package net.guerlab.cloud.security.webmvc.autoconfigure;

import java.util.List;
import net.guerlab.cloud.security.core.AuthorizePathProvider;
import net.guerlab.cloud.security.core.autoconfigure.AuthorizePathAutoConfigure;
import net.guerlab.cloud.security.core.properties.DefaultCorsConfiguration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.lang.Nullable;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.util.CollectionUtils;
import org.springframework.web.cors.CorsConfiguration;

@EnableWebSecurity
@AutoConfiguration(after = {AuthorizePathAutoConfigure.class})
@Order(99)
/* loaded from: input_file:net/guerlab/cloud/security/webmvc/autoconfigure/WebMvcSecurityAutoConfigure.class */
public class WebMvcSecurityAutoConfigure {
    private static final Logger log = LoggerFactory.getLogger(WebMvcSecurityAutoConfigure.class);
    private final ObjectProvider<CorsConfiguration> configProvider;
    private final ObjectProvider<AuthorizePathProvider> authorizePathProviders;

    public WebMvcSecurityAutoConfigure(ObjectProvider<CorsConfiguration> objectProvider, ObjectProvider<AuthorizePathProvider> objectProvider2) {
        this.configProvider = objectProvider;
        this.authorizePathProviders = objectProvider2;
    }

    @Bean
    public SecurityFilterChain securityWebFilterChain(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.httpBasic(httpBasicConfigurer -> {
        });
        httpSecurity.formLogin(formLoginConfigurer -> {
        });
        httpSecurity.csrf((v0) -> {
            v0.disable();
        });
        httpSecurity.cors(corsConfigurer -> {
            corsConfigurer.configurationSource(httpServletRequest -> {
                return (CorsConfiguration) this.configProvider.getIfAvailable(DefaultCorsConfiguration::new);
            });
        });
        for (AuthorizePathProvider authorizePathProvider : this.authorizePathProviders) {
            authorizePathConfig(httpSecurity, authorizePathProvider.httpMethod(), authorizePathProvider.paths());
        }
        httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.anyRequest()).permitAll();
        });
        return (SecurityFilterChain) httpSecurity.build();
    }

    private void authorizePathConfig(HttpSecurity httpSecurity, @Nullable HttpMethod httpMethod, List<String> list) throws Exception {
        if (CollectionUtils.isEmpty(list)) {
            return;
        }
        log.debug("authorizePathConfig[method: {}, paths: {}]", httpMethod, list);
        if (httpMethod == null) {
            httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
                ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers((String[]) list.toArray(new String[0]))).authenticated();
            });
        } else {
            httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry2 -> {
                ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry2.requestMatchers(httpMethod, (String[]) list.toArray(new String[0]))).authenticated();
            });
        }
    }
}
