package org.apereo.cas.config;

import org.apereo.cas.authentication.AuthenticationServiceSelectionStrategy;
import org.apereo.cas.authentication.MultifactorAuthenticationTrigger;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.oidc.OidcConfigurationContext;
import org.apereo.cas.oidc.web.flow.OidcCasWebflowLoginContextProvider;
import org.apereo.cas.oidc.web.flow.OidcRegisteredServiceUIAction;
import org.apereo.cas.oidc.web.flow.OidcUnmetAuthenticationRequirementWebflowExceptionHandler;
import org.apereo.cas.oidc.web.flow.OidcWebflowConfigurer;
import org.apereo.cas.oidc.web.flow.account.OidcAccountProfileAccessTokenAction;
import org.apereo.cas.oidc.web.flow.account.OidcAccountProfileRemoveAccessTokenAction;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.apereo.cas.web.flow.CasWebflowConfigurer;
import org.apereo.cas.web.flow.CasWebflowExecutionPlanConfigurer;
import org.apereo.cas.web.flow.CasWebflowLoginContextProvider;
import org.apereo.cas.web.flow.authentication.CasWebflowExceptionHandler;
import org.apereo.cas.web.flow.resolver.CasDelegatingWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.CasWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.CasWebflowEventResolutionConfigurationContext;
import org.apereo.cas.web.flow.resolver.impl.mfa.DefaultMultifactorAuthenticationProviderWebflowEventResolver;
import org.apereo.cas.web.support.ArgumentExtractor;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.builder.support.FlowBuilderServices;
import org.springframework.webflow.execution.Action;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration(value = "OidcWebflowConfiguration", proxyBeanMethods = false)
@ConditionalOnFeatureEnabled(feature = {CasFeatureModule.FeatureCatalog.OpenIDConnect})
/* loaded from: input_file:org/apereo/cas/config/OidcWebflowConfiguration.class */
public class OidcWebflowConfiguration {
    @ConditionalOnMissingBean(name = {"oidcUnmetAuthenticationRequirementWebflowExceptionHandler"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public CasWebflowExceptionHandler oidcUnmetAuthenticationRequirementWebflowExceptionHandler(@Qualifier("oidcConfigurationContext") OidcConfigurationContext oidcConfigurationContext) {
        return new OidcUnmetAuthenticationRequirementWebflowExceptionHandler(oidcConfigurationContext);
    }

    @ConditionalOnMissingBean(name = {"oidcCasWebflowExecutionPlanConfigurer"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public CasWebflowExecutionPlanConfigurer oidcCasWebflowExecutionPlanConfigurer(@Qualifier("oidcWebflowConfigurer") CasWebflowConfigurer casWebflowConfigurer, @Qualifier("oidcLocaleChangeInterceptor") HandlerInterceptor handlerInterceptor, @Qualifier("oidcCasWebflowLoginContextProvider") CasWebflowLoginContextProvider casWebflowLoginContextProvider) {
        return casWebflowExecutionPlan -> {
            casWebflowExecutionPlan.registerWebflowConfigurer(casWebflowConfigurer);
            casWebflowExecutionPlan.registerWebflowInterceptor(handlerInterceptor);
            casWebflowExecutionPlan.registerWebflowLoginContextProvider(casWebflowLoginContextProvider);
        };
    }

    @ConditionalOnMissingBean(name = {"oidcCasWebflowLoginContextProvider"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public CasWebflowLoginContextProvider oidcCasWebflowLoginContextProvider(@Qualifier("argumentExtractor") ArgumentExtractor argumentExtractor) {
        return new OidcCasWebflowLoginContextProvider(argumentExtractor);
    }

    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    @Lazy(false)
    public CasWebflowEventResolver oidcAuthenticationContextWebflowEventResolver(@Qualifier("initialAuthenticationAttemptWebflowEventResolver") CasDelegatingWebflowEventResolver casDelegatingWebflowEventResolver, @Qualifier("casWebflowConfigurationContext") CasWebflowEventResolutionConfigurationContext casWebflowEventResolutionConfigurationContext, @Qualifier("oidcMultifactorAuthenticationTrigger") MultifactorAuthenticationTrigger multifactorAuthenticationTrigger) {
        DefaultMultifactorAuthenticationProviderWebflowEventResolver defaultMultifactorAuthenticationProviderWebflowEventResolver = new DefaultMultifactorAuthenticationProviderWebflowEventResolver(casWebflowEventResolutionConfigurationContext, multifactorAuthenticationTrigger);
        casDelegatingWebflowEventResolver.addDelegate(defaultMultifactorAuthenticationProviderWebflowEventResolver);
        return defaultMultifactorAuthenticationProviderWebflowEventResolver;
    }

    @ConditionalOnMissingBean(name = {"oidcWebflowConfigurer"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public CasWebflowConfigurer oidcWebflowConfigurer(@Qualifier("logoutFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry, @Qualifier("flowBuilderServices") FlowBuilderServices flowBuilderServices, @Qualifier("loginFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry2, ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties) {
        OidcWebflowConfigurer oidcWebflowConfigurer = new OidcWebflowConfigurer(flowBuilderServices, flowDefinitionRegistry2, configurableApplicationContext, casConfigurationProperties);
        oidcWebflowConfigurer.setLogoutFlowDefinitionRegistry(flowDefinitionRegistry);
        return oidcWebflowConfigurer;
    }

    @ConditionalOnMissingBean(name = {"oidcRegisteredServiceUIAction"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public Action oidcRegisteredServiceUIAction(@Qualifier("oauth20AuthenticationRequestServiceSelectionStrategy") AuthenticationServiceSelectionStrategy authenticationServiceSelectionStrategy, @Qualifier("servicesManager") ServicesManager servicesManager) {
        return new OidcRegisteredServiceUIAction(servicesManager, authenticationServiceSelectionStrategy);
    }

    @ConditionalOnMissingBean(name = {"oidcAccountProfileAccessTokensAction"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public Action oidcAccountProfileAccessTokensAction(@Qualifier("ticketRegistry") TicketRegistry ticketRegistry) {
        return new OidcAccountProfileAccessTokenAction(ticketRegistry);
    }

    @ConditionalOnMissingBean(name = {"accountProfileOidcRemoveAccessTokenAction"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public Action accountProfileOidcRemoveAccessTokenAction(@Qualifier("ticketRegistry") TicketRegistry ticketRegistry) {
        return new OidcAccountProfileRemoveAccessTokenAction(ticketRegistry);
    }
}
