package com.dtt.ora.common.security.component;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.authentication.TokenExtractor;
import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
import org.springframework.web.client.RestTemplate;

/* loaded from: input_file:BOOT-INF/lib/ora-common-security-3.9.0.jar:com/dtt/ora/common/security/component/OraResourceServerConfigurerAdapter.class */
public class OraResourceServerConfigurerAdapter extends ResourceServerConfigurerAdapter {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) OraResourceServerConfigurerAdapter.class);

    @Autowired
    protected ResourceAuthExceptionEntryPoint resourceAuthExceptionEntryPoint;

    @Autowired
    protected RemoteTokenServices remoteTokenServices;

    @Autowired
    private PermitAllUrlProperties permitAllUrlProperties;

    @Autowired
    private TokenExtractor tokenExtractor;

    @Autowired
    private RestTemplate lbRestTemplate;

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter, org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer
    public void configure(HttpSecurity httpSecurity) {
        httpSecurity.headers().frameOptions().disable();
        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry authorizeRequests = httpSecurity.authorizeRequests();
        this.permitAllUrlProperties.getIgnoreUrls().forEach(str -> {
            authorizeRequests.antMatchers(str).permitAll();
        });
        ((HttpSecurity) authorizeRequests.anyRequest().authenticated().and()).csrf().disable();
    }

    @Override // org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter, org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer
    public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
        DefaultAccessTokenConverter defaultAccessTokenConverter = new DefaultAccessTokenConverter();
        defaultAccessTokenConverter.setUserTokenConverter(new OraUserAuthenticationConverter());
        this.remoteTokenServices.setRestTemplate(this.lbRestTemplate);
        this.remoteTokenServices.setAccessTokenConverter(defaultAccessTokenConverter);
        resourceServerSecurityConfigurer.authenticationEntryPoint(this.resourceAuthExceptionEntryPoint).tokenExtractor(this.tokenExtractor).tokenServices(this.remoteTokenServices);
    }
}
