package org.apereo.cas.web.flow.config;

import org.apereo.cas.CentralAuthenticationService;
import org.apereo.cas.CipherExecutor;
import org.apereo.cas.authentication.AuthenticationContextValidator;
import org.apereo.cas.authentication.AuthenticationSystemSupport;
import org.apereo.cas.authentication.adaptive.geo.GeoLocationService;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.MultifactorAuthenticationProviderSelector;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.ticket.registry.TicketRegistrySupport;
import org.apereo.cas.util.cipher.WebflowConversationStateCipherExecutor;
import org.apereo.cas.web.flow.CheckWebAuthenticationRequestAction;
import org.apereo.cas.web.flow.ClearWebflowCredentialAction;
import org.apereo.cas.web.flow.authentication.FirstMultifactorAuthenticationProviderSelector;
import org.apereo.cas.web.flow.resolver.CasDelegatingWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.CasWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.AdaptiveMultifactorAuthenticationWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.GlobalAuthenticationPolicyWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.PrincipalAttributeAuthenticationPolicyWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.RankedAuthenticationProviderWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.RegisteredServiceAuthenticationPolicyWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.RegisteredServicePrincipalAttributeAuthenticationPolicyWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.RequestParameterAuthenticationPolicyWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.RestEndpointAuthenticationPolicyWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.SelectiveAuthenticationProviderWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.ServiceTicketRequestWebflowEventResolver;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.util.CookieGenerator;
import org.springframework.webflow.execution.Action;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("casCoreWebflowConfiguration")
/* loaded from: input_file:WEB-INF/lib/cas-server-core-webflow-5.0.0.jar:org/apereo/cas/web/flow/config/CasCoreWebflowConfiguration.class */
public class CasCoreWebflowConfiguration {

    @Autowired(required = false)
    @Qualifier("geoLocationService")
    private GeoLocationService geoLocationService;

    @Autowired
    @Qualifier("authenticationContextValidator")
    private AuthenticationContextValidator authenticationContextValidator;

    @Autowired
    @Qualifier("centralAuthenticationService")
    private CentralAuthenticationService centralAuthenticationService;

    @Autowired
    @Qualifier("defaultAuthenticationSystemSupport")
    private AuthenticationSystemSupport authenticationSystemSupport;

    @Autowired
    @Qualifier("defaultTicketRegistrySupport")
    private TicketRegistrySupport ticketRegistrySupport;

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @Autowired
    @Qualifier("warnCookieGenerator")
    private CookieGenerator warnCookieGenerator;

    @Autowired
    private CasConfigurationProperties casProperties;

    @ConditionalOnMissingBean(name = {"adaptiveAuthenticationPolicyWebflowEventResolver"})
    @Autowired
    @RefreshScope
    @Bean
    public CasWebflowEventResolver adaptiveAuthenticationPolicyWebflowEventResolver(@Qualifier("multifactorAuthenticationProviderSelector") MultifactorAuthenticationProviderSelector multifactorAuthenticationProviderSelector) {
        AdaptiveMultifactorAuthenticationWebflowEventResolver adaptiveMultifactorAuthenticationWebflowEventResolver = new AdaptiveMultifactorAuthenticationWebflowEventResolver();
        configureResolver(adaptiveMultifactorAuthenticationWebflowEventResolver, multifactorAuthenticationProviderSelector);
        adaptiveMultifactorAuthenticationWebflowEventResolver.setGeoLocationService(this.geoLocationService);
        return adaptiveMultifactorAuthenticationWebflowEventResolver;
    }

