package com.asiainfo.aisquare.aisp.security.config;

import com.asiainfo.aisquare.aisp.security.exception.AispWebResponseExceptionTranslator;
import javax.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.AccessTokenConverter;
import org.springframework.security.oauth2.provider.token.TokenStore;

@Configuration
@EnableAuthorizationServer
/* loaded from: input_file:com/asiainfo/aisquare/aisp/security/config/AispAuthorizationServerConfig.class */
public class AispAuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
    private static final Logger log = LoggerFactory.getLogger(AispAuthorizationServerConfig.class);

    @Resource
    @Lazy
    TokenStore tokenStore;

    @Resource
    AuthenticationManager authenticationManager;

    @Resource
    AccessTokenConverter accessTokenConverterBean;

    @Resource
    PasswordEncoder passwordEncoder;

    @Value("${auth.client.id:cid}")
    String clientId;

    @Value("${auth.client.secret:123456}")
    String clientSecret;

    @Value("${auth.access.token.validity.seconds:7200}")
    int accessTokenValiditySeconds;

    @Value("${auth.refresh.token.validity.seconds:604800}")
    int refreshTokenValiditySeconds;

    @Resource
    UserDetailsService authUserDetailsService;

    public void configure(ClientDetailsServiceConfigurer clientDetailsServiceConfigurer) throws Exception {
        clientDetailsServiceConfigurer.inMemory().withClient(this.clientId).authorizedGrantTypes(new String[]{"password", "refresh_token"}).accessTokenValiditySeconds(this.accessTokenValiditySeconds).refreshTokenValiditySeconds(this.refreshTokenValiditySeconds).scopes(new String[]{"all"}).secret(this.passwordEncoder.encode(this.clientSecret));
    }

    public void configure(AuthorizationServerEndpointsConfigurer authorizationServerEndpointsConfigurer) throws Exception {
        authorizationServerEndpointsConfigurer.tokenStore(this.tokenStore).userDetailsService(this.authUserDetailsService).accessTokenConverter(this.accessTokenConverterBean).exceptionTranslator(new AispWebResponseExceptionTranslator()).authenticationManager(this.authenticationManager);
    }

    public void configure(AuthorizationServerSecurityConfigurer authorizationServerSecurityConfigurer) throws Exception {
        authorizationServerSecurityConfigurer.tokenKeyAccess("permitAll()").checkTokenAccess("permitAll()").allowFormAuthenticationForClients();
    }
}
