package pro.fessional.wings.warlock.spring.bean;

import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.cache.Cache;
import org.springframework.cache.CacheManager;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.core.GrantedAuthorityDefaults;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.LocaleResolver;
import pro.fessional.mirana.best.AssertState;
import pro.fessional.mirana.bits.Aes;
import pro.fessional.wings.silencer.spring.boot.ConditionalWingsEnabled;
import pro.fessional.wings.silencer.support.PropHelper;
import pro.fessional.wings.slardar.cache.WingsCache;
import pro.fessional.wings.slardar.security.WingsAuthDetailsSource;
import pro.fessional.wings.slardar.security.WingsAuthPageHandler;
import pro.fessional.wings.slardar.security.WingsAuthTypeParser;
import pro.fessional.wings.slardar.security.WingsAuthenticationEventPublisher;
import pro.fessional.wings.slardar.security.impl.ComboWingsAuthCheckService;
import pro.fessional.wings.slardar.security.impl.ComboWingsAuthDetailsSource;
import pro.fessional.wings.slardar.security.impl.ComboWingsAuthPageHandler;
import pro.fessional.wings.slardar.security.impl.ComboWingsUserDetailsService;
import pro.fessional.wings.slardar.security.impl.DefaultWingsAuthTypeParser;
import pro.fessional.wings.slardar.servlet.resolver.WingsRemoteResolver;
import pro.fessional.wings.warlock.security.handler.AccessFailureHandler;
import pro.fessional.wings.warlock.security.handler.LoginFailureHandler;
import pro.fessional.wings.warlock.security.handler.LoginSuccessHandler;
import pro.fessional.wings.warlock.security.handler.LogoutOkHandler;
import pro.fessional.wings.warlock.security.justauth.AuthStateBuilder;
import pro.fessional.wings.warlock.security.listener.WarlockFailedLoginListener;
import pro.fessional.wings.warlock.security.listener.WarlockSuccessLoginListener;
import pro.fessional.wings.warlock.security.loginpage.JustAuthLoginPageCombo;
import pro.fessional.wings.warlock.security.loginpage.ListAllLoginPageCombo;
import pro.fessional.wings.warlock.security.userdetails.JustAuthUserAuthnAutoReg;
import pro.fessional.wings.warlock.security.userdetails.JustAuthUserDetailsCombo;
import pro.fessional.wings.warlock.security.userdetails.MemoryUserDetailsCombo;
import pro.fessional.wings.warlock.security.userdetails.NonceUserDetailsCombo;
import pro.fessional.wings.warlock.service.auth.WarlockAuthnService;
import pro.fessional.wings.warlock.service.auth.impl.AuthAppPermChecker;
import pro.fessional.wings.warlock.service.auth.impl.AuthZonePermChecker;
import pro.fessional.wings.warlock.service.auth.impl.ComboWarlockAuthnService;
import pro.fessional.wings.warlock.service.auth.impl.ComboWarlockAuthzService;
import pro.fessional.wings.warlock.service.auth.impl.DefaultPermRoleCombo;
import pro.fessional.wings.warlock.service.auth.impl.DefaultUserAuthnAutoReg;
import pro.fessional.wings.warlock.service.auth.impl.DefaultUserDetailsCombo;
import pro.fessional.wings.warlock.service.auth.impl.MemoryTypedAuthzCombo;
import pro.fessional.wings.warlock.service.perm.WarlockPermNormalizer;
import pro.fessional.wings.warlock.spring.prop.WarlockJustAuthProp;
import pro.fessional.wings.warlock.spring.prop.WarlockSecurityProp;

@Configuration(proxyBeanMethods = false)
@ConditionalWingsEnabled
/* loaded from: input_file:pro/fessional/wings/warlock/spring/bean/WarlockSecurityBeanConfiguration.class */
public class WarlockSecurityBeanConfiguration {
    private static final Log log = LogFactory.getLog(WarlockSecurityBeanConfiguration.class);
    public static final int OrderJustAuthUserAuthnAutoReg = -49999900;
    public static final int OrderMemoryUserDetailsCombo = -49999900;
    public static final int OrderNonceUserDetailsCombo = -49999800;
    public static final int OrderJustAuthUserDetailsCombo = -49999700;

