package vip.isass.core.web.security.config;

import java.util.List;
import javax.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
import vip.isass.core.web.security.authentication.jwt.IJwtService;
import vip.isass.core.web.security.authentication.jwt.JwtAuthenticationFilter;
import vip.isass.core.web.security.authentication.jwt.TerminalOnlineConfiguration;
import vip.isass.core.web.security.authentication.ms.MsAuthenticationFilter;
import vip.isass.core.web.security.metadata.SecurityMetadataSourceProviderManager;
import vip.isass.core.web.security.processor.AffirmativeBasedPostProcessor;
import vip.isass.core.web.security.processor.FilterSecurityInterceptorSourcePostProcessor;
import vip.isass.core.web.uri.UriPrefixProvider;

@Configuration
@EnableWebSecurity
/* loaded from: input_file:vip/isass/core/web/security/config/WebSecurityConfig.class */
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    private static final Logger log = LoggerFactory.getLogger(WebSecurityConfig.class);

    @Resource
    private PasswordEncoder passwordEncoder;

    @Resource
    private UserDetailsService userDetailsService;

    @Resource
    private List<AuthenticationProvider> authenticationProvider;

    @Resource
    private RequestMappingHandlerMapping requestMappingHandlerMapping;

    @Resource
    private SecurityMetadataSourceProviderManager securityMetadataSourceProviderManager;

    @Resource
    private UriPrefixProvider uriPrefixProvider;

    @Resource
    private PermitUrlConfiguration permitUrlConfiguration;

    @Autowired(required = false)
    private IJwtService jwtService;

    @Resource
    private TerminalOnlineConfiguration terminalOnlineConfiguration;

    @Value("${security.enable:true}")
    private boolean enable;

    public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.userDetailsService(this.userDetailsService).passwordEncoder(this.passwordEncoder);
        List<AuthenticationProvider> list = this.authenticationProvider;
        authenticationManagerBuilder.getClass();
        list.forEach(authenticationManagerBuilder::authenticationProvider);
        authenticationManagerBuilder.eraseCredentials(false);
    }

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        log.info("spring security enable: {}", Boolean.valueOf(this.enable));
        List<String> permitUrls = this.permitUrlConfiguration.getPermitUrls();
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.cors().and().csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().headers().cacheControl().disable().and().authorizeRequests().antMatchers((String[]) permitUrls.toArray(new String[0]))).permitAll().withObjectPostProcessor(new FilterSecurityInterceptorSourcePostProcessor(this.requestMappingHandlerMapping, this.securityMetadataSourceProviderManager, this.uriPrefixProvider, permitUrls)).withObjectPostProcessor(new AffirmativeBasedPostProcessor()).and().addFilter(new JwtAuthenticationFilter(authenticationManager(), this.jwtService, this.terminalOnlineConfiguration)).addFilter(new MsAuthenticationFilter(authenticationManager())).anonymous();
        if (this.enable) {
            return;
        }
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().anyRequest()).permitAll();
    }

    public boolean isEnable() {
        return this.enable;
    }
}
