package com.gccloud.starter.core.shiro.config;

import com.gccloud.starter.config.GlobalConfig;
import com.gccloud.starter.core.shiro.ShiroAuthFilter;
import com.gccloud.starter.core.shiro.ShiroAuthRealm;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
/* loaded from: input_file:com/gccloud/starter/core/shiro/config/ShiroBeanConfig.class */
public class ShiroBeanConfig {
    private static final String OAUTH = "OAUTH";
    private static final String ANON = "anon";

    @ConditionalOnProperty(prefix = "cas", name = {"enable"}, havingValue = "true", matchIfMissing = false)
    @Bean
    public ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> singleSignOutHttpSessionListener() {
        ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> servletListenerRegistrationBean = new ServletListenerRegistrationBean<>();
        servletListenerRegistrationBean.setEnabled(true);
        servletListenerRegistrationBean.setListener(new SingleSignOutHttpSessionListener());
        servletListenerRegistrationBean.setOrder(1);
        return servletListenerRegistrationBean;
    }

    @Bean
    public SimpleCookie sessionIdCookie() {
        SimpleCookie simpleCookie = new SimpleCookie("sid");
        simpleCookie.setHttpOnly(true);
        simpleCookie.setMaxAge(-1);
        return simpleCookie;
    }

    @Bean
    public SessionManager sessionManager(SimpleCookie simpleCookie) {
        DefaultWebSessionManager defaultWebSessionManager = new DefaultWebSessionManager();
        defaultWebSessionManager.setSessionValidationSchedulerEnabled(true);
        defaultWebSessionManager.setSessionIdCookieEnabled(true);
        defaultWebSessionManager.setSessionIdCookie(simpleCookie);
        return defaultWebSessionManager;
    }

    @Bean
    public SecurityManager securityManager(ShiroAuthRealm shiroAuthRealm, SessionManager sessionManager) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(shiroAuthRealm);
        defaultWebSecurityManager.setSessionManager(sessionManager);
        return defaultWebSecurityManager;
    }

    @Bean
    public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager, SessionManager sessionManager, GlobalConfig globalConfig) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        HashMap hashMap = new HashMap(16);
        shiroFilterFactoryBean.setFilters(hashMap);
        hashMap.put(OAUTH, new ShiroAuthFilter());
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("/sys/captcha/**", ANON);
        linkedHashMap.put("/sys/login", ANON);
        linkedHashMap.put("/sys/regist", ANON);
        linkedHashMap.put("/sys/user/repeat", ANON);
        linkedHashMap.put("/sys/tenant/all", ANON);
        linkedHashMap.put("/sys/console/**", ANON);
        linkedHashMap.put("/druid/**", ANON);
        linkedHashMap.put("/ws/**", ANON);
        linkedHashMap.put("/swagger-resources/**", ANON);
        linkedHashMap.put("/swagger/**", ANON);
        linkedHashMap.put("/v2/api-docs", ANON);
        linkedHashMap.put("/v2/api-docs-ext", ANON);
        linkedHashMap.put("/swagger-ui.html", ANON);
        linkedHashMap.put("/webjars/**", ANON);
        linkedHashMap.put("/doc.html", ANON);
        linkedHashMap.put("/static/**", ANON);
        Map shiro = globalConfig.getShiro();
        if (shiro != null) {
            linkedHashMap.putAll(shiro);
        }
        linkedHashMap.put("/**", OAUTH);
        shiroFilterFactoryBean.setFilterChainDefinitionMap(linkedHashMap);
        return shiroFilterFactoryBean;
    }

    @Bean
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }

    @Bean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
        return defaultAdvisorAutoProxyCreator;
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }
}
