package y9.autoconfiguration.security;

import lombok.Generated;
import net.risesoft.filters.ApiTokenFilter;
import net.risesoft.filters.CSRFFilter;
import net.risesoft.filters.XSSFilter;
import net.risesoft.y9.configuration.Y9Properties;
import net.risesoft.y9.configuration.feature.security.api.Y9ApiProperties;
import net.risesoft.y9.configuration.feature.security.cors.Y9CorsProperties;
import net.risesoft.y9.json.Y9JsonUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

@Configuration
@ConditionalOnProperty(name = {"y9.feature.security.enabled"}, havingValue = "true", matchIfMissing = true)
/* loaded from: input_file:y9/autoconfiguration/security/Y9SecurityConfiguration.class */
public class Y9SecurityConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(Y9SecurityConfiguration.class);

    @ConditionalOnProperty(name = {"y9.feature.security.cors.enabled"}, havingValue = "true", matchIfMissing = true)
    @Bean
    public FilterRegistrationBean<CorsFilter> corsFilter(Y9Properties y9Properties) {
        Y9CorsProperties cors = y9Properties.getFeature().getSecurity().getCors();
        LOGGER.info("CorsFilter init. Configuration:{}", Y9JsonUtil.writeValueAsString(cors));
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.setAllowedOriginPatterns(cors.getAllowedOriginPatterns());
        corsConfiguration.setAllowedMethods(cors.getAllowedMethods());
        corsConfiguration.setAllowedHeaders(cors.getAllowedHeaders());
        corsConfiguration.setAllowCredentials(Boolean.valueOf(cors.isAllowCredentials()));
        corsConfiguration.setMaxAge(Long.valueOf(cors.getMaxAge()));
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
        FilterRegistrationBean<CorsFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new CorsFilter(urlBasedCorsConfigurationSource));
        filterRegistrationBean.setOrder(Integer.MIN_VALUE);
        return filterRegistrationBean;
    }

    @ConditionalOnProperty(name = {"y9.feature.security.xss.enabled"}, havingValue = "true", matchIfMissing = true)
    @Bean
    public FilterRegistrationBean<XSSFilter> xssFilter(Y9Properties y9Properties) {
        LOGGER.info("XSSFilter init. Configuration:{}", Y9JsonUtil.writeValueAsString(y9Properties.getFeature().getSecurity().getXss()));
        FilterRegistrationBean<XSSFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new XSSFilter());
        filterRegistrationBean.setAsyncSupported(false);
        filterRegistrationBean.setOrder(-2147483646);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        return filterRegistrationBean;
    }

    @ConditionalOnProperty(name = {"y9.feature.security.csrf.enabled"}, havingValue = "true", matchIfMissing = true)
    @Bean
    public FilterRegistrationBean<CSRFFilter> csrfFilter(Y9Properties y9Properties) {
        LOGGER.info("CSRFFilter init. Configuration:{}", Y9JsonUtil.writeValueAsString(y9Properties.getFeature().getSecurity().getCsrf()));
        FilterRegistrationBean<CSRFFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new CSRFFilter());
        filterRegistrationBean.setAsyncSupported(false);
        filterRegistrationBean.setOrder(-2147483647);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        return filterRegistrationBean;
    }

    @ConditionalOnProperty(name = {"y9.feature.security.api.token-required"}, havingValue = "true")
    @Bean
    public FilterRegistrationBean<ApiTokenFilter> apiTokenFilter(Y9Properties y9Properties) {
        Y9ApiProperties api = y9Properties.getFeature().getSecurity().getApi();
        LOGGER.info("ApiTokenFilter init. Configuration:{}", Y9JsonUtil.writeValueAsString(api));
        FilterRegistrationBean<ApiTokenFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new ApiTokenFilter(y9Properties));
        filterRegistrationBean.setAsyncSupported(false);
        filterRegistrationBean.setOrder(-2147483645);
        filterRegistrationBean.addUrlPatterns((String[]) api.getUrlPatterns().toArray(new String[0]));
        return filterRegistrationBean;
    }
}