    @ConditionalOnMissingBean(name = {"principalAttributeAuthenticationPolicyWebflowEventResolver"})
    @RefreshScope
    @Bean
    public CasWebflowEventResolver principalAttributeAuthenticationPolicyWebflowEventResolver(@Qualifier("multifactorAuthenticationProviderSelector") MultifactorAuthenticationProviderSelector multifactorAuthenticationProviderSelector) {
        PrincipalAttributeAuthenticationPolicyWebflowEventResolver principalAttributeAuthenticationPolicyWebflowEventResolver = new PrincipalAttributeAuthenticationPolicyWebflowEventResolver();
        configureResolver(principalAttributeAuthenticationPolicyWebflowEventResolver, multifactorAuthenticationProviderSelector);
        return principalAttributeAuthenticationPolicyWebflowEventResolver;
    }

    @ConditionalOnMissingBean(name = {"multifactorAuthenticationProviderSelector"})
    @RefreshScope
    @Bean
    public MultifactorAuthenticationProviderSelector multifactorAuthenticationProviderSelector() {
        return new FirstMultifactorAuthenticationProviderSelector();
    }

    @ConditionalOnMissingBean(name = {"initialAuthenticationAttemptWebflowEventResolver"})
    @Autowired
    @RefreshScope
    @Bean
    public CasDelegatingWebflowEventResolver initialAuthenticationAttemptWebflowEventResolver(@Qualifier("multifactorAuthenticationProviderSelector") MultifactorAuthenticationProviderSelector multifactorAuthenticationProviderSelector) {
        InitialAuthenticationAttemptWebflowEventResolver initialAuthenticationAttemptWebflowEventResolver = new InitialAuthenticationAttemptWebflowEventResolver();
        initialAuthenticationAttemptWebflowEventResolver.addDelegate(adaptiveAuthenticationPolicyWebflowEventResolver(multifactorAuthenticationProviderSelector));
        initialAuthenticationAttemptWebflowEventResolver.addDelegate(globalAuthenticationPolicyWebflowEventResolver(multifactorAuthenticationProviderSelector));
        initialAuthenticationAttemptWebflowEventResolver.addDelegate(requestParameterAuthenticationPolicyWebflowEventResolver(multifactorAuthenticationProviderSelector));
        initialAuthenticationAttemptWebflowEventResolver.addDelegate(restEndpointAuthenticationPolicyWebflowEventResolver(multifactorAuthenticationProviderSelector));
        initialAuthenticationAttemptWebflowEventResolver.addDelegate(registeredServicePrincipalAttributeAuthenticationPolicyWebflowEventResolver(multifactorAuthenticationProviderSelector));
        initialAuthenticationAttemptWebflowEventResolver.addDelegate(principalAttributeAuthenticationPolicyWebflowEventResolver(multifactorAuthenticationProviderSelector));
        initialAuthenticationAttemptWebflowEventResolver.addDelegate(registeredServiceAuthenticationPolicyWebflowEventResolver(multifactorAuthenticationProviderSelector));
        initialAuthenticationAttemptWebflowEventResolver.setSelectiveResolver(selectiveAuthenticationProviderWebflowEventResolver(multifactorAuthenticationProviderSelector));
        configureResolver(initialAuthenticationAttemptWebflowEventResolver, multifactorAuthenticationProviderSelector);
        return initialAuthenticationAttemptWebflowEventResolver;
    }

    @ConditionalOnMissingBean(name = {"restEndpointAuthenticationPolicyWebflowEventResolver"})
    @Autowired
    @RefreshScope
    @Bean
    public CasWebflowEventResolver restEndpointAuthenticationPolicyWebflowEventResolver(@Qualifier("multifactorAuthenticationProviderSelector") MultifactorAuthenticationProviderSelector multifactorAuthenticationProviderSelector) {
        RestEndpointAuthenticationPolicyWebflowEventResolver restEndpointAuthenticationPolicyWebflowEventResolver = new RestEndpointAuthenticationPolicyWebflowEventResolver();
        configureResolver(restEndpointAuthenticationPolicyWebflowEventResolver, multifactorAuthenticationProviderSelector);
        return restEndpointAuthenticationPolicyWebflowEventResolver;
    }

