package com.github.qq275860560.config;

import com.github.qq275860560.security.MyAccessDeniedHandler;
import com.github.qq275860560.security.MyAuthenticationEntryPoint;
import com.github.qq275860560.security.MyAuthenticationFailureHandler;
import com.github.qq275860560.security.MyAuthenticationSuccessHandler;
import com.github.qq275860560.security.MyLogoutHandler;
import com.github.qq275860560.security.MyLogoutSuccessHandler;
import com.github.qq275860560.security.MyRequestHeaderAuthenticationFilter;
import com.github.qq275860560.security.MyRoleAffirmativeBased;
import com.github.qq275860560.security.MyRoleFilterInvocationSecurityMetadataSource;
import com.github.qq275860560.security.MyUserDetailsService;
import com.github.qq275860560.security.MyUsernamePasswordAuthenticationFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.jwt.crypto.sign.RsaVerifier;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@Configuration
@EnableWebSecurity
/* loaded from: input_file:com/github/qq275860560/config/WebSecurityConfig.class */
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    private static final Logger log = LoggerFactory.getLogger(WebSecurityConfig.class);

    @Autowired
    private MyUserDetailsService myUserDetailsService;

    @Autowired
    private MyLogoutSuccessHandler myLogoutSuccessHandler;

    @Autowired
    private MyLogoutHandler myLogoutHandler;

    @Autowired
    private MyAccessDeniedHandler myAccessDeniedHandler;

    @Autowired
    private RsaVerifier rsaVerifier;

    @Autowired
    private MyAuthenticationFailureHandler myAuthenticationFailureHandler;

    @Autowired
    private MyAuthenticationSuccessHandler myAuthenticationSuccessHandler;

    @Autowired
    private MyAuthenticationEntryPoint myAuthenticationEntryPoint;

    @Autowired
    private MyRoleFilterInvocationSecurityMetadataSource myRoleFilterInvocationSecurityMetadataSource;

    @Autowired
    private MyRoleAffirmativeBased myRoleAffirmativeBased;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.userDetailsService(this.myUserDetailsService).passwordEncoder(this.passwordEncoder);
    }

    public void configure(WebSecurity webSecurity) throws Exception {
        webSecurity.ignoring().antMatchers(new String[]{"/**/*.html", "/**/*.css", "/**/*.woff", "/**/*.woff2", "/**/*.js", "/**/*.jpg", "/**/*.png", "/**/*.ico"});
    }

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.cors();
        httpSecurity.csrf().disable();
        httpSecurity.headers().frameOptions().disable();
        httpSecurity.headers().cacheControl();
        httpSecurity.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        httpSecurity.exceptionHandling().accessDeniedHandler(this.myAccessDeniedHandler);
        httpSecurity.logout().addLogoutHandler(this.myLogoutHandler).logoutSuccessHandler(this.myLogoutSuccessHandler);
        httpSecurity.httpBasic().authenticationEntryPoint(this.myAuthenticationEntryPoint);
        httpSecurity.addFilterBefore(new MyRequestHeaderAuthenticationFilter(authenticationManagerBean(), this.rsaVerifier, this.myUserDetailsService, this.myAuthenticationEntryPoint), UsernamePasswordAuthenticationFilter.class);
        httpSecurity.addFilterBefore(new MyUsernamePasswordAuthenticationFilter(authenticationManagerBean(), this.myAuthenticationSuccessHandler, this.myAuthenticationFailureHandler), UsernamePasswordAuthenticationFilter.class);
        httpSecurity.requestMatchers().antMatchers(new String[]{"/login", "/api/**", "/oauth/authorize", "/oauth/token", "/oauth/check_token", "/oauth/token_key", "/oauth/confirm_access", "/oauth/error"});
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().antMatchers(new String[]{"/login", "/api/**", "/oauth/authorize", "/oauth/token", "/oauth/check_token", "/oauth/token_key", "/oauth/confirm_access", "/oauth/error"})).authenticated();
        httpSecurity.authorizeRequests().withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() { // from class: com.github.qq275860560.config.WebSecurityConfig.1
            public <O extends FilterSecurityInterceptor> O postProcess(O o) {
                o.setSecurityMetadataSource(WebSecurityConfig.this.myRoleFilterInvocationSecurityMetadataSource);
                o.setAccessDecisionManager(WebSecurityConfig.this.myRoleAffirmativeBased);
                return o;
            }
        });
    }
}
