProperties.getGatewayLogoutEndpoint(), NewSecurityConfiguration.this.authConfigurationProperties.getGatewayLogoutEndpointOldFormat()).and()).authorizeRequests().anyRequest().permitAll().and()).x509().x509AuthenticationFilter(apimlX509Filter(authenticationManager())).subjectPrincipalRegex(NewSecurityConfiguration.EXTRACT_USER_PRINCIPAL_FROM_COMMON_NAME).userDetailsService(new SimpleUserDetailService()).and()).logout().logoutRequestMatcher(new RegexRequestMatcher(String.format("(%s|%s)", NewSecurityConfiguration.this.authConfigurationProperties.getGatewayLogoutEndpoint(), NewSecurityConfiguration.this.authConfigurationProperties.getGatewayLogoutEndpointOldFormat()), HttpMethod.POST.name())).addLogoutHandler(logoutHandler()).logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler(HttpStatus.NO_CONTENT)).and()).addFilterBefore((Filter) loginFilter(DiscoveryClientRouteLocator.DEFAULT_ROUTE, authenticationManager()), org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter.class).addFilterAfter((Filter) x509AuthenticationFilter(DiscoveryClientRouteLocator.DEFAULT_ROUTE), org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter.class).addFilterAfter((Filter) new ShouldBeAlreadyAuthenticatedFilter(DiscoveryClientRouteLocator.DEFAULT_ROUTE, NewSecurityConfiguration.this.handlerInitializer.getAuthenticationFailureHandler()), org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter.class);
        }

        private LoginFilter loginFilter(String str, AuthenticationManager authenticationManager) {
            return new LoginFilter(str, NewSecurityConfiguration.this.handlerInitializer.getSuccessfulLoginHandler(), NewSecurityConfiguration.this.handlerInitializer.getAuthenticationFailureHandler(), NewSecurityConfiguration.this.securityObjectMapper, authenticationManager, NewSecurityConfiguration.this.handlerInitializer.getResourceAccessExceptionHandler());
        }

        private ApimlX509Filter apimlX509Filter(AuthenticationManager authenticationManager) {
            ApimlX509Filter apimlX509Filter = new ApimlX509Filter(NewSecurityConfiguration.this.publicKeyCertificatesBase64);
            apimlX509Filter.setAuthenticationManager(authenticationManager);
            return apimlX509Filter;
        }

        private X509AuthenticationFilter x509AuthenticationFilter(String str) {
            return new X509AuthenticationFilter(str, NewSecurityConfiguration.this.handlerInitializer.getSuccessfulLoginHandler(), NewSecurityConfiguration.this.x509AuthenticationProvider);
        }

        private LogoutHandler logoutHandler() {
            return new JWTLogoutHandler(NewSecurityConfiguration.this.authenticationService, NewSecurityConfiguration.this.handlerInitializer.getAuthenticationFailureHandler());
        }

        @Generated
        public AuthenticationFunctionality(CompoundAuthProvider compoundAuthProvider) {
            this.compoundAuthProvider = compoundAuthProvider;
        }
    }

    @Configuration
    @Order(5)
    /* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/security/config/NewSecurityConfiguration$CertificateOrAuthProtectedEndpoints.class */
    class CertificateOrAuthProtectedEndpoints extends WebSecurityConfigurerAdapter {
        private final CompoundAuthProvider compoundAuthProvider;
        private final AuthenticationProvider tokenAuthenticationProvider;
        private final String[] protectedEndpoints = {"/application", SafResourceAccessController.FULL_CONTEXT_PATH, ServicesInfoController.SERVICES_URL};

        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) {
            authenticationManagerBuilder.authenticationProvider((AuthenticationProvider) this.compoundAuthProvider);
            authenticationManagerBuilder.authenticationProvider(this.tokenAuthenticationProvider);
            authenticationManagerBuilder.authenticationProvider((AuthenticationProvider) new CertificateAuthenticationProvider());
        }

