package y9.autoconfiguration.security;

import lombok.Generated;
import net.risesoft.filters.ApiTokenFilter;
import net.risesoft.filters.CorsFilter;
import net.risesoft.filters.CsrfFilter;
import net.risesoft.filters.SqlInjectionFilter;
import net.risesoft.filters.XssFilter;
import net.risesoft.y9.configuration.feature.security.Y9SecurityProperties;
import net.risesoft.y9.configuration.feature.security.api.Y9ApiProperties;
import net.risesoft.y9.json.Y9JsonUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;

@Configuration
@ConditionalOnProperty(name = {"y9.feature.security.enabled"}, havingValue = "true", matchIfMissing = true)
/* loaded from: input_file:y9/autoconfiguration/security/Y9SecurityConfiguration.class */
public class Y9SecurityConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(Y9SecurityConfiguration.class);

    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public Y9SecurityProperties y9SecurityProperties() {
        return new Y9SecurityProperties();
    }

    @ConditionalOnProperty(name = {"y9.feature.security.cors.enabled"}, havingValue = "true", matchIfMissing = true)
    @Bean
    public FilterRegistrationBean<CorsFilter> corsFilter(Y9SecurityProperties y9SecurityProperties) {
        LOGGER.info("CorsFilter init. Configuration:{}", Y9JsonUtil.writeValueAsString(y9SecurityProperties.getCors()));
        FilterRegistrationBean<CorsFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new CorsFilter());
        filterRegistrationBean.setOrder(Integer.MIN_VALUE);
        return filterRegistrationBean;
    }

    @ConditionalOnProperty(name = {"y9.feature.security.csrf.enabled"}, havingValue = "true", matchIfMissing = true)
    @Bean
    public FilterRegistrationBean<CsrfFilter> csrfFilter(Y9SecurityProperties y9SecurityProperties) {
        LOGGER.info("CSRFFilter init. Configuration:{}", Y9JsonUtil.writeValueAsString(y9SecurityProperties.getCsrf()));
        FilterRegistrationBean<CsrfFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new CsrfFilter());
        filterRegistrationBean.setAsyncSupported(false);
        filterRegistrationBean.setOrder(-2147483647);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        return filterRegistrationBean;
    }

    @ConditionalOnProperty(name = {"y9.feature.security.xss.enabled"}, havingValue = "true", matchIfMissing = true)
    @Bean
    public FilterRegistrationBean<XssFilter> xssFilter(Y9SecurityProperties y9SecurityProperties) {
        LOGGER.info("XSSFilter init. Configuration:{}", Y9JsonUtil.writeValueAsString(y9SecurityProperties.getXss()));
        FilterRegistrationBean<XssFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new XssFilter());
        filterRegistrationBean.setAsyncSupported(false);
        filterRegistrationBean.setOrder(-2147483646);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        return filterRegistrationBean;
    }

    @ConditionalOnProperty(name = {"y9.feature.security.api.token-required"}, havingValue = "true")
    @Bean
    public FilterRegistrationBean<ApiTokenFilter> apiTokenFilter(Y9SecurityProperties y9SecurityProperties) {
        Y9ApiProperties api = y9SecurityProperties.getApi();
        LOGGER.info("ApiTokenFilter init. Configuration:{}", Y9JsonUtil.writeValueAsString(api));
        FilterRegistrationBean<ApiTokenFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new ApiTokenFilter(y9SecurityProperties));
        filterRegistrationBean.setAsyncSupported(false);
        filterRegistrationBean.setOrder(-2147483645);
        filterRegistrationBean.addUrlPatterns((String[]) api.getUrlPatterns().toArray(new String[0]));
        return filterRegistrationBean;
    }

    @ConditionalOnProperty(name = {"y9.feature.security.sqlIn.enabled"}, havingValue = "true")
    @Bean
    public FilterRegistrationBean<SqlInjectionFilter> sqlInjectionFilter(Y9SecurityProperties y9SecurityProperties) {
        LOGGER.info("SQLInFilter init. Configuration:{}", Y9JsonUtil.writeValueAsString(y9SecurityProperties.getSqlIn()));
        FilterRegistrationBean<SqlInjectionFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new SqlInjectionFilter());
        filterRegistrationBean.setAsyncSupported(false);
        filterRegistrationBean.setOrder(-2147483644);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        filterRegistrationBean.addInitParameter("skip", y9SecurityProperties.getSqlIn().getSkipUrl());
        return filterRegistrationBean;
    }
}
