package inc.yukawa.chain.security.jwt.config;

import com.fasterxml.jackson.databind.ObjectMapper;
import inc.yukawa.chain.security.jwt.token.json.JsonWebTokenReader;
import inc.yukawa.chain.security.jwt.token.json.JwtAuthenticationProvider;
import inc.yukawa.chain.security.jwt.token.json.JwtTokenAuthenticationProcessingFilter;
import inc.yukawa.chain.security.jwt.web.AjaxAwareAuthenticationFailureHandler;
import inc.yukawa.chain.security.jwt.web.SkipPathRequestMatcher;
import inc.yukawa.chain.security.jwt.web.TokenHeaderExtractor;
import inc.yukawa.chain.security.service.TokenExtractor;
import inc.yukawa.chain.security.service.TokenReader;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import java.util.Arrays;
import java.util.List;
import javax.ws.rs.HttpMethod;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.Http403ForbiddenEntryPoint;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

/* loaded from: input_file:chain-security-jwt-2.0.6.jar:inc/yukawa/chain/security/jwt/config/WebSecurityConfigBase.class */
public abstract class WebSecurityConfigBase extends WebSecurityConfigurerAdapter {

    @Value("${chain.security.web.api.root:/**}")
    protected String API_ROOT_URL = "/**";

    @Autowired
    protected AuthenticationManager authenticationManager;

    @Autowired
    protected JwtAuthenticationProvider jwtAuthenticationProvider;

    @Autowired
    protected ObjectMapper objectMapper;

    protected JwtTokenAuthenticationProcessingFilter buildJwtTokenAuthenticationProcessingFilter(List<String> list, String str) {
        JwtTokenAuthenticationProcessingFilter jwtTokenAuthenticationProcessingFilter = new JwtTokenAuthenticationProcessingFilter(authenticationFailureHandler(), tokenExtractor(), new SkipPathRequestMatcher(list, str));
        jwtTokenAuthenticationProcessingFilter.setAuthenticationManager(this.authenticationManager);
        return jwtTokenAuthenticationProcessingFilter;
    }

    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Bean
    public TokenExtractor tokenExtractor() {
        return new TokenHeaderExtractor();
    }

    @Bean
    public TokenReader<Jws<Claims>> tokenReader(@Value("${chain.security.jwt.signingKey}") String str) {
        return new JsonWebTokenReader(str);
    }

    @Bean
    public AuthenticationFailureHandler authenticationFailureHandler() {
        return new AjaxAwareAuthenticationFailureHandler(this.objectMapper);
    }

    @Bean
    protected JwtAuthenticationProvider jwtAuthenticationProvider(TokenReader<Jws<Claims>> tokenReader) {
        return new JwtAuthenticationProvider(tokenReader);
    }

    protected List<String> permitAllEndpoints() {
        return Arrays.asList("/error", "/webjars/**", "/swagger.json", "/swagger-ui.html**", "/swagger-resources/**", "/v2/api-docs", "/v2/api-docs/**");
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected SessionManagementConfigurer<HttpSecurity> configureBase(HttpSecurity httpSecurity) throws Exception {
        return ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) httpSecurity.csrf().disable()).exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint()).and()).authorizeRequests().antMatchers((String[]) permitAllEndpoints().toArray(new String[0])).permitAll().and()).sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
    }

    protected WebSecurity.IgnoredRequestConfigurer configureOpen(WebSecurity webSecurity) {
        return webSecurity.ignoring().anyRequest();
    }

    protected UrlBasedCorsConfigurationSource corsConfiguration() {
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.setAllowCredentials(true);
        corsConfiguration.addAllowedOrigin("*");
        corsConfiguration.addAllowedHeader("*");
        corsConfiguration.setMaxAge((Long) 36000L);
        corsConfiguration.setAllowedMethods(Arrays.asList(HttpMethod.GET, HttpMethod.HEAD, HttpMethod.POST, "PUT", "DELETE", "OPTIONS"));
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
        return urlBasedCorsConfigurationSource;
    }

    protected AuthenticationManagerBuilder configureBase(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        return authenticationManagerBuilder.authenticationProvider((AuthenticationProvider) this.jwtAuthenticationProvider).eraseCredentials(false);
    }
}