        /* JADX WARN: Multi-variable type inference failed */
        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((HttpSecurity) NewSecurityConfiguration.this.baseConfigure(httpSecurity.requestMatchers().antMatchers("/application/**").antMatchers(HttpMethod.POST, SafResourceAccessController.FULL_CONTEXT_PATH).antMatchers("/gateway/services/**").and()).authorizeRequests().anyRequest().authenticated().and()).logout().disable();
            if (NewSecurityConfiguration.this.isAttlsEnabled) {
                httpSecurity.x509().x509AuthenticationFilter(apimlX509Filter(authenticationManager())).subjectPrincipalRegex(NewSecurityConfiguration.EXTRACT_USER_PRINCIPAL_FROM_COMMON_NAME).userDetailsService(new SimpleUserDetailService());
            } else {
                httpSecurity.x509().subjectPrincipalRegex(NewSecurityConfiguration.EXTRACT_USER_PRINCIPAL_FROM_COMMON_NAME).userDetailsService(new SimpleUserDetailService());
            }
            httpSecurity.addFilterBefore((Filter) basicFilter(authenticationManager()), org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter.class).addFilterBefore((Filter) cookieFilter(authenticationManager()), org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter.class);
        }

        private ApimlX509Filter apimlX509Filter(AuthenticationManager authenticationManager) {
            ApimlX509Filter apimlX509Filter = new ApimlX509Filter(NewSecurityConfiguration.this.publicKeyCertificatesBase64);
            apimlX509Filter.setCertificateForClientAuth(x509Certificate -> {
                return apimlX509Filter.getPublicKeyCertificatesBase64().contains(apimlX509Filter.base64EncodePublicKey(x509Certificate));
            });
            apimlX509Filter.setNotCertificateForClientAuth(x509Certificate2 -> {
                return !apimlX509Filter.getPublicKeyCertificatesBase64().contains(apimlX509Filter.base64EncodePublicKey(x509Certificate2));
            });
            apimlX509Filter.setAuthenticationManager(authenticationManager);
            return apimlX509Filter;
        }

        private BasicContentFilter basicFilter(AuthenticationManager authenticationManager) {
            return new BasicContentFilter(authenticationManager, NewSecurityConfiguration.this.handlerInitializer.getAuthenticationFailureHandler(), NewSecurityConfiguration.this.handlerInitializer.getResourceAccessExceptionHandler(), this.protectedEndpoints);
        }

        private CookieContentFilter cookieFilter(AuthenticationManager authenticationManager) {
            return new CookieContentFilter(authenticationManager, NewSecurityConfiguration.this.handlerInitializer.getAuthenticationFailureHandler(), NewSecurityConfiguration.this.handlerInitializer.getResourceAccessExceptionHandler(), NewSecurityConfiguration.this.authConfigurationProperties, this.protectedEndpoints);
        }

        @Generated
        public CertificateOrAuthProtectedEndpoints(CompoundAuthProvider compoundAuthProvider, AuthenticationProvider authenticationProvider) {
            this.compoundAuthProvider = compoundAuthProvider;
            this.tokenAuthenticationProvider = authenticationProvider;
        }
    }

    @Configuration
    @Order(4)
    /* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/security/config/NewSecurityConfiguration$CertificateProtectedEndpoints.class */
    class CertificateProtectedEndpoints extends WebSecurityConfigurerAdapter {
        /* JADX WARN: Multi-variable type inference failed */
        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((HttpSecurity) ((HttpSecurity) NewSecurityConfiguration.this.baseConfigure(httpSecurity.requestMatchers().antMatchers(HttpMethod.DELETE, "/gateway/cache/services/**").antMatchers("/gateway/auth/invalidate/**", "/gateway/auth/distribute/**").and()).authorizeRequests().anyRequest().authenticated().and()).logout().disable()).x509().subjectPrincipalRegex(NewSecurityConfiguration.EXTRACT_USER_PRINCIPAL_FROM_COMMON_NAME).userDetailsService(new SimpleUserDetailService());
        }

        @Generated
        public CertificateProtectedEndpoints() {
        }
    }

    @Configuration
    @Order(100)
    /* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/security/config/NewSecurityConfiguration$DefaultSecurity.class */
    class DefaultSecurity extends WebSecurityConfigurerAdapter {
        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter, org.springframework.security.config.annotation.SecurityConfigurer
        public void configure(WebSecurity webSecurity) throws Exception {
            NewSecurityConfiguration.this.configureWebSecurity(webSecurity);
        }

