package net.cofcool.chaos.server.auto.config;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.github.pagehelper.PageInterceptor;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Properties;
import javax.sql.DataSource;
import net.cofcool.chaos.server.auto.config.ChaosProperties;
import net.cofcool.chaos.server.common.core.ExceptionCodeDescriptor;
import net.cofcool.chaos.server.common.core.ExceptionCodeManager;
import net.cofcool.chaos.server.common.security.AuthService;
import net.cofcool.chaos.server.common.security.PasswordProcessor;
import net.cofcool.chaos.server.common.security.UserAuthorizationService;
import net.cofcool.chaos.server.core.annotation.scanner.BeanScannerConfigure;
import net.cofcool.chaos.server.core.aop.ApiProcessingInterceptor;
import net.cofcool.chaos.server.core.aop.LoggingInterceptor;
import net.cofcool.chaos.server.core.aop.ScannedCompositeMethodInterceptor;
import net.cofcool.chaos.server.core.aop.ScannedMethodInterceptor;
import net.cofcool.chaos.server.core.aop.ScannedResourceAdvisor;
import net.cofcool.chaos.server.core.aop.ValidateInterceptor;
import net.cofcool.chaos.server.core.support.GlobalHandlerExceptionResolver;
import net.cofcool.chaos.server.core.support.ResponseBodyMessageConverter;
import net.cofcool.chaos.server.core.support.SimpleExceptionCodeDescriptor;
import net.cofcool.chaos.server.security.shiro.access.AccountCredentialsMatcher;
import net.cofcool.chaos.server.security.shiro.access.AuthRealm;
import net.cofcool.chaos.server.security.shiro.access.ExceptionAuthenticationStrategy;
import net.cofcool.chaos.server.security.shiro.access.JsonAuthenticationFilter;
import net.cofcool.chaos.server.security.shiro.access.PermissionFilter;
import net.cofcool.chaos.server.security.shiro.authorization.ShiroAuthServiceImpl;
import net.cofcool.chaos.server.security.spring.authorization.SpringAuthServiceImpl;
import net.cofcool.chaos.server.security.spring.authorization.SpringDaoAuthenticationProvider;
import net.cofcool.chaos.server.security.spring.authorization.SpringUserAuthorizationService;
import net.cofcool.chaos.server.security.spring.authorization.UrlBased;
import net.cofcool.chaos.server.security.spring.config.JsonLoginConfigure;
import org.apache.ibatis.plugin.Interceptor;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.Authenticator;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.mybatis.spring.SqlSessionFactoryBean;
import org.mybatis.spring.mapper.MapperScannerConfigurer;
import org.springframework.aop.Advisor;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.BeanPostProcessor;
import org.springframework.beans.factory.support.BeanDefinitionRegistryPostProcessor;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.autoconfigure.jackson.JacksonAutoConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.support.ResourcePatternUtils;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.security.access.AccessDecisionVoter;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.access.expression.SecurityExpressionHandler;
import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.core.GrantedAuthorityDefaults;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
import org.springframework.security.web.access.expression.WebExpressionVoter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.LocaleResolver;
import org.springframework.web.servlet.i18n.SessionLocaleResolver;

@Configuration
@ConditionalOnClass({ChaosProperties.class})
@AutoConfigureAfter({JacksonAutoConfiguration.class})
/* loaded from: input_file:net/cofcool/chaos/server/auto/config/ChaosAutoConfiguration.class */
public class ChaosAutoConfiguration implements ApplicationContextAware {
    public static final String PACKAGE_PATH = "net.cofcool.chaos";
    public static final String PROJECT_CONFIGURE_PREFIX = "chaos";
    private ApplicationContext applicationContext;

    @EnableConfigurationProperties({ChaosProperties.class})
    @Configuration
    /* loaded from: input_file:net/cofcool/chaos/server/auto/config/ChaosAutoConfiguration$PropertiesConfiguration.class */
    class PropertiesConfiguration {
        private final ChaosProperties chaosProperties;

        @Configuration
        @ConditionalOnClass({SqlSessionFactoryBean.class})
        /* loaded from: input_file:net/cofcool/chaos/server/auto/config/ChaosAutoConfiguration$PropertiesConfiguration$MybatisConfig.class */
        class MybatisConfig {
            MybatisConfig() {
            }

            @Bean
            public org.apache.ibatis.session.Configuration configuration() {
                org.apache.ibatis.session.Configuration configuration = new org.apache.ibatis.session.Configuration();
                configuration.setUseGeneratedKeys(true);
                return configuration;
            }

