package org.apereo.cas.config;

import org.apereo.cas.bucket4j.consumer.BucketConsumer;
import org.apereo.cas.bucket4j.consumer.DefaultBucketConsumer;
import org.apereo.cas.bucket4j.producer.BucketStore;
import org.apereo.cas.bucket4j.producer.InMemoryBucketStore;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.support.CasFeatureModule;
import org.apereo.cas.mfa.simple.CasSimpleMultifactorTokenCommunicationStrategy;
import org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationTicket;
import org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationTicketExpirationPolicyBuilder;
import org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationTicketFactory;
import org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationTicketImpl;
import org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationUniqueTicketIdGenerator;
import org.apereo.cas.mfa.simple.ticket.DefaultCasSimpleMultifactorAuthenticationTicketFactory;
import org.apereo.cas.mfa.simple.validation.CasSimpleMultifactorAuthenticationService;
import org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorSendTokenAction;
import org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorTrustedDeviceWebflowConfigurer;
import org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorWebflowConfigurer;
import org.apereo.cas.notifications.CommunicationsManager;
import org.apereo.cas.ticket.ExpirationPolicyBuilder;
import org.apereo.cas.ticket.TicketFactoryExecutionPlanConfigurer;
import org.apereo.cas.ticket.UniqueTicketIdGenerator;
import org.apereo.cas.ticket.serialization.TicketSerializationExecutionPlanConfigurer;
import org.apereo.cas.trusted.config.MultifactorAuthnTrustConfiguration;
import org.apereo.cas.util.serialization.AbstractJacksonBackedStringSerializer;
import org.apereo.cas.util.spring.beans.BeanCondition;
import org.apereo.cas.util.spring.beans.BeanSupplier;
import org.apereo.cas.util.spring.boot.ConditionalOnFeature;
import org.apereo.cas.web.flow.CasWebflowConfigurer;
import org.apereo.cas.web.flow.CasWebflowExecutionPlanConfigurer;
import org.apereo.cas.web.flow.actions.WebflowActionBeanSupplier;
import org.apereo.cas.web.flow.util.MultifactorAuthenticationWebflowUtils;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.webflow.config.FlowDefinitionRegistryBuilder;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.builder.FlowBuilder;
import org.springframework.webflow.engine.builder.support.FlowBuilderServices;
import org.springframework.webflow.execution.Action;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@EnableScheduling
@ConditionalOnFeature(feature = CasFeatureModule.FeatureCatalog.SimpleMFA)
@AutoConfiguration
/* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration.class */
public class CasSimpleMultifactorAuthenticationConfiguration {
    private static final int WEBFLOW_CONFIGURER_ORDER = 100;
    private static final BeanCondition CONDITION_BUCKET4J_ENABLED = BeanCondition.on("cas.authn.mfa.simple.bucket4j.enabled");

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationActionConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationActionConfiguration.class */
    public static class CasSimpleMultifactorAuthenticationActionConfiguration {
        @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorSendTokenAction"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action mfaSimpleMultifactorSendTokenAction(ConfigurableApplicationContext configurableApplicationContext, @Qualifier("casSimpleMultifactorAuthenticationService") CasSimpleMultifactorAuthenticationService casSimpleMultifactorAuthenticationService, @Qualifier("mfaSimpleMultifactorTokenCommunicationStrategy") CasSimpleMultifactorTokenCommunicationStrategy casSimpleMultifactorTokenCommunicationStrategy, CasConfigurationProperties casConfigurationProperties, @Qualifier("communicationsManager") CommunicationsManager communicationsManager, @Qualifier("mfaSimpleMultifactorBucketConsumer") BucketConsumer bucketConsumer) {
            return WebflowActionBeanSupplier.builder().withApplicationContext(configurableApplicationContext).withProperties(casConfigurationProperties).withAction(() -> {
                return new CasSimpleMultifactorSendTokenAction(communicationsManager, casSimpleMultifactorAuthenticationService, casConfigurationProperties.getAuthn().getMfa().getSimple(), casSimpleMultifactorTokenCommunicationStrategy, bucketConsumer);
            }).withId("mfaSimpleMultifactorSendTokenAction").build().get();
        }

        @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorBucketConsumer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public BucketConsumer mfaSimpleMultifactorBucketConsumer(ConfigurableApplicationContext configurableApplicationContext, @Qualifier("mfaSimpleMultifactorBucketStore") BucketStore bucketStore, CasConfigurationProperties casConfigurationProperties) {
            return (BucketConsumer) BeanSupplier.of(BucketConsumer.class).when(CasSimpleMultifactorAuthenticationConfiguration.CONDITION_BUCKET4J_ENABLED.given(configurableApplicationContext.getEnvironment())).supply(() -> {
                return new DefaultBucketConsumer(bucketStore, casConfigurationProperties.getAuthn().getMfa().getSimple().getBucket4j());
            }).otherwise(BucketConsumer::permitAll).get();
        }

