package com.sinosoftgz.starter.shiro.jwt.config;

import com.alibaba.fastjson.JSON;
import com.sinosoftgz.starter.jwt.properties.JwtProperties;
import com.sinosoftgz.starter.jwt.utils.JwtUtils;
import com.sinosoftgz.starter.shiro.jwt.biz.UserAuthBiz;
import com.sinosoftgz.starter.shiro.jwt.filter.ShiroJwtAccessControlFilter;
import com.sinosoftgz.starter.shiro.jwt.interceptor.TokenRefreshInterceptor;
import com.sinosoftgz.starter.shiro.jwt.support.ShiroJwtRealm;
import com.sinosoftgz.starter.shiro.properties.ShiroProperties;
import com.sinosoftgz.starter.shiro.support.CustomDefaultSubjectFactory;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import org.apache.shiro.mgt.DefaultSessionStorageEvaluator;
import org.apache.shiro.mgt.DefaultSubjectDAO;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.mgt.SessionStorageEvaluator;
import org.apache.shiro.mgt.SubjectFactory;
import org.apache.shiro.session.mgt.DefaultSessionManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.util.CollectionUtils;
import org.springframework.web.filter.DelegatingFilterProxy;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.InterceptorRegistration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

@EnableConfigurationProperties({ShiroProperties.class, JwtProperties.class})
@Configuration
@ConditionalOnProperty(prefix = "spring.jwt", name = {"enabled"}, havingValue = "true", matchIfMissing = true)
/* loaded from: input_file:com/sinosoftgz/starter/shiro/jwt/config/ShiroJwtConfiguration.class */
public class ShiroJwtConfiguration {
    private static final Logger log = LoggerFactory.getLogger(ShiroJwtConfiguration.class);
    private static final String DEFAULT_URL = "/**";
    private static final String ANON = "anon";
    private static final String SHIRO_JWT_AUTHC = "shiroJwtAuthc";
    private static final String SHIRO_JWT_FILTER_FACTORY_NAME = "shiroJwtFilterFactoryBean";
    private JwtProperties jwtProperties;
    private ShiroProperties shiroProperties;

    @Configuration
    @ConditionalOnProperty(prefix = "spring.jwt", name = {"enable-auto-refresh-token"}, havingValue = "true", matchIfMissing = false)
    /* loaded from: input_file:com/sinosoftgz/starter/shiro/jwt/config/ShiroJwtConfiguration$ShiroJwtWebMvcConfigurer.class */
    public static class ShiroJwtWebMvcConfigurer extends WebMvcConfigurerAdapter {

        @Autowired
        private TokenRefreshInterceptor tokenRefreshInterceptor;

        @Autowired
        private JwtProperties prop;

        public void addInterceptors(InterceptorRegistry interceptorRegistry) {
            InterceptorRegistration addInterceptor = interceptorRegistry.addInterceptor(this.tokenRefreshInterceptor);
            List<String> urlPatterns = this.prop.getUrlPatterns();
            ShiroJwtConfiguration.log.info("启用token自动刷新机制，已注册TokenRefreshInterceptor");
            for (String str : urlPatterns) {
                ShiroJwtConfiguration.log.info("TokenRefreshInterceptor匹配URL规则：" + str);
                addInterceptor.addPathPatterns(new String[]{str});
            }
        }

        public void addCorsMappings(CorsRegistry corsRegistry) {
            Iterator it = this.prop.getUrlPatterns().iterator();
            while (it.hasNext()) {
                corsRegistry.addMapping((String) it.next()).exposedHeaders(new String[]{this.prop.getHeaderKeyOfToken()});
            }
        }
    }

    public ShiroJwtConfiguration(JwtProperties jwtProperties, ShiroProperties shiroProperties) {
        this.jwtProperties = jwtProperties;
        this.shiroProperties = shiroProperties;
    }

    @Bean
    public ShiroJwtRealm shiroJwtRealm() {
        ShiroJwtRealm shiroJwtRealm = new ShiroJwtRealm();
        shiroJwtRealm.setCachingEnabled(false);
        return shiroJwtRealm;
    }

    @Bean
    public CustomDefaultSubjectFactory subjectFactory() {
        return new CustomDefaultSubjectFactory(this.shiroProperties);
    }

