package top.dcenter.ums.security.core.auth.config;

import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.crypto.password.PasswordEncoder;
import top.dcenter.ums.security.common.api.config.HttpSecurityAware;
import top.dcenter.ums.security.common.bean.UriHttpMethodTuple;
import top.dcenter.ums.security.core.api.authentication.handler.BaseAuthenticationFailureHandler;
import top.dcenter.ums.security.core.api.authentication.handler.BaseAuthenticationSuccessHandler;
import top.dcenter.ums.security.core.api.logout.DefaultLogoutSuccessHandler;
import top.dcenter.ums.security.core.api.service.UmsUserDetailsService;
import top.dcenter.ums.security.core.auth.properties.ClientProperties;
import top.dcenter.ums.security.core.auth.provider.UsernamePasswordAuthenticationProvider;

@Configuration
@Order(100)
@AutoConfigureAfter({SecurityAutoConfiguration.class})
/* loaded from: input_file:top/dcenter/ums/security/core/auth/config/ClientAutoConfigurerAware.class */
public class ClientAutoConfigurerAware implements HttpSecurityAware {
    public static final String FAVICON = "/**/favicon.ico";
    public static final String JS = "/**/*.js";
    public static final String CSS = "/**/*.css";
    public static final String HTML = "/**/*.html";
    private final ClientProperties clientProperties;

    @Autowired(required = false)
    private UmsUserDetailsService umsUserDetailsService;
    private final PasswordEncoder passwordEncoder;
    private final BaseAuthenticationSuccessHandler baseAuthenticationSuccessHandler;
    private final BaseAuthenticationFailureHandler baseAuthenticationFailureHandler;
    private final UsernamePasswordAuthenticationProvider usernamePasswordAuthenticationProvider;
    private final DefaultLogoutSuccessHandler defaultLogoutSuccessHandler;

    public ClientAutoConfigurerAware(ClientProperties clientProperties, BaseAuthenticationSuccessHandler baseAuthenticationSuccessHandler, BaseAuthenticationFailureHandler baseAuthenticationFailureHandler, PasswordEncoder passwordEncoder, UsernamePasswordAuthenticationProvider usernamePasswordAuthenticationProvider, DefaultLogoutSuccessHandler defaultLogoutSuccessHandler) {
        this.clientProperties = clientProperties;
        this.baseAuthenticationSuccessHandler = baseAuthenticationSuccessHandler;
        this.baseAuthenticationFailureHandler = baseAuthenticationFailureHandler;
        this.usernamePasswordAuthenticationProvider = usernamePasswordAuthenticationProvider;
        this.defaultLogoutSuccessHandler = defaultLogoutSuccessHandler;
        this.passwordEncoder = passwordEncoder;
    }

    public void configure(WebSecurity webSecurity) {
        webSecurity.ignoring().antMatchers((String[]) Objects.requireNonNullElseGet(this.clientProperties.getIgnoringUrls(), () -> {
            return new String[0];
        }));
    }

    public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        if (this.umsUserDetailsService == null) {
            throw new RuntimeException("必须实现 UmsUserDetailsService 或 top.dcenter.security.social.api.service.UmsSocialUserDetailsService 抽象类");
        }
        authenticationManagerBuilder.userDetailsService(this.umsUserDetailsService).passwordEncoder(this.passwordEncoder);
        authenticationManagerBuilder.eraseCredentials(true);
    }

    public void postConfigure(HttpSecurity httpSecurity) throws Exception {
        anonymousConfigurer(httpSecurity);
        if (this.clientProperties.getSameOrigin().booleanValue()) {
            httpSecurity.headers().frameOptions().sameOrigin();
        }
    }

    public void preConfigure(HttpSecurity httpSecurity) throws Exception {
        String loginUnAuthenticationRoutingUrl = this.clientProperties.getLoginUnAuthenticationRoutingUrl();
        if (!this.clientProperties.getOpenAuthenticationRedirect().booleanValue()) {
            loginUnAuthenticationRoutingUrl = this.clientProperties.getLogoutUrl();
        }
        httpSecurity.authenticationProvider(this.usernamePasswordAuthenticationProvider).formLogin().usernameParameter(this.clientProperties.usernameParameter).passwordParameter(this.clientProperties.passwordParameter).loginPage(loginUnAuthenticationRoutingUrl).failureUrl(this.clientProperties.getFailureUrl()).defaultSuccessUrl(this.clientProperties.getSuccessUrl()).loginProcessingUrl(this.clientProperties.getLoginProcessingUrl()).successHandler(this.baseAuthenticationSuccessHandler).failureHandler(this.baseAuthenticationFailureHandler);
        logoutConfigurer(httpSecurity);
    }

    public Map<String, Map<UriHttpMethodTuple, Set<String>>> getAuthorizeRequestMap() {
        HashMap hashMap = new HashMap(16);
        hashMap.put(UriHttpMethodTuple.tuple(HttpMethod.GET, FAVICON), null);
        hashMap.put(UriHttpMethodTuple.tuple(HttpMethod.GET, JS), null);
        hashMap.put(UriHttpMethodTuple.tuple(HttpMethod.GET, CSS), null);
        hashMap.put(UriHttpMethodTuple.tuple(HttpMethod.GET, HTML), null);
        hashMap.put(UriHttpMethodTuple.tuple(HttpMethod.GET, this.clientProperties.getFailureUrl()), null);
        hashMap.put(UriHttpMethodTuple.tuple(HttpMethod.GET, this.clientProperties.getLoginPage()), null);
        hashMap.put(UriHttpMethodTuple.tuple(HttpMethod.GET, this.clientProperties.getLoginUnAuthenticationRoutingUrl()), null);
        hashMap.put(UriHttpMethodTuple.tuple(HttpMethod.POST, this.clientProperties.getLoginProcessingUrl()), null);
        hashMap.put(UriHttpMethodTuple.tuple(HttpMethod.GET, this.clientProperties.getErrorUrl()), null);
        hashMap.put(UriHttpMethodTuple.tuple(HttpMethod.GET, this.clientProperties.getError4Url()), null);
        hashMap.put(UriHttpMethodTuple.tuple(HttpMethod.GET, this.clientProperties.getError5Url()), null);
        permitUrlsFillingPermitAllMap(this.clientProperties.getPermitUrls(), hashMap);
        HashMap hashMap2 = new HashMap(1);
        hashMap2.put("permitAll", hashMap);
        return hashMap2;
    }

    private void anonymousConfigurer(HttpSecurity httpSecurity) throws Exception {
        ClientProperties.AnonymousProperties anonymous = this.clientProperties.getAnonymous();
        String[] strArr = new String[anonymous.getAuthorities().size()];
        anonymous.getAuthorities().toArray(strArr);
        if (anonymous.getAnonymousIsOpen().booleanValue()) {
            httpSecurity.anonymous().principal(anonymous.getPrincipal()).authorities(strArr);
        } else {
            httpSecurity.anonymous().disable();
        }
    }

    private void logoutConfigurer(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.logout().logoutUrl(this.clientProperties.getLogoutUrl()).logoutSuccessHandler(this.defaultLogoutSuccessHandler).logoutSuccessUrl(this.clientProperties.getLogoutSuccessUrl()).deleteCookies(new String[]{this.clientProperties.getRememberMe().getRememberMeCookieName(), this.clientProperties.getSession().getSessionCookieName()}).clearAuthentication(true).invalidateHttpSession(true).permitAll();
    }
}
