package com.obj.nc.security.config;

import com.obj.nc.security.model.AuthenticationError;
import java.sql.Timestamp;
import java.time.LocalDateTime;
import java.util.List;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsConfiguration;

@Configuration
@ConditionalOnProperty(name = {"nc.jwt.enabled"}, havingValue = "true")
/* loaded from: input_file:com/obj/nc/security/config/JwtSecurityConfig.class */
public class JwtSecurityConfig extends WebSecurityConfigurerAdapter {
    private final JwtRequestFilter jwtRequestFilter;
    private final CorsConfigProperties corsConfigProperties;

    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.cors().configurationSource(httpServletRequest -> {
            CorsConfiguration corsConfiguration = new CorsConfiguration();
            List<String> allowedOrigins = this.corsConfigProperties.getAllowedOrigins();
            corsConfiguration.getClass();
            allowedOrigins.forEach(corsConfiguration::addAllowedOrigin);
            List<String> allowedMethods = this.corsConfigProperties.getAllowedMethods();
            corsConfiguration.getClass();
            allowedMethods.forEach(corsConfiguration::addAllowedMethod);
            List<String> allowedHeaders = this.corsConfigProperties.getAllowedHeaders();
            corsConfiguration.getClass();
            allowedHeaders.forEach(corsConfiguration::addAllowedHeader);
            return corsConfiguration;
        }).and().csrf().disable().authorizeRequests().antMatchers(Constants.UNPROTECTED_PATHS)).permitAll().anyRequest()).authenticated().and().addFilterBefore(this.jwtRequestFilter, UsernamePasswordAuthenticationFilter.class).sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        httpSecurity.exceptionHandling().authenticationEntryPoint((httpServletRequest2, httpServletResponse, authenticationException) -> {
            httpServletResponse.setContentType("application/json");
            httpServletResponse.setStatus(401);
            Exception exc = (Exception) httpServletRequest2.getAttribute(Constants.EXCEPTION_ATTR_NAME);
            httpServletResponse.getWriter().write(AuthenticationError.builder().timestamp(Timestamp.valueOf(LocalDateTime.now())).message(exc == null ? Constants.DEFAULT_EXCEPTION_MSG : exc.getMessage()).build().toString());
        });
    }

    public JwtSecurityConfig(JwtRequestFilter jwtRequestFilter, CorsConfigProperties corsConfigProperties) {
        this.jwtRequestFilter = jwtRequestFilter;
        this.corsConfigProperties = corsConfigProperties;
    }
}
