package org.apereo.cas.config;

import java.util.Objects;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.mfa.CasSimpleMultifactorProperties;
import org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationTicketExpirationPolicyBuilder;
import org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationTicketFactory;
import org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationUniqueTicketIdGenerator;
import org.apereo.cas.mfa.simple.DefaultCasSimpleMultifactorAuthenticationTicketFactory;
import org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorTrustedDeviceWebflowConfigurer;
import org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorWebflowConfigurer;
import org.apereo.cas.mfa.simple.web.flow.CasSimpleSendTokenAction;
import org.apereo.cas.notifications.CommunicationsManager;
import org.apereo.cas.ticket.ExpirationPolicyBuilder;
import org.apereo.cas.ticket.TicketFactoryExecutionPlanConfigurer;
import org.apereo.cas.ticket.UniqueTicketIdGenerator;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.apereo.cas.trusted.config.MultifactorAuthnTrustConfiguration;
import org.apereo.cas.web.flow.CasWebflowConfigurer;
import org.apereo.cas.web.flow.CasWebflowExecutionPlanConfigurer;
import org.apereo.cas.web.flow.util.MultifactorAuthenticationWebflowUtils;
import org.springframework.beans.factory.BeanCreationException;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.webflow.config.FlowDefinitionRegistryBuilder;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.builder.support.FlowBuilderServices;
import org.springframework.webflow.execution.Action;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@EnableScheduling
@Configuration("casSimpleMultifactorAuthenticationConfiguration")
/* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration.class */
public class CasSimpleMultifactorAuthenticationConfiguration {
    private static final int WEBFLOW_CONFIGURER_ORDER = 100;

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("ticketRegistry")
    private ObjectProvider<TicketRegistry> ticketRegistry;

    @Autowired
    @Qualifier("communicationsManager")
    private ObjectProvider<CommunicationsManager> communicationsManager;

    @Autowired
    private ConfigurableApplicationContext applicationContext;

    @Autowired
    @Qualifier("loginFlowRegistry")
    private ObjectProvider<FlowDefinitionRegistry> loginFlowDefinitionRegistry;

    @Autowired
    private ObjectProvider<FlowBuilderServices> flowBuilderServices;

    @ConditionalOnClass({MultifactorAuthnTrustConfiguration.class})
    @Configuration("casSimpleMultifactorTrustConfiguration")
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorTrustConfiguration.class */
    public class CasSimpleMultifactorTrustConfiguration {
        public CasSimpleMultifactorTrustConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorTrustWebflowConfigurer"})
        @DependsOn({"defaultWebflowConfigurer"})
        @Bean
        public CasWebflowConfigurer mfaSimpleMultifactorTrustWebflowConfigurer() {
            CasSimpleMultifactorTrustedDeviceWebflowConfigurer casSimpleMultifactorTrustedDeviceWebflowConfigurer = new CasSimpleMultifactorTrustedDeviceWebflowConfigurer((FlowBuilderServices) CasSimpleMultifactorAuthenticationConfiguration.this.flowBuilderServices.getObject(), (FlowDefinitionRegistry) CasSimpleMultifactorAuthenticationConfiguration.this.loginFlowDefinitionRegistry.getObject(), CasSimpleMultifactorAuthenticationConfiguration.this.mfaSimpleAuthenticatorFlowRegistry(), CasSimpleMultifactorAuthenticationConfiguration.this.applicationContext, CasSimpleMultifactorAuthenticationConfiguration.this.casProperties, MultifactorAuthenticationWebflowUtils.getMultifactorAuthenticationWebflowCustomizers(CasSimpleMultifactorAuthenticationConfiguration.this.applicationContext));
            casSimpleMultifactorTrustedDeviceWebflowConfigurer.setOrder(101);
            return casSimpleMultifactorTrustedDeviceWebflowConfigurer;
        }

        @ConditionalOnMissingBean(name = {"casSimpleMultifactorTrustWebflowExecutionPlanConfigurer"})
        @Bean
        public CasWebflowExecutionPlanConfigurer casSimpleMultifactorTrustWebflowExecutionPlanConfigurer() {
            return casWebflowExecutionPlan -> {
                casWebflowExecutionPlan.registerWebflowConfigurer(mfaSimpleMultifactorTrustWebflowConfigurer());
            };
        }
    }

