package com.thinkit.security.config;

import com.thinkit.utils.properties.PermitAllUrlProperties;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.authentication.TokenExtractor;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.stereotype.Component;

@Configuration
@EnableResourceServer
@Component
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
/* loaded from: input_file:com/thinkit/security/config/OAuth2ResourceServerConfig.class */
public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter {

    @Autowired
    private DefaultTokenServices tokenServices;

    @Autowired
    TokenExtractor tokenExtractor;

    @Autowired
    JwtTokenStore tokenStore;

    @Autowired
    AuthenticationEntryPoint authenticationEntryPoint;

    @Autowired
    AccessDeniedHandler accessDeniedHandler;

    @Autowired
    AccessDecisionManager accessDecisionManager;

    @Autowired
    CustomSecurityMetadataSourceSource customSecurityMetadataSource;

    @Autowired
    CustomJwtHandler customJwtHandler;

    @Autowired
    PermitAllUrlProperties permitAllUrlProperties;

    @Value("${spring.application.name}")
    private String application;

    public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) throws Exception {
        resourceServerSecurityConfigurer.tokenServices(this.tokenServices).tokenExtractor(this.tokenExtractor).authenticationEntryPoint(this.authenticationEntryPoint).accessDeniedHandler(this.accessDeniedHandler);
    }

    public void configure(HttpSecurity httpSecurity) throws Exception {
        List authcs = this.permitAllUrlProperties.authcs(this.application);
        AuthcPathRequestMatcher authcPathRequestMatcher = new AuthcPathRequestMatcher(this.permitAllUrlProperties, this.application);
        CustomJwtAuthenticationFilter customJwtAuthenticationFilter = new CustomJwtAuthenticationFilter(authcPathRequestMatcher, this.tokenStore, this.customJwtHandler);
        this.customSecurityMetadataSource.setRequestMatcher(authcPathRequestMatcher);
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.authorizeRequests().antMatchers((String[]) authcs.toArray(new String[authcs.size()]))).permitAll().withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() { // from class: com.thinkit.security.config.OAuth2ResourceServerConfig.1
            public <O extends FilterSecurityInterceptor> O postProcess(O o) {
                o.setAccessDecisionManager(OAuth2ResourceServerConfig.this.accessDecisionManager);
                o.setSecurityMetadataSource(OAuth2ResourceServerConfig.this.customSecurityMetadataSource);
                return o;
            }
        }).and().addFilterBefore(customJwtAuthenticationFilter, FilterSecurityInterceptor.class);
    }
}
