package y9.autoConfiguration.security;

import net.risesoft.filters.CSRFFilter;
import net.risesoft.filters.QueryLimitFilter;
import net.risesoft.filters.XSSFilter;
import net.risesoft.y9.configuration.Y9ConfigurationProperties;
import net.risesoft.y9.configuration.feature.security.cors.Y9CorsProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

@Configuration
@ConditionalOnProperty(name = {"y9.feature.security.enabled"}, havingValue = "true")
/* loaded from: input_file:y9/autoConfiguration/security/Y9SecurityConfiguration.class */
public class Y9SecurityConfiguration {

    @Autowired
    private Y9ConfigurationProperties y9ConfigurationProperties;

    @Bean
    public FilterRegistrationBean<CorsFilter> corsFilter() {
        Y9CorsProperties cors = this.y9ConfigurationProperties.getFeature().getSecurity().getCors();
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.setAllowedOrigins(cors.getAllowedOrigins());
        corsConfiguration.setAllowedMethods(cors.getAllowedMethods());
        corsConfiguration.setAllowedHeaders(cors.getAllowedHeaders());
        corsConfiguration.setAllowCredentials(Boolean.valueOf(cors.isAllowCredentials()));
        corsConfiguration.setMaxAge(Long.valueOf(cors.getMaxAge()));
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
        FilterRegistrationBean<CorsFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new CorsFilter(urlBasedCorsConfigurationSource));
        filterRegistrationBean.setOrder(this.y9ConfigurationProperties.getFeature().getSso().getSingleSignOutFilterOrder().intValue() + 7);
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean<CSRFFilter> csrfFilter() {
        FilterRegistrationBean<CSRFFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new CSRFFilter());
        filterRegistrationBean.setAsyncSupported(false);
        filterRegistrationBean.setOrder(this.y9ConfigurationProperties.getFeature().getSso().getSingleSignOutFilterOrder().intValue() + 8);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean<XSSFilter> xssFilter() {
        FilterRegistrationBean<XSSFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new XSSFilter());
        filterRegistrationBean.setAsyncSupported(false);
        filterRegistrationBean.setOrder(this.y9ConfigurationProperties.getFeature().getSso().getSingleSignOutFilterOrder().intValue() + 9);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean<QueryLimitFilter> queryLimitFilter() {
        FilterRegistrationBean<QueryLimitFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new QueryLimitFilter());
        filterRegistrationBean.setAsyncSupported(false);
        filterRegistrationBean.setOrder(this.y9ConfigurationProperties.getFeature().getSso().getSingleSignOutFilterOrder().intValue() + 10);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        return filterRegistrationBean;
    }
}