        /* JADX WARN: Multi-variable type inference failed */
        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((HttpSecurity) NewSecurityConfiguration.this.baseConfigure(httpSecurity.requestMatchers().antMatchers(DiscoveryClientRouteLocator.DEFAULT_ROUTE, NewSecurityConfiguration.this.applicationContextPath + "/version").and()).authorizeRequests().anyRequest().permitAll().and()).logout().disable();
        }

        @Generated
        public DefaultSecurity() {
        }
    }

    @Configuration
    @Order(2)
    /* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/security/config/NewSecurityConfiguration$Query.class */
    class Query extends WebSecurityConfigurerAdapter {
        private final TokenAuthenticationProvider tokenAuthenticationProvider;

        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) {
            authenticationManagerBuilder.authenticationProvider((AuthenticationProvider) this.tokenAuthenticationProvider);
        }

        /* JADX WARN: Multi-variable type inference failed */
        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((HttpSecurity) ((HttpSecurity) NewSecurityConfiguration.this.baseConfigure(httpSecurity.requestMatchers().antMatchers(NewSecurityConfiguration.this.authConfigurationProperties.getGatewayQueryEndpoint(), NewSecurityConfiguration.this.authConfigurationProperties.getGatewayQueryEndpointOldFormat()).and()).authorizeRequests().anyRequest().authenticated().and()).logout().disable()).addFilterBefore((Filter) queryFilter(DiscoveryClientRouteLocator.DEFAULT_ROUTE, authenticationManager()), UsernamePasswordAuthenticationFilter.class);
        }

        private QueryFilter queryFilter(String str, AuthenticationManager authenticationManager) {
            return new QueryFilter(str, NewSecurityConfiguration.this.successfulQueryHandler, NewSecurityConfiguration.this.handlerInitializer.getAuthenticationFailureHandler(), NewSecurityConfiguration.this.authenticationService, HttpMethod.GET, false, authenticationManager);
        }

        @Generated
        public Query(TokenAuthenticationProvider tokenAuthenticationProvider) {
            this.tokenAuthenticationProvider = tokenAuthenticationProvider;
        }
    }

    @Configuration
    @ConditionalOnProperty(name = {"apiml.security.allowTokenRefresh"}, havingValue = "true", matchIfMissing = false)
    @Order(6)
    /* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/security/config/NewSecurityConfiguration$Refresh.class */
    class Refresh extends WebSecurityConfigurerAdapter {
        private final AuthenticationProvider tokenAuthenticationProvider;

        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) {
            authenticationManagerBuilder.authenticationProvider(this.tokenAuthenticationProvider);
        }

        /* JADX WARN: Multi-variable type inference failed */
        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) NewSecurityConfiguration.this.baseConfigure(httpSecurity.requestMatchers().antMatchers(NewSecurityConfiguration.this.authConfigurationProperties.getGatewayRefreshEndpointNewFormat(), NewSecurityConfiguration.this.authConfigurationProperties.getGatewayRefreshEndpointOldFormat()).and()).authorizeRequests().anyRequest().authenticated().and()).logout().disable()).x509().subjectPrincipalRegex(NewSecurityConfiguration.EXTRACT_USER_PRINCIPAL_FROM_COMMON_NAME).userDetailsService(new SimpleUserDetailService()).and()).addFilterBefore((Filter) refreshFilter(DiscoveryClientRouteLocator.DEFAULT_ROUTE, authenticationManager()), UsernamePasswordAuthenticationFilter.class);
        }

        private QueryFilter refreshFilter(String str, AuthenticationManager authenticationManager) {
            return new QueryFilter(str, NewSecurityConfiguration.this.successfulRefreshHandler, NewSecurityConfiguration.this.handlerInitializer.getAuthenticationFailureHandler(), NewSecurityConfiguration.this.authenticationService, HttpMethod.POST, true, authenticationManager);
        }

        @Generated
        public Refresh(AuthenticationProvider authenticationProvider) {
            this.tokenAuthenticationProvider = authenticationProvider;
        }
    }

    @Configuration
    @Order(3)
    /* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/security/config/NewSecurityConfiguration$Ticket.class */
    class Ticket extends WebSecurityConfigurerAdapter {
        private final AuthenticationProvider tokenAuthenticationProvider;

