package io.github.toquery.framework.security.jwt.config;

import io.github.toquery.framework.security.config.AppWebSecurityConfig;
import io.github.toquery.framework.security.jwt.JwtAuthenticationEntryPoint;
import io.github.toquery.framework.security.jwt.JwtTokenUtil;
import io.github.toquery.framework.security.jwt.filter.JwtAuthorizationTokenFilter;
import io.github.toquery.framework.security.jwt.properties.AppSecurityJwtProperties;
import io.github.toquery.framework.security.properties.AppSecurityProperties;
import javax.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.filter.OncePerRequestFilter;

@Configuration
@Order(50)
/* loaded from: input_file:io/github/toquery/framework/security/jwt/config/AppWebSecurityJwtConfig.class */
public class AppWebSecurityJwtConfig extends AppWebSecurityConfig {
    private static final Logger log = LoggerFactory.getLogger(AppWebSecurityJwtConfig.class);

    @Resource
    private JwtAuthenticationEntryPoint unauthorizedHandler;

    @Resource
    private UserDetailsService userDetailsService;

    @Resource
    private AppSecurityJwtProperties appSecurityJwtProperties;

    @Resource
    private AppSecurityProperties appSecurityProperties;

    @Resource
    private JwtTokenUtil jwtTokenUtil;

    public AppWebSecurityJwtConfig() {
        log.info("初始化 App Web Security Jwt 配置");
    }

    public AppWebSecurityJwtConfig(boolean z) {
        super(z);
        log.info("初始化 App Web Security Jwt 配置，disableDefaults = {} ", Boolean.valueOf(z));
    }

    @Bean
    public OncePerRequestFilter getFilter() {
        return new JwtAuthorizationTokenFilter(this.userDetailsService, this.jwtTokenUtil, this.appSecurityProperties, this.appSecurityJwtProperties);
    }

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        super.configure(httpSecurity);
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.csrf().disable().exceptionHandling().authenticationEntryPoint(this.unauthorizedHandler).and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().authorizeRequests().anyRequest()).authenticated();
        httpSecurity.addFilterBefore(getFilter(), UsernamePasswordAuthenticationFilter.class);
        httpSecurity.headers().frameOptions().sameOrigin().cacheControl();
    }

    protected String[] getCustomizeWhitelist() {
        AppSecurityJwtProperties.AppJwtPathProperties path = this.appSecurityJwtProperties.getPath();
        return new String[]{path.getRegister(), path.getToken()};
    }
}
