package com.els.config;

import com.els.common.constant.CommonConstant;
import com.els.common.util.ConvertUtils;
import com.els.common.util.SpringContextUtils;
import com.els.modules.shiro.authc.ShiroRealm;
import com.els.modules.shiro.authc.aop.JwtFilter;
import com.els.modules.shiro.authc.aop.OpenApiFilter;
import java.util.HashMap;
import java.util.LinkedHashMap;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.authc.AuthenticationListener;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.mgt.DefaultSessionStorageEvaluator;
import org.apache.shiro.mgt.DefaultSubjectDAO;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.crazycake.shiro.RedisCacheManager;
import org.crazycake.shiro.RedisManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;

@Configuration
/* loaded from: input_file:com/els/config/ShiroConfig.class */
public class ShiroConfig {
    private static final Logger log = LoggerFactory.getLogger(ShiroConfig.class);

    @Value("${els.shiro.excludeUrls}")
    private String excludeUrls;

    @Value("${els.shiro.jessionid}")
    private String jessionId;

    @Value("${spring.redis.port}")
    private String port;

    @Value("${spring.redis.host}")
    private String host;

    @Value("${spring.redis.password}")
    private String redisPassword;

    @Value("${spring.redis.database}")
    private int database;

    @Bean({"shiroFilter"})
    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        if (ConvertUtils.isNotEmpty(this.excludeUrls)) {
            for (String str : this.excludeUrls.split(CommonConstant.SPLIT_CHAR)) {
                linkedHashMap.put(str, "anon");
            }
        }
        linkedHashMap.put("/cas/client/validateLogin", "anon");
        linkedHashMap.put("/sys/getCheckCode", "anon");
        linkedHashMap.put("/i18n/getSysList/*", "anon");
        linkedHashMap.put("/sys/login", "anon");
        linkedHashMap.put("/sys/loginForMobile", "anon");
        linkedHashMap.put("/sys/mLogin", "anon");
        linkedHashMap.put("/logout", "anon");
        linkedHashMap.put("/sys/getEncryptedString", "anon");
        linkedHashMap.put("/sms/**", "anon");
        linkedHashMap.put("/esign/elsEnterpriseCertificationInfo/callback/*", "anon");
        linkedHashMap.put("/esign/elsSubaccountCertificationInfo/callback/person", "anon");
        linkedHashMap.put("/esign/esignOperation/callback/esign", "anon");
        linkedHashMap.put("/sys/phoneLogin", "anon");
        linkedHashMap.put("/system/thirdLogin/**", "anon");
        linkedHashMap.put("/oauth2/**", "anon");
        linkedHashMap.put("/supplier/supplierMaster/register", "anon");
        linkedHashMap.put("/supplier/supplierInvitationCode/getByCode", "anon");
        linkedHashMap.put("/supplier/supplierMaster/templateList", "anon");
        linkedHashMap.put("/sys/user/checkOnlyUser", "anon");
        linkedHashMap.put("/sys/user/register", "anon");
        linkedHashMap.put("/sys/user/querySysUser", "anon");
        linkedHashMap.put("/sys/user/phoneVerification", "anon");
        linkedHashMap.put("/sys/user/passwordChange", "anon");
        linkedHashMap.put("/auth/2step-code", "anon");
        linkedHashMap.put("/sys/common/view/**", "anon");
        linkedHashMap.put("/sys/common/download/**", "anon");
        linkedHashMap.put("/sys/common/pdf/**", "anon");
        linkedHashMap.put("/generic/**", "anon");
        linkedHashMap.put("/", "anon");
        linkedHashMap.put("/doc.html", "anon");
        linkedHashMap.put("/**/*.js", "anon");
        linkedHashMap.put("/**/*.css", "anon");
        linkedHashMap.put("/**/*.html", "anon");
        linkedHashMap.put("/**/*.svg", "anon");
        linkedHashMap.put("/**/*.pdf", "anon");
        linkedHashMap.put("/**/*.jpg", "anon");
        linkedHashMap.put("/**/*.png", "anon");
        linkedHashMap.put("/**/*.ico", "anon");
        linkedHashMap.put("/**/*.json", "anon");
        linkedHashMap.put("/login/**", "anon");
        linkedHashMap.put("/loginByToken", "anon");
        linkedHashMap.put("/app/**", "anon");
        linkedHashMap.put("/modeler/**", "anon");
        linkedHashMap.put("/**/*.ttf", "anon");
        linkedHashMap.put("/**/*.woff", "anon");
        linkedHashMap.put("/druid/**", "anon");
        linkedHashMap.put("/swagger-ui.html", "anon");
        linkedHashMap.put("/swagger**/**", "anon");
        linkedHashMap.put("/webjars/**", "anon");
        linkedHashMap.put("/v2/**", "anon");
        linkedHashMap.put("/jmreport/upload", "anon");
        linkedHashMap.put("/**/jmreport/**", "anon");
        linkedHashMap.put("/**/*.js.map", "anon");
        linkedHashMap.put("/**/*.css.map", "anon");
        linkedHashMap.put("/actuator/metrics/**", "anon");
        linkedHashMap.put("/actuator/httptrace/**", "anon");
        linkedHashMap.put("/actuator/redis/**", "anon");
        linkedHashMap.put("/test/elsDemo/html", "anon");
        linkedHashMap.put("/test/elsDemo/redis/**", "anon");
        linkedHashMap.put("/auto/cgform/**", "anon");
        linkedHashMap.put("/websocket/**", "anon");
        linkedHashMap.put("/ureport/**", "authc");
        linkedHashMap.put("/uflo/**", "authc");
        HashMap hashMap = new HashMap(1);
        hashMap.put("jwt", new JwtFilter());
        hashMap.put("openApi", new OpenApiFilter());
        shiroFilterFactoryBean.setFilters(hashMap);
        linkedHashMap.put("/**/openApi/**", "openApi");
        linkedHashMap.put("/**", "jwt");
        shiroFilterFactoryBean.setUnauthorizedUrl("/sys/common/403");
        shiroFilterFactoryBean.setLoginUrl("/sys/common/403");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(linkedHashMap);
        return shiroFilterFactoryBean;
    }

