package xyz.migoo.framework.security.config;

import jakarta.annotation.Resource;
import org.springframework.boot.autoconfigure.AutoConfigureOrder;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import xyz.migoo.framework.security.core.filter.JWTAuthenticationTokenFilter;
import xyz.migoo.framework.security.core.service.SecurityAuthFrameworkService;

@Configuration
@AutoConfigureOrder(-100)
@EnableMethodSecurity(securedEnabled = true)
/* loaded from: input_file:xyz/migoo/framework/security/config/MiGooWebSecurityConfigurerAdapter.class */
public class MiGooWebSecurityConfigurerAdapter {

    @Resource
    private SecurityProperties properties;

    @Resource
    private SecurityAuthFrameworkService userDetailsService;

    @Resource
    private PasswordEncoder passwordEncoder;

    @Resource
    private AuthenticationEntryPoint authenticationEntryPoint;

    @Resource
    private AccessDeniedHandler accessDeniedHandler;

    @Resource
    private LogoutSuccessHandler logoutSuccessHandler;

    @Resource
    private JWTAuthenticationTokenFilter authenticationTokenFilter;

    @ConditionalOnMissingBean({AuthenticationManager.class})
    @Bean
    public AuthenticationManager authenticationManagerBean(ObjectPostProcessor<Object> objectPostProcessor) throws Exception {
        AuthenticationManagerBuilder authenticationManagerBuilder = new AuthenticationManagerBuilder(objectPostProcessor);
        authenticationManagerBuilder.userDetailsService(this.userDetailsService).passwordEncoder(this.passwordEncoder);
        return (AuthenticationManager) authenticationManagerBuilder.build();
    }

    @Bean
    public SecurityFilterChain configure(HttpSecurity httpSecurity) throws Exception {
        return (SecurityFilterChain) httpSecurity.csrf((v0) -> {
            v0.disable();
        }).sessionManagement(sessionManagementConfigurer -> {
            sessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        }).headers((v0) -> {
            v0.disable();
        }).exceptionHandling(exceptionHandlingConfigurer -> {
            exceptionHandlingConfigurer.authenticationEntryPoint(this.authenticationEntryPoint).accessDeniedHandler(this.accessDeniedHandler);
        }).logout(logoutConfigurer -> {
            logoutConfigurer.logoutUrl(this.properties.getLogoutUrl()).logoutSuccessHandler(this.logoutSuccessHandler);
        }).authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers((String[]) this.properties.getPermitAllUrls().toArray(new String[0]))).permitAll();
        }).authorizeHttpRequests(authorizationManagerRequestMatcherRegistry2 -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry2.anyRequest()).authenticated();
        }).addFilterBefore(this.authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class).build();
    }
}
