package com.buession.springboot.web.security;

import com.buession.core.validator.Validate;
import com.buession.security.spring.web.csrf.CookieCsrfTokenRepositoryGenerator;
import com.buession.security.spring.web.csrf.HttpSessionCsrfTokenRepositoryGenerator;
import com.buession.springboot.web.security.WebSecurityConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.CsrfConfigurer;
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
import org.springframework.security.web.csrf.LazyCsrfTokenRepository;
import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter;

/* loaded from: input_file:com/buession/springboot/web/security/HttpSecurityBuilder.class */
public class HttpSecurityBuilder {
    private HttpSecurity httpSecurity;

    /* renamed from: com.buession.springboot.web.security.HttpSecurityBuilder$1, reason: invalid class name */
    /* loaded from: input_file:com/buession/springboot/web/security/HttpSecurityBuilder$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$springframework$security$web$header$writers$frameoptions$XFrameOptionsHeaderWriter$XFrameOptionsMode = new int[XFrameOptionsHeaderWriter.XFrameOptionsMode.values().length];

        static {
            try {
                $SwitchMap$org$springframework$security$web$header$writers$frameoptions$XFrameOptionsHeaderWriter$XFrameOptionsMode[XFrameOptionsHeaderWriter.XFrameOptionsMode.ALLOW_FROM.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$springframework$security$web$header$writers$frameoptions$XFrameOptionsHeaderWriter$XFrameOptionsMode[XFrameOptionsHeaderWriter.XFrameOptionsMode.SAMEORIGIN.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$springframework$security$web$header$writers$frameoptions$XFrameOptionsHeaderWriter$XFrameOptionsMode[XFrameOptionsHeaderWriter.XFrameOptionsMode.DENY.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    private HttpSecurityBuilder(HttpSecurity httpSecurity) {
        this.httpSecurity = httpSecurity;
    }

    public static final HttpSecurityBuilder getInstance(HttpSecurity httpSecurity) {
        return new HttpSecurityBuilder(httpSecurity);
    }

    public HttpSecurityBuilder httpBasic(WebSecurityConfiguration.HttpBasic httpBasic) throws Exception {
        if (!httpBasic.isEnable()) {
            this.httpSecurity.httpBasic().disable();
        }
        return this;
    }

    public HttpSecurityBuilder csrf(WebSecurityConfiguration.Csrf csrf) throws Exception {
        CsrfConfigurer csrf2 = this.httpSecurity.csrf();
        if (!csrf.isEnable()) {
            csrf2.disable();
        } else if (csrf.getTokenRepositoryGenerator() != null) {
            CookieCsrfTokenRepositoryGenerator cookieCsrfTokenRepositoryGenerator = null;
            if (csrf.getTokenRepositoryGenerator().isAssignableFrom(CookieCsrfTokenRepositoryGenerator.class)) {
                WebSecurityConfiguration.Csrf.Cookie cookie = csrf.getCookie();
                cookieCsrfTokenRepositoryGenerator = new CookieCsrfTokenRepositoryGenerator(cookie.getParameterName(), cookie.getHeaderName(), cookie.getCookieName(), cookie.getCookieDomain(), cookie.getCookiePath(), cookie.getCookieHttpOnly());
            } else if (csrf.getTokenRepositoryGenerator().isAssignableFrom(HttpSessionCsrfTokenRepositoryGenerator.class)) {
                WebSecurityConfiguration.Csrf.Session session = csrf.getSession();
                cookieCsrfTokenRepositoryGenerator = new HttpSessionCsrfTokenRepositoryGenerator(session.getParameterName(), session.getHeaderName(), session.getSessionAttributeName());
            }
            if (cookieCsrfTokenRepositoryGenerator != null) {
                csrf2.csrfTokenRepository(new LazyCsrfTokenRepository(cookieCsrfTokenRepositoryGenerator.generate()));
            }
        }
        return this;
    }

