package com.feingto.cloud.security.oauth2.config.annotation.web.config;

import com.feingto.cloud.constants.Constants;
import com.feingto.cloud.domain.enums.RoleType;
import com.feingto.cloud.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
import com.feingto.cloud.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint;
import java.util.Objects;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
import org.springframework.boot.actuate.health.HealthEndpoint;
import org.springframework.boot.actuate.info.InfoEndpoint;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;

@org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer
@Configuration
/* loaded from: input_file:BOOT-INF/lib/feingto-core-2.3.3.RELEASE.jar:com/feingto/cloud/security/oauth2/config/annotation/web/config/ResourceServerAutoConfiguration.class */
public class ResourceServerAutoConfiguration extends ResourceServerConfigurerAdapter {
    private ResourceSecurityMatchAdapter resourceSecurityMatchAdapter;

    @Value("${management.endpoints.web.base-path:actuator}")
    private String actuatorPath;

    @Autowired(required = false)
    public ResourceServerAutoConfiguration(ResourceSecurityMatchAdapter resourceSecurityMatchAdapter) {
        this.resourceSecurityMatchAdapter = resourceSecurityMatchAdapter;
    }

    @Override // org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter, org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer
    public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
        resourceServerSecurityConfigurer.authenticationEntryPoint(new OAuth2AuthenticationEntryPoint()).accessDeniedHandler(new OAuth2AccessDeniedHandler());
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter, org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer
    public void configure(HttpSecurity httpSecurity) throws Exception {
        if (Objects.isNull(this.resourceSecurityMatchAdapter)) {
            this.resourceSecurityMatchAdapter = new ResourceSecurityMatchAdapter().setAuthorize("/api/v1/**");
        }
        httpSecurity.apply((HttpSecurity) this.resourceSecurityMatchAdapter);
        ((HttpSecurity) httpSecurity.authorizeRequests().requestMatchers(EndpointRequest.to((Class<?>[]) new Class[]{HealthEndpoint.class, InfoEndpoint.class})).permitAll().requestMatchers(EndpointRequest.toAnyEndpoint()).hasAnyAuthority(Constants.ROLE_PREFIX + RoleType.ADMIN, Constants.ROLE_PREFIX + RoleType.ACTUATOR).and()).requestMatchers().antMatchers(this.actuatorPath + "/**");
    }

    public ResourceServerAutoConfiguration() {
    }
}
