package com.elitescloud.boot.auth.client.config.support.springcloud;

import com.elitescloud.boot.auth.client.config.AuthorizationProperties;
import com.elitescloud.boot.util.JwtUtil;
import com.nimbusds.jose.jwk.RSAKey;
import java.util.Collections;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.bootstrap.encrypt.KeyProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Import;
import org.springframework.core.io.Resource;
import org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;

@Import({JwtConfig.class})
/* loaded from: input_file:com/elitescloud/boot/auth/client/config/support/springcloud/SecuritySpringCloudConfig.class */
public class SecuritySpringCloudConfig {

    @Import({a.class, b.class})
    /* loaded from: input_file:com/elitescloud/boot/auth/client/config/support/springcloud/SecuritySpringCloudConfig$JwtConfig.class */
    static class JwtConfig {
        private final AuthorizationProperties a;

        @ConfigurationProperties(CustomKeyProperties.PREFIX)
        /* loaded from: input_file:com/elitescloud/boot/auth/client/config/support/springcloud/SecuritySpringCloudConfig$JwtConfig$CustomKeyProperties.class */
        static class CustomKeyProperties {
            private static final String PREFIX = "encrypt";
            private String a;
            private String b = "deadbeef";
            private boolean c = true;
            private KeyStore d = new KeyStore();

            /* loaded from: input_file:com/elitescloud/boot/auth/client/config/support/springcloud/SecuritySpringCloudConfig$JwtConfig$CustomKeyProperties$KeyStore.class */
            public static class KeyStore {
                private Resource a;
                private String b;
                private String c;
                private String d;
                private String e = "jks";

                public String getAlias() {
                    return this.c;
                }

                public void setAlias(String str) {
                    this.c = str;
                }

                public Resource getLocation() {
                    return this.a;
                }

                public void setLocation(Resource resource) {
                    this.a = resource;
                }

                public String getPassword() {
                    return this.b;
                }

                public String getType() {
                    return this.e;
                }

                public void setPassword(String str) {
                    this.b = str;
                }

                public String getSecret() {
                    return this.d == null ? this.b : this.d;
                }

                public void setSecret(String str) {
                    this.d = str;
                }

                public void setType(String str) {
                    this.e = str;
                }
            }

            CustomKeyProperties() {
            }

            public boolean isFailOnError() {
                return this.c;
            }

            public void setFailOnError(boolean z) {
                this.c = z;
            }

            public String getKey() {
                return this.a;
            }

            public void setKey(String str) {
                this.a = str;
            }

            public String getSalt() {
                return this.b;
            }

            public void setSalt(String str) {
                this.b = str;
            }

            public KeyStore getKeyStore() {
                return this.d;
            }

            public void setKeyStore(KeyStore keyStore) {
                this.d = keyStore;
            }
        }

        @ConditionalOnMissingClass({"org.springframework.cloud.bootstrap.encrypt.KeyProperties"})
        @EnableConfigurationProperties({CustomKeyProperties.class})
        @ConditionalOnProperty(prefix = "encrypt.key-store", name = {"location"})
        /* loaded from: input_file:com/elitescloud/boot/auth/client/config/support/springcloud/SecuritySpringCloudConfig$JwtConfig$a.class */
        static class a {
            a() {
            }

            @ConditionalOnMissingBean
            @Bean
            public RSAKey rsaKeySource(CustomKeyProperties customKeyProperties) {
                CustomKeyProperties.KeyStore keyStore = customKeyProperties.getKeyStore();
                return JwtUtil.loadRSAKey(JwtUtil.loadKeystore(keyStore.getLocation(), keyStore.getType(), keyStore.getPassword(), keyStore.getAlias(), keyStore.getSecret()), keyStore.getAlias(), keyStore.getSecret());
            }
        }

        @ConditionalOnClass({KeyProperties.class})
        /* loaded from: input_file:com/elitescloud/boot/auth/client/config/support/springcloud/SecuritySpringCloudConfig$JwtConfig$b.class */
        static class b {
            b() {
            }

            @ConditionalOnMissingBean
            @Bean
            public RSAKey rsaKeySource(KeyProperties keyProperties) {
                KeyProperties.KeyStore keyStore = keyProperties.getKeyStore();
                return JwtUtil.loadRSAKey(JwtUtil.loadKeystore(keyStore.getLocation(), keyStore.getType(), keyStore.getPassword(), keyStore.getAlias(), keyStore.getSecret()), keyStore.getAlias(), keyStore.getSecret());
            }
        }

        public JwtConfig(AuthorizationProperties authorizationProperties) {
            this.a = authorizationProperties;
        }

        @ConditionalOnMissingBean
        @Bean
        public JwtDecoder jwtDecoder(RSAKey rSAKey) {
            NimbusJwtDecoder buildJwtDecoder = JwtUtil.buildJwtDecoder(rSAKey);
            if (buildJwtDecoder instanceof NimbusJwtDecoder) {
                NimbusJwtDecoder nimbusJwtDecoder = buildJwtDecoder;
                if (this.a.getTokenRenewal() != null && this.a.getTokenRenewal().toSeconds() > 0) {
                    nimbusJwtDecoder.setJwtValidator(new DelegatingOAuth2TokenValidator(Collections.emptyList()));
                }
            }
            return buildJwtDecoder;
        }
    }
}
