package com.supwisdom.infras.security.configure.cas;

import com.supwisdom.infras.security.web.access.intercept.InfrasFilterSecurityInterceptor;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.Ordered;
import org.springframework.security.cas.ServiceProperties;
import org.springframework.security.cas.authentication.CasAuthenticationProvider;
import org.springframework.security.cas.web.CasAuthenticationEntryPoint;
import org.springframework.security.cas.web.CasAuthenticationFilter;
import org.springframework.security.cas.web.authentication.ServiceAuthenticationDetailsSource;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.core.session.SessionRegistryImpl;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.security.web.session.ConcurrentSessionFilter;

/* loaded from: input_file:com/supwisdom/infras/security/configure/cas/CasWebSecurityConfigurer.class */
public class CasWebSecurityConfigurer extends WebSecurityConfigurerAdapter implements Ordered {
    private static final Logger logger = LoggerFactory.getLogger(CasWebSecurityConfigurer.class);
    private CasProperties casProperties;
    private UserDetailsService userDetailsService;
    private InfrasFilterSecurityInterceptor infrasFilterSecurityInterceptor;

    public void setCasProperties(CasProperties casProperties) {
        this.casProperties = casProperties;
    }

    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }

    public void setInfrasFilterSecurityInterceptor(InfrasFilterSecurityInterceptor infrasFilterSecurityInterceptor) {
        this.infrasFilterSecurityInterceptor = infrasFilterSecurityInterceptor;
    }

    public SessionRegistry sessionRegistry() {
        return new SessionRegistryImpl();
    }

    public ConcurrentSessionFilter sessionInfomationExpiredStategy() {
        return new ConcurrentSessionFilter(sessionRegistry());
    }

    public ServiceProperties serviceProperties() {
        ServiceProperties serviceProperties = new ServiceProperties();
        serviceProperties.setService(this.casProperties.getAppServerUrl() + this.casProperties.getAppLoginUrl());
        serviceProperties.setAuthenticateAllArtifacts(true);
        return serviceProperties;
    }

    public CasAuthenticationEntryPoint casAuthenticationEntryPoint() {
        CasAuthenticationEntryPoint casAuthenticationEntryPoint = new CasAuthenticationEntryPoint();
        casAuthenticationEntryPoint.setLoginUrl(this.casProperties.getCasServerUrl() + "/login");
        casAuthenticationEntryPoint.setServiceProperties(serviceProperties());
        logger.debug("CasWebSecurityConfigurer casAuthenticationEntryPoint is {}", casAuthenticationEntryPoint);
        return casAuthenticationEntryPoint;
    }

    public CasAuthenticationFilter casAuthenticationFilter() throws Exception {
        CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();
        casAuthenticationFilter.setAuthenticationManager(authenticationManagerBean());
        casAuthenticationFilter.setFilterProcessesUrl(this.casProperties.getAppLoginUrl());
        casAuthenticationFilter.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler());
        casAuthenticationFilter.setAuthenticationSuccessHandler(new SavedRequestAwareAuthenticationSuccessHandler());
        casAuthenticationFilter.setServiceProperties(serviceProperties());
        casAuthenticationFilter.setAuthenticationDetailsSource(new ServiceAuthenticationDetailsSource(serviceProperties()));
        logger.debug("CasWebSecurityConfigurer casAuthenticationFilter is {}", casAuthenticationFilter);
        return casAuthenticationFilter;
    }

    public CasAuthenticationProvider casAuthenticationProvider() {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setUserDetailsService(this.userDetailsService);
        casAuthenticationProvider.setServiceProperties(serviceProperties());
        casAuthenticationProvider.setTicketValidator(cas20ServiceTicketValidator());
        casAuthenticationProvider.setKey("casAuthenticationProviderKey");
        return casAuthenticationProvider;
    }

    public Cas20ServiceTicketValidator cas20ServiceTicketValidator() {
        return new Cas20ServiceTicketValidator(this.casProperties.getCasServerUrl());
    }

    public CasLogoutSuccessHandler casLogoutSuccessHandler() {
        return new CasLogoutSuccessHandler(this.casProperties.getCasServerUrl() + "/logout", this.casProperties.getAppServerUrl() + this.casProperties.getAppLogoutUrl());
    }

    public LogoutFilter logoutFilter() {
        LogoutFilter logoutFilter = new LogoutFilter(casLogoutSuccessHandler(), new LogoutHandler[]{new SecurityContextLogoutHandler()});
        logoutFilter.setFilterProcessesUrl(this.casProperties.getAppLogoutUrl());
        return logoutFilter;
    }

    public SingleSignOutFilter singleSignOutFilter() {
        SingleSignOutFilter singleSignOutFilter = new SingleSignOutFilter();
        singleSignOutFilter.setIgnoreInitConfiguration(true);
        return singleSignOutFilter;
    }

    public int getOrder() {
        return 5;
    }

    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        logger.debug("CasWebSecurityConfigurer.configure(auth)");
        authenticationManagerBuilder.authenticationProvider(casAuthenticationProvider());
    }

    protected void configure(HttpSecurity httpSecurity) throws Exception {
        logger.debug("CasWebSecurityConfigurer.configure(http)");
        ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) ((ExpressionUrlAuthorizationConfigurer.AuthorizedUrl) httpSecurity.antMatcher("/cas/**").authorizeRequests().antMatchers(new String[]{"/cas/slo"})).permitAll().antMatchers(new String[]{"/cas/sso"})).authenticated().anyRequest()).authenticated();
        httpSecurity.csrf().disable();
        httpSecurity.exceptionHandling().authenticationEntryPoint(casAuthenticationEntryPoint());
        httpSecurity.addFilterAt(casAuthenticationFilter(), CasAuthenticationFilter.class);
        httpSecurity.addFilterAt(singleSignOutFilter(), CasAuthenticationFilter.class);
        httpSecurity.addFilterAt(sessionInfomationExpiredStategy(), ConcurrentSessionFilter.class);
        httpSecurity.addFilterAt(logoutFilter(), LogoutFilter.class);
    }
}
