package com.gomyck.config.local.security;

import com.gomyck.config.local.profile.SecurityProfile;
import com.gomyck.config.local.security.handler.LoginFailHandler;
import com.gomyck.config.local.security.handler.LoginSuccessHandler;
import com.gomyck.config.local.security.handler.LogoutSuccessHandler;
import com.gomyck.config.local.security.jwt.JwtAuthenticationTokenFilter;
import com.gomyck.config.local.security.user.CkSecurityUserService;
import java.util.HashMap;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.DelegatingPasswordEncoder;
import org.springframework.security.crypto.password.LdapShaPasswordEncoder;
import org.springframework.security.crypto.password.Md4PasswordEncoder;
import org.springframework.security.crypto.password.MessageDigestPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder;
import org.springframework.security.crypto.password.StandardPasswordEncoder;
import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder;
import org.springframework.security.provisioning.JdbcUserDetailsManager;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@Configuration
@EnableWebSecurity
@ConditionalOnProperty({"gomyck.config.security"})
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
/* loaded from: input_file:com/gomyck/config/local/security/SecurityConfig.class */
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    LogoutSuccessHandler logoutSuccessHandler;

    @Autowired
    LoginSuccessHandler loginSuccessHandler;

    @Autowired
    LoginFailHandler loginFailHandler;

    @Autowired
    JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;

    @Autowired
    SecurityProfile securityProfile;

    @Autowired(required = false)
    CkSecurityUserService sus;

    /* loaded from: input_file:com/gomyck/config/local/security/SecurityConfig$MyJdbcUserDetailService.class */
    public class MyJdbcUserDetailService extends JdbcUserDetailsManager {
        public MyJdbcUserDetailService() {
        }

        public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException {
            if (SecurityConfig.this.sus == null) {
                throw new RuntimeException("请在core项目中, 创建一个service impl CkSecurityUserService, 为security提供用户查询功能");
            }
            return SecurityConfig.this.sus.getSecurityUserInfo(str);
        }
    }

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.headers().frameOptions().sameOrigin();
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().anyRequest()).authenticated().mvcMatchers(this.securityProfile.getAllowUrlPattern()).permitAll().and().logout().clearAuthentication(false).logoutSuccessHandler(this.logoutSuccessHandler).logoutUrl(this.securityProfile.getLogoutReqUri()).invalidateHttpSession(true).permitAll().and().formLogin().loginProcessingUrl(this.securityProfile.getLoginReqUri()).permitAll().loginPage(this.securityProfile.getLoginUri()).defaultSuccessUrl(this.securityProfile.getIndexUri()).usernameParameter(this.securityProfile.getLoginUsernameKey()).passwordParameter(this.securityProfile.getLoginPasswordKey()).successHandler(this.loginSuccessHandler).failureHandler(this.loginFailHandler).and().rememberMe().and().csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        httpSecurity.headers().cacheControl();
        httpSecurity.addFilterBefore(this.jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
    }

    public void configure(WebSecurity webSecurity) throws Exception {
        webSecurity.ignoring().antMatchers(this.securityProfile.getAllowUrlPattern());
        super.configure(webSecurity);
    }

    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        super.configure(authenticationManagerBuilder);
    }

    protected UserDetailsService userDetailsService() {
        return new MyJdbcUserDetailService();
    }

    @Bean
    public DaoAuthenticationProvider authenticationProvider() {
        DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
        daoAuthenticationProvider.setUserDetailsService(userDetailsService());
        daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());
        return daoAuthenticationProvider;
    }

    @Bean
    public static PasswordEncoder passwordEncoder() {
        HashMap hashMap = new HashMap();
        hashMap.put("bcrypt", new BCryptPasswordEncoder());
        hashMap.put("ldap", new LdapShaPasswordEncoder());
        hashMap.put("MD4", new Md4PasswordEncoder());
        hashMap.put("MD5", new MessageDigestPasswordEncoder("MD5"));
        hashMap.put("noop", NoOpPasswordEncoder.getInstance());
        hashMap.put("pbkdf2", new Pbkdf2PasswordEncoder());
        hashMap.put("scrypt", new SCryptPasswordEncoder());
        hashMap.put("SHA-1", new MessageDigestPasswordEncoder("SHA-1"));
        hashMap.put("SHA-256", new MessageDigestPasswordEncoder("SHA-256"));
        hashMap.put("sha256", new StandardPasswordEncoder());
        DelegatingPasswordEncoder delegatingPasswordEncoder = new DelegatingPasswordEncoder("bcrypt", hashMap);
        delegatingPasswordEncoder.setDefaultPasswordEncoderForMatches(NoOpPasswordEncoder.getInstance());
        return delegatingPasswordEncoder;
    }
}
