package com.jxdinfo.hussar.config.web;

import com.alibaba.druid.pool.DruidDataSource;
import com.alibaba.druid.support.http.StatViewServlet;
import com.alibaba.druid.support.http.WebStatFilter;
import com.alibaba.druid.support.spring.stat.BeanTypeAutoProxyCreator;
import com.alibaba.druid.support.spring.stat.DruidStatInterceptor;
import com.google.code.kaptcha.impl.DefaultKaptcha;
import com.google.code.kaptcha.util.Config;
import com.jxdinfo.hussar.common.firewall.cors.CorsProperties;
import com.jxdinfo.hussar.common.firewall.csrf.CsrfFilter;
import com.jxdinfo.hussar.common.firewall.xss.XssFilter;
import com.jxdinfo.hussar.config.cas.ShiroCasConfiguration;
import com.jxdinfo.hussar.config.properties.ConnectionPoolProperties;
import com.jxdinfo.hussar.config.properties.HussarProperties;
import com.jxdinfo.hussar.core.listener.ConfigListener;
import com.jxdinfo.hussar.isc.conf.ShiroIscConfiguration;
import com.jxdinfo.hussar.otp.credential.AbstractOTPCredentialsMatcher;
import java.io.IOException;
import java.util.List;
import org.springframework.aop.Advisor;
import org.springframework.aop.support.DefaultPointcutAdvisor;
import org.springframework.aop.support.JdkRegexpMethodPointcut;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.PropertiesFactoryBean;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ClassPathResource;
import org.springframework.web.context.request.RequestContextListener;

@Configuration
/* loaded from: input_file:com/jxdinfo/hussar/config/web/WebConfig.class */
public class WebConfig {

    @Autowired
    private HussarProperties hussarProperties;

    @Autowired
    private CorsProperties corsProperties;

    @Autowired
    ConnectionPoolProperties connectionPoolProperties;

    @Autowired
    AbstractOTPCredentialsMatcher abstractOTPCredentialsMatcher;

    @Autowired
    private ShiroIscConfiguration iscConf;

    @Autowired
    private ShiroCasConfiguration casConf;

    @Bean
    public ServletRegistrationBean<StatViewServlet> druidServletRegistration() {
        ServletRegistrationBean<StatViewServlet> servletRegistrationBean = new ServletRegistrationBean<>(new StatViewServlet(), new String[0]);
        servletRegistrationBean.addUrlMappings(new String[]{"/druid/*"});
        if (this.connectionPoolProperties.isInUse()) {
            servletRegistrationBean.setEnabled(true);
        } else {
            servletRegistrationBean.setEnabled(false);
        }
        if (this.connectionPoolProperties.isNeedLogin()) {
            servletRegistrationBean.addInitParameter("loginUsername", this.connectionPoolProperties.getLoginUsername());
            servletRegistrationBean.addInitParameter("loginPassword", this.connectionPoolProperties.getLoginPassword());
        }
        return servletRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean<WebStatFilter> druidStatFilter() {
        FilterRegistrationBean<WebStatFilter> filterRegistrationBean = new FilterRegistrationBean<>(new WebStatFilter(), new ServletRegistrationBean[0]);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        filterRegistrationBean.addInitParameter("exclusions", "/logout,/login,/static/*,*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid,/druid/*,/frontLogin/*,/speedcode/publish/*");
        filterRegistrationBean.addInitParameter("principalSessionName", "username");
        return filterRegistrationBean;
    }

    @Bean
    public DruidStatInterceptor druidStatInterceptor() {
        return new DruidStatInterceptor();
    }

    @Bean
    public JdkRegexpMethodPointcut druidStatPointcut() {
        JdkRegexpMethodPointcut jdkRegexpMethodPointcut = new JdkRegexpMethodPointcut();
        jdkRegexpMethodPointcut.setPatterns(new String[]{"com.jxdinfo.hussar.*.service.*"});
        return jdkRegexpMethodPointcut;
    }

    @Bean
    public BeanTypeAutoProxyCreator beanTypeAutoProxyCreator() {
        BeanTypeAutoProxyCreator beanTypeAutoProxyCreator = new BeanTypeAutoProxyCreator();
        beanTypeAutoProxyCreator.setTargetBeanType(DruidDataSource.class);
        beanTypeAutoProxyCreator.setInterceptorNames(new String[]{"druidStatInterceptor"});
        return beanTypeAutoProxyCreator;
    }

    @Bean
    public Advisor druidStatAdvisor() {
        return new DefaultPointcutAdvisor(druidStatPointcut(), druidStatInterceptor());
    }