            @Bean
            public SqlSessionFactoryBean sqlSessionFactory(DataSource dataSource, org.apache.ibatis.session.Configuration configuration, Interceptor[] interceptorArr, ApplicationContext applicationContext) throws IOException {
                SqlSessionFactoryBean sqlSessionFactoryBean = new SqlSessionFactoryBean();
                sqlSessionFactoryBean.setMapperLocations(ResourcePatternUtils.getResourcePatternResolver(applicationContext).getResources(PropertiesConfiguration.this.chaosProperties.getData().getXmlPath()));
                sqlSessionFactoryBean.setDataSource(dataSource);
                sqlSessionFactoryBean.setPlugins(interceptorArr);
                sqlSessionFactoryBean.setConfiguration(configuration);
                return sqlSessionFactoryBean;
            }

            @Bean
            public Interceptor[] mybatisPlugins() {
                Interceptor pageInterceptor = new PageInterceptor();
                Properties properties = new Properties();
                properties.setProperty("helperDialect", "mysql");
                properties.setProperty("reasonable", "true");
                pageInterceptor.setProperties(properties);
                return new Interceptor[]{pageInterceptor};
            }

            @Bean
            public MapperScannerConfigurer mapperScannerConfigurer() {
                MapperScannerConfigurer mapperScannerConfigurer = new MapperScannerConfigurer();
                mapperScannerConfigurer.setBasePackage(PropertiesConfiguration.this.chaosProperties.getData().getMapperPackage());
                mapperScannerConfigurer.setSqlSessionFactoryBeanName("sqlSessionFactory");
                return mapperScannerConfigurer;
            }
        }

        @Configuration
        @ConditionalOnClass({ShiroFilterFactoryBean.class})
        /* loaded from: input_file:net/cofcool/chaos/server/auto/config/ChaosAutoConfiguration$PropertiesConfiguration$ShiroAutoConfiguration.class */
        class ShiroAutoConfiguration {
            ShiroAutoConfiguration() {
            }

            @ConditionalOnMissingBean
            @Bean
            public ShiroFilterFactoryBean shiroFilter(UserAuthorizationService userAuthorizationService, SessionManager sessionManager, @Autowired(required = false) CacheManager cacheManager, PasswordProcessor passwordProcessor, ExceptionCodeManager exceptionCodeManager) {
                HashMap hashMap = new HashMap();
                hashMap.put("check", new PermissionFilter(userAuthorizationService, PropertiesConfiguration.this.chaosProperties.getAuth().getUnauthUrl()));
                hashMap.put("authc", new JsonAuthenticationFilter(PropertiesConfiguration.this.chaosProperties.getAuth().getLoginUrl(), PropertiesConfiguration.this.chaosProperties.getAuth().getUnLoginUrl()));
                ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
                shiroFilterFactoryBean.setFilters(hashMap);
                shiroFilterFactoryBean.setSecurityManager(createSecurityManager(sessionManager, createDefaultAuthenticator(userAuthorizationService, passwordProcessor, PropertiesConfiguration.this.chaosProperties.getAuth(), exceptionCodeManager), cacheManager));
                shiroFilterFactoryBean.setLoginUrl(PropertiesConfiguration.this.chaosProperties.getAuth().getLoginUrl());
                shiroFilterFactoryBean.setUnauthorizedUrl(PropertiesConfiguration.this.chaosProperties.getAuth().getUnauthUrl());
                shiroFilterFactoryBean.setFilterChainDefinitions(PropertiesConfiguration.this.chaosProperties.getAuth().shiroUrls());
                return shiroFilterFactoryBean;
            }

            private SecurityManager createSecurityManager(SessionManager sessionManager, Authenticator authenticator, CacheManager cacheManager) {
                DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
                if (cacheManager != null) {
                    defaultWebSecurityManager.setCacheManager(cacheManager);
                }
                defaultWebSecurityManager.setSessionManager(sessionManager);
                defaultWebSecurityManager.setAuthenticator(authenticator);
                SecurityUtils.setSecurityManager(defaultWebSecurityManager);
                return defaultWebSecurityManager;
            }

