package de.enterprise.spring.boot.application.starter.actuate.servlet;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
import org.springframework.boot.actuate.health.HealthEndpoint;
import org.springframework.boot.actuate.info.InfoEndpoint;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.boot.autoconfigure.h2.H2ConsoleProperties;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.web.util.matcher.RequestMatcher;

@ConditionalOnProperty(name = {"enterprise-application.actuator.endpoint-security-enabled"}, havingValue = "true", matchIfMissing = true)
@Configuration(proxyBeanMethods = false)
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
/* loaded from: input_file:de/enterprise/spring/boot/application/starter/actuate/servlet/ServletActuatorSecurityConfiguration.class */
public class ServletActuatorSecurityConfiguration {

    @Configuration(proxyBeanMethods = false)
    /* loaded from: input_file:de/enterprise/spring/boot/application/starter/actuate/servlet/ServletActuatorSecurityConfiguration$ActuatorServletSecurityConfiguration.class */
    public class ActuatorServletSecurityConfiguration extends WebSecurityConfigurerAdapter {

        @Autowired
        private SecurityProperties securityProperties;

        public ActuatorServletSecurityConfiguration() {
        }

        protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
            authenticationManagerBuilder.inMemoryAuthentication().withUser(this.securityProperties.getUser().getName()).password(this.securityProperties.getUser().getPassword()).authorities((String[]) this.securityProperties.getUser().getRoles().toArray(new String[0]));
        }

        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((HttpSecurity.RequestMatcherConfigurer) httpSecurity.requestMatchers().requestMatchers(new RequestMatcher[]{EndpointRequest.toAnyEndpoint()})).and().authorizeRequests().requestMatchers(new RequestMatcher[]{EndpointRequest.to(new Class[]{HealthEndpoint.class, InfoEndpoint.class})})).permitAll().requestMatchers(new RequestMatcher[]{EndpointRequest.toAnyEndpoint()})).hasAuthority("MANAGE_ADMIN").requestMatchers(new RequestMatcher[]{PathRequest.toStaticResources().atCommonLocations()})).permitAll().and().csrf().disable().httpBasic();
        }
    }

    @Configuration(proxyBeanMethods = false)
    @ConditionalOnProperty(name = {"spring.h2.console.enabled"}, havingValue = "true", matchIfMissing = false)
    @ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
    @Order(99)
    /* loaded from: input_file:de/enterprise/spring/boot/application/starter/actuate/servlet/ServletActuatorSecurityConfiguration$H2ConsoleSecurityConfig.class */
    public class H2ConsoleSecurityConfig extends WebSecurityConfigurerAdapter {

        @Autowired(required = false)
        private H2ConsoleProperties h2ConsoleProperties;

        public H2ConsoleSecurityConfig() {
        }

        protected void configure(HttpSecurity httpSecurity) throws Exception {
            httpSecurity.csrf().disable().headers().frameOptions().disable();
            String path = this.h2ConsoleProperties != null ? this.h2ConsoleProperties.getPath() : "/h2-console";
            ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((HttpSecurity.RequestMatcherConfigurer) httpSecurity.requestMatchers().antMatchers(new String[]{path, path + "/**"})).and().authorizeRequests().anyRequest()).anonymous();
        }
    }
}
