package com.cory.web.config;

import com.cory.service.UserService;
import com.cory.util.MapBuilder;
import com.cory.web.security.AntPermissionResolver;
import com.cory.web.security.AuthenticationFilter;
import com.cory.web.security.AuthorizingRealm;
import com.cory.web.security.CoryShiroCacheManager;
import com.cory.web.security.CredentialsMatcher;
import com.cory.web.security.LogoutFilter;
import com.cory.web.security.UserFilter;
import com.cory.web.util.PasswordEncoder;
import java.io.UnsupportedEncodingException;
import javax.servlet.Filter;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
/* loaded from: input_file:com/cory/web/config/ShiroConfig.class */
public class ShiroConfig {
    private static final String LOGIN_HANDLE_URL = "/doLogin";
    private static final String USERNAME_PARAM = "userName";
    private static final String REMEMBERME_PARAM = "rememberMe";
    private static final String LOGIN_URL = "/login";
    private static final String UNAUTHORIZED_URL = "/errorPage?type=403";

    @Bean
    public ShiroFilterFactoryBean shiroFilter(DefaultWebSecurityManager defaultWebSecurityManager, AuthenticationFilter authenticationFilter, UserFilter userFilter, LogoutFilter logoutFilter, ShiroFilterChainDefinition shiroFilterChainDefinition, @Value("${cory.shiro.success-url}") String str) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
        shiroFilterFactoryBean.setLoginUrl(LOGIN_URL);
        shiroFilterFactoryBean.setSuccessUrl(str);
        shiroFilterFactoryBean.setUnauthorizedUrl(UNAUTHORIZED_URL);
        shiroFilterFactoryBean.setFilters(MapBuilder.create(String.class, Filter.class).put("authc", authenticationFilter).put("user", userFilter).put("logout", logoutFilter).build());
        shiroFilterFactoryBean.setFilterChainDefinitionMap(shiroFilterChainDefinition.getFilterChainMap());
        return shiroFilterFactoryBean;
    }

    @Bean
    public AntPermissionResolver antPermissionResolver() {
        return new AntPermissionResolver();
    }

    @ConditionalOnMissingBean({PasswordEncoder.class})
    @Bean
    public PasswordEncoder passwordEncoder() {
        PasswordEncoder passwordEncoder = new PasswordEncoder();
        passwordEncoder.setSalt("!@0#$1%^2*()");
        return passwordEncoder;
    }

    @Bean
    public CredentialsMatcher credentialsMatcher(PasswordEncoder passwordEncoder) {
        CredentialsMatcher credentialsMatcher = new CredentialsMatcher();
        credentialsMatcher.setPasswordEncoder(passwordEncoder);
        return credentialsMatcher;
    }

    @Bean
    public Realm realm(CredentialsMatcher credentialsMatcher, AntPermissionResolver antPermissionResolver, UserService userService) {
        AuthorizingRealm authorizingRealm = new AuthorizingRealm();
        authorizingRealm.setPermissionResolver(antPermissionResolver);
        authorizingRealm.setCredentialsMatcher(credentialsMatcher);
        authorizingRealm.setAuthenticationCachingEnabled(true);
        authorizingRealm.setUserService(userService);
        return authorizingRealm;
    }

    @Bean
    protected CacheManager shiroCacheManager(org.springframework.cache.CacheManager cacheManager) {
        return new CoryShiroCacheManager(cacheManager);
    }

    @Bean
    public ShiroFilterChainDefinition shiroFilterChainDefinition() {
        DefaultShiroFilterChainDefinition defaultShiroFilterChainDefinition = new DefaultShiroFilterChainDefinition();
        defaultShiroFilterChainDefinition.addPathDefinition("/ajax/**", "user");
        defaultShiroFilterChainDefinition.addPathDefinition("/doLogin*", "authc");
        defaultShiroFilterChainDefinition.addPathDefinition("/logout*", "logout");
        defaultShiroFilterChainDefinition.addPathDefinition("/register*", "anon");
        defaultShiroFilterChainDefinition.addPathDefinition("/login*", "anon");
        defaultShiroFilterChainDefinition.addPathDefinition("/doRegister*", "anon");
        defaultShiroFilterChainDefinition.addPathDefinition("/error*", "anon");
        defaultShiroFilterChainDefinition.addPathDefinition("/errorPage*", "anon");
        defaultShiroFilterChainDefinition.addPathDefinition("/currentUser", "anon");
        defaultShiroFilterChainDefinition.addPathDefinition("/generateCsrfToken", "anon");
        defaultShiroFilterChainDefinition.addPathDefinition("/generateFormToken", "anon");
        defaultShiroFilterChainDefinition.addPathDefinition("/openapi/**", "anon");
        defaultShiroFilterChainDefinition.addPathDefinition("/captcha.svl*", "anon");
        defaultShiroFilterChainDefinition.addPathDefinition("/**", "user");
        return defaultShiroFilterChainDefinition;
    }

    @Bean
    public AuthenticationFilter authcFilter(@Value("${cory.shiro.success-url}") String str) {
        AuthenticationFilter authenticationFilter = new AuthenticationFilter();
        authenticationFilter.setLoginHandleUrl(LOGIN_HANDLE_URL);
        authenticationFilter.setUsernameParam(USERNAME_PARAM);
        authenticationFilter.setRememberMeParam(REMEMBERME_PARAM);
        authenticationFilter.setLoginUrl(LOGIN_URL);
        authenticationFilter.setSuccessUrl(str);
        return authenticationFilter;
    }

    @Bean
    public UserFilter userFilter() {
        return new UserFilter();
    }

    @Bean
    public LogoutFilter logoutFilter() {
        return new LogoutFilter();
    }

    @Bean
    public FilterRegistrationBean authcRegistration(AuthenticationFilter authenticationFilter) {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(authenticationFilter, new ServletRegistrationBean[0]);
        filterRegistrationBean.setEnabled(false);
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean userRegistration(UserFilter userFilter) {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(userFilter, new ServletRegistrationBean[0]);
        filterRegistrationBean.setEnabled(false);
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean logoutRegistration(LogoutFilter logoutFilter) {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(logoutFilter, new ServletRegistrationBean[0]);
        filterRegistrationBean.setEnabled(false);
        return filterRegistrationBean;
    }

    @Bean
    public DefaultWebSecurityManager securityManager(CacheManager cacheManager, CookieRememberMeManager cookieRememberMeManager, Realm realm) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRememberMeManager(cookieRememberMeManager);
        defaultWebSecurityManager.setRealm(realm);
        defaultWebSecurityManager.setCacheManager(cacheManager);
        SecurityUtils.setSecurityManager(defaultWebSecurityManager);
        return defaultWebSecurityManager;
    }

    @Bean
    public static LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }

    @Bean
    public SimpleCookie sessionIdCookie() {
        SimpleCookie simpleCookie = new SimpleCookie("sid");
        simpleCookie.setMaxAge(-1);
        simpleCookie.setHttpOnly(true);
        return simpleCookie;
    }

    @Bean
    public SimpleCookie rememberMeCookie() {
        SimpleCookie simpleCookie = new SimpleCookie(REMEMBERME_PARAM);
        simpleCookie.setMaxAge(2592000);
        simpleCookie.setHttpOnly(true);
        return simpleCookie;
    }

    @Bean
    public CookieRememberMeManager rememberMeManager(SimpleCookie simpleCookie) {
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        try {
            cookieRememberMeManager.setCipherKey("cory_cookie_key".getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e) {
        }
        cookieRememberMeManager.setCookie(simpleCookie);
        return cookieRememberMeManager;
    }
}