    @Bean
    @ConditionalWingsEnabled
    public WingsAuthenticationEventPublisher authenticationEventPublisher(ApplicationContext applicationContext) {
        log.info("WarlockShadow spring-bean authenticationEventPublisher");
        return new WingsAuthenticationEventPublisher(applicationContext);
    }

    @Bean
    @ConditionalWingsEnabled
    public DefaultWingsAuthTypeParser wingsAuthTypeParser(WarlockSecurityProp warlockSecurityProp) {
        log.info("WarlockShadow spring-bean wingsAuthTypeParser");
        return new DefaultWingsAuthTypeParser(warlockSecurityProp.mapAuthTypeDefault(), warlockSecurityProp.mapAuthTypeEnum());
    }

    @Bean
    @ConditionalWingsEnabled
    @ConditionalOnExpression("!'${wings.warlock.security.login-success-body}'.isEmpty()")
    public LoginSuccessHandler loginSuccessHandler() {
        log.info("WarlockShadow spring-bean loginSuccessHandler");
        return new LoginSuccessHandler();
    }

    @Bean
    @ConditionalWingsEnabled
    @ConditionalOnExpression("!'${wings.warlock.security.login-failure-body}'.isEmpty()")
    public LoginFailureHandler.Handler loginFailureHandlerDefault() {
        log.info("WarlockShadow spring-bean loginFailureHandlerDefault");
        return new LoginFailureHandler.DefaultHandler();
    }

    @Bean
    @ConditionalWingsEnabled
    public LoginFailureHandler loginFailureHandler() {
        log.info("WarlockShadow spring-bean loginFailureHandler");
        return new LoginFailureHandler();
    }

    @Bean
    @ConditionalWingsEnabled
    @ConditionalOnExpression("!'${wings.warlock.security.logout-success-body}'.isEmpty()")
    public LogoutOkHandler logoutSuccessHandler() {
        log.info("WarlockShadow spring-bean logoutSuccessHandler");
        return new LogoutOkHandler();
    }

    @Bean
    @ConditionalWingsEnabled
    public AccessFailureHandler accessDeniedHandler() {
        log.info("WarlockShadow spring-bean accessDeniedHandler");
        return new AccessFailureHandler();
    }

    @Bean
    @ConditionalWingsEnabled
    public WarlockPermNormalizer warlockPermNormalizer(GrantedAuthorityDefaults grantedAuthorityDefaults) {
        log.info("WarlockShadow spring-bean warlockPermNormalizer");
        WarlockPermNormalizer warlockPermNormalizer = new WarlockPermNormalizer();
        warlockPermNormalizer.setRolePrefix(grantedAuthorityDefaults.getRolePrefix());
        return warlockPermNormalizer;
    }

    @Bean
    @ConditionalWingsEnabled
    public ComboWarlockAuthnService comboWarlockAuthnService() {
        log.info("WarlockShadow spring-bean comboWarlockAuthnService");
        return new ComboWarlockAuthnService();
    }

    @Bean
    @ConditionalWingsEnabled
    public ComboWarlockAuthzService comboWarlockAuthzService(WarlockSecurityProp warlockSecurityProp) {
        log.info("WarlockShadow spring-bean comboWarlockAuthzService");
        ComboWarlockAuthzService comboWarlockAuthzService = new ComboWarlockAuthzService();
        comboWarlockAuthzService.setAuthorityRole(warlockSecurityProp.isAuthorityRole());
        comboWarlockAuthzService.setAuthorityPerm(warlockSecurityProp.isAuthorityPerm());
        return comboWarlockAuthzService;
    }

    @Bean
    @ConditionalWingsEnabled
    public DefaultPermRoleCombo defaultPermRoleCombo() {
        log.info("WarlockShadow spring-bean defaultPermRoleCombo");
        return new DefaultPermRoleCombo();
    }

    @Bean
    @ConditionalWingsEnabled(and = {WarlockJustAuthConfiguration.class})
    public JustAuthUserAuthnAutoReg justAuthUserAuthnAutoReg() {
        log.info("WarlockShadow spring-bean justAuthUserAuthnAutoReg");
        JustAuthUserAuthnAutoReg justAuthUserAuthnAutoReg = new JustAuthUserAuthnAutoReg();
        justAuthUserAuthnAutoReg.setOrder(-49999900);
        return justAuthUserAuthnAutoReg;
    }

