package top.chaser.framework.starter.uaa.resource.security;

import javax.annotation.Resource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingClass;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.access.ExceptionTranslationFilter;
import top.chaser.framework.starter.uaa.resource.ResourceServerJwtProperties;
import top.chaser.framework.starter.uaa.resource.ResourceServerProperties;
import top.chaser.framework.starter.uaa.resource.security.code.ValidateCodeSecurityConfigurerAdapter;
import top.chaser.framework.uaa.base.store.TokenStore;

@ConditionalOnMissingClass({"top.chaser.framework.starter.uaa.authorization.security.AuthorizationServerSecurityConfig"})
@EnableWebSecurity
/* loaded from: input_file:top/chaser/framework/starter/uaa/resource/security/ResourceServerSecurityConfig.class */
public class ResourceServerSecurityConfig extends WebSecurityConfigurerAdapter {

    @Resource
    private AuthenticationEntryPoint authenticationEntryPoint;

    @Resource
    private AccessDeniedHandler accessDeniedHandler;

    @Resource
    private ResourceServerProperties resourceServerProperties;

    @Resource
    private ResourceServerJwtProperties jwtProperties;

    @Resource
    private TokenStore tokenStore;

    @Autowired(required = false)
    private ValidateCodeSecurityConfigurerAdapter validateCodeSecurityConfigurerAdapter;

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        JWTAuthenticationFilter jWTAuthenticationFilter = new JWTAuthenticationFilter(authenticationManagerBean(), this.tokenStore, this.resourceServerProperties, this.jwtProperties);
        if (this.validateCodeSecurityConfigurerAdapter != null) {
            httpSecurity.apply(this.validateCodeSecurityConfigurerAdapter);
        }
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.exceptionHandling().authenticationEntryPoint(this.authenticationEntryPoint).accessDeniedHandler(this.accessDeniedHandler).and().addFilterAfter(jWTAuthenticationFilter, ExceptionTranslationFilter.class).authorizeRequests().antMatchers((String[]) this.resourceServerProperties.getWhiteListPattern().toArray(new String[0]))).permitAll().and().csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().authorizeRequests().anyRequest()).access("@permissionService.hasPermission(request,authentication)").and().headers().cacheControl();
    }

    public void configure(WebSecurity webSecurity) {
        webSecurity.ignoring().antMatchers((String[]) this.resourceServerProperties.getStaticPathPattern().toArray(new String[0]));
    }
}
