package cn.com.mooho.config;

import cn.com.mooho.common.Constant;
import cn.com.mooho.common.attribute.AllowAnonymous;
import cn.com.mooho.common.utils.SpringUtils;
import cn.com.mooho.config.security.AuthenticationLogoutSuccessHandler;
import cn.com.mooho.config.security.JwtAuthenticationTokenFilter;
import cn.com.mooho.config.security.Md5PasswordEncoder;
import cn.com.mooho.config.security.SecurityAuthenticationEntryPoint;
import cn.com.mooho.config.security.SecurityAuthenticationFailureHandler;
import cn.com.mooho.config.security.SecurityAuthenticationSuccessHandler;
import java.util.HashSet;
import java.util.Map;
import javax.websocket.server.ServerEndpoint;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.AnnotatedBeanDefinition;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.type.filter.AnnotationTypeFilter;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
/* loaded from: input_file:cn/com/mooho/config/SecurityConfig.class */
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    private static final Logger log = LoggerFactory.getLogger(SecurityConfig.class);

    @Autowired
    SecurityAuthenticationEntryPoint entryPoint;

    @Autowired
    SecurityAuthenticationSuccessHandler loginSuccessHandler;

    @Autowired
    SecurityAuthenticationFailureHandler loginFailureHandler;

    @Autowired
    AuthenticationLogoutSuccessHandler logoutSuccessHandler;

    @Autowired
    JwtAuthenticationTokenFilter authenticationTokenFilter;

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        HashSet hashSet = new HashSet();
        ClassPathScanningCandidateComponentProvider classPathScanningCandidateComponentProvider = new ClassPathScanningCandidateComponentProvider(false);
        classPathScanningCandidateComponentProvider.addIncludeFilter(new AnnotationTypeFilter(ServerEndpoint.class));
        for (AnnotatedBeanDefinition annotatedBeanDefinition : classPathScanningCandidateComponentProvider.findCandidateComponents(Constant.BASE_PACKAGE)) {
            if (annotatedBeanDefinition instanceof AnnotatedBeanDefinition) {
                Map annotationAttributes = annotatedBeanDefinition.getMetadata().getAnnotationAttributes(ServerEndpoint.class.getName());
                if (!MapUtils.isEmpty(annotationAttributes)) {
                    String string = MapUtils.getString(annotationAttributes, "value", (String) null);
                    if (!StringUtils.isEmpty(string)) {
                        hashSet.add(string);
                    }
                }
            }
        }
        for (Map.Entry entry : ((RequestMappingHandlerMapping) SpringUtils.getBean(RequestMappingHandlerMapping.class)).getHandlerMethods().entrySet()) {
            if (((AllowAnonymous) ((HandlerMethod) entry.getValue()).getMethodAnnotation(AllowAnonymous.class)) != null) {
                hashSet.addAll(((RequestMappingInfo) entry.getKey()).getPatternsCondition().getPatterns());
            }
        }
        hashSet.forEach(str -> {
            log.warn("anonymous url：{}", str);
        });
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.csrf().disable().headers().cacheControl().disable().and().exceptionHandling().authenticationEntryPoint(this.entryPoint).and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().authorizeRequests().antMatchers((String[]) hashSet.toArray(new String[0]))).permitAll().antMatchers(new String[]{"/api/User/login", "/captcha"})).permitAll().antMatchers(HttpMethod.GET, new String[]{"/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/**/*.png"})).permitAll().antMatchers(new String[]{"/actuator/**"})).permitAll().antMatchers(new String[]{"/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**"})).permitAll().anyRequest()).authenticated().and().headers().frameOptions().disable();
        httpSecurity.logout().logoutUrl("/logout").logoutSuccessHandler(this.logoutSuccessHandler);
        httpSecurity.addFilterBefore(this.authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
        httpSecurity.addFilterBefore(corsFilter(), JwtAuthenticationTokenFilter.class);
        httpSecurity.addFilterBefore(corsFilter(), LogoutFilter.class);
    }

    public void configure(WebSecurity webSecurity) throws Exception {
        webSecurity.ignoring().antMatchers(new String[]{"/static/**"});
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new Md5PasswordEncoder();
    }

    @Bean
    public CorsFilter corsFilter() {
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.setAllowCredentials(true);
        corsConfiguration.addAllowedOriginPattern("*");
        corsConfiguration.addAllowedHeader("*");
        corsConfiguration.addAllowedMethod("*");
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
        return new CorsFilter(urlBasedCorsConfigurationSource);
    }
}
