package org.apache.syncope.client.enduser;

import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.json.JsonMapper;
import com.giffing.wicket.spring.boot.starter.app.WicketBootSecuredWebApplication;
import de.agilecoders.wicket.core.Bootstrap;
import de.agilecoders.wicket.core.settings.BootstrapSettings;
import de.agilecoders.wicket.core.settings.SingleThemeProvider;
import java.io.InputStream;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import org.apache.syncope.client.enduser.init.ClassPathScanImplementationLookup;
import org.apache.syncope.client.enduser.layout.UserFormLayoutInfo;
import org.apache.syncope.client.enduser.pages.BasePage;
import org.apache.syncope.client.enduser.pages.Dashboard;
import org.apache.syncope.client.enduser.pages.Login;
import org.apache.syncope.client.enduser.pages.MustChangePassword;
import org.apache.syncope.client.enduser.pages.SelfConfirmPasswordReset;
import org.apache.syncope.client.enduser.panels.Sidebar;
import org.apache.syncope.client.lib.SyncopeAnonymousClient;
import org.apache.syncope.client.lib.SyncopeClientFactoryBean;
import org.apache.syncope.client.ui.commons.SyncopeUIRequestCycleListener;
import org.apache.syncope.client.ui.commons.annotations.Resource;
import org.apache.syncope.client.ui.commons.themes.AdminLTE;
import org.apache.syncope.common.keymaster.client.api.ServiceOps;
import org.apache.syncope.common.keymaster.client.api.model.NetworkService;
import org.apache.wicket.Page;
import org.apache.wicket.Session;
import org.apache.wicket.WicketRuntimeException;
import org.apache.wicket.authorization.IAuthorizationStrategy;
import org.apache.wicket.authroles.authentication.AbstractAuthenticatedWebSession;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.protocol.http.IResourceIsolationPolicy;
import org.apache.wicket.protocol.http.ResourceIsolationRequestCycleListener;
import org.apache.wicket.protocol.http.WebApplication;
import org.apache.wicket.protocol.http.servlet.XForwardedRequestWrapperFactory;
import org.apache.wicket.request.Request;
import org.apache.wicket.request.Response;
import org.apache.wicket.request.component.IRequestableComponent;
import org.apache.wicket.request.component.IRequestablePage;
import org.apache.wicket.request.cycle.IRequestCycleListener;
import org.apache.wicket.request.cycle.RequestCycle;
import org.apache.wicket.request.http.WebResponse;
import org.apache.wicket.request.mapper.parameter.PageParameters;
import org.apache.wicket.request.resource.IResource;
import org.apache.wicket.request.resource.ResourceReference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.aop.support.AopUtils;
import org.springframework.core.io.ResourceLoader;

/* loaded from: input_file:org/apache/syncope/client/enduser/SyncopeWebApplication.class */
public class SyncopeWebApplication extends WicketBootSecuredWebApplication {
    protected static final Logger LOG = LoggerFactory.getLogger(SyncopeWebApplication.class);
    protected static final JsonMapper MAPPER = JsonMapper.builder().findAndAddModules().build();
    protected final ResourceLoader resourceLoader;
    protected final EnduserProperties props;
    protected final ClassPathScanImplementationLookup lookup;
    protected final ServiceOps serviceOps;
    protected final List<IResource> resources;
    protected UserFormLayoutInfo customFormLayout;

    public static SyncopeWebApplication get() {
        return WebApplication.get();
    }

    public SyncopeWebApplication(ResourceLoader resourceLoader, EnduserProperties enduserProperties, ClassPathScanImplementationLookup classPathScanImplementationLookup, ServiceOps serviceOps, List<IResource> list) {
        this.resourceLoader = resourceLoader;
        this.props = enduserProperties;
        this.lookup = classPathScanImplementationLookup;
        this.serviceOps = serviceOps;
        this.resources = list;
    }

    protected SyncopeUIRequestCycleListener buildSyncopeUIRequestCycleListener() {
        return new SyncopeUIRequestCycleListener(this) { // from class: org.apache.syncope.client.enduser.SyncopeWebApplication.1
            protected boolean isSignedIn() {
                return SyncopeEnduserSession.get().isAuthenticated();
            }

            protected void invalidateSession() {
                SyncopeEnduserSession.get().invalidate();
            }

            protected IRequestablePage getErrorPage(PageParameters pageParameters) {
                return new Login(pageParameters);
            }
        };
    }

    protected void initSecurity() {
        if (this.props.isxForward()) {
            XForwardedRequestWrapperFactory.Config config = new XForwardedRequestWrapperFactory.Config();
            config.setProtocolHeader(this.props.getxForwardProtocolHeader());
            config.setHttpServerPort(this.props.getxForwardHttpPort());
            config.setHttpsServerPort(this.props.getxForwardHttpsPort());
            XForwardedRequestWrapperFactory xForwardedRequestWrapperFactory = new XForwardedRequestWrapperFactory();
            xForwardedRequestWrapperFactory.setConfig(config);
            getFilterFactoryManager().add(xForwardedRequestWrapperFactory);
        }
        if (this.props.isCsrf()) {
            getRequestCycleListeners().add(new ResourceIsolationRequestCycleListener(new IResourceIsolationPolicy[0]));
        }
        getCspSettings().blocking().unsafeInline();
        getRequestCycleListeners().add(new IRequestCycleListener() { // from class: org.apache.syncope.client.enduser.SyncopeWebApplication.2
            public void onEndRequest(RequestCycle requestCycle) {
                WebResponse response = requestCycle.getResponse();
                if (response instanceof WebResponse) {
                    WebResponse webResponse = response;
                    Map securityHeaders = SyncopeWebApplication.this.props.getSecurityHeaders();
                    Objects.requireNonNull(webResponse);
                    securityHeaders.forEach(webResponse::setHeader);
                }
            }
        });
    }

