package cool.mtc.security;

import cool.mtc.security.auth.AuthConfig;
import cool.mtc.security.auth.custom.CustomAuthAdapter;
import cool.mtc.security.auth.jwt.JwtAuthAdapter;
import cool.mtc.security.auth.password.PasswordAuthAdapter;
import cool.mtc.security.config.CustomSecurityFilterChain;
import cool.mtc.security.config.DefaultSecurityFilterChain;
import cool.mtc.security.handler.HandlerConfig;
import cool.mtc.security.handler.deny.AccessDeniedHandler;
import cool.mtc.security.handler.deny.AuthenticationEntryPoint;
import cool.mtc.security.plugin.jwt.JwtConfig;
import cool.mtc.security.plugin.jwt.JwtProperties;
import cool.mtc.security.service.PermissionService;
import cool.mtc.security.service.impl.PermissionServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

@EnableConfigurationProperties({SecurityProperties.class, JwtProperties.class})
@Configuration
@EnableWebSecurity
@ConditionalOnProperty(value = {"mtc.security.enabled"}, havingValue = "true", matchIfMissing = true)
@EnableGlobalMethodSecurity(prePostEnabled = true)
@Import({JwtConfig.class, AuthConfig.class, HandlerConfig.class})
/* loaded from: input_file:cool/mtc/security/SecurityAutoConfiguration.class */
public class SecurityAutoConfiguration {
    private final ApplicationContext context;
    private final SecurityProperties securityProperties;

    @ConditionalOnMissingBean
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf().disable();
        if (this.securityProperties.isCors()) {
            httpSecurity.cors();
        } else {
            httpSecurity.cors().disable();
        }
        if (this.securityProperties.getAuthCustom().isEnabled()) {
            httpSecurity.apply((SecurityConfigurerAdapter) this.context.getBean(CustomAuthAdapter.class));
        }
        if (this.securityProperties.getAuthJwt().isEnabled()) {
            httpSecurity.apply((SecurityConfigurerAdapter) this.context.getBean(JwtAuthAdapter.class));
        }
        if (this.securityProperties.getAuthPassword().isEnabled()) {
            httpSecurity.apply((SecurityConfigurerAdapter) this.context.getBean(PasswordAuthAdapter.class));
        }
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().antMatchers(this.securityProperties.getAuthAntPatterns())).authenticated();
        httpSecurity.logout().clearAuthentication(false).logoutUrl(this.securityProperties.getLogoutUrl()).addLogoutHandler((LogoutHandler) this.context.getBean(cool.mtc.security.handler.logout.LogoutHandler.class)).logoutSuccessHandler((LogoutSuccessHandler) this.context.getBean(cool.mtc.security.handler.logout.LogoutSuccessHandler.class));
        httpSecurity.exceptionHandling().authenticationEntryPoint(new AuthenticationEntryPoint()).accessDeniedHandler(new AccessDeniedHandler());
        customSecurityFilterChain().configure(httpSecurity);
        return (SecurityFilterChain) httpSecurity.build();
    }

    @ConditionalOnMissingBean
    @Bean
    public CustomSecurityFilterChain customSecurityFilterChain() {
        return new DefaultSecurityFilterChain();
    }

    @ConditionalOnMissingBean
    @Bean
    public WebSecurityCustomizer webSecurityCustomizer() {
        return this.securityProperties.getIgnoreAuthAntPatterns().length > 0 ? webSecurity -> {
        } : webSecurity2 -> {
        };
    }

    @Bean(name = {"ps"})
    public PermissionService permissionService() {
        return new PermissionServiceImpl();
    }

    @Autowired
    public SecurityAutoConfiguration(ApplicationContext applicationContext, SecurityProperties securityProperties) {
        this.context = applicationContext;
        this.securityProperties = securityProperties;
    }
}
