package org.apereo.cas.config;

import lombok.Generated;
import org.apereo.cas.authentication.surrogate.SurrogateAuthenticationService;
import org.apereo.cas.authentication.surrogate.SurrogateLdapAuthenticationService;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.configuration.model.support.surrogate.SurrogateAuthenticationProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.util.LdapUtils;
import org.apereo.cas.util.spring.beans.BeanCondition;
import org.apereo.cas.util.spring.beans.BeanSupplier;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.ldaptive.ConnectionFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ScopedProxyMode;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@AutoConfiguration
@ConditionalOnFeatureEnabled(feature = CasFeatureModule.FeatureCatalog.SurrogateAuthentication, module = "ldap")
/* loaded from: input_file:org/apereo/cas/config/SurrogateLdapAuthenticationConfiguration.class */
public class SurrogateLdapAuthenticationConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(SurrogateLdapAuthenticationConfiguration.class);
    private static final BeanCondition CONDITION = BeanCondition.on("cas.authn.surrogate.ldap.ldap-url");

    @ConditionalOnMissingBean(name = {"surrogateLdapConnectionFactory"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public ConnectionFactory surrogateLdapConnectionFactory(ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties) throws Exception {
        return (ConnectionFactory) BeanSupplier.of(ConnectionFactory.class).when(CONDITION.given(configurableApplicationContext.getEnvironment())).supply(() -> {
            return LdapUtils.newLdaptiveConnectionFactory(casConfigurationProperties.getAuthn().getSurrogate().getLdap());
        }).otherwiseProxy().get();
    }

    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public SurrogateAuthenticationService surrogateAuthenticationService(ConfigurableApplicationContext configurableApplicationContext, @Qualifier("servicesManager") ServicesManager servicesManager, @Qualifier("surrogateLdapConnectionFactory") ConnectionFactory connectionFactory, CasConfigurationProperties casConfigurationProperties) throws Exception {
        return (SurrogateAuthenticationService) BeanSupplier.of(SurrogateAuthenticationService.class).when(CONDITION.given(configurableApplicationContext.getEnvironment())).supply(() -> {
            SurrogateAuthenticationProperties surrogate = casConfigurationProperties.getAuthn().getSurrogate();
            LOGGER.debug("Using LDAP [{}] with baseDn [{}] to locate surrogate accounts", surrogate.getLdap().getLdapUrl(), surrogate.getLdap().getBaseDn());
            return new SurrogateLdapAuthenticationService(connectionFactory, surrogate.getLdap(), servicesManager);
        }).otherwiseProxy().get();
    }
}
