package cn.jbone.sso.client;

import cn.jbone.configuration.JboneConfiguration;
import cn.jbone.sso.client.listener.JboneCasSessionListener;
import cn.jbone.sso.client.pac4j.handler.JboneCasLogoutHandler;
import cn.jbone.sso.client.realm.JboneCasRealm;
import cn.jbone.sso.client.session.JboneCasSessionDao;
import cn.jbone.sso.client.session.JboneCasSessionFactory;
import cn.jbone.sso.client.session.JboneSessionTicketStore;
import io.buji.pac4j.context.ShiroSessionStore;
import io.buji.pac4j.filter.CallbackFilter;
import io.buji.pac4j.filter.LogoutFilter;
import io.buji.pac4j.filter.SecurityFilter;
import io.buji.pac4j.subject.Pac4jSubjectFactory;
import java.util.Arrays;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.LinkedHashMap;
import javax.servlet.DispatcherType;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.session.SessionListener;
import org.apache.shiro.session.mgt.SessionFactory;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.pac4j.cas.client.CasClient;
import org.pac4j.cas.config.CasConfiguration;
import org.pac4j.core.client.Clients;
import org.pac4j.core.config.Config;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.DelegatingFilterProxy;

@Configuration
/* loaded from: input_file:cn/jbone/sso/client/ShiroCasConfiguration.class */
public class ShiroCasConfiguration {
    private static final Logger logger = LoggerFactory.getLogger(ShiroCasConfiguration.class);

    @Bean
    Config getConfig(JboneConfiguration jboneConfiguration, ShiroSessionStore shiroSessionStore, JboneCasLogoutHandler jboneCasLogoutHandler) {
        CasConfiguration casConfiguration = new CasConfiguration(jboneConfiguration.getSso().getSsoServerUrl() + jboneConfiguration.getSso().getLoginUrl(), jboneConfiguration.getSso().getSsoServerUrl());
        casConfiguration.setLogoutHandler(jboneCasLogoutHandler);
        casConfiguration.setAcceptAnyProxy(true);
        casConfiguration.setLoginUrl(jboneConfiguration.getSso().getSsoServerUrl() + jboneConfiguration.getSso().getLoginUrl());
        casConfiguration.setPrefixUrl(jboneConfiguration.getSso().getSsoServerUrl() + "/");
        CasClient casClient = new CasClient(casConfiguration);
        casClient.setCallbackUrl(jboneConfiguration.getSso().getCurrentServerUrlPrefix() + jboneConfiguration.getSso().getSsoFilterUrlPattern() + "?client_name=CasClient");
        casClient.setName("CasClient");
        Config config = new Config(new Clients(jboneConfiguration.getSso().getCurrentServerUrlPrefix() + jboneConfiguration.getSso().getSsoFilterUrlPattern() + "?client_name=CasClient", casClient));
        config.setSessionStore(shiroSessionStore);
        return config;
    }

    @Bean
    ShiroSessionStore getJboneSessionStore() {
        return new ShiroSessionStore();
    }

    @Bean
    JboneSessionTicketStore getSessionTicketStore(StringRedisTemplate stringRedisTemplate, JboneConfiguration jboneConfiguration) {
        JboneSessionTicketStore jboneSessionTicketStore = new JboneSessionTicketStore();
        jboneSessionTicketStore.setRedisTemplate(stringRedisTemplate);
        jboneSessionTicketStore.setTimeout(Long.valueOf(jboneConfiguration.getSso().getClientSessionTimeout()));
        return jboneSessionTicketStore;
    }

    @Bean
    JboneCasLogoutHandler getJboneCasLogoutHandler(SessionManager sessionManager, JboneSessionTicketStore jboneSessionTicketStore) {
        JboneCasLogoutHandler jboneCasLogoutHandler = new JboneCasLogoutHandler(jboneSessionTicketStore);
        jboneCasLogoutHandler.setDestroySession(true);
        jboneCasLogoutHandler.setSessionManager(sessionManager);
        return jboneCasLogoutHandler;
    }

    @Bean
    public JboneCasRealm getJboneCasRealm(EhCacheManager ehCacheManager, JboneConfiguration jboneConfiguration) {
        return new JboneCasRealm(ehCacheManager, jboneConfiguration.getSys().getServerName());
    }

    @Bean
    public EhCacheManager getEhCacheManager() {
        EhCacheManager ehCacheManager = new EhCacheManager();
        ehCacheManager.setCacheManagerConfigFile("classpath:ehcache-shiro.xml");
        return ehCacheManager;
    }

    @Bean
    public FilterRegistrationBean filterRegistrationBean() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new DelegatingFilterProxy("shiroFilter"));
        filterRegistrationBean.addInitParameter("targetFilterLifecycle", "true");
        filterRegistrationBean.setEnabled(true);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        filterRegistrationBean.setDispatcherTypes(EnumSet.allOf(DispatcherType.class));
        return filterRegistrationBean;
    }

    @Bean(name = {"lifecycleBeanPostProcessor"})
    public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }

    @Bean
    public DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
        return defaultAdvisorAutoProxyCreator;
    }

