package cn.gtmap.gtc.starter.gscas.expression;

import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory;
import org.springframework.cloud.client.discovery.DiscoveryClient;
import org.springframework.context.ApplicationContext;
import org.springframework.security.access.expression.AbstractSecurityExpressionHandler;
import org.springframework.security.access.expression.SecurityExpressionHandler;
import org.springframework.security.access.expression.SecurityExpressionOperations;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.security.web.FilterInvocation;
import org.springframework.util.Assert;

/* loaded from: input_file:cn/gtmap/gtc/starter/gscas/expression/GtWebSecurityExpressionHandler.class */
public class GtWebSecurityExpressionHandler extends AbstractSecurityExpressionHandler<FilterInvocation> implements SecurityExpressionHandler<FilterInvocation> {
    private AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl();
    private String defaultRolePrefix = "ROLE_";
    private String authPath;
    private String clientId;
    private OAuth2RestTemplate template;
    private DiscoveryClient discoveryClient;

    public GtWebSecurityExpressionHandler(ApplicationContext applicationContext, String str, String str2, DiscoveryClient discoveryClient) {
        this.template = ((UserInfoRestTemplateFactory) applicationContext.getBean(UserInfoRestTemplateFactory.class)).getUserInfoRestTemplate();
        this.authPath = str;
        this.clientId = str2;
        this.discoveryClient = (DiscoveryClient) applicationContext.getBean(DiscoveryClient.class);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication, FilterInvocation filterInvocation) {
        GtWebSecurityExpressionRoot gtWebSecurityExpressionRoot = new GtWebSecurityExpressionRoot(authentication, filterInvocation, this.template, this.authPath, this.clientId, this.discoveryClient);
        gtWebSecurityExpressionRoot.setPermissionEvaluator(getPermissionEvaluator());
        gtWebSecurityExpressionRoot.setTrustResolver(this.trustResolver);
        gtWebSecurityExpressionRoot.setRoleHierarchy(getRoleHierarchy());
        gtWebSecurityExpressionRoot.setDefaultRolePrefix(this.defaultRolePrefix);
        return gtWebSecurityExpressionRoot;
    }

    public void setTrustResolver(AuthenticationTrustResolver authenticationTrustResolver) {
        Assert.notNull(authenticationTrustResolver, "trustResolver cannot be null");
        this.trustResolver = authenticationTrustResolver;
    }

    public void setDefaultRolePrefix(String str) {
        this.defaultRolePrefix = str;
    }
}
