package io.gitlab.clockystarters.clockyclockysecuritystarter;

import lombok.NonNull;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
@EnableWebSecurity
@EnableMethodSecurity
@ComponentScan(basePackageClasses = {SecurityConfig.class})
/* loaded from: input_file:io/gitlab/clockystarters/clockyclockysecuritystarter/SecurityConfig.class */
public class SecurityConfig {
    private static final String[] publicUrls = {"/api/v1/auth/**", "/swagger-ui/**", "/v3/api-docs/**"};
    private final JwtFilter jwtFilter;

    @Bean
    @Order(2147483642)
    public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers(publicUrls)).permitAll().anyRequest()).authenticated();
        }).csrf((v0) -> {
            v0.disable();
        }).cors((v0) -> {
            v0.disable();
        }).sessionManagement(sessionManagementConfigurer -> {
            sessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        }).addFilterAfter(this.jwtFilter, UsernamePasswordAuthenticationFilter.class);
        return (SecurityFilterChain) httpSecurity.build();
    }

    @Bean
    public WebMvcConfigurer corsConfigurer() {
        return new WebMvcConfigurer() { // from class: io.gitlab.clockystarters.clockyclockysecuritystarter.SecurityConfig.1
            public void addCorsMappings(@NonNull CorsRegistry corsRegistry) {
                if (corsRegistry == null) {
                    throw new NullPointerException("registry is marked non-null but is null");
                }
                corsRegistry.addMapping("/**").allowedOrigins(new String[]{"*"});
            }
        };
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    public SecurityConfig(JwtFilter jwtFilter) {
        this.jwtFilter = jwtFilter;
    }
}
