package com.aistarfish.ucenter.sso.client.shiro.config;

import com.aistarfish.ucenter.sso.client.biz.RedisClient;
import com.aistarfish.ucenter.sso.client.biz.UcenterBizService;
import com.aistarfish.ucenter.sso.client.biz.impl.RedisClientImpl;
import com.aistarfish.ucenter.sso.client.biz.impl.UcenterBizServiceImpl;
import com.aistarfish.ucenter.sso.client.listener.SSOSessionListener;
import com.aistarfish.ucenter.sso.client.session.ShiroSessionManager;
import com.aistarfish.ucenter.sso.client.session.UcenterCredentialsMatcher;
import com.aistarfish.ucenter.sso.client.session.UcenterSessionDAO;
import com.aistarfish.ucenter.sso.client.session.UcenterSessionFactory;
import com.aistarfish.ucenter.sso.client.session.UcenterSessionIdGenerator;
import com.aistarfish.ucenter.sso.client.shiro.filter.SSOAuthenticationFilter;
import com.aistarfish.ucenter.sso.client.shiro.filter.SessionForceLogoutFilter;
import com.aistarfish.ucenter.sso.client.shiro.realm.UcenterRealm;
import com.aistarfish.ucenter.sso.facade.enums.EnvType;
import feign.Feign;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.session.SessionListener;
import org.apache.shiro.session.SessionListenerAdapter;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.cloud.openfeign.FeignAutoConfiguration;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.DelegatingFilterProxy;

@Configuration
@ConditionalOnClass({Feign.class})
@AutoConfigureAfter({FeignAutoConfiguration.class})
/* loaded from: input_file:com/aistarfish/ucenter/sso/client/shiro/config/ShiroConfig.class */
public class ShiroConfig {

    @Value("${sso.global.session.timeout:604800000}")
    private long globalSessionTimeout;

    @Value("${sso.server.url}")
    private String ssoServerUrl;

    @Value("${sso.authc.url:/**}")
    private String authcUrl;

    @Value("${sso.anon.url:,}")
    private String ssoAnonUrl;
    private String defaultAnonUrl = "/sso/**,/actuator/**,/**/*.html,/**/*.js,/**/*.css,/favicon.ico,/error,";

    @Value("${sso.client.domain}")
    private String domain;

    @Value("${sso.client.type:client}")
    private String ssoClientType;

    @Value("${env}")
    private String env;

    @Value("${spring.application.name}")
    private String appName;

    @Bean
    public UcenterSessionFactory ucenterSessionFactory() {
        return new UcenterSessionFactory();
    }

    @Bean
    public RedisClient redisClient(ApplicationContext applicationContext) {
        return new RedisClientImpl(applicationContext);
    }

    @Bean
    public SSOAuthenticationFilter ssoAuthenticationFilter(RedisClient redisClient) {
        return new SSOAuthenticationFilter(this.ssoClientType, this.ssoServerUrl, redisClient, this.defaultAnonUrl + this.ssoAnonUrl);
    }

    @Bean
    public SessionForceLogoutFilter sessionForceLogoutFilter() {
        return new SessionForceLogoutFilter();
    }

    @Bean
    public UcenterSessionDAO ucenterSessionDAO(RedisClient redisClient) {
        return new UcenterSessionDAO(redisClient);
    }

    @Bean
    public SSOSessionListener ssoSessionListener() {
        return new SSOSessionListener();
    }

    @Bean
    public SessionListenerAdapter sessionListenerAdapter() {
        return new SessionListenerAdapter();
    }

    @Bean
    public List<SessionListener> listeners(SSOSessionListener sSOSessionListener, SessionListenerAdapter sessionListenerAdapter) {
        ArrayList arrayList = new ArrayList(2);
        arrayList.add(sSOSessionListener);
        arrayList.add(sessionListenerAdapter);
        return arrayList;
    }

    @Bean
    public UcenterBizService ucenterBizService(ApplicationContext applicationContext) {
        return new UcenterBizServiceImpl(applicationContext);
    }