    @Bean
    public FilterRegistrationBean<XssFilter> xssFilterRegistration() {
        XssFilter xssFilter = new XssFilter();
        FilterRegistrationBean<XssFilter> filterRegistrationBean = new FilterRegistrationBean<>(xssFilter, new ServletRegistrationBean[0]);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        xssFilter.setXssLevel(this.hussarProperties.getFirewallXssLevel());
        List<String> xssWhitelist = this.hussarProperties.getXssWhitelist();
        StringBuffer stringBuffer = new StringBuffer("/logout,/static/*,*.js,*.gif,*.jpg,*.png,*.css,*.ico");
        StringBuffer stringBuffer2 = new StringBuffer("*/sqlnet.log,*/sqlnet.trc,*/status.cgi,*.cgi,*.dll,*.exe,*.sh,*.bat*,/servlet/viewsource.jsp,/cgi-bin/htgrep/*,*.asp,*.aspx,*php,*php5,*php4,*php3,*php2,*php1,*.swp");
        if (xssWhitelist != null && xssWhitelist.size() > 0) {
            for (String str : xssWhitelist) {
                stringBuffer.append(",");
                stringBuffer.append(str);
            }
        }
        filterRegistrationBean.addInitParameter("exclusions", stringBuffer.toString());
        List<String> xssBlacklist = this.hussarProperties.getXssBlacklist();
        if (xssBlacklist != null && xssBlacklist.size() > 0) {
            for (String str2 : xssBlacklist) {
                stringBuffer2.append(",");
                stringBuffer2.append(str2);
            }
        }
        filterRegistrationBean.addInitParameter(XssFilter.PARAM_NAME_PATHCHECKS, stringBuffer2.toString());
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean<CsrfFilter> csrfFilterRegistration() {
        CsrfFilter csrfFilter = new CsrfFilter(this.abstractOTPCredentialsMatcher);
        csrfFilter.setCsrfcheck(this.hussarProperties.isCheckCsrfOpen());
        FilterRegistrationBean<CsrfFilter> filterRegistrationBean = new FilterRegistrationBean<>(csrfFilter, new ServletRegistrationBean[0]);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        StringBuffer stringBuffer = new StringBuffer("/logout,/static/*,/monitor,*.js,*.gif,*.jpg,*.png,*.css,*.ico");
        List<String> csrfWhitelist = this.hussarProperties.getCsrfWhitelist();
        if (csrfWhitelist != null && csrfWhitelist.size() > 0) {
            for (String str : csrfWhitelist) {
                stringBuffer.append(",");
                stringBuffer.append(str);
            }
        }
        StringBuffer stringBuffer2 = new StringBuffer();
        List<String> referWhitelist = this.hussarProperties.getReferWhitelist();
        if (this.iscConf.isActive()) {
            String serverUrlPrefix = this.iscConf.getServerUrlPrefix();
            stringBuffer2.append(",");
            stringBuffer2.append(serverUrlPrefix);
        }
        if (this.casConf.isActive()) {
            String serverUrlPrefix2 = this.casConf.getServerUrlPrefix();
            stringBuffer2.append(",");
            stringBuffer2.append(serverUrlPrefix2);
        }
        if (referWhitelist != null && referWhitelist.size() > 0) {
            for (String str2 : referWhitelist) {
                stringBuffer2.append(",");
                stringBuffer2.append(str2);
            }
        }
        for (String str3 : this.corsProperties.getAllowedOrigins()) {
            stringBuffer2.append(",");
            stringBuffer2.append(str3);
        }
        csrfFilter.setRefererWhitelist(stringBuffer2.toString());
        filterRegistrationBean.addInitParameter("exclusions", stringBuffer.toString());
        return filterRegistrationBean;
    }

    @Bean
    public ServletListenerRegistrationBean<RequestContextListener> requestContextListenerRegistration() {
        return new ServletListenerRegistrationBean<>(new RequestContextListener());
    }

    @Bean
    public ServletListenerRegistrationBean<ConfigListener> configListenerRegistration() {
        return new ServletListenerRegistrationBean<>(new ConfigListener());
    }

    @Bean
    public DefaultKaptcha kaptcha() throws IOException {
        PropertiesFactoryBean propertiesFactoryBean = new PropertiesFactoryBean();
        propertiesFactoryBean.setLocation(new ClassPathResource("/kaptcha.properties"));
        propertiesFactoryBean.afterPropertiesSet();
        Config config = new Config(propertiesFactoryBean.getObject());
        DefaultKaptcha defaultKaptcha = new DefaultKaptcha();
        defaultKaptcha.setConfig(config);
        return defaultKaptcha;
    }
}
