package com.hepl.tunefortwo.config.security;

import io.jsonwebtoken.io.Decoders;
import io.jsonwebtoken.security.Keys;
import java.util.Arrays;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpStatus;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.jose.jws.MacAlgorithm;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.HttpStatusEntryPoint;
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;

@Configuration
@EnableWebSecurity
@EnableMethodSecurity(prePostEnabled = true, securedEnabled = false, jsr250Enabled = false)
/* loaded from: input_file:com/hepl/tunefortwo/config/security/SecurityConfig.class */
public class SecurityConfig {
    private final CustomAuthenticationEntryPoint entryPoint;

    public SecurityConfig(CustomAuthenticationEntryPoint customAuthenticationEntryPoint) {
        System.out.println("entryPoint = " + customAuthenticationEntryPoint);
        this.entryPoint = customAuthenticationEntryPoint;
    }

    @Bean
    CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.setAllowedOrigins(Arrays.asList("*"));
        corsConfiguration.setAllowedMethods(Arrays.asList("*"));
        corsConfiguration.setAllowedHeaders(Arrays.asList("*"));
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
        return urlBasedCorsConfigurationSource;
    }

    @Bean
    BCryptPasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Bean
    SecurityFilterChain filterChain(HttpSecurity httpSecurity, HandlerMappingIntrospector handlerMappingIntrospector) throws Exception {
        MvcRequestMatcher mvcRequestMatcher = new MvcRequestMatcher(handlerMappingIntrospector, "/ui");
        MvcRequestMatcher mvcRequestMatcher2 = new MvcRequestMatcher(handlerMappingIntrospector, "/swagger-ui/**");
        MvcRequestMatcher mvcRequestMatcher3 = new MvcRequestMatcher(handlerMappingIntrospector, "/docs/**");
        AntPathRequestMatcher antPathRequestMatcher = new AntPathRequestMatcher("/v1/form", "POST");
        MvcRequestMatcher mvcRequestMatcher4 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/payment/");
        MvcRequestMatcher mvcRequestMatcher5 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/form/form-update/*");
        MvcRequestMatcher mvcRequestMatcher6 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/form/rating-review/*");
        MvcRequestMatcher mvcRequestMatcher7 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/form/add-screenshot/*");
        MvcRequestMatcher mvcRequestMatcher8 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/mood/get-AllMood-Active");
        MvcRequestMatcher mvcRequestMatcher9 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/instrument/get-AllInstrument-Active");
        MvcRequestMatcher mvcRequestMatcher10 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/language/get-AllLanguage-Active");
        MvcRequestMatcher mvcRequestMatcher11 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/orderSummary/**");
        MvcRequestMatcher mvcRequestMatcher12 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/Filed/**");
        MvcRequestMatcher mvcRequestMatcher13 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/artistmaster/**");
        MvcRequestMatcher mvcRequestMatcher14 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/mixturemaster/**");
        MvcRequestMatcher mvcRequestMatcher15 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/deliveryDate/**");
        AntPathRequestMatcher antPathRequestMatcher2 = new AntPathRequestMatcher("/v1/form/{id}", "GET");
        MvcRequestMatcher mvcRequestMatcher16 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/payment/upi/*");
        AntPathRequestMatcher antPathRequestMatcher3 = new AntPathRequestMatcher("/v1/payment/calculatedeliverypayment", "GET");
        AntPathRequestMatcher antPathRequestMatcher4 = new AntPathRequestMatcher("/v1/form/", "GET");
        AntPathRequestMatcher antPathRequestMatcher5 = new AntPathRequestMatcher("/v1/form/*", "GET");
        MvcRequestMatcher mvcRequestMatcher17 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/form/song/*");
        MvcRequestMatcher mvcRequestMatcher18 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/form/songDownload/*");
        new MvcRequestMatcher(handlerMappingIntrospector, "/v1/form/add-comment/*");
        MvcRequestMatcher mvcRequestMatcher19 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/form/orderTracker/");
        MvcRequestMatcher mvcRequestMatcher20 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/users/**");
        MvcRequestMatcher mvcRequestMatcher21 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/instaIntegration/**");
        MvcRequestMatcher mvcRequestMatcher22 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/form/contactus");
        MvcRequestMatcher mvcRequestMatcher23 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/authentication/**");
        MvcRequestMatcher mvcRequestMatcher24 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/masterpayment/createOrder");
        MvcRequestMatcher mvcRequestMatcher25 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/masterpayment/handle");
        MvcRequestMatcher mvcRequestMatcher26 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/form/send-otp");
