package cn.bctools.oauth2.config;

import cn.bctools.oauth2.prop.JvsOAuth2Property;
import cn.hutool.core.util.ArrayUtil;
import feign.RequestInterceptor;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.cloud.client.loadbalancer.LoadBalancerInterceptor;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
import org.springframework.web.client.DefaultResponseErrorHandler;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/* loaded from: input_file:cn/bctools/oauth2/config/JvsAdapter.class */
public class JvsAdapter extends ResourceServerConfigurerAdapter {
    RestTemplate restTemplate;
    JvsOAuth2Property jvsOAuth2Property;
    RemoteTokenServices remoteTokenServices;
    private static final Logger log = LoggerFactory.getLogger(JvsAdapter.class);
    private static final String[] DEFAULT_PERMIT_URLS = {"/api/**", "/webjars/**", "/resources/**", "/swagger-ui.html", "/swagger-resources/**", "/v2/**", "/doc.html", "index.html"};

    public void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.headers().frameOptions().disable();
        List<String> permitUrls = this.jvsOAuth2Property.getPermitUrls();
        permitUrls.addAll(Arrays.asList(DEFAULT_PERMIT_URLS));
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().antMatchers((String[]) ArrayUtil.toArray(permitUrls, String.class))).permitAll().anyRequest()).authenticated().and().csrf().disable();
    }

    public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
        JvsUserAuthenticationConverter jvsUserAuthenticationConverter = new JvsUserAuthenticationConverter();
        DefaultAccessTokenConverter defaultAccessTokenConverter = new DefaultAccessTokenConverter();
        defaultAccessTokenConverter.setUserTokenConverter(jvsUserAuthenticationConverter);
        this.remoteTokenServices.setAccessTokenConverter(defaultAccessTokenConverter);
        ArrayList arrayList = new ArrayList(this.restTemplate.getInterceptors());
        arrayList.removeIf(clientHttpRequestInterceptor -> {
            return clientHttpRequestInterceptor instanceof LoadBalancerInterceptor;
        });
        RestTemplate restTemplate = new RestTemplate();
        restTemplate.setInterceptors(arrayList);
        restTemplate.setErrorHandler(new DefaultResponseErrorHandler());
        this.remoteTokenServices.setRestTemplate(restTemplate);
        resourceServerSecurityConfigurer.tokenServices(this.remoteTokenServices);
    }

    @Bean
    public RequestInterceptor oauth2FeignRequestInterceptor() {
        return requestTemplate -> {
            try {
                ServletRequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
                if (Objects.nonNull(requestAttributes)) {
                    requestTemplate.header("Authorization", new String[]{requestAttributes.getRequest().getHeader("Authorization")});
                }
            } catch (Exception e) {
                log.trace("用户权限增强失败: {}", e.getMessage());
            }
        };
    }

    public JvsAdapter(RestTemplate restTemplate, JvsOAuth2Property jvsOAuth2Property, RemoteTokenServices remoteTokenServices) {
        this.restTemplate = restTemplate;
        this.jvsOAuth2Property = jvsOAuth2Property;
        this.remoteTokenServices = remoteTokenServices;
    }
}
