package com.github.zhangquanli.jwt.security;

import com.github.zhangquanli.jwt.security.config.annotation.web.configures.JwtLoginConfigurer;
import com.github.zhangquanli.jwt.security.web.JwtAuthenticationEntryPoint;
import com.github.zhangquanli.jwt.security.web.access.JwtAccessDeniedHandler;
import com.github.zhangquanli.jwt.security.web.authentication.JwtLoginAuthenticationFailureHandler;
import com.github.zhangquanli.jwt.security.web.context.JwtSecurityContextRepository;
import io.jsonwebtoken.security.Keys;
import java.security.Key;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.boot.autoconfigure.security.servlet.SpringBootWebSecurityConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.context.SecurityContextRepository;

@ConditionalOnClass({WebSecurityConfigurerAdapter.class})
@Configuration
@ConditionalOnMissingBean({WebSecurityConfigurerAdapter.class, SpringBootWebSecurityConfiguration.class})
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
/* loaded from: input_file:com/github/zhangquanli/jwt/security/JwtWebSecurityConfiguration.class */
public class JwtWebSecurityConfiguration {

    @EnableConfigurationProperties({JwtSecurityProperties.class})
    @Configuration
    @Order(2147483642)
    /* loaded from: input_file:com/github/zhangquanli/jwt/security/JwtWebSecurityConfiguration$JwtConfigurerAdapter.class */
    static class JwtConfigurerAdapter extends WebSecurityConfigurerAdapter {
        private UserDetailsService userDetailsService;
        private JwtSecurityProperties jwtSecurityProperties;
        private Key secretKey;

        public JwtConfigurerAdapter(JwtSecurityProperties jwtSecurityProperties) {
            this.jwtSecurityProperties = jwtSecurityProperties;
            this.secretKey = Keys.secretKeyFor(jwtSecurityProperties.getSignatureAlgorithm());
        }

        protected void configure(HttpSecurity httpSecurity) throws Exception {
            disable(httpSecurity);
            httpSecurity.securityContext().securityContextRepository(securityContextRepository());
            httpSecurity.apply(jwtLoginConfigurer());
            httpSecurity.userDetailsService(this.userDetailsService);
            httpSecurity.exceptionHandling().authenticationEntryPoint(new JwtAuthenticationEntryPoint()).accessDeniedHandler(new JwtAccessDeniedHandler());
        }

        @Autowired
        public void setUserDetailsService(UserDetailsService userDetailsService) {
            this.userDetailsService = userDetailsService;
        }

        private void disable(HttpSecurity httpSecurity) throws Exception {
            httpSecurity.headers().disable().csrf().disable().logout().disable().requestCache().disable().servletApi().disable().sessionManagement().disable();
        }

        private SecurityContextRepository securityContextRepository() {
            return new JwtSecurityContextRepository(this.secretKey);
        }

        private JwtLoginConfigurer<HttpSecurity> jwtLoginConfigurer() {
            String loginProcessingUrl = this.jwtSecurityProperties.getLoginProcessingUrl();
            String usernameParameter = this.jwtSecurityProperties.getUsernameParameter();
            return (JwtLoginConfigurer) ((JwtLoginConfigurer) new JwtLoginConfigurer().loginProcessingUrl(loginProcessingUrl)).usernameParameter(usernameParameter).passwordParameter(this.jwtSecurityProperties.getPasswordParameter()).secretKey(this.secretKey).failureHandler(new JwtLoginAuthenticationFailureHandler());
        }
    }
}
