package com.diagbot.config;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.jwt.crypto.sign.RsaVerifier;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import org.springframework.util.FileCopyUtils;

import java.io.IOException;

/**
 * @Description: 权限资源配置类
 * @author: gaodm
 * @time: 2018/8/2 14:21
 */
@Configuration
@EnableResourceServer
@ComponentScan({"com.diagbot.config"})
public class ResourceServerConfigurer extends ResourceServerConfigurerAdapter {
    Logger log = LoggerFactory.getLogger(ResourceServerConfigurer.class);

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.cors()
                .and()
                .csrf().disable()
                .authorizeRequests()
                .regexMatchers(".*swagger.*", ".*v2.*", ".*webjars.*", "/druid.*", "/actuator.*", "/hystrix.*").permitAll()
                .antMatchers("/sys/user/getJwt").permitAll()
                .antMatchers("/sys/user/getJwtNoPass").permitAll()
                .antMatchers("/sys/user/refreshJwt").permitAll()
                .antMatchers("/sys/user/checkToken").permitAll()
                .antMatchers("/sys/dictionaryInfo/getDictionary").permitAll()
                .antMatchers("/oauth/token").permitAll()
                .antMatchers("/oauth/check_token").permitAll()
                .antMatchers("/cache/clear").permitAll()
                .antMatchers("/qc/behospitalInfo/execule").permitAll()
                .antMatchers("/qc/behospitalInfo/analyze_rpc").permitAll()
                .antMatchers("/qc/behospitalInfo/analyze_api").permitAll()
                .antMatchers("/qc/behospitalInfo/analyze_run").permitAll()
                .antMatchers("/qc/module/getById").permitAll()
                .antMatchers("/qc/module/getModuleMap").permitAll()
                .antMatchers("/qc/cases/getQcCases").permitAll()
                .antMatchers("/qc/behospitalInfo/page").permitAll()
                .antMatchers("/qc/casesEntryHospital/getQcCasesEntryAll").permitAll()
                .antMatchers("/qc/casesEntryHospital/getQcCasesAll").permitAll()
                .antMatchers("/qc/behospitalInfo/getByBehospitalCode").permitAll()
                .antMatchers("/bas/dept/getList").permitAll()
                .antMatchers("/bas/dept/getListUser").permitAll()
                .antMatchers("/qc/behospitalInfo/page_dept").permitAll()
                .antMatchers("/qc/behospitalInfo/page_person").permitAll()
                .antMatchers("/qc/behospitalInfo/page_group").permitAll()
                .antMatchers("/qc/casesEntryHospital/findQcCasesEntry").permitAll()
                .antMatchers("/qc/behospitalInfo/exportExcel").permitAll()
                .antMatchers("/qc/behospitalInfo/exportQcresult").permitAll()
                .antMatchers("/qc/behospitalInfo/exportQcresultByDept").permitAll()
                .antMatchers("/qc/behospitalInfo/exportQcresultByGroup").permitAll()
                .antMatchers("/qc/abnormal/getQcAnnormalMode").permitAll()
                .antMatchers("/qc/dataimport/import").permitAll()
                .antMatchers("/qc/dataimport/dataimportPrepare").permitAll()
                .antMatchers("/qc/dataimport/test").permitAll()
                .antMatchers("/sys/user/pageset/getPageSet").permitAll()
                .antMatchers("/sys/user/pageset/savePageSet").permitAll()
                .antMatchers("/consoleByDept/getDept").permitAll()
                .antMatchers("/console/entryRejectPercent").permitAll()
                .antMatchers("/console/qcResultLevelPercent").permitAll()
                .antMatchers("/console/averageStatistics").permitAll()
                .antMatchers("/console/entryByDept").permitAll()
                .antMatchers("/console/entryCountGroupByCase").permitAll()
                .antMatchers("/console/entryCountGroupByCasePage").permitAll()
                .antMatchers("/console/entryCountGroupByEntry").permitAll()
                .antMatchers("/console/entryCountGroupByEntryPage").permitAll()
                .antMatchers("/console/entryGroupByEntryInnerPage").permitAll()
                .antMatchers("/console/getAverageDayNum").permitAll()
                .antMatchers("/console/getAverageDayNumPage").permitAll()
                .antMatchers("/console/getAverageFee").permitAll()
                .antMatchers("/console/getAverageFeePage").permitAll()
                .antMatchers("/console/getAverageScore").permitAll()
                .antMatchers("/console/getAverageScoreByDeptClass").permitAll()
                .antMatchers("/console/getAverageScoreByDeptPage").permitAll()
                .antMatchers("/console/getLevelResultDept").permitAll()
                .antMatchers("/console/homePageLevelLimit").permitAll()
                .antMatchers("/console/homePageLevelStatistics").permitAll()
                .antMatchers("/console/leaveHosCount").permitAll()
                .antMatchers("/console/levelPercentGroupByDeptPage").permitAll()
                .antMatchers("/console/levelStatistics").permitAll()
                .antMatchers("/console/levelStatisticsByDeptClass").permitAll()
