package com.github.cobrijani;

import com.github.cobrijani.properties.JwtSecurityProperties;
import com.github.cobrijani.security.Http401UnauthorizedEntryPoint;
import com.github.cobrijani.security.JJWTTokenProvider;
import com.github.cobrijani.security.JWTConfigurer;
import com.github.cobrijani.security.TokenProvider;
import com.github.cobrijani.services.SimpleUserDetailService;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ChannelSecurityConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.data.repository.query.SecurityEvaluationContextExtension;

@EnableConfigurationProperties({JwtSecurityProperties.class})
@Configuration
@ConditionalOnClass({WebSecurityConfigurerAdapter.class, AuthenticationManager.class, GlobalAuthenticationConfigurerAdapter.class})
/* loaded from: input_file:com/github/cobrijani/JwtAutoConfiguration.class */
public class JwtAutoConfiguration {
    private final JwtSecurityProperties jwtSecurityProperties;

    @Configuration
    @EnableWebSecurity
    @ConditionalOnProperty(prefix = "com.github.cobrijani.jwt", name = {"enabled"}, matchIfMissing = true)
    @EnableGlobalMethodSecurity(prePostEnabled = true)
    /* loaded from: input_file:com/github/cobrijani/JwtAutoConfiguration$SecurityConfiguration.class */
    protected static class SecurityConfiguration extends WebSecurityConfigurerAdapter {
        protected final SecurityProperties security;
        private final JwtSecurityProperties jwtSecurityProperties;
        private final PasswordEncoder passwordEncoder;
        private final UserDetailsService userDetailsService;
        private final TokenProvider tokenProvider;

        public SecurityConfiguration(SecurityProperties securityProperties, JwtSecurityProperties jwtSecurityProperties, PasswordEncoder passwordEncoder, UserDetailsService userDetailsService, TokenProvider tokenProvider) {
            this.security = securityProperties;
            this.jwtSecurityProperties = jwtSecurityProperties;
            this.passwordEncoder = passwordEncoder;
            this.userDetailsService = userDetailsService;
            this.tokenProvider = tokenProvider;
        }

        protected void configure(HttpSecurity httpSecurity) throws Exception {
            if (this.security.isRequireSsl()) {
                ((ChannelSecurityConfigurer.RequiresChannelUrl) httpSecurity.requiresChannel().anyRequest()).requiresSecure();
            }
            if (!this.security.isEnableCsrf()) {
                httpSecurity.csrf().disable();
            }
            httpSecurity.exceptionHandling().authenticationEntryPoint(new Http401UnauthorizedEntryPoint()).and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().apply(new JWTConfigurer(this.tokenProvider, this.jwtSecurityProperties, authenticationManagerBean()));
        }

        protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
            authenticationManagerBuilder.userDetailsService(this.userDetailsService).passwordEncoder(this.passwordEncoder);
        }
    }

    public JwtAutoConfiguration(JwtSecurityProperties jwtSecurityProperties) {
        this.jwtSecurityProperties = jwtSecurityProperties;
    }

    @ConditionalOnMissingBean({TokenProvider.class})
    @Bean
    public TokenProvider tokenProvider() {
        return new JJWTTokenProvider(this.jwtSecurityProperties);
    }

    @ConditionalOnMissingBean({PasswordEncoder.class})
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @ConditionalOnMissingBean({UserDetailsService.class})
    @Bean
    public UserDetailsService userDetailsService() {
        return new SimpleUserDetailService();
    }

    @ConditionalOnMissingBean({SecurityEvaluationContextExtension.class})
    @Bean
    public SecurityEvaluationContextExtension securityEvaluationContextExtension() {
        return new SecurityEvaluationContextExtension();
    }
}
