package com.bcxin.auth.framework.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.bcxin.auth.common.utils.StringUtils;
import com.bcxin.auth.common.utils.spring.SpringUtils;
import com.bcxin.auth.framework.shiro.realm.UserRealm;
import com.bcxin.auth.framework.shiro.session.OnlineSessionDAO;
import com.bcxin.auth.framework.shiro.session.OnlineSessionFactory;
import com.bcxin.auth.framework.shiro.web.filter.LogoutFilter;
import com.bcxin.auth.framework.shiro.web.filter.captcha.CaptchaValidateFilter;
import com.bcxin.auth.framework.shiro.web.filter.kickout.KickoutSessionFilter;
import com.bcxin.auth.framework.shiro.web.filter.online.OnlineSessionFilter;
import com.bcxin.auth.framework.shiro.web.filter.sync.SyncOnlineSessionFilter;
import com.bcxin.auth.framework.shiro.web.session.OnlineWebSessionManager;
import com.bcxin.auth.framework.shiro.web.session.SpringSessionValidationScheduler;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.LinkedHashMap;
import net.sf.ehcache.CacheManager;
import org.apache.commons.io.IOUtils;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.config.ConfigurationException;
import org.apache.shiro.io.ResourceUtils;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionValidationScheduler;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
/* loaded from: input_file:com/bcxin/auth/framework/config/ShiroConfig.class */
public class ShiroConfig {

    @Value("${shiro.session.expireTime}")
    private int expireTime;

    @Value("${shiro.session.validationInterval}")
    private int validationInterval;

    @Value("${shiro.session.maxSession}")
    private int maxSession;

    @Value("${shiro.session.kickoutAfter}")
    private boolean kickoutAfter;

    @Value("${shiro.user.captchaEnabled}")
    private boolean captchaEnabled;

    @Value("${shiro.user.captchaType}")
    private String captchaType;

    @Value("${shiro.cookie.domain}")
    private String domain;

    @Value("${shiro.cookie.path}")
    private String path;

    @Value("${shiro.cookie.httpOnly}")
    private boolean httpOnly;

    @Value("${shiro.cookie.maxAge}")
    private int maxAge;

    @Value("${shiro.cookie.cipherKey}")
    private String cipherKey;

    @Value("${shiro.user.loginUrl}")
    private String loginUrl;

    @Value("${shiro.user.unauthorizedUrl}")
    private String unauthorizedUrl;

    @Bean
    public EhCacheManager getEhCacheManager() {
        CacheManager cacheManager = CacheManager.getCacheManager("om");
        EhCacheManager ehCacheManager = new EhCacheManager();
        if (StringUtils.isNull(cacheManager)) {
            ehCacheManager.setCacheManager(new CacheManager(getCacheManagerConfigFileInputStream()));
            return ehCacheManager;
        }
        ehCacheManager.setCacheManager(cacheManager);
        return ehCacheManager;
    }

    protected InputStream getCacheManagerConfigFileInputStream() {
        InputStream inputStream = null;
        try {
            try {
                inputStream = ResourceUtils.getInputStreamForPath("classpath:ehcache/ehcache-shiro.xml");
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(IOUtils.toByteArray(inputStream));
                IOUtils.closeQuietly(inputStream);
                return byteArrayInputStream;
            } catch (IOException e) {
                throw new ConfigurationException("Unable to obtain input stream for cacheManagerConfigFile [classpath:ehcache/ehcache-shiro.xml]", e);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(inputStream);
            throw th;
        }
    }

    @Bean
    public UserRealm userRealm(EhCacheManager ehCacheManager) {
        UserRealm userRealm = new UserRealm();
        userRealm.setAuthorizationCacheName("sys-authCache");
        userRealm.setCacheManager(ehCacheManager);
        return userRealm;
    }

    @Bean
    public OnlineSessionDAO sessionDAO() {
        return new OnlineSessionDAO();
    }

    @Bean
    public OnlineSessionFactory sessionFactory() {
        return new OnlineSessionFactory();
    }

    @Bean
    public OnlineWebSessionManager sessionManager() {
        OnlineWebSessionManager onlineWebSessionManager = new OnlineWebSessionManager();
        onlineWebSessionManager.setCacheManager(getEhCacheManager());
        onlineWebSessionManager.setDeleteInvalidSessions(true);
        onlineWebSessionManager.setGlobalSessionTimeout(this.expireTime * 60 * 1000);
        onlineWebSessionManager.setSessionIdUrlRewritingEnabled(false);
        onlineWebSessionManager.setSessionValidationScheduler((SessionValidationScheduler) SpringUtils.getBean(SpringSessionValidationScheduler.class));
        onlineWebSessionManager.setSessionValidationSchedulerEnabled(true);
        onlineWebSessionManager.setSessionDAO(sessionDAO());
        onlineWebSessionManager.setSessionFactory(sessionFactory());
        return onlineWebSessionManager;
    }