        MvcRequestMatcher mvcRequestMatcher27 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/form/verify-otp");
        MvcRequestMatcher mvcRequestMatcher28 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/form/resend-otp");
        MvcRequestMatcher mvcRequestMatcher29 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/form/validatemobilenumber/**");
        MvcRequestMatcher mvcRequestMatcher30 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/instrument/instrumentimage/*");
        MvcRequestMatcher mvcRequestMatcher31 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/instrument/getallinsrumentimages");
        MvcRequestMatcher mvcRequestMatcher32 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/welcomeVideo/getAllWelcomeVideos");
        MvcRequestMatcher mvcRequestMatcher33 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/welcomeVideo/video/**");
        MvcRequestMatcher mvcRequestMatcher34 = new MvcRequestMatcher(handlerMappingIntrospector, "/v1/welcomeVideo/getMobileWelcomeVideo");
        httpSecurity.csrf(csrfConfigurer -> {
            csrfConfigurer.disable();
        }).cors(corsConfigurer -> {
            Customizer.withDefaults();
        }).authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
            ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) ((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorizationManagerRequestMatcherRegistry.requestMatchers(new RequestMatcher[]{antPathRequestMatcher})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher5})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher8})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher9})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher10})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher6})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher7})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher4})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher11})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher2})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher3})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher12})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher16})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher13})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher15})).permitAll().requestMatchers(new RequestMatcher[]{antPathRequestMatcher2})).permitAll().requestMatchers(new RequestMatcher[]{antPathRequestMatcher4})).permitAll().requestMatchers(new RequestMatcher[]{antPathRequestMatcher3})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher17})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher19})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher20})).permitAll().requestMatchers(new RequestMatcher[]{antPathRequestMatcher5})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher21})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher22})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher23})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher24})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher25})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher26})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher27})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher28})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher29})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher30})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher31})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher32})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher33})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher18})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher34})).permitAll().requestMatchers(new RequestMatcher[]{mvcRequestMatcher14})).permitAll().anyRequest()).authenticated();
        }).exceptionHandling(exceptionHandlingConfigurer -> {
            exceptionHandlingConfigurer.accessDeniedHandler(accessDeniedHandler()).authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED));
        }).oauth2ResourceServer(oAuth2ResourceServerConfigurer -> {
            oAuth2ResourceServerConfigurer.jwt(jwtConfigurer -> {
                jwtConfigurer.decoder(jwtDecoder());
            });
        }).exceptionHandling(exceptionHandlingConfigurer2 -> {
            exceptionHandlingConfigurer2.authenticationEntryPoint(this.entryPoint);
        });
        return (SecurityFilterChain) httpSecurity.build();
    }

    @Bean
    JwtDecoder jwtDecoder() {
        return NimbusJwtDecoder.withSecretKey(Keys.hmacShaKeyFor((byte[]) Decoders.BASE64.decode("9j7WszeA5eprDq2cFWYwRlK2oFz3xjHTGdyTzrRJVsRfPxPyWVa7wMvBn4nN9HLe"))).macAlgorithm(MacAlgorithm.HS256).build();
    }

    @Bean
    public AccessDeniedHandler accessDeniedHandler() {
        return (httpServletRequest, httpServletResponse, accessDeniedException) -> {
            httpServletResponse.setStatus(401);
            httpServletResponse.setContentType("application/json");
            httpServletResponse.getWriter().write("{\"status\": false, \"message\": \"Unauthorized\", \"errorType\": \"NONE\", \"timestamp\": " + System.currentTimeMillis() + "}");
        };
    }
}
