package net.cofcool.chaos.server.security.shiro.config;

import java.util.ArrayList;
import java.util.HashMap;
import net.cofcool.chaos.server.common.security.PasswordProcessor;
import net.cofcool.chaos.server.common.security.authorization.AuthService;
import net.cofcool.chaos.server.common.security.authorization.UserAuthorizationService;
import net.cofcool.chaos.server.core.config.WebApplicationContext;
import net.cofcool.chaos.server.security.shiro.access.AccountCredentialsMatcher;
import net.cofcool.chaos.server.security.shiro.access.AuthRealm;
import net.cofcool.chaos.server.security.shiro.access.ExceptionAuthenticationStrategy;
import net.cofcool.chaos.server.security.shiro.access.JsonAuthenticationFilter;
import net.cofcool.chaos.server.security.shiro.access.PermissionFilter;
import net.cofcool.chaos.server.security.shiro.authorization.ShiroAuthServiceImpl;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.Authenticator;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.BeanPostProcessor;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
/* loaded from: input_file:net/cofcool/chaos/server/security/shiro/config/ShiroAutoConfiguration.class */
public class ShiroAutoConfiguration {
    @ConditionalOnMissingBean
    @Bean
    public ShiroFilterFactoryBean shiroFilter(UserAuthorizationService userAuthorizationService, SessionManager sessionManager, @Autowired(required = false) CacheManager cacheManager, PasswordProcessor passwordProcessor) {
        HashMap hashMap = new HashMap();
        hashMap.put(PermissionFilter.FILTER_KEY, new PermissionFilter(userAuthorizationService));
        hashMap.put(JsonAuthenticationFilter.FILTER_KEY, new JsonAuthenticationFilter(WebApplicationContext.getConfiguration().getAuth().getLoginUrl()));
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setFilters(hashMap);
        shiroFilterFactoryBean.setSecurityManager(createSecurityManager(sessionManager, createDefaultAuthenticator(userAuthorizationService, passwordProcessor), cacheManager));
        shiroFilterFactoryBean.setLoginUrl(WebApplicationContext.getConfiguration().getAuth().getLoginUrl());
        shiroFilterFactoryBean.setUnauthorizedUrl(WebApplicationContext.getConfiguration().getAuth().getUnauthUrl());
        shiroFilterFactoryBean.setFilterChainDefinitions(WebApplicationContext.getConfiguration().getAuth().getUrls());
        return shiroFilterFactoryBean;
    }

    private SecurityManager createSecurityManager(SessionManager sessionManager, Authenticator authenticator, CacheManager cacheManager) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        if (cacheManager != null) {
            defaultWebSecurityManager.setCacheManager(cacheManager);
        }
        defaultWebSecurityManager.setSessionManager(sessionManager);
        defaultWebSecurityManager.setAuthenticator(authenticator);
        SecurityUtils.setSecurityManager(defaultWebSecurityManager);
        return defaultWebSecurityManager;
    }

    public ModularRealmAuthenticator createDefaultAuthenticator(UserAuthorizationService userAuthorizationService, PasswordProcessor passwordProcessor) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(createDefaultAuthRealm(userAuthorizationService, passwordProcessor));
        ModularRealmAuthenticator modularRealmAuthenticator = new ModularRealmAuthenticator();
        modularRealmAuthenticator.setAuthenticationStrategy(new ExceptionAuthenticationStrategy());
        modularRealmAuthenticator.setRealms(arrayList);
        return modularRealmAuthenticator;
    }

    private Realm createDefaultAuthRealm(UserAuthorizationService userAuthorizationService, PasswordProcessor passwordProcessor) {
        AccountCredentialsMatcher accountCredentialsMatcher = new AccountCredentialsMatcher();
        accountCredentialsMatcher.setPasswordProcessor(passwordProcessor);
        AuthRealm authRealm = new AuthRealm();
        authRealm.setCredentialsMatcher(accountCredentialsMatcher);
        authRealm.setUserAuthorizationService(userAuthorizationService);
        return authRealm;
    }

    @Bean
    public AuthService authService(UserAuthorizationService userAuthorizationService) {
        ShiroAuthServiceImpl shiroAuthServiceImpl = new ShiroAuthServiceImpl();
        shiroAuthServiceImpl.setUserAuthorizationService(userAuthorizationService);
        return shiroAuthServiceImpl;
    }

    @ConditionalOnMissingBean
    @Bean
    public SessionManager sessionManager() {
        return new DefaultWebSessionManager();
    }

    @Bean
    public BeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }
}
