package cn.nxtools.jwt.config;

import cn.nxtools.common.StringUtil;
import cn.nxtools.common.base.Splitter;
import cn.nxtools.jwt.autoconfigure.SecurityServerProperties;
import cn.nxtools.jwt.service.CustomUserDetailService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/* loaded from: input_file:cn/nxtools/jwt/config/WebSecurityConfig.class */
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private JwtAuthenticationEntryPoint authenticationEntryPoint;

    @Autowired
    private SecurityServerProperties securityServerProperties;

    @Autowired
    private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;

    @Autowired
    private CustomUserDetailService customUserDetailsService;
    private String[] extralPermitUrls = null;

    @Autowired
    private BCryptPasswordEncoder bCryptPasswordEncoder;

    @Autowired
    private AuthenticationAccessDeniedHandler authenticationAccessDeniedHandler;

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        if (this.extralPermitUrls == null) {
            if (StringUtil.isEmpty(this.securityServerProperties.getPermitUrls())) {
                this.extralPermitUrls = new String[0];
            } else {
                this.extralPermitUrls = Splitter.on(",").split(this.securityServerProperties.getPermitUrls());
            }
        }
        httpSecurity.csrf().disable();
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.exceptionHandling().authenticationEntryPoint(this.authenticationEntryPoint).and().exceptionHandling().accessDeniedHandler(this.authenticationAccessDeniedHandler).and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().authorizeRequests().antMatchers(this.extralPermitUrls)).permitAll().antMatchers(HttpMethod.OPTIONS, new String[]{"/**"})).permitAll().anyRequest()).authenticated();
        httpSecurity.headers().cacheControl();
        httpSecurity.headers().frameOptions().disable();
        httpSecurity.addFilterBefore(this.jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
    }

    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Autowired
    public void configureAuthentication(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.userDetailsService(this.customUserDetailsService).passwordEncoder(this.bCryptPasswordEncoder);
    }
}