                .antMatchers("/console/mrCount").permitAll()
                .antMatchers("/console/mrStatistics").permitAll()
                .antMatchers("/console/qcResultShortPage").permitAll()
                .antMatchers("/console/resultStatistics").permitAll()
                .antMatchers("/console/resultStatisticsByDeptPage").permitAll()
                .antMatchers("/console/homePageMRCount").permitAll()
                .antMatchers("/console/qcCheckStatistics").permitAll()
                .antMatchers("/console/unModifyMRStatistics").permitAll()
                .antMatchers("/console/unModifyMRPage").permitAll()
                .antMatchers("/consoleByDept/entryCountGroupByCaseAndDept").permitAll()
                .antMatchers("/consoleByDept/entryCountGroupByCaseAndDeptPage").permitAll()
                .antMatchers("/consoleByDept/entryCountGroupByEntryAndDept").permitAll()
                .antMatchers("/consoleByDept/entryCountGroupByEntryAndDeptPage").permitAll()
                .antMatchers("/consoleByDept/entryGroupByEntryAndDeptInnerPage").permitAll()
                .antMatchers("/consoleByDept/homePageLevelByDeptLimit").permitAll()
                .antMatchers("/consoleByDept/homePageLevelStatisticsByDept").permitAll()
                .antMatchers("/consoleByDept/leaveHosCountByDept").permitAll()
                .antMatchers("/consoleByDept/levelStatisticsByDept").permitAll()
                .antMatchers("/consoleByDept/mrCountByDept").permitAll()
                .antMatchers("/consoleByDept/qcResultShortByDeptPage").permitAll()
                .antMatchers("/consoleByDept/resultStatisticsByDeptAndDoctorPage").permitAll()
                .antMatchers("/console/export/homePageLevelExport").permitAll()
                .antMatchers("/console/export/entryGroupByEntryExport").permitAll()
                .antMatchers("/console/export/levelExport").permitAll()
                .antMatchers("/console/entryStatistics").permitAll()
                .antMatchers("/console/export/levelExport_TZ").permitAll()
                .antMatchers("/console/export/getAverageDayNumExport").permitAll()
                .antMatchers("/console/export/getAverageFeeExport").permitAll()
                .antMatchers("/console/export/levelPercentGroupByDeptExport").permitAll()
                .antMatchers("/console/export/entryCountGroupByEntryExport").permitAll()
                .antMatchers("/console/export/entryCountGroupByCaseExport").permitAll()
                .antMatchers("/console/export/entryStatisticsExport").permitAll()
                .antMatchers("/console/export/qcResultShortPageExport").permitAll()
                .antMatchers("/console/export/leaveHosMrPageExport").permitAll()
                .antMatchers("/console/export/qcCheckStatisticsExport").permitAll()
                .antMatchers("/console/export/unModifyMRPageExport").permitAll()
                .antMatchers("/console/export/unModifyMRStatisticsExport").permitAll()
                .antMatchers("/qc/data/sendDoctorInfos").permitAll()
                .antMatchers("/qc/data/sendDeptInfos").permitAll()
                .antMatchers("/qc/data/sendRecordTypes").permitAll()
                .antMatchers("/qc/data/sendMrRecordIng").permitAll()
                .antMatchers("/qc/data/sendMrContent").permitAll()
                .antMatchers("/qc/data/sendMrRecord").permitAll()
                .antMatchers("/qc/data/sendPatientInfo").permitAll()
                .antMatchers("/qc/data/sendDoctorAdvice").permitAll()
                .antMatchers("/qc/data/sendHomePageIng").permitAll()
                .antMatchers("/qc/data/sendHomePage").permitAll()
                .antMatchers("/qc/data/sendHomeDiagnose").permitAll()
                .antMatchers("/qc/data/sendHomeOperation").permitAll()
                .antMatchers("/qc/data/sendCrisis").permitAll()
                .antMatchers("/qc/doctoradvice/getPage").permitAll()
                .antMatchers("/**").authenticated();
        //                .antMatchers("/**").permitAll();
    }


    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        log.info("Configuring ResourceServerSecurityConfigurer");
        resources.resourceId("user-service").tokenStore(new JwtTokenStore(jwtTokenEnhancerClient()));
    }

    @Autowired
    private CustomAccessTokenConverter customAccessTokenConverter;

    @Bean("jwtTokenEnhancerClient")
    protected JwtAccessTokenConverter jwtTokenEnhancerClient() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        Resource resource = new ClassPathResource("public.cert");
        String publicKey;
        try {
            publicKey = new String(FileCopyUtils.copyToByteArray(resource.getInputStream()));
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
        converter.setVerifierKey(publicKey);
        //不设置这个会出现 Cannot convert access token to JSON
        converter.setVerifier(new RsaVerifier(publicKey));
        converter.setAccessTokenConverter(customAccessTokenConverter);
        log.info("Created jwtTokenEnhancerClient success");
        return converter;
    }
}