            public ModularRealmAuthenticator createDefaultAuthenticator(UserAuthorizationService userAuthorizationService, PasswordProcessor passwordProcessor, ChaosProperties.Auth auth, ExceptionCodeManager exceptionCodeManager) {
                ArrayList arrayList = new ArrayList();
                arrayList.add(createDefaultAuthRealm(userAuthorizationService, passwordProcessor, auth, exceptionCodeManager));
                ModularRealmAuthenticator modularRealmAuthenticator = new ModularRealmAuthenticator();
                modularRealmAuthenticator.setAuthenticationStrategy(new ExceptionAuthenticationStrategy());
                modularRealmAuthenticator.setRealms(arrayList);
                return modularRealmAuthenticator;
            }

            private Realm createDefaultAuthRealm(UserAuthorizationService userAuthorizationService, PasswordProcessor passwordProcessor, ChaosProperties.Auth auth, ExceptionCodeManager exceptionCodeManager) {
                AccountCredentialsMatcher accountCredentialsMatcher = new AccountCredentialsMatcher();
                accountCredentialsMatcher.setPasswordProcessor(passwordProcessor);
                AuthRealm authRealm = new AuthRealm();
                authRealm.setCredentialsMatcher(accountCredentialsMatcher);
                authRealm.setUserAuthorizationService(userAuthorizationService);
                authRealm.setUsingCaptcha(auth.getUsingCaptcha().booleanValue());
                authRealm.setExceptionCodeManager(exceptionCodeManager);
                return authRealm;
            }

            @Bean
            public AuthService authService(UserAuthorizationService userAuthorizationService, ExceptionCodeManager exceptionCodeManager) {
                ShiroAuthServiceImpl shiroAuthServiceImpl = new ShiroAuthServiceImpl();
                shiroAuthServiceImpl.setUserAuthorizationService(userAuthorizationService);
                shiroAuthServiceImpl.setExceptionCodeManager(exceptionCodeManager);
                return shiroAuthServiceImpl;
            }

            @ConditionalOnMissingBean
            @Bean
            public SessionManager sessionManager() {
                return new DefaultWebSessionManager();
            }

            @Bean
            public BeanPostProcessor lifecycleBeanPostProcessor() {
                return new LifecycleBeanPostProcessor();
            }
        }

        @ConditionalOnMissingBean({WebSecurityConfigurerAdapter.class})
        @Configuration
        @ConditionalOnClass({DefaultAuthenticationEventPublisher.class})
        /* loaded from: input_file:net/cofcool/chaos/server/auto/config/ChaosAutoConfiguration$PropertiesConfiguration$SpringSecurityConfig.class */
        class SpringSecurityConfig {
            private AuthenticationProvider authenticationProvider;
            private MappingJackson2HttpMessageConverter messageConverter;
            private ExceptionCodeManager exceptionCodeManager;
            private SpringUserAuthorizationService userAuthorizationService;

            @Configuration
            @EnableWebSecurity
            /* loaded from: input_file:net/cofcool/chaos/server/auto/config/ChaosAutoConfiguration$PropertiesConfiguration$SpringSecurityConfig$SpringSecurityAutoConfiguration.class */
            public class SpringSecurityAutoConfiguration extends WebSecurityConfigurerAdapter {
                public SpringSecurityAutoConfiguration() {
                }

                protected void configure(HttpSecurity httpSecurity) throws Exception {
                    Assert.notNull(SpringSecurityConfig.this.authenticationProvider, "authenticationProvider must be specified");
                    Assert.notNull(SpringSecurityConfig.this.messageConverter, "messageConverter must be specified");
                    Assert.notNull(SpringSecurityConfig.this.exceptionCodeManager, "exceptionCodeManager must be specified");
                    net.cofcool.chaos.server.security.spring.authorization.JsonAuthenticationFilter jsonAuthenticationFilter = new net.cofcool.chaos.server.security.spring.authorization.JsonAuthenticationFilter();
                    if (PropertiesConfiguration.this.chaosProperties.getAuth().getCorsEnabled().booleanValue()) {
                        httpSecurity.cors();
                    }
                    if (!PropertiesConfiguration.this.chaosProperties.getAuth().getCsrfEnabled().booleanValue()) {
                        httpSecurity.csrf().disable();
                    }
                    ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authenticationProvider(SpringSecurityConfig.this.authenticationProvider).rememberMe().and().authorizeRequests().antMatchers(StringUtils.delimitedListToStringArray(PropertiesConfiguration.this.chaosProperties.getAuth().springExcludeUrl(), ","))).anonymous().antMatchers(new String[]{"/**"})).authenticated().accessDecisionManager(new UrlBased(getDecisionVoters(httpSecurity), SpringSecurityConfig.this.userAuthorizationService, true)).and().addFilterAt(jsonAuthenticationFilter, UsernamePasswordAuthenticationFilter.class).apply(new JsonLoginConfigure(jsonAuthenticationFilter)).loginProcessingUrl(PropertiesConfiguration.this.chaosProperties.getAuth().getLoginUrl()).exceptionCodeManager(SpringSecurityConfig.this.exceptionCodeManager).messageConverter(SpringSecurityConfig.this.messageConverter).filterSupportsLoginType(PropertiesConfiguration.this.chaosProperties.getAuth().getLoginObjectType()).unAuthUrl(PropertiesConfiguration.this.chaosProperties.getAuth().getUnauthUrl()).unLoginUrl(PropertiesConfiguration.this.chaosProperties.getAuth().getUnLoginUrl()).and().logout().logoutUrl(PropertiesConfiguration.this.chaosProperties.getAuth().getLogoutUrl()).permitAll().and().sessionManagement().maximumSessions(10).expiredUrl(PropertiesConfiguration.this.chaosProperties.getAuth().getExpiredUrl());
                }