    protected void init() {
        super.init();
        BootstrapSettings bootstrapSettings = new BootstrapSettings();
        bootstrapSettings.setThemeProvider(new SingleThemeProvider(new AdminLTE()));
        Bootstrap.install(this, bootstrapSettings);
        getResourceSettings().setUseMinifiedResources(true);
        getResourceSettings().setUseDefaultOnMissingResource(true);
        getResourceSettings().setThrowExceptionOnMissingResource(false);
        getSecuritySettings().setAuthorizationStrategy(getAuthorizationStrategy());
        getMarkupSettings().setStripWicketTags(true);
        getMarkupSettings().setCompressWhitespace(true);
        getRequestCycleListeners().add(buildSyncopeUIRequestCycleListener());
        initSecurity();
        mountPage("/confirmpasswordreset", SelfConfirmPasswordReset.class);
        for (final IResource iResource : this.resources) {
            Class targetClass = AopUtils.getTargetClass(iResource);
            Resource annotation = targetClass.getAnnotation(Resource.class);
            if (annotation == null) {
                LOG.error("No @Resource annotation found, ignoring {}", targetClass.getName());
            } else {
                LOG.debug("Mounting {} under {}", targetClass.getName(), annotation.path());
                mountResource(annotation.path(), new ResourceReference(annotation.key()) { // from class: org.apache.syncope.client.enduser.SyncopeWebApplication.3
                    private static final long serialVersionUID = -128426276529456602L;

                    public IResource getResource() {
                        return iResource;
                    }
                });
            }
        }
        try {
            InputStream inputStream = this.resourceLoader.getResource(this.props.getCustomFormLayout()).getInputStream();
            try {
                this.customFormLayout = (UserFormLayoutInfo) MAPPER.readValue(inputStream, new TypeReference<UserFormLayoutInfo>(this) { // from class: org.apache.syncope.client.enduser.SyncopeWebApplication.4
                });
                if (inputStream != null) {
                    inputStream.close();
                }
                if (getDebugSettings().isAjaxDebugModeEnabled()) {
                    getDebugSettings().setComponentPathAttributeName("syncope-path");
                }
            } finally {
            }
        } catch (Exception e) {
            throw new WicketRuntimeException("Could not read " + this.props.getCustomFormLayout(), e);
        }
    }

    protected IAuthorizationStrategy getAuthorizationStrategy() {
        return new IAuthorizationStrategy.AllowAllAuthorizationStrategy() { // from class: org.apache.syncope.client.enduser.SyncopeWebApplication.5
            public <T extends IRequestableComponent> boolean isInstantiationAuthorized(Class<T> cls) {
                if (BasePage.class.isAssignableFrom(cls)) {
                    return ((Boolean) SyncopeWebApplication.this.props.getPage().entrySet().stream().filter(entry -> {
                        return cls.equals(entry.getValue());
                    }).map((v0) -> {
                        return v0.getKey();
                    }).findFirst().map(str -> {
                        return Boolean.valueOf(SyncopeEnduserSession.get().isAuthenticated());
                    }).orElse(true)).booleanValue();
                }
                return true;
            }
        };
    }

    public Class<? extends Page> getHomePage() {
        return (SyncopeEnduserSession.get().isAuthenticated() && SyncopeEnduserSession.get().isMustChangePassword()) ? MustChangePassword.class : SyncopeEnduserSession.get().isAuthenticated() ? getPageClass("profile", Dashboard.class) : getSignInPageClass();
    }

    public ClassPathScanImplementationLookup getLookup() {
        return this.lookup;
    }

    public UserFormLayoutInfo getCustomFormLayout() {
        return this.customFormLayout;
    }

    public Class<? extends Sidebar> getSidebar() {
        return this.props.getSidebar();
    }

    public Session newSession(Request request, Response response) {
        return new SyncopeEnduserSession(request);
    }

    public SyncopeAnonymousClient newAnonymousClient(String str) {
        return newClientFactory().setDomain(str).createAnonymous(this.props.getAnonymousUser(), this.props.getAnonymousKey());
    }

    public SyncopeClientFactoryBean newClientFactory() {
        return new SyncopeClientFactoryBean().setAddress(this.serviceOps.get(NetworkService.Type.CORE).getAddress()).setUseCompression(this.props.isUseGZIPCompression());
    }

    public Class<? extends BasePage> getPageClass(String str) {
        return this.props.getPage().get(str);
    }

    public Class<? extends BasePage> getPageClass(String str, Class<? extends BasePage> cls) {
        return this.props.getPage().getOrDefault(str, cls);
    }

    protected Class<? extends AbstractAuthenticatedWebSession> getWebSessionClass() {
        return SyncopeEnduserSession.class;
    }

    protected Class<? extends WebPage> getSignInPageClass() {
        return Login.class;
    }

    public String getAdminUser() {
        return this.props.getAdminUser();
    }

    public String getAnonymousUser() {
        return this.props.getAnonymousUser();
    }

    public boolean isCaptchaEnabled() {
        return this.props.isCaptcha();
    }

    public boolean isReportPropagationErrors() {
        return this.props.isReportPropagationErrors();
    }

    public boolean isReportPropagationErrorDetails() {
        return this.props.isReportPropagationErrorDetails();
    }

    public long getMaxWaitTimeInSeconds() {
        return this.props.getMaxWaitTimeOnApplyChanges();
    }

    public Integer getMaxUploadFileSizeMB() {
        return Integer.valueOf(this.props.getMaxUploadFileSizeMB());
    }
}
