package cn.wjee.boot.autoconfigure.security.config;

import cn.wjee.boot.autoconfigure.WJeeConstants;
import cn.wjee.boot.commons.encrypt.BCryptUtils;
import cn.wjee.boot.commons.enums.OAuthGrantType;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;

@Configuration
@ConditionalOnClass({AuthorizationServerConfigurerAdapter.class, ResourceServerConfigurerAdapter.class})
@ConditionalOnProperty(prefix = "wjee.security.oauth2", name = {"enabled"}, havingValue = "true")
/* loaded from: input_file:cn/wjee/boot/autoconfigure/security/config/SpringSecurityOAuth2Configuration.class */
public class SpringSecurityOAuth2Configuration {

    @Configuration
    @EnableAuthorizationServer
    /* loaded from: input_file:cn/wjee/boot/autoconfigure/security/config/SpringSecurityOAuth2Configuration$AuthorizationServerConfiguration.class */
    public static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {

        @Autowired
        AuthenticationManager authenticationManager;

        @Autowired
        RedisConnectionFactory redisConnectionFactory;

        public void configure(ClientDetailsServiceConfigurer clientDetailsServiceConfigurer) throws Exception {
            clientDetailsServiceConfigurer.inMemory().withClient("client_1").resourceIds(new String[]{"test1"}).authorizedGrantTypes(new String[]{OAuthGrantType.AUTHORIZATION_CODE.code, OAuthGrantType.CLIENT_CREDENTIALS.code}).scopes(new String[]{"select"}).authorities(new String[]{"client"}).secret("{bcrypt}" + BCryptUtils.encode("123456")).accessTokenValiditySeconds(7200).refreshTokenValiditySeconds(604800).redirectUris(new String[]{"https://www.baidu.com"});
        }

        public void configure(AuthorizationServerSecurityConfigurer authorizationServerSecurityConfigurer) throws Exception {
            authorizationServerSecurityConfigurer.tokenKeyAccess("permitAll()");
            authorizationServerSecurityConfigurer.checkTokenAccess("isAuthenticated()");
        }

        public void configure(AuthorizationServerEndpointsConfigurer authorizationServerEndpointsConfigurer) throws Exception {
            authorizationServerEndpointsConfigurer.tokenStore(new RedisTokenStore(this.redisConnectionFactory)).authenticationManager(this.authenticationManager);
        }
    }

    @EnableResourceServer
    @Configuration
    /* loaded from: input_file:cn/wjee/boot/autoconfigure/security/config/SpringSecurityOAuth2Configuration$ResourceServerConfiguration.class */
    public static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
        public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) throws Exception {
            resourceServerSecurityConfigurer.resourceId("test");
        }

        public void configure(HttpSecurity httpSecurity) throws Exception {
            ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().authorizeRequests().anyRequest()).authenticated().and().formLogin().permitAll().and().logout().permitAll();
        }
    }

    @Configuration
    /* loaded from: input_file:cn/wjee/boot/autoconfigure/security/config/SpringSecurityOAuth2Configuration$SecurityConfiguration.class */
    public static class SecurityConfiguration extends WebSecurityConfigurerAdapter {
        protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
            authenticationManagerBuilder.userDetailsService(userDetailsService());
        }

        protected UserDetailsService userDetailsService() {
            InMemoryUserDetailsManager inMemoryUserDetailsManager = new InMemoryUserDetailsManager();
            inMemoryUserDetailsManager.createUser(User.withUsername("admin").password(PasswordEncoderFactories.createDelegatingPasswordEncoder().encode("admin")).authorities(new String[]{WJeeConstants.Security.USER}).build());
            return inMemoryUserDetailsManager;
        }

        @Bean
        public AuthenticationManager authenticationManagerBean() throws Exception {
            return super.authenticationManagerBean();
        }

        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().anyRequest()).authenticated().and().formLogin().permitAll().and().httpBasic();
        }
    }
}