    @Bean
    public UcenterRealm ucenterRealm(UcenterBizService ucenterBizService, CredentialsMatcher credentialsMatcher) {
        return new UcenterRealm(this.ssoClientType, ucenterBizService, credentialsMatcher, this.appName);
    }

    @Bean(name = {"credentialsMatcher"})
    public UcenterCredentialsMatcher ucenterCredentialsMatcher(RedisClient redisClient, UcenterBizService ucenterBizService) {
        UcenterCredentialsMatcher ucenterCredentialsMatcher = new UcenterCredentialsMatcher(redisClient, ucenterBizService);
        ucenterCredentialsMatcher.setHashAlgorithmName("md5");
        ucenterCredentialsMatcher.setHashIterations(1);
        return ucenterCredentialsMatcher;
    }

    @Bean
    public ShiroSessionManager sessionManager(UcenterSessionFactory ucenterSessionFactory, UcenterSessionDAO ucenterSessionDAO, List<SessionListener> list) {
        ShiroSessionManager shiroSessionManager = new ShiroSessionManager();
        shiroSessionManager.setGlobalSessionTimeout(this.globalSessionTimeout);
        shiroSessionManager.setSessionIdCookieEnabled(true);
        shiroSessionManager.setSessionIdCookie(simpleCookie());
        shiroSessionManager.setSessionValidationSchedulerEnabled(false);
        shiroSessionManager.setSessionListeners(list);
        shiroSessionManager.setSessionFactory(ucenterSessionFactory);
        ucenterSessionDAO.setSessionIdGenerator(new UcenterSessionIdGenerator());
        shiroSessionManager.setSessionDAO(ucenterSessionDAO);
        return shiroSessionManager;
    }

    @Bean
    public DefaultWebSecurityManager securityManager(DefaultWebSessionManager defaultWebSessionManager, UcenterRealm ucenterRealm) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(ucenterRealm);
        defaultWebSecurityManager.setSessionManager(defaultWebSessionManager);
        return defaultWebSecurityManager;
    }

    @Bean({"shiroFilter"})
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager, SSOAuthenticationFilter sSOAuthenticationFilter, SessionForceLogoutFilter sessionForceLogoutFilter) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
        shiroFilterFactoryBean.setLoginUrl("/sso/login/#/");
        shiroFilterFactoryBean.setSuccessUrl("/index");
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put(this.authcUrl, "authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(linkedHashMap);
        LinkedHashMap linkedHashMap2 = new LinkedHashMap();
        linkedHashMap2.put("authc", sSOAuthenticationFilter);
        linkedHashMap2.put("logout", sessionForceLogoutFilter);
        shiroFilterFactoryBean.setFilters(linkedHashMap2);
        return shiroFilterFactoryBean;
    }

    @Bean
    SimpleCookie simpleCookie() {
        SimpleCookie simpleCookie = new SimpleCookie();
        simpleCookie.setHttpOnly(true);
        simpleCookie.setMaxAge((int) (this.globalSessionTimeout / 1000));
        simpleCookie.setName("aistarfish_sso_ticket");
        simpleCookie.setDomain(this.domain);
        simpleCookie.setPath("/");
        return simpleCookie;
    }

    @Bean
    AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager defaultWebSecurityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(defaultWebSecurityManager);
        return authorizationAttributeSourceAdvisor;
    }

    @ConditionalOnMissingBean
    @Bean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
        return defaultAdvisorAutoProxyCreator;
    }

    @Bean
    public FilterRegistrationBean shiroFilterRegistration() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new DelegatingFilterProxy("shiroFilter"));
        filterRegistrationBean.addInitParameter("targetFilterLifecycle", "true");
        filterRegistrationBean.setEnabled(true);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        return filterRegistrationBean;
    }

    private String getSsoCookieId() {
        return (this.env.equals(EnvType.DEV.getType()) || this.env.equals(EnvType.SIT.getType())) ? this.env + "_aistarfish_sso_ticket" : "aistarfish_sso_ticket";
    }
}
