package net.guerlab.smart.platform.basic.admin;

import de.codecentric.boot.admin.server.config.AdminServerProperties;
import java.util.UUID;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;

@Configuration(proxyBeanMethods = false)
/* loaded from: input_file:net/guerlab/smart/platform/basic/admin/SecuritySecureConfig.class */
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
    private final AdminServerProperties adminServer;

    public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
        this.adminServer = adminServerProperties;
    }

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        SavedRequestAwareAuthenticationSuccessHandler savedRequestAwareAuthenticationSuccessHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        savedRequestAwareAuthenticationSuccessHandler.setTargetUrlParameter("redirectTo");
        savedRequestAwareAuthenticationSuccessHandler.setDefaultTargetUrl(this.adminServer.path("/"));
        httpSecurity.csrf().ignoringAntMatchers(new String[]{"/actuator/**"});
        httpSecurity.authorizeRequests(expressionInterceptUrlRegistry -> {
            ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) expressionInterceptUrlRegistry.antMatchers(new String[]{this.adminServer.path("/assets/**")})).permitAll().antMatchers(new String[]{this.adminServer.path("/actuator/**")})).permitAll().antMatchers(new String[]{this.adminServer.path("/login")})).permitAll().anyRequest()).authenticated();
        }).formLogin(formLoginConfigurer -> {
            formLoginConfigurer.loginPage(this.adminServer.path("/login")).successHandler(savedRequestAwareAuthenticationSuccessHandler).and();
        }).logout(logoutConfigurer -> {
            logoutConfigurer.logoutUrl(this.adminServer.path("/logout"));
        }).httpBasic(Customizer.withDefaults()).csrf(csrfConfigurer -> {
            csrfConfigurer.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(new RequestMatcher[]{new AntPathRequestMatcher(this.adminServer.path("/instances"), HttpMethod.POST.toString()), new AntPathRequestMatcher(this.adminServer.path("/instances/*"), HttpMethod.DELETE.toString()), new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))});
        }).rememberMe(rememberMeConfigurer -> {
            rememberMeConfigurer.key(UUID.randomUUID().toString()).tokenValiditySeconds(1209600);
        });
    }
}
