package it.fabioformosa.quartzmanager.api.security.config;

import io.jsonwebtoken.Header;
import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.Operation;
import io.swagger.v3.oas.models.PathItem;
import io.swagger.v3.oas.models.media.Content;
import io.swagger.v3.oas.models.media.PasswordSchema;
import io.swagger.v3.oas.models.media.Schema;
import io.swagger.v3.oas.models.media.StringSchema;
import io.swagger.v3.oas.models.parameters.RequestBody;
import io.swagger.v3.oas.models.responses.ApiResponse;
import io.swagger.v3.oas.models.responses.ApiResponses;
import io.swagger.v3.oas.models.security.SecurityScheme;
import it.fabioformosa.quartzmanager.api.common.config.OpenAPIConfigConsts;
import it.fabioformosa.quartzmanager.api.common.config.QuartzManagerPaths;
import it.fabioformosa.quartzmanager.api.security.properties.JwtSecurityProperties;
import java.util.Arrays;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springdoc.core.customizers.OpenApiCustomiser;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.http.MediaType;

@ConditionalOnProperty(name = {"quartz-manager.oas.enabled"})
@Configuration
/* loaded from: input_file:WEB-INF/lib/quartz-manager-starter-security-4.0.5.jar:it/fabioformosa/quartzmanager/api/security/config/SecurityOpenApiConfig.class */
public class SecurityOpenApiConfig {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) SecurityOpenApiConfig.class);

    @Order(Integer.MIN_VALUE)
    @Bean({"quartzManagerOpenApiCustomiser"})
    public OpenApiCustomiser configureQuartzManagerOpenAPI(JwtSecurityProperties jwtSecurityProperties) {
        return openAPI -> {
            if (!jwtSecurityProperties.getCookieStrategy().isEnabled()) {
                openAPI.components(new Components().addSecuritySchemes(OpenAPIConfigConsts.QUARTZ_MANAGER_SEC_OAS_SCHEMA, buildBasicAuthScheme()));
            }
            openAPI.path(QuartzManagerPaths.QUARTZ_MANAGER_LOGIN_PATH, new PathItem().post(new Operation().operationId("login").tags(Arrays.asList("auth")).requestBody(new RequestBody().content(new Content().addMediaType(MediaType.APPLICATION_FORM_URLENCODED_VALUE, new io.swagger.v3.oas.models.media.MediaType().schema(new Schema().type("object").addProperties("username", new StringSchema()).addProperties("password", new PasswordSchema()).required(Arrays.asList("username", "password")))))).responses(new ApiResponses().addApiResponse("200", new ApiResponse().description("JWT Token to authenticate the next requests"))).responses(new ApiResponses().addApiResponse("401", new ApiResponse().description("Unauthorized - Username or password are incorrect!")))));
        };
    }

    private SecurityScheme buildBasicAuthScheme() {
        return new SecurityScheme().type(SecurityScheme.Type.HTTP).scheme("bearer").bearerFormat(Header.JWT_TYPE).description("A JWT Token in required to access this API. You can obtain a JWT Token by providing the username and password in the login API");
    }
}
