package com.netsync.smp.web.config;

import com.netsync.smp.web.security.CsrfHeaderFilter;
import com.netsync.smp.web.security.SmpUserFilter;
import javax.servlet.Filter;
import javax.servlet.http.HttpServletRequest;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.csrf.CsrfFilter;
import org.springframework.security.web.csrf.CsrfTokenRepository;
import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository;
import org.springframework.security.web.util.matcher.RequestMatcher;

@Configuration
/* loaded from: input_file:WEB-INF/classes/com/netsync/smp/web/config/WebSecurityConfig.class */
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    /* loaded from: input_file:WEB-INF/classes/com/netsync/smp/web/config/WebSecurityConfig$CsrfMatcher.class */
    class CsrfMatcher implements RequestMatcher {
        CsrfMatcher() {
        }

        @Override // org.springframework.security.web.util.matcher.RequestMatcher
        public boolean matches(HttpServletRequest httpServletRequest) {
            if ("GET".equals(httpServletRequest.getMethod())) {
                return false;
            }
            return httpServletRequest.getRequestURI().startsWith("/api");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) ((HttpSecurity) httpSecurity.httpBasic().and()).csrf().csrfTokenRepository(csrfTokenRepository()).requireCsrfProtectionMatcher(new CsrfMatcher()).and()).logout().logoutUrl("/api/logout").logoutSuccessUrl("/").and()).authorizeRequests().antMatchers("/call_treatment/**").permitAll().antMatchers("/call_recording/**").permitAll().antMatchers("/api/settings/version").permitAll().antMatchers("/api/logout").permitAll().antMatchers("/app/**").permitAll().antMatchers("api/update/**").permitAll().antMatchers("/bower_components/**").permitAll().antMatchers("/test/**").permitAll().antMatchers("/images/**").permitAll().antMatchers("/scripts/**").permitAll().antMatchers("/styles/**").permitAll().antMatchers("/favicon.ico").permitAll().antMatchers("/404.html").permitAll().antMatchers("/robots.txt").permitAll().antMatchers("/index.html").permitAll().antMatchers("/").permitAll().antMatchers("/api/455d3166-e3ce-4031-853c-1ffaf216bd9f/**").permitAll().anyRequest().authenticated().and()).addFilterAfter((Filter) new CsrfHeaderFilter(), CsrfFilter.class);
    }

    protected CsrfTokenRepository csrfTokenRepository() {
        HttpSessionCsrfTokenRepository httpSessionCsrfTokenRepository = new HttpSessionCsrfTokenRepository();
        httpSessionCsrfTokenRepository.setHeaderName("X-XSRF-TOKEN");
        return httpSessionCsrfTokenRepository;
    }

    @Bean
    protected SmpUserFilter smpUserFilter() {
        return new SmpUserFilter();
    }
}
