package com.swak.security;

import com.google.common.collect.Sets;
import com.swak.security.authentication.SmsCodeAuthenticationProvider;
import com.swak.security.authentication.SwakUserDetailsService;
import com.swak.security.authentication.UserTokenService;
import com.swak.security.config.JwtConstants;
import com.swak.security.config.JwtTokenConfig;
import com.swak.security.config.WhitelistConfig;
import com.swak.security.filter.JwtAuthenticationTokenFilter;
import com.swak.security.filter.TokenAuthenticationConfigurer;
import com.swak.security.handle.AuthenticationEntryPointImpl;
import javax.annotation.Resource;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.web.filter.CorsFilter;

/* loaded from: input_file:com/swak/security/SwakWebSecurityConfigurer.class */
public class SwakWebSecurityConfigurer {

    @Resource
    protected JwtTokenConfig tokenProperties;

    @Resource
    protected UserTokenService userTokenService;

    @Resource
    protected SwakUserDetailsService swakUserDetailsService;

    @Resource
    protected LogoutSuccessHandler logoutSuccessHandler;

    @Resource
    protected AuthenticationSuccessHandler authenticationSuccessHandler;

    @Resource
    protected CorsFilter corsFilter;

    @Resource
    protected AccessDeniedHandler accessDeniedHandler;

    @Resource
    protected AuthenticationFailureHandler restfulFailureHandler;

    @Resource
    protected WhitelistConfig whitelistConfig;

    public void configure(HttpSecurity httpSecurity) throws Exception {
        ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry authorizeRequests = httpSecurity.authorizeRequests();
        this.userTokenService.getAuthWhitelist().forEach(str -> {
            ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) authorizeRequests.antMatchers(new String[]{str})).permitAll();
        });
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.csrf().disable().headers().cacheControl().disable().and().exceptionHandling().authenticationEntryPoint(new AuthenticationEntryPointImpl()).and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().authorizeRequests().antMatchers(JwtConstants.AuthWhiteList.AUTH_WHITELIST)).permitAll().antMatchers(HttpMethod.GET, JwtConstants.AuthWhiteList.STATIC_WHITELIST)).anonymous().anyRequest()).authenticated().and().formLogin().disable().headers().frameOptions().disable();
        httpSecurity.logout().logoutRequestMatcher(new AntPathRequestMatcher(this.tokenProperties.getLogoutUrl())).logoutSuccessHandler(this.logoutSuccessHandler).permitAll();
        new TokenAuthenticationConfigurer().configure(httpSecurity);
        httpSecurity.addFilterBefore(this.corsFilter, JwtAuthenticationTokenFilter.class);
        httpSecurity.addFilterBefore(this.corsFilter, LogoutFilter.class);
    }

    public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.userDetailsService(this.swakUserDetailsService);
        authenticationManagerBuilder.authenticationProvider(new SmsCodeAuthenticationProvider(this.swakUserDetailsService));
    }

    public void configure(WebSecurity webSecurity) {
        webSecurity.ignoring().antMatchers((String[]) this.userTokenService.getAuthWhitelist().toArray(new String[0]));
        webSecurity.ignoring().antMatchers(HttpMethod.GET, (String[]) this.userTokenService.getStaticWhitelist().toArray(new String[0]));
    }

    public SwakWebSecurityConfigurer addWhitelist(String... strArr) {
        if (strArr != null) {
            this.whitelistConfig.getAuthWhitelist().addAll(Sets.newHashSet(strArr));
        }
        return this;
    }

    public SwakWebSecurityConfigurer addStaticWhitelist(String... strArr) {
        if (strArr != null) {
            this.whitelistConfig.getStaticWhitelist().addAll(Sets.newHashSet(strArr));
        }
        return this;
    }

    public JwtTokenConfig getTokenProperties() {
        return this.tokenProperties;
    }

    public UserTokenService getUserTokenService() {
        return this.userTokenService;
    }

    public SwakUserDetailsService getSwakUserDetailsService() {
        return this.swakUserDetailsService;
    }

    public LogoutSuccessHandler getLogoutSuccessHandler() {
        return this.logoutSuccessHandler;
    }

    public AuthenticationSuccessHandler getAuthenticationSuccessHandler() {
        return this.authenticationSuccessHandler;
    }

    public CorsFilter getCorsFilter() {
        return this.corsFilter;
    }

    public AccessDeniedHandler getAccessDeniedHandler() {
        return this.accessDeniedHandler;
    }

    public AuthenticationFailureHandler getRestfulFailureHandler() {
        return this.restfulFailureHandler;
    }

    public WhitelistConfig getWhitelistConfig() {
        return this.whitelistConfig;
    }
}
