package cn.com.yusys.yusp.commons.security.config;

import cn.com.yusys.yusp.commons.security.headers.HeadersSecurityProperties;
import cn.com.yusys.yusp.commons.security.util.WebSecurityUtils;
import cn.com.yusys.yusp.commons.security.web.filter.SQLInjectionServletFilter;
import cn.com.yusys.yusp.commons.security.web.filter.WebSecurityFilter;
import javax.servlet.Filter;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.security.web.header.writers.StaticHeadersWriter;

@EnableConfigurationProperties({HeadersSecurityProperties.class, SQLInjectionProperties.class})
/* loaded from: input_file:cn/com/yusys/yusp/commons/security/config/WebSecurityAutoConfiguration.class */
public class WebSecurityAutoConfiguration {
    private final HeadersSecurityProperties headersSecurityProperties;
    private final SQLInjectionProperties sqlInjectionProperties;

    public WebSecurityAutoConfiguration(HeadersSecurityProperties headersSecurityProperties, SQLInjectionProperties sQLInjectionProperties) {
        this.headersSecurityProperties = headersSecurityProperties;
        this.sqlInjectionProperties = sQLInjectionProperties;
    }

    @Bean
    public FilterRegistrationBean<Filter> webSecurityFilterFilter() {
        WebSecurityFilter webSecurityFilter = new WebSecurityFilter();
        webSecurityFilter.setHeaderWriters(new StaticHeadersWriter(WebSecurityUtils.parseSecurityHeaders(this.headersSecurityProperties)));
        FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<>(webSecurityFilter, new ServletRegistrationBean[0]);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        filterRegistrationBean.addInitParameter("overrideSecurityHeader", String.valueOf(this.headersSecurityProperties.isOverrideSecurityHeader()));
        filterRegistrationBean.setOrder(this.headersSecurityProperties.getOrder());
        return filterRegistrationBean;
    }

    @ConditionalOnProperty(name = {"yusp.security.sql-injection.enabled"}, havingValue = "true")
    @Bean
    public FilterRegistrationBean<Filter> sqlInjectionFilter() {
        FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<>(new SQLInjectionServletFilter(), new ServletRegistrationBean[0]);
        filterRegistrationBean.addUrlPatterns(new String[]{"/*"});
        filterRegistrationBean.addInitParameter("regex", this.sqlInjectionProperties.getRegex());
        return filterRegistrationBean;
    }
}