    @Bean
    @ConditionalWingsEnabled
    public DefaultUserAuthnAutoReg defaultUserAuthnAutoReg() {
        log.info("WarlockShadow spring-bean defaultUserAuthnAutoReg");
        return new DefaultUserAuthnAutoReg();
    }

    @Bean
    @ConditionalWingsEnabled
    public MemoryUserDetailsCombo memoryUserDetailsCombo(WingsAuthTypeParser wingsAuthTypeParser, WarlockSecurityProp warlockSecurityProp) {
        log.info("WarlockShadow spring-bean memoryUserDetailsCombo");
        MemoryUserDetailsCombo memoryUserDetailsCombo = new MemoryUserDetailsCombo();
        memoryUserDetailsCombo.setOrder(-49999900);
        for (Map.Entry<String, WarlockSecurityProp.Mu> entry : warlockSecurityProp.getMemUser().entrySet()) {
            log.info("WarlockShadow conf add MemUser=" + entry.getKey());
            WarlockSecurityProp.Mu value = entry.getValue();
            Set<String> authType = value.getAuthType();
            if (authType == null || authType.isEmpty()) {
                authType = Collections.singleton("");
            }
            for (String str : authType) {
                WarlockAuthnService.Details details = new WarlockAuthnService.Details();
                details.setUserId(value.getUserId());
                details.setAuthType(wingsAuthTypeParser.parse(str));
                details.setUsername(value.getUsername());
                details.setPassword(value.getPassword());
                details.setStatus(value.getStatus());
                details.setNickname(StringUtils.hasText(value.getNickname()) ? value.getNickname() : value.getUsername());
                details.setPasssalt(value.getPasssalt());
                details.setLocale(value.getLocale());
                details.setZoneId(value.getZoneId());
                details.setExpiredDt(value.getExpired());
                memoryUserDetailsCombo.addUser(details);
            }
        }
        return memoryUserDetailsCombo;
    }

    @Bean
    @ConditionalWingsEnabled
    public NonceUserDetailsCombo nonceUserDetailsCombo(WarlockSecurityProp warlockSecurityProp, Map<String, CacheManager> map) {
        log.info("WarlockShadow spring-bean nonceUserDetailsCombo");
        String join = WingsCache.Naming.join(new String[]{warlockSecurityProp.getNonceCacheLevel(), NonceUserDetailsCombo.class.getName()});
        CacheManager cacheManager = map.get(warlockSecurityProp.getNonceCacheManager());
        AssertState.notNull(join, "nonce cache name must not be null");
        AssertState.notNull(cacheManager, "nonce cache manager must not be null");
        Cache cache = cacheManager.getCache(join);
        AssertState.notNull(cache, "nonce cache must not be null");
        NonceUserDetailsCombo nonceUserDetailsCombo = new NonceUserDetailsCombo(cache);
        nonceUserDetailsCombo.setOrder(OrderNonceUserDetailsCombo);
        nonceUserDetailsCombo.setAcceptNonceType(warlockSecurityProp.mapNonceAuthEnum());
        return nonceUserDetailsCombo;
    }

    @Bean
    @ConditionalWingsEnabled(and = {WarlockJustAuthConfiguration.class})
    public JustAuthUserDetailsCombo justAuthUserDetailsCombo() {
        log.info("WarlockShadow spring-bean justAuthUserDetailsCombo");
        JustAuthUserDetailsCombo justAuthUserDetailsCombo = new JustAuthUserDetailsCombo();
        justAuthUserDetailsCombo.setOrder(OrderJustAuthUserDetailsCombo);
        return justAuthUserDetailsCombo;
    }

    @Bean
    @ConditionalWingsEnabled
    public DefaultUserDetailsCombo defaultUserDetailsCombo(WarlockSecurityProp warlockSecurityProp) {
        log.info("WarlockShadow spring-bean defaultUserDetailsCombo");
        DefaultUserDetailsCombo defaultUserDetailsCombo = new DefaultUserDetailsCombo();
        defaultUserDetailsCombo.setAutoRegisterType(warlockSecurityProp.mapAutoregAuthEnum());
        return defaultUserDetailsCombo;
    }

    @Bean
    @ConditionalWingsEnabled
    @Order(DefaultUserAuthnAutoReg.ORDER)
    public AuthZonePermChecker authZonePermChecker(WarlockSecurityProp warlockSecurityProp) {
        log.info("WarlockShadow spring-bean authZonePermChecker");
        AuthZonePermChecker authZonePermChecker = new AuthZonePermChecker();
        authZonePermChecker.setZonePerm(warlockSecurityProp.getZonePerm());
        return authZonePermChecker;
    }