    public HttpSecurityBuilder frameOptions(WebSecurityConfiguration.FrameOptions frameOptions) throws Exception {
        HeadersConfigurer.FrameOptionsConfig frameOptions2 = this.httpSecurity.headers().frameOptions();
        if (frameOptions.isEnable()) {
            switch (AnonymousClass1.$SwitchMap$org$springframework$security$web$header$writers$frameoptions$XFrameOptionsHeaderWriter$XFrameOptionsMode[frameOptions.getMode().ordinal()]) {
                case 2:
                    frameOptions2.sameOrigin();
                    break;
                case 3:
                    frameOptions2.deny();
                    break;
            }
        } else {
            frameOptions2.disable();
        }
        return this;
    }

    public HttpSecurityBuilder hsts(WebSecurityConfiguration.Hsts hsts) throws Exception {
        HeadersConfigurer.HstsConfig httpStrictTransportSecurity = this.httpSecurity.headers().httpStrictTransportSecurity();
        if (!hsts.isEnable()) {
            httpStrictTransportSecurity.disable();
        } else if (hsts.getMatcher() == null) {
            httpStrictTransportSecurity.maxAgeInSeconds(hsts.getMaxAge()).includeSubDomains(hsts.getIncludeSubDomains()).preload(hsts.isPreload());
        } else {
            httpStrictTransportSecurity.requestMatcher(hsts.getMatcher().newInstance()).maxAgeInSeconds(hsts.getMaxAge()).includeSubDomains(hsts.getIncludeSubDomains()).preload(hsts.isPreload());
        }
        return this;
    }

    public HttpSecurityBuilder hpkp(WebSecurityConfiguration.Hpkp hpkp) throws Exception {
        HeadersConfigurer.HpkpConfig httpPublicKeyPinning = this.httpSecurity.headers().httpPublicKeyPinning();
        if (hpkp.isEnable()) {
            httpPublicKeyPinning.maxAgeInSeconds(hpkp.getMaxAge()).includeSubDomains(hpkp.getIncludeSubDomains()).reportOnly(hpkp.isReportOnly());
            if (hpkp.getPins() != null) {
                httpPublicKeyPinning.withPins(hpkp.getPins());
            }
            if (hpkp.getSha256Pins() != null) {
                httpPublicKeyPinning.addSha256Pins(hpkp.getSha256Pins());
            }
            if (Validate.hasText(hpkp.getReportUri())) {
                httpPublicKeyPinning.reportUri(hpkp.getReportUri());
            }
        } else {
            httpPublicKeyPinning.disable();
        }
        return this;
    }

    public HttpSecurityBuilder contentSecurityPolicy(WebSecurityConfiguration.ContentSecurityPolicy contentSecurityPolicy) throws Exception {
        if (contentSecurityPolicy.isEnable() && Validate.hasText(contentSecurityPolicy.getPolicyDirectives())) {
            HeadersConfigurer.ContentSecurityPolicyConfig contentSecurityPolicy2 = this.httpSecurity.headers().contentSecurityPolicy(contentSecurityPolicy.getPolicyDirectives());
            if (contentSecurityPolicy.isReportOnly()) {
                contentSecurityPolicy2.reportOnly();
            }
        }
        return this;
    }

    public HttpSecurityBuilder referrerPolicy(WebSecurityConfiguration.ReferrerPolicy referrerPolicy) throws Exception {
        if (referrerPolicy.isEnable()) {
            this.httpSecurity.headers().referrerPolicy(referrerPolicy.getReferrerPolicy());
        }
        return this;
    }

    public HttpSecurityBuilder xss(WebSecurityConfiguration.Xss xss) throws Exception {
        HeadersConfigurer.XXssConfig xssProtection = this.httpSecurity.headers().xssProtection();
        if (xss.isEnable()) {
            xssProtection.block(xss.getBlock()).xssProtectionEnabled(xss.isEnabledProtection());
        } else {
            xssProtection.disable();
        }
        return this;
    }
}
