package io.sdsolutions.particle.security.config;

import io.sdsolutions.particle.security.constants.AntMatchers;
import io.sdsolutions.particle.security.filter.AutoLoginFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider;
import org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

/* loaded from: input_file:io/sdsolutions/particle/security/config/SecurityConfiguration.class */
public class SecurityConfiguration {
    private final UserDetailsService userDetailsService;
    private final CorsConfigurationProperties corsConfigurationProperties;

    public SecurityConfiguration(UserDetailsService userDetailsService, CorsConfigurationProperties corsConfigurationProperties) {
        this.userDetailsService = userDetailsService;
        this.corsConfigurationProperties = corsConfigurationProperties;
    }

    @Bean
    public CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.setAllowCredentials(true);
        corsConfiguration.setAllowedOrigins(this.corsConfigurationProperties.getOrigin());
        corsConfiguration.setAllowedMethods(this.corsConfigurationProperties.getMethods());
        corsConfiguration.setAllowedHeaders(this.corsConfigurationProperties.getAllowheaders());
        corsConfiguration.setExposedHeaders(this.corsConfigurationProperties.getExposeheaders());
        corsConfiguration.setMaxAge(this.corsConfigurationProperties.getMaxage());
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
        return urlBasedCorsConfigurationSource;
    }

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity httpSecurity, AuthenticationProvider authenticationProvider, AutoLoginFilter autoLoginFilter) throws Exception {
        httpSecurity.authenticationProvider(authenticationProvider).authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers(AntMatchers.PERMITTED_URLS)).permitAll().requestMatchers(AntMatchers.AUTHENTICATED_URLS)).fullyAuthenticated();
        });
        httpSecurity.sessionManagement(sessionManagementConfigurer -> {
            sessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        });
        httpSecurity.csrf((v0) -> {
            v0.disable();
        });
        httpSecurity.cors(Customizer.withDefaults());
        httpSecurity.addFilterAfter(autoLoginFilter, SecurityContextHolderAwareRequestFilter.class);
        configureFilterChain(httpSecurity);
        return (SecurityFilterChain) httpSecurity.getOrBuild();
    }

    protected void configureFilterChain(HttpSecurity httpSecurity) {
    }

    protected String getApiPath() {
        return "/api/**";
    }

    @Bean
    public AuthenticationProvider authenticationProvider() {
        UserDetailsByNameServiceWrapper userDetailsByNameServiceWrapper = new UserDetailsByNameServiceWrapper();
        userDetailsByNameServiceWrapper.setUserDetailsService(this.userDetailsService);
        PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider = new PreAuthenticatedAuthenticationProvider();
        preAuthenticatedAuthenticationProvider.setPreAuthenticatedUserDetailsService(userDetailsByNameServiceWrapper);
        return preAuthenticatedAuthenticationProvider;
    }

    @Bean
    public AuthenticationManager authManager(HttpSecurity httpSecurity) throws Exception {
        return (AuthenticationManager) ((AuthenticationManagerBuilder) httpSecurity.getSharedObject(AuthenticationManagerBuilder.class)).userDetailsService(this.userDetailsService).and().build();
    }
}
