package cn.insmart.iam.gateway;

import cn.insmart.iam.auth.bus.v1.EnableAuthBusEvenScan;
import cn.insmart.iam.gateway.config.AuthorizationProperties;
import cn.insmart.iam.gateway.config.DevelopProperties;
import cn.insmart.iam.gateway.config.OAuthProviderProperties;
import cn.insmart.iam.gateway.repository.TokenRepository;
import cn.insmart.iam.gateway.repository.impl.InMemoryTokenRepository;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Primary;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientManager;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProvider;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager;
import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
import org.springframework.security.web.server.SecurityWebFilterChain;

@EnableScheduling
@EnableConfigurationProperties({AuthorizationProperties.class, OAuthProviderProperties.class, DevelopProperties.class})
@EnableWebFluxSecurity
@EnableAuthBusEvenScan
@ComponentScan
/* loaded from: input_file:cn/insmart/iam/gateway/IamGatewayAutoConfiguration.class */
public class IamGatewayAutoConfiguration {
    @Bean
    public SecurityWebFilterChain configure(ServerHttpSecurity serverHttpSecurity) {
        serverHttpSecurity.csrf().disable().oauth2Client(Customizer.withDefaults());
        return serverHttpSecurity.build();
    }

    @Bean
    @Primary
    ReactiveOAuth2AuthorizedClientManager authorizedClientManager(ReactiveClientRegistrationRepository reactiveClientRegistrationRepository, ServerOAuth2AuthorizedClientRepository serverOAuth2AuthorizedClientRepository) {
        ReactiveOAuth2AuthorizedClientProvider build = ReactiveOAuth2AuthorizedClientProviderBuilder.builder().clientCredentials().build();
        DefaultReactiveOAuth2AuthorizedClientManager defaultReactiveOAuth2AuthorizedClientManager = new DefaultReactiveOAuth2AuthorizedClientManager(reactiveClientRegistrationRepository, serverOAuth2AuthorizedClientRepository);
        defaultReactiveOAuth2AuthorizedClientManager.setAuthorizedClientProvider(build);
        return defaultReactiveOAuth2AuthorizedClientManager;
    }

    @ConditionalOnMissingBean
    @Bean
    public TokenRepository tokenRepository() {
        return new InMemoryTokenRepository();
    }
}
