package org.meruvian.yama.webapi.config.oauth;

import javax.inject.Inject;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
import org.springframework.security.oauth2.provider.TokenGranter;
import org.springframework.security.oauth2.provider.approval.ApprovalStore;
import org.springframework.security.oauth2.provider.approval.ApprovalStoreUserApprovalHandler;
import org.springframework.security.oauth2.provider.approval.UserApprovalHandler;
import org.springframework.security.oauth2.provider.client.ClientCredentialsTokenGranter;
import org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService;
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
import org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint;
import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;
import org.springframework.security.oauth2.provider.token.AccessTokenConverter;
import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.TokenEnhancer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;

@Configuration
/* loaded from: input_file:WEB-INF/classes/org/meruvian/yama/webapi/config/oauth/OAuthServerConfig.class */
public class OAuthServerConfig {

    @Inject
    private ClientDetailsService clientDetailsService;

    @Bean
    public AccessTokenConverter tokenConverter() {
        DefaultAccessTokenConverter defaultAccessTokenConverter = new DefaultAccessTokenConverter();
        defaultAccessTokenConverter.setUserTokenConverter(new UserTokenConverter());
        return defaultAccessTokenConverter;
    }

    @Bean
    public TokenEnhancer tokenEnhancer() {
        JwtAccessTokenConverter jwtAccessTokenConverter = new JwtAccessTokenConverter();
        jwtAccessTokenConverter.setAccessTokenConverter(tokenConverter());
        return jwtAccessTokenConverter;
    }

    @Bean
    public TokenStore tokenStore() {
        return new JwtTokenStore((JwtAccessTokenConverter) tokenEnhancer());
    }

    @Bean
    public DefaultTokenServices tokenServices() {
        DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
        defaultTokenServices.setTokenEnhancer(tokenEnhancer());
        defaultTokenServices.setTokenStore(tokenStore());
        defaultTokenServices.setSupportRefreshToken(true);
        defaultTokenServices.setClientDetailsService(this.clientDetailsService);
        return defaultTokenServices;
    }

    @Bean
    public OAuth2RequestFactory requestFactory() {
        return new DefaultOAuth2RequestFactory(this.clientDetailsService);
    }

    @Bean
    public UserApprovalHandler userApprovalHandler(ApprovalStore approvalStore) {
        ApprovalStoreUserApprovalHandler approvalStoreUserApprovalHandler = new ApprovalStoreUserApprovalHandler();
        approvalStoreUserApprovalHandler.setApprovalStore(approvalStore);
        approvalStoreUserApprovalHandler.setClientDetailsService(this.clientDetailsService);
        approvalStoreUserApprovalHandler.setRequestFactory(requestFactory());
        return approvalStoreUserApprovalHandler;
    }

    @Bean
    public TokenGranter tokenGranter() {
        return new ClientCredentialsTokenGranter(tokenServices(), this.clientDetailsService, requestFactory());
    }

    @Bean
    public UserDetailsService clientDetailsUserDetailsService() {
        return new ClientDetailsUserDetailsService(this.clientDetailsService);
    }

    @Bean
    public AuthenticationEntryPoint oauth2AuthenticationEntryPoint() {
        OAuth2AuthenticationEntryPoint oAuth2AuthenticationEntryPoint = new OAuth2AuthenticationEntryPoint();
        oAuth2AuthenticationEntryPoint.setRealmName("yama/client");
        oAuth2AuthenticationEntryPoint.setTypeName("Basic");
        return oAuth2AuthenticationEntryPoint;
    }

    @Bean
    public AccessDeniedHandler oauth2AccessDeniedHandler() {
        return new OAuth2AccessDeniedHandler();
    }
}