                private List<AccessDecisionVoter<? extends Object>> getDecisionVoters(HttpSecurity httpSecurity) {
                    ArrayList arrayList = new ArrayList();
                    WebExpressionVoter webExpressionVoter = new WebExpressionVoter();
                    webExpressionVoter.setExpressionHandler(getExpressionHandler(httpSecurity));
                    arrayList.add(webExpressionVoter);
                    return arrayList;
                }

                private SecurityExpressionHandler<FilterInvocation> getExpressionHandler(HttpSecurity httpSecurity) {
                    DefaultWebSecurityExpressionHandler defaultWebSecurityExpressionHandler = new DefaultWebSecurityExpressionHandler();
                    AuthenticationTrustResolver authenticationTrustResolver = (AuthenticationTrustResolver) httpSecurity.getSharedObject(AuthenticationTrustResolver.class);
                    if (authenticationTrustResolver != null) {
                        defaultWebSecurityExpressionHandler.setTrustResolver(authenticationTrustResolver);
                    }
                    ApplicationContext applicationContext = (ApplicationContext) httpSecurity.getSharedObject(ApplicationContext.class);
                    if (applicationContext != null) {
                        String[] beanNamesForType = applicationContext.getBeanNamesForType(RoleHierarchy.class);
                        if (beanNamesForType.length == 1) {
                            defaultWebSecurityExpressionHandler.setRoleHierarchy((RoleHierarchy) applicationContext.getBean(beanNamesForType[0], RoleHierarchy.class));
                        }
                        String[] beanNamesForType2 = applicationContext.getBeanNamesForType(GrantedAuthorityDefaults.class);
                        if (beanNamesForType2.length == 1) {
                            defaultWebSecurityExpressionHandler.setDefaultRolePrefix(((GrantedAuthorityDefaults) applicationContext.getBean(beanNamesForType2[0], GrantedAuthorityDefaults.class)).getRolePrefix());
                        }
                        String[] beanNamesForType3 = applicationContext.getBeanNamesForType(PermissionEvaluator.class);
                        if (beanNamesForType3.length == 1) {
                            defaultWebSecurityExpressionHandler.setPermissionEvaluator((PermissionEvaluator) applicationContext.getBean(beanNamesForType3[0], PermissionEvaluator.class));
                        }
                    }
                    return defaultWebSecurityExpressionHandler;
                }
            }

            SpringSecurityConfig() {
            }

            @Autowired
            public void setMessageConverter(MappingJackson2HttpMessageConverter mappingJackson2HttpMessageConverter) {
                this.messageConverter = mappingJackson2HttpMessageConverter;
            }

            @Autowired
            public void setExceptionCodeManager(ExceptionCodeManager exceptionCodeManager) {
                this.exceptionCodeManager = exceptionCodeManager;
            }

            @Autowired
            public void setUserAuthorizationService(SpringUserAuthorizationService springUserAuthorizationService) {
                this.userAuthorizationService = springUserAuthorizationService;
            }

            @Bean
            public AuthenticationProvider authenticationProvider(PasswordProcessor passwordProcessor) {
                SpringDaoAuthenticationProvider springDaoAuthenticationProvider = new SpringDaoAuthenticationProvider();
                springDaoAuthenticationProvider.setPasswordProcessor(passwordProcessor);
                springDaoAuthenticationProvider.setUserAuthorizationService(this.userAuthorizationService);
                this.authenticationProvider = springDaoAuthenticationProvider;
                return springDaoAuthenticationProvider;
            }

