package biz.devstack.springframework.boot.config.security;

import biz.devstack.springframework.boot.exception.RestException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/* loaded from: input_file:biz/devstack/springframework/boot/config/security/JwtSecurityConfig.class */
public abstract class JwtSecurityConfig {

    @Autowired
    private TokenService tokenService;

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        authorizeHttpRequests(httpSecurity).httpBasic((v0) -> {
            v0.disable();
        }).formLogin((v0) -> {
            v0.disable();
        }).logout((v0) -> {
            v0.disable();
        }).csrf((v0) -> {
            v0.disable();
        }).cors((v0) -> {
            v0.disable();
        }).anonymous((v0) -> {
            v0.disable();
        }).exceptionHandling(exceptionHandlingConfigurer -> {
            exceptionHandlingConfigurer.accessDeniedHandler((httpServletRequest, httpServletResponse, accessDeniedException) -> {
                throw RestException.forbidden("You don't have permission to access this resource!");
            }).authenticationEntryPoint((httpServletRequest2, httpServletResponse2, authenticationException) -> {
                throw RestException.unauthorized("You are unauthorized to access this resource!");
            });
        }).sessionManagement(sessionManagementConfigurer -> {
            sessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        });
        httpSecurity.addFilterBefore(new JwtAuthenticationFilter(this.tokenService), UsernamePasswordAuthenticationFilter.class);
        httpSecurity.addFilterBefore(new JwtExceptionHandlerFilter(), JwtAuthenticationFilter.class);
        return (SecurityFilterChain) httpSecurity.build();
    }

    @Bean
    public WebSecurityCustomizer webSecurityCustomizer() {
        return webSecurity -> {
            webSecurity.ignoring().requestMatchers(new String[]{"/swagger-ui/**", "/v3/api-docs/**"});
        };
    }

    protected HttpSecurity authorizeHttpRequests(HttpSecurity httpSecurity) throws Exception {
        return httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers(HttpMethod.OPTIONS)).permitAll().requestMatchers(new String[]{"/users/authenticate"})).permitAll().anyRequest()).authenticated();
        });
    }
}
