package com.diagbot.config;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;

/**
 * @Description: 权限资源配置类
 * @author: gaodm
 * @time: 2018/8/2 14:21
 */
@Configuration
@EnableResourceServer
public class ResourceServerConfigurer extends ResourceServerConfigurerAdapter {
    Logger log = LoggerFactory.getLogger(ResourceServerConfigurer.class);

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .csrf().disable()
                .authorizeRequests()
                .regexMatchers(".*swagger.*",".*v2.*",".*webjars.*","/user/login.*","/user/registry.*","/user/test.*","/druid.*","/actuator.*","/hystrix.*","/hi.*","/test.*").permitAll()
                .antMatchers("/userver/getImgVerification").permitAll()
                .antMatchers("/userver/verifyImgVerification").permitAll()
                .antMatchers("/userver/getSmsWithRegister").permitAll()
                .antMatchers("/userver/getSmsWithResetPassword").permitAll()
                .antMatchers("/userver/verifySmsVerification").permitAll()
                .antMatchers("/user/resetPassword").permitAll()
                .antMatchers("/getUserEnumsData").permitAll()
                .antMatchers("/userInfo/getUserInfoPag").permitAll()
                .antMatchers("/user/getPermission").permitAll()
                .antMatchers("/userInfo/updateUserInfoAll").permitAll()
                .antMatchers("/userInfo/updateDeleted").permitAll()
                .antMatchers("/user/index").permitAll()
                .antMatchers("/**").authenticated();
//        .antMatchers("/**").permitAll();
    }


    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        log.info("Configuring ResourceServerSecurityConfigurer ");
        resources.resourceId("user-service").tokenStore(tokenStore);
    }

    @Autowired
    TokenStore tokenStore;
}