package org.apereo.cas.config;

import org.apereo.cas.CentralAuthenticationService;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.AuthenticationMetaDataPopulator;
import org.apereo.cas.authentication.MultifactorAuthenticationFailureModeEvaluator;
import org.apereo.cas.authentication.MultifactorAuthenticationProvider;
import org.apereo.cas.authentication.bypass.MultifactorAuthenticationProviderBypassEvaluator;
import org.apereo.cas.authentication.handler.ByCredentialTypeAuthenticationHandlerResolver;
import org.apereo.cas.authentication.metadata.AuthenticationContextAttributeMetaDataPopulator;
import org.apereo.cas.authentication.metadata.MultifactorAuthenticationProviderMetadataPopulator;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.principal.PrincipalFactoryUtils;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.mfa.simple.CasSimpleMultifactorAuthenticationProperties;
import org.apereo.cas.configuration.support.CasFeatureModule;
import org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationHandler;
import org.apereo.cas.mfa.simple.CasSimpleMultifactorAuthenticationProvider;
import org.apereo.cas.mfa.simple.CasSimpleMultifactorTokenCredential;
import org.apereo.cas.mfa.simple.validation.CasSimpleMultifactorAuthenticationService;
import org.apereo.cas.mfa.simple.validation.DefaultCasSimpleMultifactorAuthenticationService;
import org.apereo.cas.mfa.simple.validation.RestfulCasSimpleMultifactorAuthenticationService;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.ticket.TicketFactory;
import org.apereo.cas.util.spring.beans.BeanCondition;
import org.apereo.cas.util.spring.beans.BeanSupplier;
import org.apereo.cas.util.spring.boot.ConditionalOnFeature;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ScopedProxyMode;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@ConditionalOnFeature(feature = CasFeatureModule.FeatureCatalog.SimpleMFA)
@AutoConfiguration
/* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationEventExecutionPlanConfiguration.class */
public class CasSimpleMultifactorAuthenticationEventExecutionPlanConfiguration {
    @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationService"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public CasSimpleMultifactorAuthenticationService casSimpleMultifactorAuthenticationService(ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties, @Qualifier("defaultTicketFactory") TicketFactory ticketFactory, @Qualifier("centralAuthenticationService") CentralAuthenticationService centralAuthenticationService) {
        CasSimpleMultifactorAuthenticationProperties simple = casConfigurationProperties.getAuthn().getMfa().getSimple();
        return (CasSimpleMultifactorAuthenticationService) BeanSupplier.of(CasSimpleMultifactorAuthenticationService.class).when(BeanCondition.on("cas.authn.mfa.simple.token.rest.url").isUrl().given(configurableApplicationContext.getEnvironment())).supply(() -> {
            return new RestfulCasSimpleMultifactorAuthenticationService(simple.getToken().getRest(), ticketFactory);
        }).otherwise(() -> {
            return new DefaultCasSimpleMultifactorAuthenticationService(centralAuthenticationService, ticketFactory);
        }).get();
    }

    @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationHandler"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public AuthenticationHandler casSimpleMultifactorAuthenticationHandler(@Qualifier("casSimpleMultifactorAuthenticationProvider") ObjectProvider<MultifactorAuthenticationProvider> objectProvider, @Qualifier("casSimpleMultifactorPrincipalFactory") PrincipalFactory principalFactory, @Qualifier("servicesManager") ServicesManager servicesManager, @Qualifier("casSimpleMultifactorAuthenticationService") CasSimpleMultifactorAuthenticationService casSimpleMultifactorAuthenticationService, CasConfigurationProperties casConfigurationProperties) {
        return new CasSimpleMultifactorAuthenticationHandler(casConfigurationProperties.getAuthn().getMfa().getSimple(), servicesManager, principalFactory, casSimpleMultifactorAuthenticationService, objectProvider);
    }

