package com.elitescloud.cloudt.authorization.api.client.config.security.configurer;

import com.elitescloud.cloudt.authorization.api.client.config.AuthorizationProperties;
import com.elitescloud.cloudt.authorization.api.client.config.security.configurer.filter.AccessTokenRenewalFilter;
import com.elitescloud.cloudt.authorization.api.client.config.security.configurer.filter.BearerTokenAuthenticationFilter;
import com.elitescloud.cloudt.authorization.api.client.config.security.configurer.provider.BearerTokenAuthenticationProvider;
import com.elitescloud.cloudt.authorization.api.client.config.security.handler.DefaultAuthenticationEntryPointHandler;
import com.elitescloud.cloudt.authorization.api.client.config.support.AuthenticationCache;
import java.util.Iterator;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.intercept.AuthorizationFilter;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.security.web.context.NullSecurityContextRepository;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.util.Assert;

/* loaded from: input_file:com/elitescloud/cloudt/authorization/api/client/config/security/configurer/DefaultAuthorizationConfigurer.class */
public class DefaultAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractHttpConfigurer<DefaultAuthorizationConfigurer<H>, H> {
    private static final Logger log = LogManager.getLogger(DefaultAuthorizationConfigurer.class);
    private final AuthorizationProperties authorizationProperties;
    private final AuthenticationCache authenticationCache;
    private final ObjectProvider<AuthorizationConfigurerCustomizer> authorizationConfigurerCustomizer;
    private AuthenticationEntryPoint authenticationEntryPoint;
    private boolean needBearerTokenAuthenticationFilter = false;

    public DefaultAuthorizationConfigurer(AuthorizationProperties authorizationProperties, AuthenticationCache authenticationCache, ObjectProvider<AuthorizationConfigurerCustomizer> objectProvider) {
        this.authorizationProperties = authorizationProperties;
        this.authenticationCache = authenticationCache;
        this.authorizationConfigurerCustomizer = objectProvider;
    }

    public void init(H h) throws Exception {
        Assert.notNull(this.authorizationProperties, "AuthorizationProperties为空");
        h.setSharedObject(AuthorizationProperties.class, this.authorizationProperties);
        h.setSharedObject(SecurityContextRepository.class, new NullSecurityContextRepository());
        if (this.authorizationConfigurerCustomizer != null) {
            Iterator it = this.authorizationConfigurerCustomizer.iterator();
            while (it.hasNext()) {
                ((AuthorizationConfigurerCustomizer) it.next()).init(h);
            }
        }
        super.init(h);
    }

    public void configure(H h) throws Exception {
        addBearerTokenAuthenticationFilter(h);
        addAccessTokenRenewalFilter(h);
        if (this.authorizationConfigurerCustomizer != null) {
            Iterator it = this.authorizationConfigurerCustomizer.iterator();
            while (it.hasNext()) {
                ((AuthorizationConfigurerCustomizer) it.next()).configure(h);
            }
        }
        super.configure(h);
    }

    public DefaultAuthorizationConfigurer<H> needBearerTokenAuthenticationFilter(boolean z) {
        this.needBearerTokenAuthenticationFilter = z;
        return this;
    }

    public DefaultAuthorizationConfigurer<H> authenticationEntryPoint(AuthenticationEntryPoint authenticationEntryPoint) {
        this.authenticationEntryPoint = authenticationEntryPoint;
        return this;
    }

    private void addAccessTokenRenewalFilter(H h) {
        if (this.authenticationCache == null) {
            return;
        }
        h.addFilterAfter(new AccessTokenRenewalFilter(this.authorizationProperties, this.authenticationCache), AuthorizationFilter.class);
    }

    private void addBearerTokenAuthenticationFilter(H h) {
        try {
            Class.forName("org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken");
            log.debug("已存在BearerTokenAuthenticationFilter");
            if (!this.needBearerTokenAuthenticationFilter) {
                return;
            }
        } catch (Exception e) {
        }
        BearerTokenAuthenticationFilter bearerTokenAuthenticationFilter = new BearerTokenAuthenticationFilter((AuthenticationManager) h.getSharedObject(AuthenticationManager.class));
        if (this.authenticationEntryPoint == null) {
            this.authenticationEntryPoint = new DefaultAuthenticationEntryPointHandler(this.authorizationProperties.getLoginPage());
        }
        bearerTokenAuthenticationFilter.setAuthenticationEntryPoint(this.authenticationEntryPoint);
        h.addFilterBefore(bearerTokenAuthenticationFilter, BasicAuthenticationFilter.class);
        SecurityContextRepository securityContextRepository = (SecurityContextRepository) h.getSharedObject(SecurityContextRepository.class);
        if (securityContextRepository != null) {
            bearerTokenAuthenticationFilter.setSecurityContextRepository(securityContextRepository);
        }
        h.authenticationProvider((AuthenticationProvider) postProcess(new BearerTokenAuthenticationProvider()));
    }
}
