package com.xforceplus.ultraman.bocp.uc.sureness.config;

import com.usthe.sureness.matcher.DefaultPathRoleMatcher;
import com.usthe.sureness.matcher.PathTreeProvider;
import com.usthe.sureness.matcher.TreePathRoleMatcher;
import com.usthe.sureness.mgt.SurenessSecurityManager;
import com.usthe.sureness.processor.DefaultProcessorManager;
import com.usthe.sureness.processor.ProcessorManager;
import com.usthe.sureness.provider.SurenessAccountProvider;
import com.usthe.sureness.provider.annotation.AnnotationPathTreeProvider;
import com.usthe.sureness.subject.SubjectFactory;
import com.usthe.sureness.subject.SurenessSubjectFactory;
import com.usthe.sureness.subject.creater.NoneSubjectServletCreator;
import com.usthe.sureness.util.JsonWebTokenUtil;
import com.xforceplus.ultraman.bocp.uc.sureness.processor.LocalJwtProcessor;
import com.xforceplus.ultraman.bocp.uc.sureness.subject.LocalJWTSubjectCreator;
import com.xforceplus.ultraman.bocp.uc.util.PaasJwtExecutor;
import java.util.Arrays;
import java.util.LinkedList;
import java.util.List;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@ConditionalOnProperty(prefix = "ultraman.security", name = {"enabled"}, matchIfMissing = true)
@Configuration
/* loaded from: input_file:com/xforceplus/ultraman/bocp/uc/sureness/config/SurenessConfiguration.class */
public class SurenessConfiguration {
    private static final List<String> CONTROLLER_BASE_PACKAGE_LIST = Arrays.asList("com.ultraman.bocp.metadata.controller", "com.xforceplus.ultraman.bocp.mybatisplus.controller", "com.xforceplus.ultraman.pfcp.mybatisplus.controller");

    @Value("${xforce.tenant.security.jwt.secret:my_sessionjw_tsecret_xdfdffdsdfdfs_fat}")
    private String xforceSecret;

    @Value("${ultraman.security.jwt.secret:7qI6xuS9w3ux7kFRuDWJPFnYqKKzNj2y8MkIn2d7VZw_dev}")
    private String secret;

    @Bean
    public ProcessorManager processorManager(SurenessAccountProvider surenessAccountProvider) {
        LinkedList linkedList = new LinkedList();
        LocalJwtProcessor localJwtProcessor = new LocalJwtProcessor();
        localJwtProcessor.setAccountProvider(surenessAccountProvider);
        linkedList.add(localJwtProcessor);
        return new DefaultProcessorManager(linkedList);
    }

    @Bean
    public TreePathRoleMatcher pathRoleMatcher(PathTreeProvider pathTreeProvider) {
        PathTreeProvider annotationPathTreeProvider = new AnnotationPathTreeProvider();
        annotationPathTreeProvider.setScanPackages(CONTROLLER_BASE_PACKAGE_LIST);
        DefaultPathRoleMatcher defaultPathRoleMatcher = new DefaultPathRoleMatcher();
        defaultPathRoleMatcher.setPathTreeProviderList(Arrays.asList(annotationPathTreeProvider, pathTreeProvider));
        defaultPathRoleMatcher.buildTree();
        return defaultPathRoleMatcher;
    }

    @Bean
    public SubjectFactory subjectFactory() {
        SurenessSubjectFactory surenessSubjectFactory = new SurenessSubjectFactory();
        surenessSubjectFactory.registerSubjectCreator(Arrays.asList(new NoneSubjectServletCreator(), new LocalJWTSubjectCreator()));
        return surenessSubjectFactory;
    }

    @Bean
    public SurenessSecurityManager securityManager(ProcessorManager processorManager, TreePathRoleMatcher treePathRoleMatcher, SubjectFactory subjectFactory) {
        JsonWebTokenUtil.setDefaultSecretKey(this.secret);
        PaasJwtExecutor.setSecret(this.xforceSecret);
        SurenessSecurityManager surenessSecurityManager = SurenessSecurityManager.getInstance();
        surenessSecurityManager.setPathRoleMatcher(treePathRoleMatcher);
        surenessSecurityManager.setSubjectFactory(subjectFactory);
        surenessSecurityManager.setProcessorManager(processorManager);
        return surenessSecurityManager;
    }
}