    @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationProvider"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public MultifactorAuthenticationProvider casSimpleMultifactorAuthenticationProvider(@Qualifier("casSimpleMultifactorBypassEvaluator") MultifactorAuthenticationProviderBypassEvaluator multifactorAuthenticationProviderBypassEvaluator, @Qualifier("failureModeEvaluator") MultifactorAuthenticationFailureModeEvaluator multifactorAuthenticationFailureModeEvaluator, CasConfigurationProperties casConfigurationProperties) {
        CasSimpleMultifactorAuthenticationProperties simple = casConfigurationProperties.getAuthn().getMfa().getSimple();
        CasSimpleMultifactorAuthenticationProvider casSimpleMultifactorAuthenticationProvider = new CasSimpleMultifactorAuthenticationProvider();
        casSimpleMultifactorAuthenticationProvider.setBypassEvaluator(multifactorAuthenticationProviderBypassEvaluator);
        casSimpleMultifactorAuthenticationProvider.setFailureMode(simple.getFailureMode());
        casSimpleMultifactorAuthenticationProvider.setFailureModeEvaluator(multifactorAuthenticationFailureModeEvaluator);
        casSimpleMultifactorAuthenticationProvider.setOrder(simple.getRank());
        casSimpleMultifactorAuthenticationProvider.setId(simple.getId());
        return casSimpleMultifactorAuthenticationProvider;
    }

    @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationMetaDataPopulator"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public AuthenticationMetaDataPopulator casSimpleMultifactorAuthenticationMetaDataPopulator(@Qualifier("casSimpleMultifactorAuthenticationProvider") MultifactorAuthenticationProvider multifactorAuthenticationProvider, @Qualifier("casSimpleMultifactorAuthenticationHandler") AuthenticationHandler authenticationHandler, CasConfigurationProperties casConfigurationProperties) {
        return new AuthenticationContextAttributeMetaDataPopulator(casConfigurationProperties.getAuthn().getMfa().getCore().getAuthenticationContextAttribute(), authenticationHandler, multifactorAuthenticationProvider.getId());
    }

    @ConditionalOnMissingBean(name = {"casSimpleMultifactorProviderAuthenticationMetadataPopulator"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public AuthenticationMetaDataPopulator casSimpleMultifactorProviderAuthenticationMetadataPopulator(@Qualifier("servicesManager") ServicesManager servicesManager, CasConfigurationProperties casConfigurationProperties, @Qualifier("casSimpleMultifactorAuthenticationProvider") ObjectProvider<MultifactorAuthenticationProvider> objectProvider) {
        return new MultifactorAuthenticationProviderMetadataPopulator(casConfigurationProperties.getAuthn().getMfa().getCore().getAuthenticationContextAttribute(), objectProvider, servicesManager);
    }

    @ConditionalOnMissingBean(name = {"casSimpleMultifactorPrincipalFactory"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public PrincipalFactory casSimpleMultifactorPrincipalFactory() {
        return PrincipalFactoryUtils.newPrincipalFactory();
    }

    @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationEventExecutionPlanConfigurer"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public AuthenticationEventExecutionPlanConfigurer casSimpleMultifactorAuthenticationEventExecutionPlanConfigurer(@Qualifier("casSimpleMultifactorProviderAuthenticationMetadataPopulator") AuthenticationMetaDataPopulator authenticationMetaDataPopulator, @Qualifier("casSimpleMultifactorAuthenticationHandler") AuthenticationHandler authenticationHandler, @Qualifier("casSimpleMultifactorAuthenticationMetaDataPopulator") AuthenticationMetaDataPopulator authenticationMetaDataPopulator2) {
        return authenticationEventExecutionPlan -> {
            authenticationEventExecutionPlan.registerAuthenticationHandler(authenticationHandler);
            authenticationEventExecutionPlan.registerAuthenticationMetadataPopulator(authenticationMetaDataPopulator2);
            authenticationEventExecutionPlan.registerAuthenticationMetadataPopulator(authenticationMetaDataPopulator);
            authenticationEventExecutionPlan.registerAuthenticationHandlerResolver(new ByCredentialTypeAuthenticationHandlerResolver(new Class[]{CasSimpleMultifactorTokenCredential.class}));
        };
    }
}
