package tech.corefinance.common.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import tech.corefinance.common.filter.SessionAuthenticationFilter;

@Configuration
/* loaded from: input_file:tech/corefinance/common/config/WebSecurityConfig.class */
public class WebSecurityConfig {

    @Autowired
    private ServiceSecurityConfig serviceSecurityConfig;

    @ConditionalOnProperty(prefix = "tech.corefinance.security", name = {"public-key"})
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity httpSecurity, SessionAuthenticationFilter sessionAuthenticationFilter) throws Exception {
        return (SecurityFilterChain) httpSecurity.csrf(csrfConfigurer -> {
            csrfConfigurer.disable();
        }).authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            this.serviceSecurityConfig.getNoAuthenUrls().stream().forEach(str -> {
                ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers(new String[]{str})).permitAll();
            });
        }).authorizeHttpRequests(authorizationManagerRequestMatcherRegistry2 -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry2.anyRequest()).authenticated();
        }).addFilterBefore(sessionAuthenticationFilter, AnonymousAuthenticationFilter.class).sessionManagement(sessionManagementConfigurer -> {
            sessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        }).build();
    }

    @Bean
    public CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.addAllowedOrigin("*");
        corsConfiguration.addAllowedMethod("*");
        corsConfiguration.addAllowedHeader("*");
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
        return urlBasedCorsConfigurationSource;
    }
}