    @ConditionalOnMissingBean(name = {"serviceTicketRequestWebflowEventResolver"})
    @Autowired
    @RefreshScope
    @Bean
    public CasWebflowEventResolver serviceTicketRequestWebflowEventResolver(@Qualifier("multifactorAuthenticationProviderSelector") MultifactorAuthenticationProviderSelector multifactorAuthenticationProviderSelector) {
        ServiceTicketRequestWebflowEventResolver serviceTicketRequestWebflowEventResolver = new ServiceTicketRequestWebflowEventResolver();
        configureResolver(serviceTicketRequestWebflowEventResolver, multifactorAuthenticationProviderSelector);
        return serviceTicketRequestWebflowEventResolver;
    }

    @ConditionalOnMissingBean(name = {"globalAuthenticationPolicyWebflowEventResolver"})
    @Autowired
    @RefreshScope
    @Bean
    public CasWebflowEventResolver globalAuthenticationPolicyWebflowEventResolver(@Qualifier("multifactorAuthenticationProviderSelector") MultifactorAuthenticationProviderSelector multifactorAuthenticationProviderSelector) {
        GlobalAuthenticationPolicyWebflowEventResolver globalAuthenticationPolicyWebflowEventResolver = new GlobalAuthenticationPolicyWebflowEventResolver();
        configureResolver(globalAuthenticationPolicyWebflowEventResolver, multifactorAuthenticationProviderSelector);
        return globalAuthenticationPolicyWebflowEventResolver;
    }

    @ConditionalOnMissingBean(name = {"selectiveAuthenticationProviderWebflowEventResolver"})
    @Autowired
    @RefreshScope
    @Bean
    public CasWebflowEventResolver selectiveAuthenticationProviderWebflowEventResolver(@Qualifier("multifactorAuthenticationProviderSelector") MultifactorAuthenticationProviderSelector multifactorAuthenticationProviderSelector) {
        SelectiveAuthenticationProviderWebflowEventResolver selectiveAuthenticationProviderWebflowEventResolver = new SelectiveAuthenticationProviderWebflowEventResolver();
        configureResolver(selectiveAuthenticationProviderWebflowEventResolver, multifactorAuthenticationProviderSelector);
        return selectiveAuthenticationProviderWebflowEventResolver;
    }

    @ConditionalOnMissingBean(name = {"requestParameterAuthenticationPolicyWebflowEventResolver"})
    @Autowired
    @RefreshScope
    @Bean
    public CasWebflowEventResolver requestParameterAuthenticationPolicyWebflowEventResolver(@Qualifier("multifactorAuthenticationProviderSelector") MultifactorAuthenticationProviderSelector multifactorAuthenticationProviderSelector) {
        RequestParameterAuthenticationPolicyWebflowEventResolver requestParameterAuthenticationPolicyWebflowEventResolver = new RequestParameterAuthenticationPolicyWebflowEventResolver();
        configureResolver(requestParameterAuthenticationPolicyWebflowEventResolver, multifactorAuthenticationProviderSelector);
        return requestParameterAuthenticationPolicyWebflowEventResolver;
    }

    @ConditionalOnMissingBean(name = {"registeredServicePrincipalAttributeAuthenticationPolicyWebflowEventResolver"})
    @Autowired
    @RefreshScope
    @Bean
    public CasWebflowEventResolver registeredServicePrincipalAttributeAuthenticationPolicyWebflowEventResolver(@Qualifier("multifactorAuthenticationProviderSelector") MultifactorAuthenticationProviderSelector multifactorAuthenticationProviderSelector) {
        RegisteredServicePrincipalAttributeAuthenticationPolicyWebflowEventResolver registeredServicePrincipalAttributeAuthenticationPolicyWebflowEventResolver = new RegisteredServicePrincipalAttributeAuthenticationPolicyWebflowEventResolver();
        configureResolver(registeredServicePrincipalAttributeAuthenticationPolicyWebflowEventResolver, multifactorAuthenticationProviderSelector);
        return registeredServicePrincipalAttributeAuthenticationPolicyWebflowEventResolver;
    }

