package com.kdgcsoft.scrdc.frame.webframe.core.config.shiro;

import cn.hutool.core.map.MapUtil;
import cn.hutool.core.util.StrUtil;
import com.kdgcsoft.jt.xzzf.common.config.XzzfProperties;
import com.kdgcsoft.scrdc.frame.webframe.core.service.FrameService;
import java.util.ArrayList;
import java.util.HashMap;
import org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.cache.MemoryConstrainedCacheManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.mgt.SubjectFactory;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.mgt.DefaultWebSubjectFactory;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.core.RedisTemplate;

@Configuration
/* loaded from: input_file:com/kdgcsoft/scrdc/frame/webframe/core/config/shiro/ShiroConfig.class */
public class ShiroConfig {

    @Autowired
    FrameService frameService;

    @Autowired
    ConfigurableApplicationContext configurableContex;

    @Autowired
    private XzzfProperties xzzfProperties;

    @Autowired
    private RedisTemplate redisTemplate;

    @Bean
    public SuperAdminRealm superAdminRealm() {
        return new SuperAdminRealm();
    }

    @ConditionalOnMissingBean
    @Bean
    public SecurityManager securityManager() {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setAuthenticator(modularRealmAuthenticator());
        ArrayList arrayList = new ArrayList();
        if (this.frameService.getRealmClass() != null) {
            arrayList.add((Realm) this.configurableContex.getBean(this.frameService.getRealmClass()));
        }
        defaultWebSecurityManager.setRealms(arrayList);
        defaultWebSecurityManager.setSubjectFactory(subjectFactory());
        defaultWebSecurityManager.setCacheManager(new MemoryConstrainedCacheManager());
        return defaultWebSecurityManager;
    }

    @ConditionalOnMissingBean
    @Bean
    public SubjectFactory subjectFactory() {
        return new DefaultWebSubjectFactory();
    }

    @Bean
    public ModularRealmAuthenticator modularRealmAuthenticator() {
        ModularRealmAuthenticator modularRealmAuthenticator = new ModularRealmAuthenticator();
        modularRealmAuthenticator.setAuthenticationStrategy(new AtLeastOneSuccessfulStrategy());
        return modularRealmAuthenticator;
    }

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        shiroFilterFactoryBean.setFilters(this.frameService.getShiroFilters());
        HashMap newHashMap = MapUtil.newHashMap(true);
        newHashMap.put("/static/**", "anon");
        newHashMap.put("/webjars/**", "anon");
        newHashMap.put("/style/**", "anon");
        newHashMap.put("/js/**", "anon");
        newHashMap.put("/plugins/**", "anon");
        newHashMap.put("/theme/**", "anon");
        newHashMap.put("/init/**", "anon");
        newHashMap.put("/websocket/**", "anon");
        newHashMap.put("/logout", "logout");
        newHashMap.putAll(this.frameService.getShiroFilterChainMap());
        if (this.xzzfProperties.isShiroEnable()) {
            newHashMap.put("/**", "user");
        } else {
            newHashMap.put("/**", "anon");
        }
        if (StrUtil.isNotEmpty(this.frameService.getShiroLoginUrl())) {
            shiroFilterFactoryBean.setLoginUrl(this.frameService.getShiroLoginUrl());
        } else {
            shiroFilterFactoryBean.setLoginUrl("/login");
        }
        shiroFilterFactoryBean.setSuccessUrl("/");
        shiroFilterFactoryBean.setUnauthorizedUrl("/login");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(newHashMap);
        return shiroFilterFactoryBean;
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }

    @Bean
    public DefaultWebSessionManager sessionManager() {
        DefaultWebSessionManager defaultWebSessionManager = new DefaultWebSessionManager();
        defaultWebSessionManager.setSessionIdUrlRewritingEnabled(false);
        defaultWebSessionManager.setSessionIdCookieEnabled(false);
        return defaultWebSessionManager;
    }

    @Bean
    public static DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        defaultAdvisorAutoProxyCreator.setUsePrefix(true);
        return defaultAdvisorAutoProxyCreator;
    }
}