    @Bean(name = {"securityManager"})
    public DefaultWebSecurityManager getDefaultWebSecurityManager(JboneCasRealm jboneCasRealm, DefaultWebSessionManager defaultWebSessionManager) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(jboneCasRealm);
        defaultWebSecurityManager.setCacheManager(getEhCacheManager());
        defaultWebSecurityManager.setSubjectFactory(new Pac4jSubjectFactory());
        defaultWebSecurityManager.setSessionManager(defaultWebSessionManager);
        return defaultWebSecurityManager;
    }

    @Bean(name = {"sessionManager"})
    public DefaultWebSessionManager getDefaultWebSessionManager(SessionListener sessionListener, SessionDAO sessionDAO, SessionFactory sessionFactory, JboneConfiguration jboneConfiguration, SimpleCookie simpleCookie) {
        DefaultWebSessionManager defaultWebSessionManager = new DefaultWebSessionManager();
        defaultWebSessionManager.setGlobalSessionTimeout(jboneConfiguration.getSso().getClientSessionTimeout());
        defaultWebSessionManager.setSessionValidationSchedulerEnabled(false);
        defaultWebSessionManager.setSessionListeners(Arrays.asList(sessionListener));
        defaultWebSessionManager.setSessionDAO(sessionDAO);
        defaultWebSessionManager.setSessionFactory(sessionFactory);
        defaultWebSessionManager.setSessionIdCookie(simpleCookie);
        return defaultWebSessionManager;
    }

    @Bean(name = {"sessionDao"})
    public SessionDAO getSessionDao(StringRedisTemplate stringRedisTemplate, JboneSessionTicketStore jboneSessionTicketStore) {
        JboneCasSessionDao jboneCasSessionDao = new JboneCasSessionDao(stringRedisTemplate);
        jboneCasSessionDao.setSessionTicketStore(jboneSessionTicketStore);
        return jboneCasSessionDao;
    }

    @Bean
    public SimpleCookie getCookie() {
        SimpleCookie simpleCookie = new SimpleCookie();
        simpleCookie.setName("j_s_id");
        simpleCookie.setHttpOnly(false);
        simpleCookie.setPath("/");
        return simpleCookie;
    }

    @Bean(name = {"sessionListener"})
    public SessionListener getSessionListener() {
        return new JboneCasSessionListener();
    }

    @Bean(name = {"sessionFactory"})
    public SessionFactory getSessionFactory(JboneConfiguration jboneConfiguration) {
        return new JboneCasSessionFactory(jboneConfiguration);
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(DefaultWebSecurityManager defaultWebSecurityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(defaultWebSecurityManager);
        return authorizationAttributeSourceAdvisor;
    }

    private void loadShiroFilterChain(ShiroFilterFactoryBean shiroFilterFactoryBean, JboneConfiguration jboneConfiguration) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put(jboneConfiguration.getSso().getSsoFilterUrlPattern(), "callback");
        linkedHashMap.put(jboneConfiguration.getSso().getLogoutUrl(), "logout");
        if (jboneConfiguration.getSso().getFilterChainDefinition() != null) {
            linkedHashMap.putAll(jboneConfiguration.getSso().getFilterChainDefinition());
        }
        String str = (String) linkedHashMap.get("/**");
        if (StringUtils.isEmpty(str)) {
            linkedHashMap.put("/**", "security");
        } else if (!str.equals("anon")) {
            linkedHashMap.put("/**", "security," + str);
        }
        shiroFilterFactoryBean.setFilterChainDefinitionMap(linkedHashMap);
    }

    @Bean(name = {"shiroFilter"})
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager, JboneConfiguration jboneConfiguration, StringRedisTemplate stringRedisTemplate, DefaultWebSessionManager defaultWebSessionManager, Config config) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
        shiroFilterFactoryBean.setLoginUrl(jboneConfiguration.getSso().getEncodedLoginUrl());
        shiroFilterFactoryBean.setSuccessUrl(jboneConfiguration.getSso().getSuccessUrl());
        shiroFilterFactoryBean.setUnauthorizedUrl(jboneConfiguration.getSso().getUnauthorizedUrl());
        HashMap hashMap = new HashMap();
        CallbackFilter callbackFilter = new CallbackFilter();
        callbackFilter.setConfig(config);
        callbackFilter.setDefaultUrl(jboneConfiguration.getSso().getSuccessUrl());
        hashMap.put("callback", callbackFilter);
        LogoutFilter logoutFilter = new LogoutFilter();
        logoutFilter.setConfig(config);
        logoutFilter.setDefaultUrl(jboneConfiguration.getSso().getCurrentServerUrlPrefix() + jboneConfiguration.getSso().getSsoFilterUrlPattern() + "?client_name=CasClient");
        logoutFilter.setCentralLogout(true);
        logoutFilter.setLocalLogout(true);
        hashMap.put("logout", logoutFilter);
        SecurityFilter securityFilter = new SecurityFilter();
        securityFilter.setConfig(config);
        securityFilter.setClients("CasClient");
        hashMap.put("security", securityFilter);
        shiroFilterFactoryBean.setFilters(hashMap);
        loadShiroFilterChain(shiroFilterFactoryBean, jboneConfiguration);
        return shiroFilterFactoryBean;
    }
}