        @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorBucketStore"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public BucketStore mfaSimpleMultifactorBucketStore(ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties) {
            return (BucketStore) BeanSupplier.of(BucketStore.class).when(CasSimpleMultifactorAuthenticationConfiguration.CONDITION_BUCKET4J_ENABLED.given(configurableApplicationContext.getEnvironment())).supply(() -> {
                return new InMemoryBucketStore(casConfigurationProperties.getAuthn().getMfa().getSimple().getBucket4j());
            }).otherwiseProxy().get();
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationBaseConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationBaseConfiguration.class */
    public static class CasSimpleMultifactorAuthenticationBaseConfiguration {
        @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorWebflowConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowConfigurer mfaSimpleMultifactorWebflowConfigurer(@Qualifier("mfaSimpleAuthenticatorFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry, @Qualifier("loginFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry2, @Qualifier("flowBuilderServices") FlowBuilderServices flowBuilderServices, CasConfigurationProperties casConfigurationProperties, ConfigurableApplicationContext configurableApplicationContext) {
            CasSimpleMultifactorWebflowConfigurer casSimpleMultifactorWebflowConfigurer = new CasSimpleMultifactorWebflowConfigurer(flowBuilderServices, flowDefinitionRegistry2, flowDefinitionRegistry, configurableApplicationContext, casConfigurationProperties, MultifactorAuthenticationWebflowUtils.getMultifactorAuthenticationWebflowCustomizers(configurableApplicationContext));
            casSimpleMultifactorWebflowConfigurer.setOrder(CasSimpleMultifactorAuthenticationConfiguration.WEBFLOW_CONFIGURER_ORDER);
            return casSimpleMultifactorWebflowConfigurer;
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationPlanConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationPlanConfiguration.class */
    public static class CasSimpleMultifactorAuthenticationPlanConfiguration {
        @ConditionalOnMissingBean(name = {"mfaSimpleCasWebflowExecutionPlanConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowExecutionPlanConfigurer mfaSimpleCasWebflowExecutionPlanConfigurer(@Qualifier("mfaSimpleMultifactorWebflowConfigurer") CasWebflowConfigurer casWebflowConfigurer) {
            return casWebflowExecutionPlan -> {
                casWebflowExecutionPlan.registerWebflowConfigurer(casWebflowConfigurer);
            };
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationTicketConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationTicketConfiguration.class */
    public static class CasSimpleMultifactorAuthenticationTicketConfiguration {
        @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationTicketExpirationPolicy"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public ExpirationPolicyBuilder casSimpleMultifactorAuthenticationTicketExpirationPolicy(CasConfigurationProperties casConfigurationProperties) {
            return new CasSimpleMultifactorAuthenticationTicketExpirationPolicyBuilder(casConfigurationProperties);
        }

        @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationUniqueTicketIdGenerator"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public UniqueTicketIdGenerator casSimpleMultifactorAuthenticationUniqueTicketIdGenerator(CasConfigurationProperties casConfigurationProperties) {
            return new CasSimpleMultifactorAuthenticationUniqueTicketIdGenerator(casConfigurationProperties.getAuthn().getMfa().getSimple().getToken().getCore().getTokenLength());
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationTicketFactoryConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationTicketFactoryConfiguration.class */
    public static class CasSimpleMultifactorAuthenticationTicketFactoryConfiguration {
        @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationTicketFactory"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasSimpleMultifactorAuthenticationTicketFactory casSimpleMultifactorAuthenticationTicketFactory(@Qualifier("casSimpleMultifactorAuthenticationUniqueTicketIdGenerator") UniqueTicketIdGenerator uniqueTicketIdGenerator, @Qualifier("casSimpleMultifactorAuthenticationTicketExpirationPolicy") ExpirationPolicyBuilder expirationPolicyBuilder) {
            return new DefaultCasSimpleMultifactorAuthenticationTicketFactory(expirationPolicyBuilder, uniqueTicketIdGenerator);
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationTicketFactoryPlanConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationTicketFactoryPlanConfiguration.class */
    public static class CasSimpleMultifactorAuthenticationTicketFactoryPlanConfiguration {
        @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationTicketFactoryConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public TicketFactoryExecutionPlanConfigurer casSimpleMultifactorAuthenticationTicketFactoryConfigurer(@Qualifier("casSimpleMultifactorAuthenticationTicketFactory") CasSimpleMultifactorAuthenticationTicketFactory casSimpleMultifactorAuthenticationTicketFactory) {
            return () -> {
                return casSimpleMultifactorAuthenticationTicketFactory;
            };
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationTicketSerializationConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationTicketSerializationConfiguration.class */
    public static class CasSimpleMultifactorAuthenticationTicketSerializationConfiguration {

