package cn.gtmap.geo.cas.security;

import cn.gtmap.geo.cas.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.BeanIds;
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
import org.springframework.security.web.session.SessionInformationExpiredStrategy;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.util.StringUtils;

@Configuration
@EnableWebSecurity
/* loaded from: input_file:BOOT-INF/classes/cn/gtmap/geo/cas/security/GtmapWebSecurityConfig.class */
public class GtmapWebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Value("${system.thirdParty.loginUrl}")
    private String loginUrl;

    @Autowired
    private UserService userService;

    @Autowired
    private GtmapAuthenticationSuccessHandler gtmapAuthenticationSuccessHandler;

    @Autowired
    private GtmapSecurityContextLogoutHandler securityContextLogoutHandler;

    @Autowired
    private SessionInformationExpiredStrategy sessionInformationExpiredStrategy;

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        ((HttpSecurity) ((HttpSecurity) httpSecurity.formLogin().loginPage(StringUtils.isEmpty(this.loginUrl) ? "/login" : this.loginUrl).loginProcessingUrl("/login/form").successHandler(this.gtmapAuthenticationSuccessHandler).failureHandler(gtmapAuthenticationFailureHandler()).and()).authorizeRequests().antMatchers("/login", "/login/form", "/oauth/**", "/error", "/info", "/health", "/public/**", "/psb/**", "/joinClient/token", "/accessDenied").permitAll().antMatchers("/joinClient/creation").hasRole("admin").anyRequest().authenticated().and()).csrf().disable();
        httpSecurity.logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessHandler(logoutSuccessHandler()).addLogoutHandler(this.securityContextLogoutHandler).deleteCookies("JSESSIONID");
        httpSecurity.exceptionHandling().accessDeniedPage("/accessDenied");
        GtmapSessionManagementConfigurer gtmapSessionManagementConfigurer = new GtmapSessionManagementConfigurer();
        SecurityConfigurerAdapter securityConfigurerAdapter = (SecurityConfigurerAdapter) httpSecurity.getConfigurer(gtmapSessionManagementConfigurer.getClass());
        ((GtmapSessionManagementConfigurer) (securityConfigurerAdapter != null ? securityConfigurerAdapter : httpSecurity.apply((HttpSecurity) gtmapSessionManagementConfigurer))).sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED).invalidSessionUrl("/login").maximumSessions(-1).maxSessionsPreventsLogin(false).expiredSessionStrategy(this.sessionInformationExpiredStrategy).sessionRegistry(sessionRegistry());
    }

    SimpleUrlLogoutSuccessHandler logoutSuccessHandler() {
        SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler = new SimpleUrlLogoutSuccessHandler();
        simpleUrlLogoutSuccessHandler.setTargetUrlParameter("redirect_uri");
        return simpleUrlLogoutSuccessHandler;
    }

    GtmapAuthenticationFailureHandler gtmapAuthenticationFailureHandler() {
        GtmapAuthenticationFailureHandler gtmapAuthenticationFailureHandler = new GtmapAuthenticationFailureHandler();
        gtmapAuthenticationFailureHandler.setDefaultFailureUrl("/login?error=true");
        return gtmapAuthenticationFailureHandler;
    }

    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter, org.springframework.security.config.annotation.SecurityConfigurer
    public void configure(WebSecurity webSecurity) throws Exception {
        webSecurity.ignoring().antMatchers("/image/**", "/css/**", "/js/**", "/webjars/**", "/hystrix.stream", "/turbine.stream");
    }

    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.userDetailsService(this.userService).passwordEncoder(passwordEncoder());
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    @Bean(name = {BeanIds.AUTHENTICATION_MANAGER})
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Bean
    public SessionRegistry sessionRegistry() {
        return new GtmapSessionRegistryImpl();
    }
}
