package tech.msop.auth.config;

import javax.annotation.Resource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Import;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.authentication.TokenExtractor;
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
import org.springframework.security.oauth2.provider.expression.OAuth2WebSecurityExpressionHandler;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.web.AuthenticationEntryPoint;
import tech.msop.auth.properties.MsSecurityProperties;

@Import({DefaultSecurityHandlerConfig.class})
/* loaded from: input_file:tech/msop/auth/config/DefaultResourceServerConf.class */
public class DefaultResourceServerConf extends ResourceServerConfigurerAdapter {

    @Autowired
    private TokenStore tokenStore;

    @Resource
    private AuthenticationEntryPoint authenticationEntryPoint;

    @Resource
    private OAuth2WebSecurityExpressionHandler expressionHandler;

    @Resource
    private OAuth2AccessDeniedHandler oAuth2AccessDeniedHandler;

    @Autowired
    private MsSecurityProperties securityProperties;

    @Resource
    private TokenExtractor tokenExtractor;

    public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
        resourceServerSecurityConfigurer.tokenStore(this.tokenStore).stateless(true).authenticationEntryPoint(this.authenticationEntryPoint).expressionHandler(this.expressionHandler).accessDeniedHandler(this.oAuth2AccessDeniedHandler).tokenExtractor(this.tokenExtractor);
    }

    public void configure(HttpSecurity httpSecurity) throws Exception {
        setAuthenticate((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) setHttp(httpSecurity).authorizeRequests().antMatchers(this.securityProperties.getIgnore().getUrls())).permitAll().antMatchers(HttpMethod.OPTIONS)).permitAll().anyRequest());
        httpSecurity.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED).and().httpBasic().disable().headers().frameOptions().disable().and().csrf().disable();
    }

    public HttpSecurity setAuthenticate(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.AuthorizedUrl authorizedUrl) {
        return authorizedUrl.authenticated().and();
    }

    public HttpSecurity setHttp(HttpSecurity httpSecurity) {
        return httpSecurity;
    }
}