            @Bean
            public AuthService authService() {
                return new SpringAuthServiceImpl();
            }
        }

        PropertiesConfiguration(ChaosProperties chaosProperties) {
            this.chaosProperties = chaosProperties;
        }

        @ConditionalOnMissingBean
        @Bean
        public GlobalHandlerExceptionResolver exceptionResolver(ExceptionCodeManager exceptionCodeManager, ObjectMapper objectMapper) {
            GlobalHandlerExceptionResolver globalHandlerExceptionResolver = new GlobalHandlerExceptionResolver();
            globalHandlerExceptionResolver.setDevelopmentMode(this.chaosProperties.getDevelopment().getMode());
            globalHandlerExceptionResolver.setExceptionCodeManager(exceptionCodeManager);
            globalHandlerExceptionResolver.setJacksonObjectMapper(objectMapper);
            return globalHandlerExceptionResolver;
        }

        @ConditionalOnMissingBean
        @ConditionalOnProperty(prefix = "chaos.development", value = {"logging-enabled"}, havingValue = "true", matchIfMissing = false)
        @Bean
        public LoggingInterceptor loggingInterceptor() {
            return new LoggingInterceptor();
        }

        @ConditionalOnMissingBean
        @ConditionalOnProperty(prefix = "chaos.development", value = {"validating-enabled"}, havingValue = "true", matchIfMissing = false)
        @Bean
        public ValidateInterceptor validateInterceptor() {
            return new ValidateInterceptor();
        }

        @ConditionalOnMissingBean
        @ConditionalOnProperty(prefix = "chaos.development", value = {"injecting-enabled"}, havingValue = "true", matchIfMissing = false)
        @Bean
        public ApiProcessingInterceptor apiInterceptor(ExceptionCodeManager exceptionCodeManager) {
            ApiProcessingInterceptor apiProcessingInterceptor = new ApiProcessingInterceptor();
            apiProcessingInterceptor.setApplicationContext(ChaosAutoConfiguration.this.applicationContext);
            apiProcessingInterceptor.setDefinedCheckedKeys(StringUtils.delimitedListToStringArray(this.chaosProperties.getAuth().getCheckedKeys(), ","));
            apiProcessingInterceptor.setVersion(this.chaosProperties.getDevelopment().getVersion().intValue());
            apiProcessingInterceptor.setExceptionCodeManager(exceptionCodeManager);
            return apiProcessingInterceptor;
        }

        @ConditionalOnMissingBean
        @Bean
        public LocaleResolver localeResolver() {
            return new SessionLocaleResolver();
        }

        @ConditionalOnMissingBean
        @Bean
        public MappingJackson2HttpMessageConverter responseBodyMessageConverter(ObjectMapper objectMapper, ExceptionCodeManager exceptionCodeManager) {
            ResponseBodyMessageConverter responseBodyMessageConverter = new ResponseBodyMessageConverter();
            responseBodyMessageConverter.setObjectMapper(objectMapper);
            responseBodyMessageConverter.setExceptionCodeManager(exceptionCodeManager);
            return responseBodyMessageConverter;
        }
    }

    @Bean
    public BeanDefinitionRegistryPostProcessor beanScannerConfigurer() {
        BeanScannerConfigure beanScannerConfigure = new BeanScannerConfigure();
        String str = PACKAGE_PATH;
        String property = this.applicationContext.getEnvironment().getProperty("chaos.development.annotation-path");
        if (!net.cofcool.chaos.server.common.util.StringUtils.isNullOrEmpty(property)) {
            str = str + "," + property;
        }
        beanScannerConfigure.setBasePackage(str);
        return beanScannerConfigure;
    }

    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
        this.applicationContext = applicationContext;
    }

    @Bean
    public Advisor scannedResourceAdvisor(List<ScannedMethodInterceptor> list) {
        return new ScannedResourceAdvisor(new ScannedCompositeMethodInterceptor(list));
    }

    @ConditionalOnMissingBean
    @Bean
    public ExceptionCodeManager exceptionCodeManager(@Autowired(required = false) ExceptionCodeDescriptor exceptionCodeDescriptor) {
        return new ExceptionCodeManager(exceptionCodeDescriptor == null ? SimpleExceptionCodeDescriptor.DEFAULT_DESCRIPTOR : exceptionCodeDescriptor);
    }
}