    @Bean
    public FlowDefinitionRegistry mfaSimpleAuthenticatorFlowRegistry() {
        FlowDefinitionRegistryBuilder flowDefinitionRegistryBuilder = new FlowDefinitionRegistryBuilder(this.applicationContext, (FlowBuilderServices) this.flowBuilderServices.getObject());
        flowDefinitionRegistryBuilder.setBasePath("classpath*:/webflow");
        flowDefinitionRegistryBuilder.addFlowLocationPattern("/mfa-simple/*-webflow.xml");
        return flowDefinitionRegistryBuilder.build();
    }

    @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorWebflowConfigurer"})
    @DependsOn({"defaultWebflowConfigurer"})
    @Bean
    public CasWebflowConfigurer mfaSimpleMultifactorWebflowConfigurer() {
        CasSimpleMultifactorWebflowConfigurer casSimpleMultifactorWebflowConfigurer = new CasSimpleMultifactorWebflowConfigurer((FlowBuilderServices) this.flowBuilderServices.getObject(), (FlowDefinitionRegistry) this.loginFlowDefinitionRegistry.getObject(), mfaSimpleAuthenticatorFlowRegistry(), this.applicationContext, this.casProperties, MultifactorAuthenticationWebflowUtils.getMultifactorAuthenticationWebflowCustomizers(this.applicationContext));
        casSimpleMultifactorWebflowConfigurer.setOrder(WEBFLOW_CONFIGURER_ORDER);
        return casSimpleMultifactorWebflowConfigurer;
    }

    @ConditionalOnMissingBean(name = {"mfaSimpleCasWebflowExecutionPlanConfigurer"})
    @Bean
    public CasWebflowExecutionPlanConfigurer mfaSimpleCasWebflowExecutionPlanConfigurer() {
        return casWebflowExecutionPlan -> {
            casWebflowExecutionPlan.registerWebflowConfigurer(mfaSimpleMultifactorWebflowConfigurer());
        };
    }

    @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorSendTokenAction"})
    @RefreshScope
    @Bean
    public Action mfaSimpleMultifactorSendTokenAction() {
        CasSimpleMultifactorProperties simple = this.casProperties.getAuthn().getMfa().getSimple();
        if (((CommunicationsManager) Objects.requireNonNull((CommunicationsManager) this.communicationsManager.getObject())).validate()) {
            return new CasSimpleSendTokenAction((TicketRegistry) this.ticketRegistry.getObject(), (CommunicationsManager) this.communicationsManager.getObject(), casSimpleMultifactorAuthenticationTicketFactory(), simple);
        }
        throw new BeanCreationException("Unable to submit tokens since no communication strategy is defined");
    }

    @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationTicketExpirationPolicy"})
    @RefreshScope
    @Bean
    public ExpirationPolicyBuilder casSimpleMultifactorAuthenticationTicketExpirationPolicy() {
        return new CasSimpleMultifactorAuthenticationTicketExpirationPolicyBuilder(this.casProperties);
    }

    @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationUniqueTicketIdGenerator"})
    @RefreshScope
    @Bean
    public UniqueTicketIdGenerator casSimpleMultifactorAuthenticationUniqueTicketIdGenerator() {
        return new CasSimpleMultifactorAuthenticationUniqueTicketIdGenerator(this.casProperties.getAuthn().getMfa().getSimple().getTokenLength());
    }

    @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationTicketFactory"})
    @RefreshScope
    @Bean
    public CasSimpleMultifactorAuthenticationTicketFactory casSimpleMultifactorAuthenticationTicketFactory() {
        return new DefaultCasSimpleMultifactorAuthenticationTicketFactory(casSimpleMultifactorAuthenticationTicketExpirationPolicy(), casSimpleMultifactorAuthenticationUniqueTicketIdGenerator());
    }

    @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationTicketFactoryConfigurer"})
    @RefreshScope
    @Bean
    public TicketFactoryExecutionPlanConfigurer casSimpleMultifactorAuthenticationTicketFactoryConfigurer() {
        return this::casSimpleMultifactorAuthenticationTicketFactory;
    }
}
