package com.github.shawven.security.browser;

import com.github.shawven.security.authorization.AuthorizationConfigurerManager;
import com.github.shawven.security.authorization.HttpSecuritySupportConfigurer;
import com.github.shawven.security.browser.config.BrowserConfiguration;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.sql.DataSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.session.InvalidSessionStrategy;
import org.springframework.security.web.session.SessionInformationExpiredStrategy;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

@Configuration
/* loaded from: input_file:com/github/shawven/security/browser/BrowserSecuritySupportConfiguration.class */
public class BrowserSecuritySupportConfiguration extends HttpSecuritySupportConfigurer {

    @Autowired
    private BrowserConfiguration configuration;

    @Autowired
    private AuthenticationSuccessHandler authenticationSuccessHandler;

    @Autowired
    private AuthenticationFailureHandler authenticationFailureHandler;

    @Autowired
    private SessionInformationExpiredStrategy sessionInformationExpiredStrategy;

    @Autowired
    private InvalidSessionStrategy invalidSessionStrategy;

    @Autowired
    private AuthenticationEntryPoint authenticationEntryPoint;

    @Autowired
    private AccessDeniedHandler accessDeniedHandler;

    @Autowired
    private AuthorizationConfigurerManager authorizationConfigurerManager;

    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private LogoutSuccessHandler logoutSuccessHandler;

    @Autowired(required = false)
    private DataSource dataSource;

    @Autowired(required = false)
    private List<HttpSecuritySupportConfigurer> providerConfigurers = Collections.emptyList();

    @Configuration
    /* loaded from: input_file:com/github/shawven/security/browser/BrowserSecuritySupportConfiguration$AuthenticationManagerConfiguration.class */
    public static class AuthenticationManagerConfiguration extends WebSecurityConfigurerAdapter {
        public void configure(WebSecurity webSecurity) throws Exception {
            webSecurity.ignoring().mvcMatchers(new String[]{"/error", "/**/favicon.ico", "/**/*.js", "/**/*.css"});
        }

        @Bean
        public AuthenticationManager authenticationManagerBean() throws Exception {
            return super.authenticationManagerBean();
        }

        @ConditionalOnMissingBean
        @Bean
        public CorsFilter corsFilter() {
            CorsConfiguration corsConfiguration = new CorsConfiguration();
            corsConfiguration.addAllowedOrigin("*");
            corsConfiguration.addAllowedMethod("*");
            corsConfiguration.addAllowedHeader("*");
            corsConfiguration.setAllowCredentials(true);
            UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
            urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
            return new CorsFilter(urlBasedCorsConfigurationSource);
        }
    }

    public void configure(HttpSecurity httpSecurity) throws Exception {
        try {
            Class.forName("com.github.shawven.security.oauth2.OAuth2AutoConfiguration");
        } catch (ClassNotFoundException e) {
            Iterator<HttpSecuritySupportConfigurer> it = this.providerConfigurers.iterator();
            while (it.hasNext()) {
                httpSecurity.apply(it.next());
            }
            this.authorizationConfigurerManager.config(httpSecurity.authorizeRequests());
            configureExceptionHandler(httpSecurity);
            configureSession(httpSecurity);
            configureRememberMe(httpSecurity);
            configureFormLogin(httpSecurity);
            configureLogout(httpSecurity);
        }
    }

    public void configureExceptionHandler(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.exceptionHandling().authenticationEntryPoint(this.authenticationEntryPoint).accessDeniedHandler(this.accessDeniedHandler);
    }

    public void configureSession(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.sessionManagement().invalidSessionStrategy(this.invalidSessionStrategy).maximumSessions(this.configuration.getSession().getMaximumSessions()).maxSessionsPreventsLogin(this.configuration.getSession().isMaxSessionsPreventsLogin()).expiredSessionStrategy(this.sessionInformationExpiredStrategy);
    }

    public void configureFormLogin(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.formLogin().loginPage(this.configuration.getSignInUrl()).loginProcessingUrl(this.configuration.getSignInProcessingUrl()).successHandler(this.authenticationSuccessHandler).failureHandler(this.authenticationFailureHandler);
    }

    public void configureLogout(HttpSecurity httpSecurity) throws Exception {
        LogoutConfigurer logout = httpSecurity.logout();
        String signOutProcessingUrl = this.configuration.getSignOutProcessingUrl();
        if (signOutProcessingUrl != null) {
            logout.logoutUrl(signOutProcessingUrl);
        }
        logout.deleteCookies(new String[]{"JSESSIONID"}).logoutSuccessHandler(this.logoutSuccessHandler);
    }

    public void configureRememberMe(HttpSecurity httpSecurity) throws Exception {
        int rememberMeSeconds = this.configuration.getRememberMeSeconds();
        if (rememberMeSeconds > 0) {
            if (this.dataSource == null) {
                throw new IllegalStateException("Remember me that my feature must have a DataSource!");
            }
            JdbcTokenRepositoryImpl jdbcTokenRepositoryImpl = new JdbcTokenRepositoryImpl();
            jdbcTokenRepositoryImpl.setDataSource(this.dataSource);
            httpSecurity.rememberMe().tokenRepository(jdbcTokenRepositoryImpl).tokenValiditySeconds(rememberMeSeconds).userDetailsService(this.userDetailsService);
        }
    }
}
