package org.sonatype.nexus.security.filter;

import com.google.inject.AbstractModule;
import com.google.inject.Key;
import com.google.inject.MembersInjector;
import com.google.inject.Provider;
import com.google.inject.Scopes;
import com.google.inject.name.Names;
import java.lang.annotation.Annotation;
import javax.inject.Named;
import javax.servlet.Filter;
import org.apache.shiro.web.filter.mgt.FilterChainResolver;
import org.sonatype.nexus.rest.PathProtectionDescriptorBuilder;
import org.sonatype.nexus.security.filter.authc.NexusApiKeyAuthenticationFilter;
import org.sonatype.nexus.security.filter.authc.NexusContentAuthenticationFilter;
import org.sonatype.nexus.security.filter.authc.NexusSecureHttpAuthenticationFilter;
import org.sonatype.nexus.security.filter.authz.FailureLoggingHttpMethodPermissionFilter;
import org.sonatype.nexus.security.filter.authz.NexusTargetMappingAuthorizationFilter;
import org.sonatype.security.web.filter.authc.LogoutAuthenticationFilter;

@Named
/* loaded from: input_file:WEB-INF/plugin-repository/nexus-restlet1x-plugin-2.6.3-01/nexus-restlet1x-plugin-2.6.3-01.jar:org/sonatype/nexus/security/filter/NexusSecurityFilterModule.class */
public class NexusSecurityFilterModule extends AbstractModule {
    @Override // com.google.inject.AbstractModule
    protected void configure() {
        requireBinding(FilterChainResolver.class);
        bindAuthcFilter(PathProtectionDescriptorBuilder.AUTHC_BASIC, false, "Sonatype Nexus Repository Manager API");
        bindAuthcFilter("authcNxBasic", true, "Sonatype Nexus Repository Manager API (specialized auth)");
        bindNamedFilter("logout", new LogoutAuthenticationFilter());
        bindNamedFilter(PathProtectionDescriptorBuilder.PERMS, new FailureLoggingHttpMethodPermissionFilter());
        bindTargetMappingFilter("trperms", "/service/local/repositories/(.*)/content(.*)", "/repositories/@1@2");
        bindTargetMappingFilter("tiperms", "/service/local/repositories/(.*)/index_content(.*)", "/repositories/@1@2");
        bindTargetMappingFilter("tgperms", "/service/local/repo_groups/(.*)/content(.*)", "/groups/@1@2");
        bindTargetMappingFilter("tgiperms", "/service/local/repo_groups/(.*)/index_content(.*)", "/groups/@1@2");
        bindContentAuthcFilter("contentAuthcBasic", "Sonatype Nexus Repository Manager");
        bindTargetMappingFilter("contentTperms", "/content(.*)", "@1");
        bindApiKeyFilter("authcApiKey", "Sonatype Nexus Repository Manager API (X-...-ApiKey auth)");
    }

    private void bindAuthcFilter(String str, boolean z, String str2) {
        NexusSecureHttpAuthenticationFilter nexusSecureHttpAuthenticationFilter = new NexusSecureHttpAuthenticationFilter();
        nexusSecureHttpAuthenticationFilter.setApplicationName(str2);
        nexusSecureHttpAuthenticationFilter.setFakeAuthScheme(Boolean.toString(z));
        bindNamedFilter(str, nexusSecureHttpAuthenticationFilter);
    }

    private void bindTargetMappingFilter(String str, String str2, String str3) {
        NexusTargetMappingAuthorizationFilter nexusTargetMappingAuthorizationFilter = new NexusTargetMappingAuthorizationFilter();
        nexusTargetMappingAuthorizationFilter.setPathPrefix(str2);
        nexusTargetMappingAuthorizationFilter.setPathReplacement(str3);
        bindNamedFilter(str, nexusTargetMappingAuthorizationFilter);
    }

    private void bindContentAuthcFilter(String str, String str2) {
        NexusContentAuthenticationFilter nexusContentAuthenticationFilter = new NexusContentAuthenticationFilter();
        nexusContentAuthenticationFilter.setApplicationName(str2);
        bindNamedFilter(str, nexusContentAuthenticationFilter);
    }

    private void bindApiKeyFilter(String str, String str2) {
        NexusApiKeyAuthenticationFilter nexusApiKeyAuthenticationFilter = new NexusApiKeyAuthenticationFilter();
        nexusApiKeyAuthenticationFilter.setApplicationName(str2);
        bindNamedFilter(str, nexusApiKeyAuthenticationFilter);
    }

    private void bindNamedFilter(String str, Filter filter) {
        bind(Key.get(Filter.class, (Annotation) Names.named(str))).toProvider(defer(filter)).in(Scopes.SINGLETON);
    }

    private Provider<Filter> defer(final Filter filter) {
        Class<?> cls = filter.getClass();
        final MembersInjector membersInjector = getMembersInjector(cls);
        bind(cls);
        return new Provider<Filter>() { // from class: org.sonatype.nexus.security.filter.NexusSecurityFilterModule.1
            @Override // com.google.inject.Provider, javax.inject.Provider
            public Filter get() {
                membersInjector.injectMembers(filter);
                return filter;
            }
        };
    }
}