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationTicketSerializationConfiguration$CasSimpleMultifactorAuthenticationTicketStringSerializer.class */
        public static class CasSimpleMultifactorAuthenticationTicketStringSerializer extends AbstractJacksonBackedStringSerializer<CasSimpleMultifactorAuthenticationTicketImpl> {
            private static final long serialVersionUID = -2198623586274810263L;

            private CasSimpleMultifactorAuthenticationTicketStringSerializer() {
            }

            public Class<CasSimpleMultifactorAuthenticationTicketImpl> getTypeToSerialize() {
                return CasSimpleMultifactorAuthenticationTicketImpl.class;
            }
        }

        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public TicketSerializationExecutionPlanConfigurer casSimpleMultifactorAuthenticationTicketSerializationExecutionPlanConfigurer() {
            return ticketSerializationExecutionPlan -> {
                ticketSerializationExecutionPlan.registerTicketSerializer(new CasSimpleMultifactorAuthenticationTicketStringSerializer());
                ticketSerializationExecutionPlan.registerTicketSerializer(CasSimpleMultifactorAuthenticationTicket.class.getName(), new CasSimpleMultifactorAuthenticationTicketStringSerializer());
            };
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationWebflowConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationWebflowConfiguration.class */
    public static class CasSimpleMultifactorAuthenticationWebflowConfiguration {
        @ConditionalOnMissingBean(name = {"mfaSimpleAuthenticatorFlowRegistry"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public FlowDefinitionRegistry mfaSimpleAuthenticatorFlowRegistry(@Qualifier("flowBuilder") FlowBuilder flowBuilder, @Qualifier("flowBuilderServices") FlowBuilderServices flowBuilderServices, ConfigurableApplicationContext configurableApplicationContext) {
            FlowDefinitionRegistryBuilder flowDefinitionRegistryBuilder = new FlowDefinitionRegistryBuilder(configurableApplicationContext, flowBuilderServices);
            flowDefinitionRegistryBuilder.addFlowBuilder(flowBuilder, "mfa-simple");
            return flowDefinitionRegistryBuilder.build();
        }

        @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorTokenCommunicationStrategy"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasSimpleMultifactorTokenCommunicationStrategy mfaSimpleMultifactorTokenCommunicationStrategy() {
            return CasSimpleMultifactorTokenCommunicationStrategy.all();
        }
    }

    @DependsOn({"casSimpleMultifactorAuthenticationTicketFactoryConfigurer"})
    @ConditionalOnClass({MultifactorAuthnTrustConfiguration.class})
    @Configuration(value = "CasSimpleMultifactorTrustConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorTrustConfiguration.class */
    public static class CasSimpleMultifactorTrustConfiguration {
        @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorTrustWebflowConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowConfigurer mfaSimpleMultifactorTrustWebflowConfigurer(@Qualifier("mfaSimpleAuthenticatorFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry, @Qualifier("loginFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry2, @Qualifier("flowBuilderServices") FlowBuilderServices flowBuilderServices, CasConfigurationProperties casConfigurationProperties, ConfigurableApplicationContext configurableApplicationContext) {
            CasSimpleMultifactorTrustedDeviceWebflowConfigurer casSimpleMultifactorTrustedDeviceWebflowConfigurer = new CasSimpleMultifactorTrustedDeviceWebflowConfigurer(flowBuilderServices, flowDefinitionRegistry2, flowDefinitionRegistry, configurableApplicationContext, casConfigurationProperties, MultifactorAuthenticationWebflowUtils.getMultifactorAuthenticationWebflowCustomizers(configurableApplicationContext));
            casSimpleMultifactorTrustedDeviceWebflowConfigurer.setOrder(101);
            return casSimpleMultifactorTrustedDeviceWebflowConfigurer;
        }

        @ConditionalOnMissingBean(name = {"casSimpleMultifactorTrustWebflowExecutionPlanConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowExecutionPlanConfigurer casSimpleMultifactorTrustWebflowExecutionPlanConfigurer(@Qualifier("mfaSimpleMultifactorTrustWebflowConfigurer") CasWebflowConfigurer casWebflowConfigurer) {
            return casWebflowExecutionPlan -> {
                casWebflowExecutionPlan.registerWebflowConfigurer(casWebflowConfigurer);
            };
        }
    }
}
