package com.bokesoft.yigoee.prod.components.security.csrf.config;

import com.bokesoft.distro.tech.bootsupport.starter.api.YigoAdditionalInitiator;
import com.bokesoft.distro.tech.bootsupport.starter.api.YigoExtendJavascriptProvider;
import com.bokesoft.distro.tech.bootsupport.starter.jsmodule.AutoScanYigoExtendJavascriptProvider;
import com.bokesoft.yes.mid.service.filter.ServiceFilterFactory;
import com.bokesoft.yigo.mid.scheduler.QuartzManager;
import com.bokesoft.yigoee.prod.components.security.csrf.filter.CSRFAfterLoginServiceFilter;
import com.bokesoft.yigoee.prod.components.security.csrf.filter.CacheCSRFValidationFilter;
import com.bokesoft.yigoee.prod.components.security.csrf.job.CleanExpiredCacheJob;
import java.time.Duration;
import java.util.ArrayList;
import java.util.Collections;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ResourceLoader;

@Configuration
@ConditionalOnProperty(prefix = "distro.tech.bootsupport.csrf", name = {"enabled"}, havingValue = "true")
/* loaded from: input_file:com/bokesoft/yigoee/prod/components/security/csrf/config/CSRFAutoConfiguration.class */
public class CSRFAutoConfiguration {
    private final ResourceLoader resourceLoader;

    @Value("${distro.tech.bootsupport.cache.time-to-check:10}")
    private Integer timeToCheck;

    @Value("${distro.tech.bootsupport.cache.csrf.timeout:PT1H}")
    private Duration maxInactiveInterval;

    public CSRFAutoConfiguration(ResourceLoader resourceLoader) {
        this.resourceLoader = resourceLoader;
    }

    @Bean
    public CacheCSRFValidationFilter cacheCSRFValidationFilter() {
        CacheCSRFValidationFilter cacheCSRFValidationFilter = new CacheCSRFValidationFilter();
        cacheCSRFValidationFilter.setMaxInactiveInterval(this.maxInactiveInterval);
        return cacheCSRFValidationFilter;
    }

    @Bean
    public FilterRegistrationBean<CacheCSRFValidationFilter> registerCacheCSRFValidationFilter(CacheCSRFValidationFilter cacheCSRFValidationFilter) {
        FilterRegistrationBean<CacheCSRFValidationFilter> filterRegistrationBean = new FilterRegistrationBean<>(cacheCSRFValidationFilter, new ServletRegistrationBean[0]);
        filterRegistrationBean.setUrlPatterns(Collections.singletonList("/*"));
        filterRegistrationBean.setOrder(0);
        return filterRegistrationBean;
    }

    @Bean
    public YigoExtendJavascriptProvider addYigoExtendJS() {
        return new AutoScanYigoExtendJavascriptProvider(this.resourceLoader, "classpath:csrf-extend");
    }

    @Bean
    public CleanExpiredCacheJob autoCleanExpiredCache() {
        CleanExpiredCacheJob cleanExpiredCacheJob = new CleanExpiredCacheJob();
        QuartzManager quartzManager = QuartzManager.getInstance();
        try {
            String name = cleanExpiredCacheJob.getClass().getName();
            quartzManager.addJob("jobName-" + name, "jobGroup-" + name, "triggerName-" + name, "triggerGroup-" + name, cleanExpiredCacheJob, "", Duration.ofMinutes(this.timeToCheck.intValue()).toMillis(), -1, Duration.ofMinutes(this.timeToCheck.intValue()).toMillis());
            return cleanExpiredCacheJob;
        } catch (Throwable th) {
            throw new RuntimeException(th);
        }
    }

    @Bean
    public CSRFAfterLoginServiceFilter csrfAfterLoginServiceFilter() {
        return new CSRFAfterLoginServiceFilter();
    }

    @Bean
    public YigoAdditionalInitiator registerCSRFAfterLoginServiceFilter(CSRFAfterLoginServiceFilter cSRFAfterLoginServiceFilter) {
        return defaultContext -> {
            ServiceFilterFactory.getInstance().setMatcher((str, map) -> {
                if (!map.containsKey("service") || !map.containsKey("cmd") || !"Authenticate".equals(map.get("service")) || !"Login".equals(map.get("cmd"))) {
                    return null;
                }
                ArrayList arrayList = new ArrayList();
                arrayList.add(cSRFAfterLoginServiceFilter);
                return arrayList;
            });
        };
    }
}
