package com.backed.datatronic.security.config;

import com.backed.datatronic.security.JWTService;
import com.backed.datatronic.security.jwt.JWTAuthorizacionFilter;
import jakarta.servlet.Filter;
import java.util.Arrays;
import java.util.List;
import org.springdoc.core.utils.Constants;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpHeaders;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.servlet.support.WebContentGenerator;

@Configuration
@EnableMethodSecurity(prePostEnabled = true)
/* loaded from: input_file:BOOT-INF/classes/com/backed/datatronic/security/config/SecurityConfiguration.class */
public class SecurityConfiguration {
    private final JWTService jwtService;
    private final UserDetailsService userDetailsService;

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Bean
    public JWTAuthorizacionFilter jwtAuthorizacionFilter() {
        return new JWTAuthorizacionFilter(this.jwtService, this.userDetailsService);
    }

    @Bean
    public AuthenticationManager authManager(UserDetailsService userDetailsService) {
        DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
        daoAuthenticationProvider.setUserDetailsService(userDetailsService);
        daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());
        return new ProviderManager(daoAuthenticationProvider);
    }

    @Bean
    CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.setAllowedOrigins(List.of("*"));
        corsConfiguration.setAllowedMethods(Arrays.asList("GET", WebContentGenerator.METHOD_POST, "PUT", "DELETE", "PATCH"));
        corsConfiguration.setAllowedHeaders(Arrays.asList("authorization", HttpHeaders.CONTENT_TYPE, "x-auth-token", "Access-Control-Allow-Origin"));
        corsConfiguration.setExposedHeaders(List.of(HttpHeaders.CONTENT_DISPOSITION));
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        urlBasedCorsConfigurationSource.registerCorsConfiguration(Constants.ALL_PATTERN, corsConfiguration);
        return urlBasedCorsConfigurationSource;
    }

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity httpSecurity, AuthenticationManager authenticationManager) throws Exception {
        httpSecurity.cors(corsConfigurer -> {
            corsConfigurer.configurationSource(corsConfigurationSource());
        }).csrf(csrfConfigurer -> {
            csrfConfigurer.disable();
        }).authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            authorizationManagerRequestMatcherRegistry.requestMatchers("/auth/**").permitAll();
            authorizationManagerRequestMatcherRegistry.requestMatchers("/usuarios/modulos").permitAll();
            authorizationManagerRequestMatcherRegistry.anyRequest().permitAll();
        });
        httpSecurity.sessionManagement(sessionManagementConfigurer -> {
            sessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        });
        httpSecurity.authenticationManager(authenticationManager);
        httpSecurity.addFilterBefore((Filter) jwtAuthorizacionFilter(), UsernamePasswordAuthenticationFilter.class);
        httpSecurity.exceptionHandling(exceptionHandlingConfigurer -> {
            exceptionHandlingConfigurer.authenticationEntryPoint((httpServletRequest, httpServletResponse, authenticationException) -> {
                httpServletResponse.sendError(401, "UNAUTHORIZED");
            });
        });
        return httpSecurity.build();
    }

    public SecurityConfiguration(JWTService jWTService, UserDetailsService userDetailsService) {
        this.jwtService = jWTService;
        this.userDetailsService = userDetailsService;
    }
}
