package com.centit.framework.config;

import com.centit.support.algorithm.BooleanBaseOpt;
import javax.servlet.Filter;
import org.apache.commons.lang3.StringUtils;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
import org.springframework.context.annotation.Conditional;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.cas.ServiceProperties;
import org.springframework.security.cas.authentication.CasAuthenticationProvider;
import org.springframework.security.cas.web.CasAuthenticationEntryPoint;
import org.springframework.security.cas.web.CasAuthenticationFilter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.session.security.web.authentication.SpringSessionRememberMeServices;

@EnableWebSecurity
@Conditional({SecurityCasCondition.class})
/* loaded from: input_file:WEB-INF/lib/framework-config-5.2-SNAPSHOT.jar:com/centit/framework/config/SpringSecurityCasConfig.class */
public class SpringSecurityCasConfig extends SpringSecurityBaseConfig {
    @Override // com.centit.framework.config.SpringSecurityBaseConfig
    protected String[] getAuthenticatedUrl() {
        return BooleanBaseOpt.castObjectToBoolean(this.env.getProperty("access.resource.notallowed.anonymous"), false).booleanValue() ? new String[]{"/**"} : new String[]{"/system/mainframe/logincas"};
    }

    @Override // com.centit.framework.config.SpringSecurityBaseConfig
    protected String[] getPermitAllUrl() {
        return new String[]{"/**/csrf", "/**/doc.html", "/system/exception"};
    }

    @Override // com.centit.framework.config.SpringSecurityBaseConfig
    protected AuthenticationEntryPoint getAuthenticationEntryPoint() {
        ServiceProperties createCasServiceProperties = createCasServiceProperties();
        CasAuthenticationEntryPoint casAuthenticationEntryPoint = new CasAuthenticationEntryPoint();
        String property = this.env.getProperty("login.cas.entryPoint");
        if (StringUtils.isBlank(property)) {
            property = this.env.getProperty("login.cas.casHome") + DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL;
        }
        casAuthenticationEntryPoint.setLoginUrl(property);
        casAuthenticationEntryPoint.setServiceProperties(createCasServiceProperties);
        return casAuthenticationEntryPoint;
    }

    @Override // com.centit.framework.config.SpringSecurityBaseConfig
    protected AbstractAuthenticationProcessingFilter getAuthenticationFilter() {
        CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();
        casAuthenticationFilter.setAuthenticationManager(createAuthenticationManager());
        casAuthenticationFilter.setAuthenticationFailureHandler(createAjaxFailureHandler());
        casAuthenticationFilter.setAuthenticationSuccessHandler(createAjaxSuccessHandler());
        if (this.sessionRegistry != null) {
            casAuthenticationFilter.setSessionAuthenticationStrategy(new ConcurrentSessionControlAuthenticationStrategy(this.sessionRegistry));
        }
        SpringSessionRememberMeServices springSessionRememberMeServices = new SpringSessionRememberMeServices();
        springSessionRememberMeServices.setAlwaysRemember(BooleanBaseOpt.castObjectToBoolean(this.env.getProperty("session.always.rememberme"), false).booleanValue());
        casAuthenticationFilter.setRememberMeServices(springSessionRememberMeServices);
        return casAuthenticationFilter;
    }

    @Override // com.centit.framework.config.SpringSecurityBaseConfig
    protected Filter logoutFilter() {
        return new LogoutFilter(this.env.getProperty("login.cas.casHome") + "/logout", new SecurityContextLogoutHandler());
    }

    @Override // com.centit.framework.config.SpringSecurityBaseConfig
    protected AuthenticationProvider getAuthenticationProvider() {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setUserDetailsService(this.centitUserDetailsService);
        casAuthenticationProvider.setServiceProperties(createCasServiceProperties());
        casAuthenticationProvider.setTicketValidator(new Cas20ServiceTicketValidator(this.env.getProperty("login.cas.casHome")));
        casAuthenticationProvider.setKey(this.env.getProperty("app.key"));
        return casAuthenticationProvider;
    }

    private ServiceProperties createCasServiceProperties() {
        ServiceProperties serviceProperties = new ServiceProperties();
        serviceProperties.setService(this.env.getProperty("login.cas.localHome") + "/login/cas");
        serviceProperties.setSendRenew(false);
        return serviceProperties;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.centit.framework.config.SpringSecurityBaseConfig, org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    public void configure(HttpSecurity httpSecurity) throws Exception {
        super.configure(httpSecurity);
        httpSecurity.addFilterBefore((Filter) new SingleSignOutFilter(), CasAuthenticationFilter.class);
    }
}
