package com.loy.security.auth.config.annotation.web.configuration;

import com.loy.e.common.Constants;
import com.loy.e.common.annotation.Author;
import com.loy.e.common.properties.Settings;
import com.loy.e.common.vo.LoginSuccessResponse;
import com.loy.e.core.api.AuthorityService;
import com.loy.e.core.api.InitDbService;
import com.loy.security.auth.authentication.AuthenticationSuccessTokenHandler;
import com.loy.security.auth.authentication.EAuthenticationFailureHandler;
import com.loy.security.auth.authentication.EAuthenticationSuccessHandler;
import com.loy.security.auth.authentication.EAuthenticationSuccessHandlerImpl;
import com.loy.security.auth.authentication.UserDetailsServiceImpl;
import com.loy.security.auth.authorize.EDefaultWebSecurityExpressionHandler;
import com.loy.security.auth.authorize.EPermissionEvaluator;
import com.loy.security.auth.filter.AbsTokenAuthenticationFilter;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.crypto.password.StandardPasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@Author(author = "Loy Fu", website = "http://www.17jee.com", contact = "qq群 540553957")
@Configuration
@EnableWebSecurity
@ConditionalOnExpression("${e.conf.defaultSecurityConfigEnabled:true}")
/* loaded from: input_file:com/loy/security/auth/config/annotation/web/configuration/DefaultSecurityConfig.class */
public class DefaultSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    UserDetailsService userDetailsService;

    @Autowired
    AuthorityService authorityService;

    @Autowired(required = false)
    InitDbService initDbService;

    @Autowired
    EDefaultWebSecurityExpressionHandler ewebSecurityExpressionHandler;

    @Autowired
    Settings settings;

    @Autowired
    PasswordEncoder passwordEncoder;

    @Autowired
    @Resource(name = "eauthenticationFailureHandler")
    EAuthenticationFailureHandler eauthenticationFailureHandler;

    @Autowired(required = false)
    EAuthenticationSuccessHandler eauthenticationSuccessHandler;

    @Autowired(required = false)
    AuthenticationSuccessTokenHandler authenticationSuccessTokenHandler;

    @Autowired(required = false)
    AbsTokenAuthenticationFilter tokenAuthenticationFilter;

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        if (this.initDbService != null) {
            this.initDbService.init();
        }
        httpSecurity.headers().frameOptions().sameOrigin();
        httpSecurity.csrf().disable();
        Map map = (Map) this.authorityService.getResource().getData();
        ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry authorizeRequests = httpSecurity.authorizeRequests();
        authorizeRequests.expressionHandler(this.ewebSecurityExpressionHandler);
        if (map != null && !map.isEmpty()) {
            for (Map.Entry entry : map.entrySet()) {
                ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) authorizeRequests.antMatchers(new String[]{"/**/" + ((String) entry.getKey())})).access("hasPermission('','" + ((String) entry.getValue()) + "')");
            }
        }
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) authorizeRequests.anyRequest()).authenticated().and().formLogin().successHandler(new AuthenticationSuccessHandler() { // from class: com.loy.security.auth.config.annotation.web.configuration.DefaultSecurityConfig.1
            public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
                LoginSuccessResponse loginSuccessResponse = new LoginSuccessResponse();
                if (DefaultSecurityConfig.this.settings != null) {
                    String homePage = DefaultSecurityConfig.this.settings.getHomePage();
                    if (StringUtils.isNotEmpty(homePage)) {
                        loginSuccessResponse.setHome(homePage);
                    }
                }
                if (DefaultSecurityConfig.this.eauthenticationSuccessHandler != null) {
                    DefaultSecurityConfig.this.eauthenticationSuccessHandler.onAuthenticationSuccess(httpServletRequest, httpServletResponse, authentication, loginSuccessResponse);
                }
                if (DefaultSecurityConfig.this.authenticationSuccessTokenHandler != null) {
                    loginSuccessResponse.setToken(DefaultSecurityConfig.this.authenticationSuccessTokenHandler.onToken(httpServletRequest, httpServletResponse, authentication));
                }
                httpServletResponse.getWriter().print(loginSuccessResponse.toJson());
            }
        }).failureHandler(this.eauthenticationFailureHandler).loginPage("/login").permitAll().and().logout().permitAll();
        if (this.tokenAuthenticationFilter != null) {
            authorizeRequests.and().addFilterBefore(this.tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
        }
    }

    public void configure(WebSecurity webSecurity) throws Exception {
        List ignoreResources;
        ArrayList arrayList = new ArrayList();
        if (this.settings != null && (ignoreResources = this.settings.getIgnoreResources()) != null) {
            arrayList.addAll(ignoreResources);
        }
        for (String str : Constants.DEFAULT_IGNORE_RESOURCES) {
            arrayList.add(str);
        }
        webSecurity.ignoring().antMatchers((String[]) arrayList.toArray(new String[arrayList.size()]));
    }

    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.parentAuthenticationManager(this.authenticationManager);
        authenticationManagerBuilder.userDetailsService(this.userDetailsService).passwordEncoder(this.passwordEncoder);
    }

    @Bean
    PermissionEvaluator permissionEvaluator() {
        return new EPermissionEvaluator();
    }

    @Bean
    EDefaultWebSecurityExpressionHandler ewebSecurityExpressionHandler() {
        return new EDefaultWebSecurityExpressionHandler();
    }

    @Bean
    @ConditionalOnExpression("${e.conf.eauthenticationFailureHandlerEnabled:true}")
    EAuthenticationFailureHandler eauthenticationFailureHandler() {
        return new EAuthenticationFailureHandler();
    }

    @Bean
    @ConditionalOnExpression("${e.conf.eauthenticationSuccessHandlerEnabled:true}")
    EAuthenticationSuccessHandler eauthenticationSuccessHandler() {
        return new EAuthenticationSuccessHandlerImpl();
    }

    public static void main(String[] strArr) {
        System.out.println(new StandardPasswordEncoder("e").encode("123456"));
    }

    @Bean
    @ConditionalOnExpression("${e.conf.userDetailsServiceImplEnabled:true}")
    protected UserDetailsService userDetailsService() {
        return new UserDetailsServiceImpl();
    }
}