    @Bean
    @ConditionalWingsEnabled
    @Order(-49999980)
    public AuthAppPermChecker authAppPermChecker(@Value("${spring.application.name:wings-default}") String str, WarlockSecurityProp warlockSecurityProp) {
        log.info("WarlockShadow spring-bean authAppPermChecker");
        AuthAppPermChecker authAppPermChecker = new AuthAppPermChecker();
        HashSet hashSet = new HashSet();
        AntPathMatcher antPathMatcher = new AntPathMatcher();
        for (Map.Entry<String, Set<String>> entry : warlockSecurityProp.getAppPerm().entrySet()) {
            String key = entry.getKey();
            if (antPathMatcher.match(key, str)) {
                log.info("WarlockShadow conf authAppPermChecker, " + str + " matches " + key);
                hashSet.addAll(entry.getValue());
            }
        }
        authAppPermChecker.setAppPerm(hashSet);
        return authAppPermChecker;
    }

    @Bean
    @ConditionalWingsEnabled
    public ComboWingsAuthCheckService comboWingsAuthCheckService(ObjectProvider<ComboWingsAuthCheckService.Combo> objectProvider) {
        log.info("WarlockShadow spring-bean comboWingsAuthCheckService");
        List list = (List) objectProvider.orderedStream().collect(Collectors.toList());
        ComboWingsAuthCheckService comboWingsAuthCheckService = new ComboWingsAuthCheckService();
        comboWingsAuthCheckService.setCombos(list);
        return comboWingsAuthCheckService;
    }

    @Bean
    @ConditionalWingsEnabled
    public ComboWingsUserDetailsService wingsUserDetailsService(ObjectProvider<ComboWingsUserDetailsService.Combo<?>> objectProvider) {
        log.info("WarlockShadow spring-bean wingsUserDetailsService");
        ComboWingsUserDetailsService comboWingsUserDetailsService = new ComboWingsUserDetailsService();
        objectProvider.orderedStream().forEach(combo -> {
            log.info("WarlockShadow conf wingsUserDetailsService add " + combo.getClass().getName());
            comboWingsUserDetailsService.add(combo);
        });
        return comboWingsUserDetailsService;
    }

    @Bean
    @ConditionalWingsEnabled
    public MemoryTypedAuthzCombo memoryTypedAuthzCombo(WingsAuthTypeParser wingsAuthTypeParser, WarlockPermNormalizer warlockPermNormalizer, WarlockSecurityProp warlockSecurityProp) {
        log.info("WarlockShadow spring-bean memoryTypedAuthzCombo");
        MemoryTypedAuthzCombo memoryTypedAuthzCombo = new MemoryTypedAuthzCombo();
        Iterator<Map.Entry<String, WarlockSecurityProp.Ma>> it = warlockSecurityProp.getMemAuth().entrySet().iterator();
        while (it.hasNext()) {
            WarlockSecurityProp.Ma value = it.next().getValue();
            Stream<String> stream = value.getAuthRole().stream();
            Objects.requireNonNull(warlockPermNormalizer);
            Set set = (Set) stream.map(warlockPermNormalizer::role).collect(Collectors.toSet());
            Set<String> authPerm = value.getAuthPerm();
            long userId = value.getUserId();
            log.info("WarlockShadow conf add MemAuth, userId=" + userId);
            memoryTypedAuthzCombo.addAuthz(userId, set);
            memoryTypedAuthzCombo.addAuthz(userId, authPerm);
            if (userId < 0) {
                log.warn("should NOT use negative UserId");
            }
            String username = value.getUsername();
            if (StringUtils.hasText(username)) {
                String authType = value.getAuthType();
                Enum<?> parse = wingsAuthTypeParser.parse(authType);
                log.info("WarlockShadow conf add MemAuth, username=" + username + ", auth-type=" + authType);
                memoryTypedAuthzCombo.addAuthz(username, parse, set);
                memoryTypedAuthzCombo.addAuthz(username, parse, authPerm);
            } else {
                log.info("WarlockShadow conf skip MemAuth, empty username");
            }
        }
        return memoryTypedAuthzCombo;
    }