    @Bean
    public SessionManager sessionManager() {
        DefaultSessionManager defaultSessionManager = new DefaultSessionManager();
        defaultSessionManager.setSessionValidationSchedulerEnabled(false);
        return defaultSessionManager;
    }

    @Bean
    public SessionStorageEvaluator sessionStorageEvaluator() {
        DefaultSessionStorageEvaluator defaultSessionStorageEvaluator = new DefaultSessionStorageEvaluator();
        defaultSessionStorageEvaluator.setSessionStorageEnabled(false);
        return defaultSessionStorageEvaluator;
    }

    @Bean
    public SecurityManager securityManager(ShiroJwtRealm shiroJwtRealm, SessionStorageEvaluator sessionStorageEvaluator, SubjectFactory subjectFactory, SessionManager sessionManager) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(shiroJwtRealm);
        DefaultSubjectDAO defaultSubjectDAO = new DefaultSubjectDAO();
        defaultSubjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator);
        defaultWebSecurityManager.setSubjectDAO(defaultSubjectDAO);
        defaultWebSecurityManager.setSubjectFactory(subjectFactory);
        defaultWebSecurityManager.setSessionManager(sessionManager);
        return defaultWebSecurityManager;
    }

    @Bean
    public ShiroJwtAccessControlFilter shiroJwtAccessControlFilter() {
        return new ShiroJwtAccessControlFilter(this.jwtProperties);
    }

    @Bean
    public FilterRegistrationBean registration(ShiroJwtAccessControlFilter shiroJwtAccessControlFilter) {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(shiroJwtAccessControlFilter, new ServletRegistrationBean[0]);
        filterRegistrationBean.setEnabled(false);
        return filterRegistrationBean;
    }

    @Bean(name = {SHIRO_JWT_FILTER_FACTORY_NAME})
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager, ShiroJwtAccessControlFilter shiroJwtAccessControlFilter) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put(SHIRO_JWT_AUTHC, shiroJwtAccessControlFilter);
        shiroFilterFactoryBean.setFilters(linkedHashMap);
        LinkedHashMap linkedHashMap2 = new LinkedHashMap();
        List urlExcludes = this.shiroProperties.getUrlExcludes();
        if (CollectionUtils.isEmpty(urlExcludes)) {
            log.info("Shiro URL Excludes Is Empty .");
        } else {
            log.info("Shiro URL Excludes : {}", JSON.toJSONString(urlExcludes));
            Iterator it = urlExcludes.iterator();
            while (it.hasNext()) {
                linkedHashMap2.put((String) it.next(), ANON);
            }
        }
        List urlPatterns = this.shiroProperties.getUrlPatterns();
        if (CollectionUtils.isEmpty(urlPatterns)) {
            log.warn("Shiro urlPatterns is empty,set default /**");
            linkedHashMap2.put(DEFAULT_URL, SHIRO_JWT_AUTHC);
        } else {
            Iterator it2 = urlPatterns.iterator();
            while (it2.hasNext()) {
                linkedHashMap2.put((String) it2.next(), SHIRO_JWT_AUTHC);
            }
        }
        shiroFilterFactoryBean.setFilterChainDefinitionMap(linkedHashMap2);
        return shiroFilterFactoryBean;
    }

    @Bean
    public FilterRegistrationBean delegatingFilterProxy() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        DelegatingFilterProxy delegatingFilterProxy = new DelegatingFilterProxy();
        delegatingFilterProxy.setTargetFilterLifecycle(true);
        delegatingFilterProxy.setTargetBeanName(SHIRO_JWT_FILTER_FACTORY_NAME);
        filterRegistrationBean.setFilter(delegatingFilterProxy);
        return filterRegistrationBean;
    }

    @Bean
    public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
        return defaultAdvisorAutoProxyCreator;
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }

    @ConditionalOnProperty(prefix = "spring.jwt", name = {"enable-auto-refresh-token"}, havingValue = "true", matchIfMissing = false)
    @Bean
    public TokenRefreshInterceptor tokenRefreshInterceptor(JwtProperties jwtProperties, UserAuthBiz userAuthBiz, JwtUtils jwtUtils) {
        return new TokenRefreshInterceptor(jwtProperties, userAuthBiz, jwtUtils);
    }
}
