package com.zxkxc.cloud.extension.security.config;

import com.zxkxc.cloud.extension.security.CustomUserAuthenticationProvider;
import com.zxkxc.cloud.extension.security.CustomUserAuthorizationManager;
import com.zxkxc.cloud.extension.security.filter.JwtAuthenticationFilter;
import com.zxkxc.cloud.extension.security.support.handler.AuthExceptionHandler;
import jakarta.annotation.Resource;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;

@Configuration
@EnableWebSecurity
/* loaded from: input_file:com/zxkxc/cloud/extension/security/config/SecurityConfig.class */
public class SecurityConfig {

    @Resource
    private CustomUserAuthenticationProvider customUserAuthenticationProvider;

    @Resource
    private CustomUserAuthorizationManager customUserAuthorizationManager;

    @Resource
    private JwtAuthenticationFilter jwtAuthenticationFilter;

    @Resource
    private AuthExceptionHandler authExceptionHandler;

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf((v0) -> {
            v0.disable();
        }).httpBasic((v0) -> {
            v0.disable();
        }).formLogin((v0) -> {
            v0.disable();
        }).addFilterBefore(this.jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class).exceptionHandling(exceptionHandlingConfigurer -> {
            exceptionHandlingConfigurer.accessDeniedHandler(this.authExceptionHandler).authenticationEntryPoint(this.authExceptionHandler);
        }).sessionManagement(sessionManagementConfigurer -> {
            sessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        });
        httpSecurity.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers(new RequestMatcher[]{new AntPathRequestMatcher("/druid/**"), new AntPathRequestMatcher("/v3/api-docs/**"), new AntPathRequestMatcher("/**/*.html"), new AntPathRequestMatcher("/**/*.css"), new AntPathRequestMatcher("/**/*.js"), new AntPathRequestMatcher("/error"), new AntPathRequestMatcher("/favicon.ico")})).permitAll().anyRequest()).access(this.customUserAuthorizationManager);
        });
        httpSecurity.headers(headersConfigurer -> {
            headersConfigurer.frameOptions((v0) -> {
                v0.disable();
            });
        });
        return (SecurityFilterChain) httpSecurity.build();
    }

    @Bean
    public AuthenticationManager authenticationManager() {
        return new ProviderManager(new AuthenticationProvider[]{this.customUserAuthenticationProvider});
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}
