package com.jzt.wotu.security.config;

import com.jzt.wotu.security.annotations.IgnoreAuth;
import com.jzt.wotu.security.exception.JwtAccessDeniedHandler;
import com.jzt.wotu.security.exception.JwtAuthenticationEntryPoint;
import com.jzt.wotu.security.filter.JwtAuthenticationTokenFilter;
import com.jzt.wotu.security.utils.JwtTokenUtil;
import java.util.Iterator;
import javax.annotation.Resource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;

@EnableConfigurationProperties({JwtProperties.class, IgnoreUrlsProperties.class})
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
@Order(101)
/* loaded from: input_file:com/jzt/wotu/security/config/WebSecurityConfig.class */
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Resource
    private IgnoreUrlsProperties ignoreUrlsProperties;

    @Autowired(required = false)
    private WotuHttpSecurityConfig wotuHttpSecurityConfig;

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry authorizeRequests = httpSecurity.authorizeRequests();
        loadIgnoreMethod(getApplicationContext());
        Iterator<String> it = this.ignoreUrlsProperties.getIgnoredUrls().iterator();
        while (it.hasNext()) {
            ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) authorizeRequests.antMatchers(new String[]{it.next()})).permitAll();
        }
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) authorizeRequests.antMatchers(HttpMethod.OPTIONS)).permitAll();
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) authorizeRequests.anyRequest()).authenticated().and().csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().exceptionHandling().accessDeniedHandler(jwtAccessDeniedHandler()).authenticationEntryPoint(jwtAuthenticationEntryPoint()).and().addFilterBefore(jwtAuthenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class);
        if (this.wotuHttpSecurityConfig != null) {
            this.wotuHttpSecurityConfig.configHttpSecurity(httpSecurity);
        }
    }

    public void loadIgnoreMethod(ApplicationContext applicationContext) {
        ((RequestMappingHandlerMapping) applicationContext.getBean(RequestMappingHandlerMapping.class)).getHandlerMethods().entrySet().stream().forEach(entry -> {
            if (null == ((HandlerMethod) entry.getValue()).getMethod().getAnnotation(IgnoreAuth.class)) {
                return;
            }
            ((RequestMappingInfo) entry.getKey()).getPatternsCondition().getPatterns().forEach(str -> {
                this.ignoreUrlsProperties.getIgnoredUrls().add(str);
            });
        });
        super.setApplicationContext(applicationContext);
    }

    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.userDetailsService(userDetailsService()).passwordEncoder(passwordEncoder());
    }

    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Bean
    JwtAccessDeniedHandler jwtAccessDeniedHandler() {
        return new JwtAccessDeniedHandler();
    }

    @Bean
    JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint() {
        return new JwtAuthenticationEntryPoint();
    }

    @Bean
    JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter() {
        return new JwtAuthenticationTokenFilter();
    }

    @Bean
    JwtTokenUtil jwtTokenUtil() {
        return new JwtTokenUtil();
    }
}
