package com.hazelcast.webmonitor.security.spi.impl.oidc;

import com.hazelcast.webmonitor.model.SecurityConfigConstants;
import com.hazelcast.webmonitor.security.spi.SecurityConfigParameter;
import com.hazelcast.webmonitor.security.spi.SecurityProvider;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/classes/com/hazelcast/webmonitor/security/spi/impl/oidc/OidcSecurityProvider.class
 */
/* loaded from: input_file:com/hazelcast/webmonitor/security/spi/impl/oidc/OidcSecurityProvider.class */
public class OidcSecurityProvider implements SecurityProvider {
    public static final String OIDC_SECURITY_PROVIDER_NAME = "OpenID Connect";
    PersistentOidcConfig persistentOidcConfig;

    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/classes/com/hazelcast/webmonitor/security/spi/impl/oidc/OidcSecurityProvider$NoOpAuthenticationProvider.class
     */
    /* loaded from: input_file:com/hazelcast/webmonitor/security/spi/impl/oidc/OidcSecurityProvider$NoOpAuthenticationProvider.class */
    private static final class NoOpAuthenticationProvider implements AuthenticationProvider {
        private NoOpAuthenticationProvider() {
        }

        @Override // org.springframework.security.authentication.AuthenticationProvider
        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
            throw new UnsupportedOperationException("OpenID Connect is configured. Username/password authentication is disabled.");
        }

        @Override // org.springframework.security.authentication.AuthenticationProvider
        public boolean supports(Class<?> cls) {
            return false;
        }
    }

    public OidcSecurityProvider(PersistentOidcConfig persistentOidcConfig) {
        this.persistentOidcConfig = persistentOidcConfig;
    }

    @Override // com.hazelcast.webmonitor.security.spi.SecurityProvider
    public String getName() {
        return OIDC_SECURITY_PROVIDER_NAME;
    }

    @Override // com.hazelcast.webmonitor.security.spi.SecurityProvider
    public List<SecurityConfigParameter> getConfigParameters() {
        return Arrays.asList(SecurityConfigParameter.stringParam(OidcConfig.CLIENT_ID_PROPERTY_NAME, "Client ID"), SecurityConfigParameter.stringParam(OidcConfig.CLIENT_SECRET_PROPERTY_NAME, "Client Secret"), SecurityConfigParameter.stringParam(OidcConfig.AUTHORIZATION_ENDPOINT_PROPERTY_NAME, "Authorization Endpoint"), SecurityConfigParameter.stringParam(OidcConfig.USER_INFO_ENDPOINT_PROPERTY_NAME, "User Info Endpoint"), SecurityConfigParameter.stringParam(OidcConfig.TOKEN_ENDPOINT_PROPERTY_NAME, "Token Endpoint"), SecurityConfigParameter.stringParam(OidcConfig.JWK_SET_ENDPOINT_PROPERTY_NAME, "JWK Set Endpoint"), SecurityConfigParameter.stringParam(OidcConfig.ISSUER_PROPERTY_NAME, "Issuer"), SecurityConfigParameter.stringParam(OidcConfig.REDIRECT_URL_PROPERTY_NAME, "Redirect URL"), SecurityConfigParameter.stringParam(OidcConfig.GROUPS_CLAIM_NAME_PROPERTY_NAME, "Groups Claim Name", "groups"), SecurityConfigParameter.stringParam("adminGroup", "Admin Group", SecurityConfigConstants.DEFAULT_ADMIN_GROUP), SecurityConfigParameter.stringParam("userGroup", "User Group", SecurityConfigConstants.DEFAULT_USER_GROUP), SecurityConfigParameter.stringParam("readonlyUserGroup", "Read-only User Group", SecurityConfigConstants.DEFAULT_READONLY_USER_GROUP), SecurityConfigParameter.stringParam("metricsOnlyGroup", "Metrics-only Group", SecurityConfigConstants.DEFAULT_METRICS_ONLY_GROUP));
    }

    @Override // com.hazelcast.webmonitor.security.spi.SecurityProvider
    public void saveConfig(Map<String, String> map) {
        String str = map.get(OidcConfig.CLIENT_ID_PROPERTY_NAME);
        String str2 = map.get(OidcConfig.CLIENT_SECRET_PROPERTY_NAME);
        String str3 = map.get(OidcConfig.AUTHORIZATION_ENDPOINT_PROPERTY_NAME);
        String str4 = map.get(OidcConfig.USER_INFO_ENDPOINT_PROPERTY_NAME);
        String str5 = map.get(OidcConfig.TOKEN_ENDPOINT_PROPERTY_NAME);
        String str6 = map.get(OidcConfig.JWK_SET_ENDPOINT_PROPERTY_NAME);
        String str7 = map.get(OidcConfig.ISSUER_PROPERTY_NAME);
        String str8 = map.get(OidcConfig.REDIRECT_URL_PROPERTY_NAME);
        String str9 = map.get(OidcConfig.GROUPS_CLAIM_NAME_PROPERTY_NAME);
        String str10 = map.get("adminGroup");
        String str11 = map.get("userGroup");
        String str12 = map.get("readonlyUserGroup");
        this.persistentOidcConfig.write(OidcConfig.builder().clientId(str).clientSecret(str2).authorizationEndpoint(str3).userInfoEndpoint(str4).tokenEndpoint(str5).jwkSetEndpoint(str6).issuer(str7).redirectURL(str8).groupsClaimName(str9).adminGroup(str10).readonlyUserGroup(str12).userGroup(str11).metricsOnlyGroup(map.get("metricsOnlyGroup")).build());
    }

    @Override // com.hazelcast.webmonitor.security.spi.SecurityProvider
    public AuthenticationProvider getAuthenticationProvider() {
        return new NoOpAuthenticationProvider();
    }
}