    @Bean
    @ConditionalWingsEnabled
    public WingsAuthDetailsSource<?> wingsAuthDetailsSource(ObjectProvider<ComboWingsAuthDetailsSource.Combo<?>> objectProvider, ObjectProvider<WingsRemoteResolver> objectProvider2, ObjectProvider<LocaleResolver> objectProvider3, WarlockSecurityProp warlockSecurityProp) {
        log.info("WarlockShadow spring-bean wingsAuthDetailsSource");
        ComboWingsAuthDetailsSource comboWingsAuthDetailsSource = new ComboWingsAuthDetailsSource();
        objectProvider.orderedStream().forEach(combo -> {
            log.info("WarlockShadow conf wingsAuthDetailsSource add " + combo.getClass().getName());
            comboWingsAuthDetailsSource.add(combo);
        });
        HashSet hashSet = new HashSet();
        hashSet.add(warlockSecurityProp.getPasswordPara());
        comboWingsAuthDetailsSource.setIgnoredMetaKey(hashSet);
        Objects.requireNonNull(comboWingsAuthDetailsSource);
        objectProvider2.ifAvailable(comboWingsAuthDetailsSource::setWingsRemoteResolver);
        Objects.requireNonNull(comboWingsAuthDetailsSource);
        objectProvider3.ifAvailable(comboWingsAuthDetailsSource::setLocaleResolver);
        return comboWingsAuthDetailsSource;
    }

    @Bean
    @ConditionalWingsEnabled
    public AuthStateBuilder authStateBuilder(WarlockJustAuthProp warlockJustAuthProp, ObjectProvider<Aes> objectProvider) {
        log.info("WarlockShadow spring-bean authStateBuilder");
        AuthStateBuilder authStateBuilder = new AuthStateBuilder(PropHelper.onlyValid(warlockJustAuthProp.getSafeState()));
        Aes aes = (Aes) objectProvider.getIfAvailable();
        if (aes != null) {
            authStateBuilder.setAes(aes);
            log.info("WarlockShadow conf authStateBuilder with Global Aes Bean");
        } else {
            log.info("WarlockShadow conf authStateBuilder with Random Aes Bean");
        }
        return authStateBuilder;
    }

    @Bean
    @ConditionalWingsEnabled
    public WingsAuthPageHandler wingsAuthPageHandler(ObjectProvider<ComboWingsAuthPageHandler.Combo> objectProvider) {
        log.info("WarlockShadow spring-bean wingsAuthPageHandler");
        ComboWingsAuthPageHandler comboWingsAuthPageHandler = new ComboWingsAuthPageHandler();
        objectProvider.orderedStream().forEach(combo -> {
            log.info("WarlockShadow conf wingsAuthPageHandler add " + combo.getClass().getName());
            comboWingsAuthPageHandler.add(combo);
        });
        return comboWingsAuthPageHandler;
    }

    @Bean
    @ConditionalWingsEnabled
    @Order(-29999990)
    public ListAllLoginPageCombo listAllLoginPageCombo() {
        log.info("WarlockShadow spring-bean listAllLoginPageCombo");
        return new ListAllLoginPageCombo();
    }

    @Bean
    @ConditionalWingsEnabled(and = {WarlockJustAuthConfiguration.class})
    @Order(-29999980)
    public JustAuthLoginPageCombo justAuthLoginPageCombo() {
        log.info("WarlockShadow spring-bean justAuthLoginPageCombo");
        return new JustAuthLoginPageCombo();
    }

    @Bean
    @ConditionalWingsEnabled
    public GrantedAuthorityDefaults grantedAuthorityDefaults(WarlockSecurityProp warlockSecurityProp) {
        log.info("WarlockShadow spring-bean grantedAuthorityDefaults");
        return new GrantedAuthorityDefaults(warlockSecurityProp.getRolePrefix());
    }

    @Bean
    @ConditionalWingsEnabled
    public WarlockSuccessLoginListener warlockSuccessLoginListener() {
        log.info("WarlockShadow spring-bean warlockSuccessLoginListener");
        return new WarlockSuccessLoginListener();
    }

    @Bean
    @ConditionalWingsEnabled
    public WarlockFailedLoginListener warlockFailedLoginListener() {
        log.info("WarlockShadow spring-bean warlockFailedLoginListener");
        return new WarlockFailedLoginListener();
    }
}
