package cn.iocoder.yudao.framework.security.config;

import cn.hutool.core.collection.CollUtil;
import cn.iocoder.yudao.framework.common.util.collection.CollectionUtils;
import cn.iocoder.yudao.framework.security.core.filter.TokenAuthenticationFilter;
import cn.iocoder.yudao.framework.web.config.WebProperties;
import com.google.common.collect.HashMultimap;
import com.google.common.collect.Multimap;
import jakarta.annotation.Resource;
import jakarta.annotation.security.PermitAll;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.AutoConfigureOrder;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;

@AutoConfiguration
@AutoConfigureOrder(-1)
@EnableMethodSecurity(securedEnabled = true)
/* loaded from: input_file:cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.class */
public class YudaoWebSecurityConfigurerAdapter {

    @Resource
    private WebProperties webProperties;

    @Resource
    private SecurityProperties securityProperties;

    @Resource
    private AuthenticationEntryPoint authenticationEntryPoint;

    @Resource
    private AccessDeniedHandler accessDeniedHandler;

    @Resource
    private TokenAuthenticationFilter authenticationTokenFilter;

    @Resource
    private List<AuthorizeRequestsCustomizer> authorizeRequestsCustomizers;

    @Resource
    private ApplicationContext applicationContext;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: cn.iocoder.yudao.framework.security.config.YudaoWebSecurityConfigurerAdapter$1, reason: invalid class name */
    /* loaded from: input_file:cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$springframework$web$bind$annotation$RequestMethod = new int[RequestMethod.values().length];

        static {
            try {
                $SwitchMap$org$springframework$web$bind$annotation$RequestMethod[RequestMethod.GET.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$springframework$web$bind$annotation$RequestMethod[RequestMethod.POST.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$springframework$web$bind$annotation$RequestMethod[RequestMethod.PUT.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$springframework$web$bind$annotation$RequestMethod[RequestMethod.DELETE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$springframework$web$bind$annotation$RequestMethod[RequestMethod.HEAD.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$springframework$web$bind$annotation$RequestMethod[RequestMethod.PATCH.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    @Bean
    public AuthenticationManager authenticationManagerBean(AuthenticationConfiguration authenticationConfiguration) throws Exception {
        return authenticationConfiguration.getAuthenticationManager();
    }

    @Bean
    protected SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.cors(Customizer.withDefaults()).csrf((v0) -> {
            v0.disable();
        }).sessionManagement(sessionManagementConfigurer -> {
            sessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        }).headers(headersConfigurer -> {
            headersConfigurer.frameOptions((v0) -> {
                v0.disable();
            });
        }).exceptionHandling(exceptionHandlingConfigurer -> {
            exceptionHandlingConfigurer.authenticationEntryPoint(this.authenticationEntryPoint).accessDeniedHandler(this.accessDeniedHandler);
        });
        Multimap<HttpMethod, String> permitAllUrlsFromAnnotations = getPermitAllUrlsFromAnnotations();
        httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers(HttpMethod.GET, new String[]{"/*.html", "/*.html", "/*.css", "/*.js"})).permitAll().requestMatchers(HttpMethod.GET, (String[]) permitAllUrlsFromAnnotations.get(HttpMethod.GET).toArray(new String[0]))).permitAll().requestMatchers(HttpMethod.POST, (String[]) permitAllUrlsFromAnnotations.get(HttpMethod.POST).toArray(new String[0]))).permitAll().requestMatchers(HttpMethod.PUT, (String[]) permitAllUrlsFromAnnotations.get(HttpMethod.PUT).toArray(new String[0]))).permitAll().requestMatchers(HttpMethod.DELETE, (String[]) permitAllUrlsFromAnnotations.get(HttpMethod.DELETE).toArray(new String[0]))).permitAll().requestMatchers(HttpMethod.HEAD, (String[]) permitAllUrlsFromAnnotations.get(HttpMethod.HEAD).toArray(new String[0]))).permitAll().requestMatchers(HttpMethod.PATCH, (String[]) permitAllUrlsFromAnnotations.get(HttpMethod.PATCH).toArray(new String[0]))).permitAll().requestMatchers((String[]) this.securityProperties.getPermitAllUrls().toArray(new String[0]))).permitAll();
        }).authorizeHttpRequests(authorizationManagerRequestMatcherRegistry2 -> {
            this.authorizeRequestsCustomizers.forEach(authorizeRequestsCustomizer -> {
                authorizeRequestsCustomizer.customize(authorizationManagerRequestMatcherRegistry2);
            });
        }).authorizeHttpRequests(authorizationManagerRequestMatcherRegistry3 -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry3.anyRequest()).authenticated();
        });
        httpSecurity.addFilterBefore(this.authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
        return (SecurityFilterChain) httpSecurity.build();
    }

    private String buildAppApi(String str) {
        return this.webProperties.getAppApi().getPrefix() + str;
    }

    private Multimap<HttpMethod, String> getPermitAllUrlsFromAnnotations() {
        HashMultimap create = HashMultimap.create();
        for (Map.Entry entry : ((RequestMappingHandlerMapping) this.applicationContext.getBean("requestMappingHandlerMapping")).getHandlerMethods().entrySet()) {
            if (((HandlerMethod) entry.getValue()).hasMethodAnnotation(PermitAll.class)) {
                HashSet hashSet = new HashSet();
                if (((RequestMappingInfo) entry.getKey()).getPatternsCondition() != null) {
                    hashSet.addAll(((RequestMappingInfo) entry.getKey()).getPatternsCondition().getPatterns());
                }
                if (((RequestMappingInfo) entry.getKey()).getPathPatternsCondition() != null) {
                    hashSet.addAll(CollectionUtils.convertList(((RequestMappingInfo) entry.getKey()).getPathPatternsCondition().getPatterns(), (v0) -> {
                        return v0.getPatternString();
                    }));
                }
                if (!hashSet.isEmpty()) {
                    if (CollUtil.isEmpty(((RequestMappingInfo) entry.getKey()).getMethodsCondition().getMethods())) {
                        create.putAll(HttpMethod.GET, hashSet);
                        create.putAll(HttpMethod.POST, hashSet);
                        create.putAll(HttpMethod.PUT, hashSet);
                        create.putAll(HttpMethod.DELETE, hashSet);
                        create.putAll(HttpMethod.HEAD, hashSet);
                        create.putAll(HttpMethod.PATCH, hashSet);
                    } else {
                        ((RequestMappingInfo) entry.getKey()).getMethodsCondition().getMethods().forEach(requestMethod -> {
                            switch (AnonymousClass1.$SwitchMap$org$springframework$web$bind$annotation$RequestMethod[requestMethod.ordinal()]) {
                                case 1:
                                    create.putAll(HttpMethod.GET, hashSet);
                                    return;
                                case 2:
                                    create.putAll(HttpMethod.POST, hashSet);
                                    return;
                                case 3:
                                    create.putAll(HttpMethod.PUT, hashSet);
                                    return;
                                case 4:
                                    create.putAll(HttpMethod.DELETE, hashSet);
                                    return;
                                case 5:
                                    create.putAll(HttpMethod.HEAD, hashSet);
                                    return;
                                case 6:
                                    create.putAll(HttpMethod.PATCH, hashSet);
                                    return;
                                default:
                                    return;
                            }
                        });
                    }
                }
            }
        }
        return create;
    }
}