        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) {
            authenticationManagerBuilder.authenticationProvider(this.tokenAuthenticationProvider);
        }

        /* JADX WARN: Multi-variable type inference failed */
        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) NewSecurityConfiguration.this.baseConfigure(httpSecurity.requestMatchers().antMatchers(NewSecurityConfiguration.this.authConfigurationProperties.getGatewayTicketEndpoint(), NewSecurityConfiguration.this.authConfigurationProperties.getGatewayTicketEndpointOldFormat()).and()).authorizeRequests().anyRequest().authenticated().and()).logout().disable()).x509().subjectPrincipalRegex(NewSecurityConfiguration.EXTRACT_USER_PRINCIPAL_FROM_COMMON_NAME).userDetailsService(new SimpleUserDetailService()).and()).addFilterBefore((Filter) ticketFilter(DiscoveryClientRouteLocator.DEFAULT_ROUTE, authenticationManager()), UsernamePasswordAuthenticationFilter.class);
        }

        private QueryFilter ticketFilter(String str, AuthenticationManager authenticationManager) {
            return new QueryFilter(str, NewSecurityConfiguration.this.successfulTicketHandler, NewSecurityConfiguration.this.handlerInitializer.getAuthenticationFailureHandler(), NewSecurityConfiguration.this.authenticationService, HttpMethod.POST, true, authenticationManager);
        }

        @Generated
        public Ticket(AuthenticationProvider authenticationProvider) {
            this.tokenAuthenticationProvider = authenticationProvider;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected HttpSecurity baseConfigure(HttpSecurity httpSecurity) throws Exception {
        if (this.isAttlsEnabled) {
            httpSecurity.addFilterBefore((Filter) new AttlsFilter(), org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter.class);
            httpSecurity.addFilterBefore((Filter) new SecureConnectionFilter(), AttlsFilter.class);
        }
        return (HttpSecurity) ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) httpSecurity.cors().and()).csrf().disable()).headers().httpStrictTransportSecurity().disable().frameOptions().disable().and()).exceptionHandling().authenticationEntryPoint(this.handlerInitializer.getBasicAuthUnauthorizedHandler()).and()).sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()).exceptionHandling().authenticationEntryPoint(this.handlerInitializer.getBasicAuthUnauthorizedHandler()).and();
    }

    public void configureWebSecurity(WebSecurity webSecurity) {
        StrictHttpFirewall strictHttpFirewall = new StrictHttpFirewall();
        strictHttpFirewall.setAllowUrlEncodedSlash(true);
        strictHttpFirewall.setAllowBackSlash(true);
        strictHttpFirewall.setAllowUrlEncodedPercent(true);
        strictHttpFirewall.setAllowUrlEncodedPeriod(true);
        strictHttpFirewall.setAllowSemicolon(true);
        webSecurity.httpFirewall(strictHttpFirewall);
        webSecurity.ignoring().antMatchers(InternalServerErrorController.ERROR_ENDPOINT, "/error", "/application/health", "/application/info", "/application/version", "/gateway/auth/keys/public/all", "/gateway/auth/keys/public/current");
        if (this.isMetricsEnabled) {
            webSecurity.ignoring().antMatchers("/application/hystrix.stream");
        }
    }

    @Generated
    public NewSecurityConfiguration(ObjectMapper objectMapper, AuthenticationService authenticationService, AuthConfigurationProperties authConfigurationProperties, HandlerInitializer handlerInitializer, SuccessfulQueryHandler successfulQueryHandler, SuccessfulTicketHandler successfulTicketHandler, SuccessfulRefreshHandler successfulRefreshHandler, Set<String> set, X509AuthenticationProvider x509AuthenticationProvider) {
        this.securityObjectMapper = objectMapper;
        this.authenticationService = authenticationService;
        this.authConfigurationProperties = authConfigurationProperties;
        this.handlerInitializer = handlerInitializer;
        this.successfulQueryHandler = successfulQueryHandler;
        this.successfulTicketHandler = successfulTicketHandler;
        this.successfulRefreshHandler = successfulRefreshHandler;
        this.publicKeyCertificatesBase64 = set;
        this.x509AuthenticationProvider = x509AuthenticationProvider;
    }
}
