package com.el.edp.web;

import com.el.core.web.OpResult;
import com.el.edp.EdpAppProperties;
import com.el.edp.iam.support.repository.account.EdpIamPermission;
import com.el.edp.iam.support.util.EdpIamUtil;
import com.el.edp.web.isolation.EdpWebDefaultSessionCommandIsolationStrategy;
import com.el.edp.web.isolation.EdpWebRedisSessionCommandIsolator;
import com.el.edp.web.isolation.EdpWebSessionCommandIsolationStrategy;
import com.el.edp.web.isolation.EdpWebSessionCommandIsolator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.data.redis.RedisAutoConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

@EnableConfigurationProperties({EdpWebSecurityProperties.class})
@Configuration
@AutoConfigureAfter({RedisAutoConfiguration.class})
/* loaded from: input_file:com/el/edp/web/EdpWebSecurityConfiguration.class */
public class EdpWebSecurityConfiguration extends WebMvcConfigurerAdapter {
    private static final Logger log = LoggerFactory.getLogger(EdpWebSecurityConfiguration.class);
    private final EdpWebSecurityProperties securityProperties;

    @Autowired(required = false)
    private EdpWebCorsConfigurer webCorsConfigurer;

    public void addCorsMappings(CorsRegistry corsRegistry) {
        String allowedOrigin = this.securityProperties.allowedOrigin();
        if (StringUtils.hasText(allowedOrigin)) {
            log.info("[EDP-WEB] CORS enabled with {}", allowedOrigin);
            if (this.webCorsConfigurer != null) {
                this.webCorsConfigurer.config(corsRegistry, this.securityProperties);
            } else {
                corsRegistry.addMapping("/**").allowedOrigins(new String[]{allowedOrigin}).allowCredentials(true).allowedHeaders(new String[]{EdpIamPermission.ACT_FULL_CTL}).allowedMethods(new String[]{EdpIamPermission.ACT_FULL_CTL}).exposedHeaders(new String[]{OpResult.HTTP_HEADER_ATTR});
            }
        }
    }

    @ConditionalOnMissingBean
    @Bean
    EdpWebXsrfChecker edpWebXsrfChecker() {
        log.info("[EDP-WEB] edpWebXsrfChecker (enable: {})", Boolean.valueOf(this.securityProperties.xsrfEnabled()));
        return httpServletRequest -> {
            return !this.securityProperties.xsrfEnabled() || EdpIamUtil.checkXsrfToken(httpServletRequest);
        };
    }

    @ConditionalOnMissingBean
    @Bean
    EdpWebCaptchaMatcher edpWebCaptchaMatcher() {
        log.info("[EDP-WEB] edpWebCaptchaMatcher (enable: {})", Boolean.valueOf(this.securityProperties.captchaEnabled()));
        return this.securityProperties.captchaEnabled() ? EdpWebCaptchaMatcher.DO_CHECK : EdpWebCaptchaMatcher.NO_CHECK;
    }

    @ConditionalOnMissingBean
    @Bean
    EdpWebSecuritySigner edpWebSecuritySigner() {
        log.info("[EDP-WEB] edpWebSecuritySigner ({})", this.securityProperties.getSign());
        return new EdpWebSecurityDefaultSigner(this.securityProperties.getSign());
    }

    @ConditionalOnMissingBean
    @Bean
    public EdpWebSessionCommandIsolationStrategy edpWebDefaultSessionCommandIsolationStrategy(EdpWebSecurityProperties edpWebSecurityProperties) {
        log.info("[EDP-WEB] edpWebDefaultSessionCommandIsolationStrategy (isolation timeout: {}s)", Integer.valueOf(edpWebSecurityProperties.getIsolation()));
        return new EdpWebDefaultSessionCommandIsolationStrategy(edpWebSecurityProperties);
    }

    @ConditionalOnMissingBean
    @Bean
    public EdpWebSessionCommandIsolator edpWebRedisSessionCommandIsolator(EdpAppProperties edpAppProperties, RedisTemplate<Object, Object> redisTemplate, EdpWebSessionCommandIsolationStrategy edpWebSessionCommandIsolationStrategy) {
        log.info("[EDP-WEB] edpWebRedisSessionCommandIsolator");
        return new EdpWebRedisSessionCommandIsolator(edpAppProperties, redisTemplate, edpWebSessionCommandIsolationStrategy);
    }

    public EdpWebSecurityConfiguration(EdpWebSecurityProperties edpWebSecurityProperties) {
        this.securityProperties = edpWebSecurityProperties;
    }
}
