package sog.base.oauth.config;

import java.util.ArrayList;
import java.util.List;
import javax.annotation.Resource;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.vote.AffirmativeBased;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint;
import sog.base.commons.beans.SogServerProperties;
import sog.base.oauth.cache.UrlPermissionCache;
import sog.base.oauth.handler.Oauth2ResponseExceptionTranslator;
import sog.base.oauth.service.LoginUserService;
import sog.base.oauth.vote.DefaultUrlPermissionVoter;

/* loaded from: input_file:sog/base/oauth/config/AbstractResourceServerConfiguration.class */
public abstract class AbstractResourceServerConfiguration extends ResourceServerConfigurerAdapter implements PermitURLConfiguration {

    @Resource
    private UrlPermissionCache urlPermissionCache;

    @Resource
    private LoginUserService loginUserService;

    @Resource
    private SogServerProperties sogServerProperties;
    private final List<String> DEFAULT_PERMIT_URLS = new ArrayList() { // from class: sog.base.oauth.config.AbstractResourceServerConfiguration.1
        {
            add("/**/swagger-resources/**");
            add("/**/v2/api-docs/**");
            add("/**/api-doc.html");
            add("/**/webjars/**");
        }
    };

    protected AccessDecisionManager accessDecisionManager() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new DefaultUrlPermissionVoter(this.loginUserService, this.urlPermissionCache));
        return new AffirmativeBased(arrayList);
    }

    public void configure(HttpSecurity httpSecurity) throws Exception {
        this.urlPermissionCache.addDefaultUrlPermissionsToCache(getPermitUrls());
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.csrf().disable().authorizeRequests().accessDecisionManager(accessDecisionManager()).anyRequest()).authenticated().and().httpBasic();
    }

    public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
        OAuth2AuthenticationEntryPoint oAuth2AuthenticationEntryPoint = new OAuth2AuthenticationEntryPoint();
        oAuth2AuthenticationEntryPoint.setExceptionTranslator(new Oauth2ResponseExceptionTranslator());
        resourceServerSecurityConfigurer.authenticationEntryPoint(oAuth2AuthenticationEntryPoint);
    }

    protected abstract List<String> getDefaultPermitUrls();

    @Override // sog.base.oauth.config.PermitURLConfiguration
    public List<String> getPermitUrls() {
        List<String> defaultPermitUrls = getDefaultPermitUrls();
        defaultPermitUrls.addAll(this.DEFAULT_PERMIT_URLS);
        defaultPermitUrls.add(this.sogServerProperties.getContextPath());
        return defaultPermitUrls;
    }
}