    @ConditionalOnMissingBean(name = {"registeredServiceAuthenticationPolicyWebflowEventResolver"})
    @Autowired
    @RefreshScope
    @Bean
    public CasWebflowEventResolver registeredServiceAuthenticationPolicyWebflowEventResolver(@Qualifier("multifactorAuthenticationProviderSelector") MultifactorAuthenticationProviderSelector multifactorAuthenticationProviderSelector) {
        RegisteredServiceAuthenticationPolicyWebflowEventResolver registeredServiceAuthenticationPolicyWebflowEventResolver = new RegisteredServiceAuthenticationPolicyWebflowEventResolver();
        configureResolver(registeredServiceAuthenticationPolicyWebflowEventResolver, multifactorAuthenticationProviderSelector);
        return registeredServiceAuthenticationPolicyWebflowEventResolver;
    }

    @ConditionalOnMissingBean(name = {"rankedAuthenticationProviderWebflowEventResolver"})
    @Autowired
    @RefreshScope
    @Bean
    public CasWebflowEventResolver rankedAuthenticationProviderWebflowEventResolver(@Qualifier("multifactorAuthenticationProviderSelector") MultifactorAuthenticationProviderSelector multifactorAuthenticationProviderSelector) {
        RankedAuthenticationProviderWebflowEventResolver rankedAuthenticationProviderWebflowEventResolver = new RankedAuthenticationProviderWebflowEventResolver();
        rankedAuthenticationProviderWebflowEventResolver.setAuthenticationContextValidator(this.authenticationContextValidator);
        rankedAuthenticationProviderWebflowEventResolver.setInitialAuthenticationAttemptWebflowEventResolver(initialAuthenticationAttemptWebflowEventResolver(multifactorAuthenticationProviderSelector));
        configureResolver(rankedAuthenticationProviderWebflowEventResolver, multifactorAuthenticationProviderSelector);
        return rankedAuthenticationProviderWebflowEventResolver;
    }

    @RefreshScope
    @Bean
    public CipherExecutor<byte[], byte[]> webflowCipherExecutor() {
        return new WebflowConversationStateCipherExecutor(this.casProperties.getWebflow().getEncryption().getKey(), this.casProperties.getWebflow().getSigning().getKey(), this.casProperties.getWebflow().getAlg(), this.casProperties.getWebflow().getSigning().getKeySize(), this.casProperties.getWebflow().getEncryption().getKeySize());
    }

    @Bean
    public Action clearWebflowCredentialsAction() {
        return new ClearWebflowCredentialAction();
    }

    @Bean
    public Action checkWebAuthenticationRequestAction() {
        CheckWebAuthenticationRequestAction checkWebAuthenticationRequestAction = new CheckWebAuthenticationRequestAction();
        checkWebAuthenticationRequestAction.setContentType(this.casProperties.getAuthn().getMfa().getContentType());
        return checkWebAuthenticationRequestAction;
    }

    private void configureResolver(AbstractCasWebflowEventResolver abstractCasWebflowEventResolver, MultifactorAuthenticationProviderSelector multifactorAuthenticationProviderSelector) {
        abstractCasWebflowEventResolver.setAuthenticationSystemSupport(this.authenticationSystemSupport);
        abstractCasWebflowEventResolver.setCentralAuthenticationService(this.centralAuthenticationService);
        abstractCasWebflowEventResolver.setMultifactorAuthenticationProviderSelector(multifactorAuthenticationProviderSelector);
        abstractCasWebflowEventResolver.setServicesManager(this.servicesManager);
        abstractCasWebflowEventResolver.setTicketRegistrySupport(this.ticketRegistrySupport);
        abstractCasWebflowEventResolver.setWarnCookieGenerator(this.warnCookieGenerator);
    }
}