    @Bean
    public SecurityManager securityManager(UserRealm userRealm) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(userRealm);
        defaultWebSecurityManager.setRememberMeManager(rememberMeManager());
        defaultWebSecurityManager.setCacheManager(getEhCacheManager());
        defaultWebSecurityManager.setSessionManager(sessionManager());
        return defaultWebSecurityManager;
    }

    public LogoutFilter logoutFilter() {
        LogoutFilter logoutFilter = new LogoutFilter();
        logoutFilter.setLoginUrl(this.loginUrl);
        return logoutFilter;
    }

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        shiroFilterFactoryBean.setLoginUrl(this.loginUrl);
        shiroFilterFactoryBean.setUnauthorizedUrl(this.unauthorizedUrl);
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("/peopleInfo/**", "anon");
        linkedHashMap.put("/background/**", "anon");
        linkedHashMap.put("/oauth/**", "anon");
        linkedHashMap.put("/public/common/**", "anon");
        linkedHashMap.put("/favicon.ico**", "anon");
        linkedHashMap.put("/task.png**", "anon");
        linkedHashMap.put("/css/**", "anon");
        linkedHashMap.put("/good/**", "anon");
        linkedHashMap.put("/docs/**", "anon");
        linkedHashMap.put("/fonts/**", "anon");
        linkedHashMap.put("/img/**", "anon");
        linkedHashMap.put("/ajax/**", "anon");
        linkedHashMap.put("/js/**", "anon");
        linkedHashMap.put("/task/**", "anon");
        linkedHashMap.put("/company/**", "anon");
        linkedHashMap.put("/depart/**", "anon");
        linkedHashMap.put("/person/**", "anon");
        linkedHashMap.put("/auth/**", "anon");
        linkedHashMap.put("/dataSync/**", "anon");
        linkedHashMap.put("/manage/cer/**", "anon");
        linkedHashMap.put("/captcha/captchaImage**", "anon");
        linkedHashMap.put("/logout", "logout");
        linkedHashMap.put("/login", "anon,captchaValidate");
        linkedHashMap.put("/register", "anon,captchaValidate");
        LinkedHashMap linkedHashMap2 = new LinkedHashMap();
        linkedHashMap2.put("onlineSession", onlineSessionFilter());
        linkedHashMap2.put("syncOnlineSession", syncOnlineSessionFilter());
        linkedHashMap2.put("captchaValidate", captchaValidateFilter());
        linkedHashMap2.put("kickout", kickoutSessionFilter());
        linkedHashMap2.put("logout", logoutFilter());
        shiroFilterFactoryBean.setFilters(linkedHashMap2);
        linkedHashMap.put("/**", "user,kickout,onlineSession,syncOnlineSession");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(linkedHashMap);
        return shiroFilterFactoryBean;
    }

    public OnlineSessionFilter onlineSessionFilter() {
        OnlineSessionFilter onlineSessionFilter = new OnlineSessionFilter();
        onlineSessionFilter.setLoginUrl(this.loginUrl);
        onlineSessionFilter.setOnlineSessionDAO(sessionDAO());
        return onlineSessionFilter;
    }

    public SyncOnlineSessionFilter syncOnlineSessionFilter() {
        SyncOnlineSessionFilter syncOnlineSessionFilter = new SyncOnlineSessionFilter();
        syncOnlineSessionFilter.setOnlineSessionDAO(sessionDAO());
        return syncOnlineSessionFilter;
    }

    public CaptchaValidateFilter captchaValidateFilter() {
        CaptchaValidateFilter captchaValidateFilter = new CaptchaValidateFilter();
        captchaValidateFilter.setCaptchaEnabled(this.captchaEnabled);
        captchaValidateFilter.setCaptchaType(this.captchaType);
        return captchaValidateFilter;
    }

    public SimpleCookie rememberMeCookie() {
        SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
        simpleCookie.setDomain(this.domain);
        simpleCookie.setPath(this.path);
        simpleCookie.setHttpOnly(this.httpOnly);
        simpleCookie.setMaxAge(this.maxAge * 24 * 60 * 60);
        return simpleCookie;
    }

    public CookieRememberMeManager rememberMeManager() {
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCookie(rememberMeCookie());
        cookieRememberMeManager.setCipherKey(Base64.decode(this.cipherKey));
        return cookieRememberMeManager;
    }

    public KickoutSessionFilter kickoutSessionFilter() {
        KickoutSessionFilter kickoutSessionFilter = new KickoutSessionFilter();
        kickoutSessionFilter.setCacheManager(getEhCacheManager());
        kickoutSessionFilter.setSessionManager(sessionManager());
        kickoutSessionFilter.setMaxSession(this.maxSession);
        kickoutSessionFilter.setKickoutAfter(this.kickoutAfter);
        kickoutSessionFilter.setKickoutUrl("/login?kickout=1");
        return kickoutSessionFilter;
    }

    @Bean
    public ShiroDialect shiroDialect() {
        return new ShiroDialect();
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(@Qualifier("securityManager") SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }
}
