package cn.gtmap.gtcc.account.config;

import cn.gtmap.gtcc.account.service.ClientService;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.crypto.password.StandardPasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

@Configuration
/* loaded from: input_file:BOOT-INF/classes/cn/gtmap/gtcc/account/config/WebConfiguration.class */
public class WebConfiguration extends WebMvcConfigurerAdapter {
    public static final String REDIRECT_URI_PARAM = "redirect_uri";
    public static final String SECRET_CODE = "GTMAP_NELX";

    @Configuration
    @EnableAuthorizationServer
    /* loaded from: input_file:BOOT-INF/classes/cn/gtmap/gtcc/account/config/WebConfiguration$OAuth2Configuration.class */
    public static class OAuth2Configuration extends AuthorizationServerConfigurerAdapter {
        AuthenticationManager authenticationManager;
        ClientService clientService;

        public OAuth2Configuration(AuthenticationManager authenticationManager, ClientService clientService) {
            this.authenticationManager = authenticationManager;
            this.clientService = clientService;
        }

        @Override // org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter, org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer
        public void configure(AuthorizationServerSecurityConfigurer authorizationServerSecurityConfigurer) throws Exception {
            authorizationServerSecurityConfigurer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
        }

        @Override // org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter, org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer
        public void configure(ClientDetailsServiceConfigurer clientDetailsServiceConfigurer) throws Exception {
            clientDetailsServiceConfigurer.withClientDetails(this.clientService);
        }

        @Override // org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter, org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer
        public void configure(AuthorizationServerEndpointsConfigurer authorizationServerEndpointsConfigurer) throws Exception {
            authorizationServerEndpointsConfigurer.authenticationManager(this.authenticationManager);
        }
    }

    @EnableResourceServer
    @Configuration
    @Order(SecurityProperties.BASIC_AUTH_ORDER)
    /* loaded from: input_file:BOOT-INF/classes/cn/gtmap/gtcc/account/config/WebConfiguration$ResourceServerConfig.class */
    class ResourceServerConfig extends ResourceServerConfigurerAdapter {
        ResourceServerConfig() {
        }

        @Override // org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter, org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer
        public void configure(HttpSecurity httpSecurity) throws Exception {
            httpSecurity.requestMatchers().antMatchers("/rest/**").and().authorizeRequests().anyRequest().access("#oauth2.hasScope('read')");
        }
    }

    @Configuration
    @EnableWebSecurity
    @EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true)
    @Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
    /* loaded from: input_file:BOOT-INF/classes/cn/gtmap/gtcc/account/config/WebConfiguration$SSOConfiguration.class */
    public static class SSOConfiguration extends WebSecurityConfigurerAdapter {
        UserDetailsService userDetailsService;
        PasswordEncoder passwordEncoder;

        public SSOConfiguration(UserDetailsService userDetailsService, PasswordEncoder passwordEncoder) {
            this.userDetailsService = userDetailsService;
            this.passwordEncoder = passwordEncoder;
        }

        /* JADX WARN: Multi-variable type inference failed */
        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(HttpSecurity httpSecurity) throws Exception {
            ((HttpSecurity) ((HttpSecurity) httpSecurity.authorizeRequests().antMatchers("/image/**", "/css/**", "/js/**", "/webjars/**").permitAll().antMatchers("/login", "/oauth/authorize", "/oauth/confirm_access", "/error").permitAll().anyRequest().authenticated().and()).formLogin().loginPage("/login").permitAll().and()).logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessHandler(logoutSuccessHandler()).permitAll();
        }

        @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
        protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
            authenticationManagerBuilder.userDetailsService(this.userDetailsService).passwordEncoder(this.passwordEncoder);
        }

        SimpleUrlLogoutSuccessHandler logoutSuccessHandler() {
            SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler = new SimpleUrlLogoutSuccessHandler();
            simpleUrlLogoutSuccessHandler.setTargetUrlParameter("redirect_uri");
            return simpleUrlLogoutSuccessHandler;
        }
    }

    @Override // org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter, org.springframework.web.servlet.config.annotation.WebMvcConfigurer
    public void addViewControllers(ViewControllerRegistry viewControllerRegistry) {
        viewControllerRegistry.addViewController("/login").setViewName("login");
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new StandardPasswordEncoder(SECRET_CODE);
    }
}
