package me.xethh.libs.spring.web.security.toolkits.preAuthenFilter;

import me.xethh.libs.spring.web.security.toolkits.preAuthenFilter.configuration.CustomizedWebSecurityConfigProperties;
import me.xethh.libs.spring.web.security.toolkits.preAuthenFilter.handler.FailHandler;
import me.xethh.utils.authUtils.authentication.Encoder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configurers.provisioning.InMemoryUserDetailsManagerConfigurer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

@EnableConfigurationProperties({CustomizedWebSecurityConfigProperties.class})
/* loaded from: input_file:me/xethh/libs/spring/web/security/toolkits/preAuthenFilter/CustomizedWebSecurityConfig.class */
public class CustomizedWebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    RestAuthenticationEntryPoint restAuthenticationEntryPoint;

    @Autowired
    BCryptPasswordEncoder bCryptPasswordEncoder;

    @Autowired
    CustomizedWebSecurityConfigProperties properties;

    @Configuration
    /* loaded from: input_file:me/xethh/libs/spring/web/security/toolkits/preAuthenFilter/CustomizedWebSecurityConfig$Config.class */
    public static class Config {
        @Bean
        public BCryptPasswordEncoder bCryptPasswordEncoder() {
            return Encoder.newBCryptEncoder();
        }

        @Bean
        public FailHandler failHandler(@Autowired ExceptionSetter exceptionSetter) {
            return new FailHandler(exceptionSetter);
        }

        @Bean
        public RestAuthenticationEntryPoint restAuthenticationEntryPoint(@Autowired ExceptionSetter exceptionSetter) {
            return new RestAuthenticationEntryPoint(exceptionSetter);
        }
    }

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf().disable().exceptionHandling().authenticationEntryPoint(this.restAuthenticationEntryPoint).and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().httpBasic();
        for (CustomizedWebSecurityConfigProperties.Match match : this.properties.getMatches()) {
            CustomizedWebSecurityConfigProperties.MatchType type = match.getType();
            String url = match.getUrl();
            String value = match.getValue();
            ExpressionUrlAuthorizationConfigurer.AuthorizedUrl authorizedUrl = (ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().antMatchers(new String[]{url});
            switch (type) {
                case HAS_ROLE:
                    authorizedUrl.hasRole(value);
                    break;
                case PERMIT_ALL:
                    authorizedUrl.permitAll();
                    break;
                case ANONYMOUS:
                    authorizedUrl.anonymous();
                    break;
                case AUTHENTICATED:
                    authorizedUrl.authenticated();
                    throw new RuntimeException("IP filter not support yet");
                case IS_IP:
                    throw new RuntimeException("IP filter not support yet");
            }
        }
    }

    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        for (CustomizedWebSecurityConfigProperties.Provider provider : this.properties.getProviders()) {
            switch (provider.getProviderType()) {
                case MEMORY:
                    InMemoryUserDetailsManagerConfigurer inMemoryAuthentication = authenticationManagerBuilder.inMemoryAuthentication();
                    for (CustomizedWebSecurityConfigProperties.AuthPair authPair : provider.getAuthens()) {
                        inMemoryAuthentication.withUser(authPair.getUsername()).password(this.bCryptPasswordEncoder.encode(authPair.getPassword())).roles((String[]) authPair.getRoles().toArray(new String[authPair.getRoles().size()]));
                    }
                    break;
                case CLASS:
                    throw new RuntimeException(String.format("Provider type[%s] not supported", provider.getProviderType()));
            }
        }
    }
}
