package org.dinospring.core.security;

import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.security.SecurityRequirement;
import io.swagger.v3.oas.models.security.SecurityScheme;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Objects;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import org.dinospring.auth.DinoAuth;
import org.dinospring.auth.aop.AuthzAnnotationPointcutAdvisor;
import org.dinospring.auth.session.AuthInfoProvider;
import org.dinospring.auth.session.AuthSession;
import org.dinospring.auth.session.AuthSessionResolver;
import org.dinospring.auth.session.DefaultAuthSessionOpenFilter;
import org.dinospring.core.security.config.SecurityProperties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springdoc.core.customizers.OpenApiCustomizer;
import org.springdoc.core.customizers.OperationCustomizer;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration(proxyBeanMethods = false)
@ConditionalOnProperty(prefix = SecurityProperties.PREFIX, name = {"enabled"}, havingValue = "true", matchIfMissing = true)
/* loaded from: input_file:org/dinospring/core/security/DinoAuthAutoConfig.class */
public class DinoAuthAutoConfig {
    private static final Logger log = LoggerFactory.getLogger(DinoAuthAutoConfig.class);

    @Bean
    OpenApiCustomizer openApiAuthCustomiser(SecurityProperties securityProperties) {
        log.info("--->> api-doc: add securitySchema['dino-auth'] with auth header:{}", securityProperties.getAuthHeaderName());
        return openAPI -> {
            Components components = openAPI.getComponents();
            if (Objects.isNull(components)) {
                components = new Components();
                openAPI.components(components);
            }
            components.addSecuritySchemes("dino-auth", new SecurityScheme().in(SecurityScheme.In.HEADER).name(securityProperties.getAuthHeaderName()).description("请将用户登录后的token放在该头部").type(SecurityScheme.Type.APIKEY));
        };
    }

    @Bean
    OperationCustomizer operationCustomizerAddSecurity() {
        log.info("--->> api-doc: add 'dino-auth' security to operations");
        SecurityRequirement addList = new SecurityRequirement().addList("dino-auth");
        return (operation, handlerMethod) -> {
            operation.addSecurityItem(addList);
            return operation;
        };
    }

    @Bean
    Supplier<AuthSession> sessionSupplier() {
        return DinoAuth::getAuthSession;
    }

    @Bean
    AuthzAnnotationPointcutAdvisor authzMethodPointcutAdvisor(SecurityProperties securityProperties, Supplier<AuthSession> supplier, BeanFactory beanFactory) {
        return new AuthzAnnotationPointcutAdvisor(supplier, beanFactory);
    }

    @ConditionalOnMissingBean({AuthInfoProvider.class})
    @Bean
    DinoAuthInfoProvider authInfoProvider() {
        return new DinoAuthInfoProvider();
    }

    @ConditionalOnMissingBean({AuthSessionResolver.class})
    @Bean
    DinoAuthSessionResolver authSessionHttpResolver(SecurityProperties securityProperties) {
        return new DinoAuthSessionResolver(securityProperties.getAuthHeaderName());
    }

    @ConditionalOnMissingBean({DefaultAuthSessionOpenFilter.class})
    @Bean
    DefaultAuthSessionOpenFilter authSessionOpenFilter(SecurityProperties securityProperties, @Autowired ObjectProvider<AuthSessionResolver<?>> objectProvider) {
        DefaultAuthSessionOpenFilter defaultAuthSessionOpenFilter = new DefaultAuthSessionOpenFilter((Collection) objectProvider.orderedStream().collect(Collectors.toList()));
        ArrayList arrayList = new ArrayList(securityProperties.getWhiteList());
        arrayList.add("/actuator/**");
        arrayList.add("/swagger-ui/**");
        arrayList.add("/swagger-ui.html");
        arrayList.add("/v3/api-doc/**");
        arrayList.add("/v3/api-docs/**");
        arrayList.add("*.html");
        arrayList.add("*.htm");
        arrayList.add("*.css");
        arrayList.add("*.js");
        defaultAuthSessionOpenFilter.setWhitelist(arrayList);
        return defaultAuthSessionOpenFilter;
    }
}