    @DependsOn({"springContextUtils"})
    @Bean({"securityManager"})
    public DefaultWebSecurityManager securityManager(ShiroRealm shiroRealm) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(shiroRealm);
        DefaultSubjectDAO defaultSubjectDAO = new DefaultSubjectDAO();
        defaultSubjectDAO.setSessionStorageEvaluator(new DefaultSessionStorageEvaluator());
        defaultWebSecurityManager.setSubjectDAO(defaultSubjectDAO);
        defaultWebSecurityManager.setCacheManager(redisCacheManager());
        defaultWebSecurityManager.setSessionManager(defaultWebSessionManager());
        ModularRealmAuthenticator authenticator = defaultWebSecurityManager.getAuthenticator();
        for (String str : SpringContextUtils.getApplicationContext().getBeanNamesForType(AuthenticationListener.class)) {
            authenticator.getAuthenticationListeners().add((AuthenticationListener) SpringContextUtils.getBean(str, AuthenticationListener.class));
        }
        return defaultWebSecurityManager;
    }

    @Bean(name = {"sessionManager"})
    public DefaultWebSessionManager defaultWebSessionManager() {
        DefaultWebSessionManager defaultWebSessionManager = new DefaultWebSessionManager();
        defaultWebSessionManager.setGlobalSessionTimeout(43200000L);
        defaultWebSessionManager.setDeleteInvalidSessions(true);
        defaultWebSessionManager.setSessionDAO(getRedisSessionDao());
        defaultWebSessionManager.setSessionValidationSchedulerEnabled(true);
        defaultWebSessionManager.setDeleteInvalidSessions(true);
        defaultWebSessionManager.setSessionIdCookie(getSessionIdCookie());
        return defaultWebSessionManager;
    }

    @Bean
    public RedisSessionDao getRedisSessionDao() {
        return new RedisSessionDao();
    }

    @Bean(name = {"sessionIdCookie"})
    public SimpleCookie getSessionIdCookie() {
        if (StringUtils.isBlank(this.jessionId)) {
            this.jessionId = "jessionId";
        }
        return new SimpleCookie(this.jessionId);
    }

    @DependsOn({"lifecycleBeanPostProcessor"})
    @Bean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        defaultAdvisorAutoProxyCreator.setProxyTargetClass(true);
        return defaultAdvisorAutoProxyCreator;
    }

    @Bean
    public static LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager defaultWebSecurityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(defaultWebSecurityManager);
        return authorizationAttributeSourceAdvisor;
    }

    public RedisCacheManager redisCacheManager() {
        log.info("===============(1)创建缓存管理器RedisCacheManager");
        RedisCacheManager redisCacheManager = new RedisCacheManager();
        redisCacheManager.setRedisManager(redisManager());
        redisCacheManager.setPrincipalIdFieldName("id");
        redisCacheManager.setExpire(200000);
        return redisCacheManager;
    }

    @Bean
    public RedisManager redisManager() {
        log.info("===============(2)创建RedisManager,连接Redis..URL= " + this.host + ":" + this.port);
        RedisManager redisManager = new RedisManager();
        redisManager.setHost(this.host);
        redisManager.setPort(ConvertUtils.getInt(this.port));
        redisManager.setTimeout(0);
        redisManager.setDatabase(this.database);
        if (!StringUtils.isEmpty(this.redisPassword)) {
            redisManager.setPassword(this.redisPassword);
        }
        return redisManager;
    }
}
