package org.apereo.cas.config;

import java.util.Objects;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandlerResolver;
import org.apereo.cas.authentication.AuthenticationPolicyResolver;
import org.apereo.cas.authentication.AuthenticationResultBuilderFactory;
import org.apereo.cas.authentication.AuthenticationServiceSelectionPlan;
import org.apereo.cas.authentication.AuthenticationSystemSupport;
import org.apereo.cas.authentication.AuthenticationTransactionFactory;
import org.apereo.cas.authentication.AuthenticationTransactionManager;
import org.apereo.cas.authentication.DefaultAuthenticationSystemSupport;
import org.apereo.cas.authentication.GroovyAuthenticationPostProcessor;
import org.apereo.cas.authentication.GroovyAuthenticationPreProcessor;
import org.apereo.cas.authentication.PrincipalElectionStrategy;
import org.apereo.cas.authentication.handler.ByCredentialSourceAuthenticationHandlerResolver;
import org.apereo.cas.authentication.handler.GroovyAuthenticationHandlerResolver;
import org.apereo.cas.authentication.handler.RegisteredServiceAuthenticationHandlerResolver;
import org.apereo.cas.authentication.policy.RegisteredServiceAuthenticationPolicyResolver;
import org.apereo.cas.authentication.principal.PrincipalAttributesRepositoryCache;
import org.apereo.cas.authentication.principal.cache.DefaultPrincipalAttributesRepositoryCache;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.core.authentication.AuthenticationEngineProperties;
import org.apereo.cas.configuration.model.core.authentication.GroovyAuthenticationHandlerResolutionProperties;
import org.apereo.cas.services.ServicesManager;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.core.io.Resource;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration(value = "CasCoreAuthenticationSupportConfiguration", proxyBeanMethods = false)
@AutoConfigureAfter({CasCoreServicesConfiguration.class})
/* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-6.5.4.jar:org/apereo/cas/config/CasCoreAuthenticationSupportConfiguration.class */
public class CasCoreAuthenticationSupportConfiguration {

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCoreAuthenticationExecutionPlanConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-6.5.4.jar:org/apereo/cas/config/CasCoreAuthenticationSupportConfiguration$CasCoreAuthenticationExecutionPlanConfiguration.class */
    public static class CasCoreAuthenticationExecutionPlanConfiguration {
        @ConditionalOnMissingBean(name = {"authenticationHandlerResolversExecutionPlanConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public AuthenticationEventExecutionPlanConfigurer authenticationHandlerResolversExecutionPlanConfigurer(@Qualifier("byCredentialSourceAuthenticationHandlerResolver") ObjectProvider<AuthenticationHandlerResolver> objectProvider, @Qualifier("registeredServiceAuthenticationHandlerResolver") AuthenticationHandlerResolver authenticationHandlerResolver, @Qualifier("registeredServiceAuthenticationPolicyResolver") AuthenticationPolicyResolver authenticationPolicyResolver, @Qualifier("groovyAuthenticationHandlerResolver") ObjectProvider<AuthenticationHandlerResolver> objectProvider2) {
            return authenticationEventExecutionPlan -> {
                Objects.requireNonNull(authenticationEventExecutionPlan);
                objectProvider.ifAvailable(authenticationEventExecutionPlan::registerAuthenticationHandlerResolver);
                authenticationEventExecutionPlan.registerAuthenticationHandlerResolver(authenticationHandlerResolver);
                authenticationEventExecutionPlan.registerAuthenticationPolicyResolver(authenticationPolicyResolver);
                Objects.requireNonNull(authenticationEventExecutionPlan);
                objectProvider2.ifAvailable(authenticationEventExecutionPlan::registerAuthenticationHandlerResolver);
            };
        }

        @ConditionalOnMissingBean(name = {"groovyAuthenticationProcessorExecutionPlanConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public AuthenticationEventExecutionPlanConfigurer groovyAuthenticationProcessorExecutionPlanConfigurer(CasConfigurationProperties casConfigurationProperties) {
            return authenticationEventExecutionPlan -> {
                AuthenticationEngineProperties engine = casConfigurationProperties.getAuthn().getCore().getEngine();
                Resource location = engine.getGroovyPreProcessor().getLocation();
                if (location != null) {
                    authenticationEventExecutionPlan.registerAuthenticationPreProcessor(new GroovyAuthenticationPreProcessor(location));
                }
                Resource location2 = engine.getGroovyPostProcessor().getLocation();
                if (location2 != null) {
                    authenticationEventExecutionPlan.registerAuthenticationPostProcessor(new GroovyAuthenticationPostProcessor(location2));
                }
            };
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCoreAuthenticationHandlerResolverConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-6.5.4.jar:org/apereo/cas/config/CasCoreAuthenticationSupportConfiguration$CasCoreAuthenticationHandlerResolverConfiguration.class */
    public static class CasCoreAuthenticationHandlerResolverConfiguration {
        @ConditionalOnMissingBean(name = {"registeredServiceAuthenticationHandlerResolver"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public AuthenticationHandlerResolver registeredServiceAuthenticationHandlerResolver(CasConfigurationProperties casConfigurationProperties, @Qualifier("servicesManager") ServicesManager servicesManager, @Qualifier("authenticationServiceSelectionPlan") AuthenticationServiceSelectionPlan authenticationServiceSelectionPlan) {
            RegisteredServiceAuthenticationHandlerResolver registeredServiceAuthenticationHandlerResolver = new RegisteredServiceAuthenticationHandlerResolver(servicesManager, authenticationServiceSelectionPlan);
            registeredServiceAuthenticationHandlerResolver.setOrder(casConfigurationProperties.getAuthn().getCore().getServiceAuthenticationResolution().getOrder());
            return registeredServiceAuthenticationHandlerResolver;
        }

        @ConditionalOnMissingBean(name = {"groovyAuthenticationHandlerResolver"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @ConditionalOnProperty(name = {"cas.authn.core.groovy-authentication-resolution.location"})
        @Bean
        public AuthenticationHandlerResolver groovyAuthenticationHandlerResolver(CasConfigurationProperties casConfigurationProperties, @Qualifier("servicesManager") ServicesManager servicesManager) {
            GroovyAuthenticationHandlerResolutionProperties groovyAuthenticationResolution = casConfigurationProperties.getAuthn().getCore().getGroovyAuthenticationResolution();
            return new GroovyAuthenticationHandlerResolver(groovyAuthenticationResolution.getLocation(), servicesManager, groovyAuthenticationResolution.getOrder());
        }

        @ConditionalOnMissingBean(name = {"byCredentialSourceAuthenticationHandlerResolver"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @ConditionalOnProperty(prefix = "cas.authn.policy", name = {"source-selection-enabled"}, havingValue = "true")
        @Bean
        public AuthenticationHandlerResolver byCredentialSourceAuthenticationHandlerResolver() {
            return new ByCredentialSourceAuthenticationHandlerResolver();
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCoreAuthenticationPolicyResolverConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-6.5.4.jar:org/apereo/cas/config/CasCoreAuthenticationSupportConfiguration$CasCoreAuthenticationPolicyResolverConfiguration.class */
    public static class CasCoreAuthenticationPolicyResolverConfiguration {
        @ConditionalOnMissingBean(name = {"registeredServiceAuthenticationPolicyResolver"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public AuthenticationPolicyResolver registeredServiceAuthenticationPolicyResolver(@Qualifier("servicesManager") ServicesManager servicesManager, @Qualifier("authenticationServiceSelectionPlan") AuthenticationServiceSelectionPlan authenticationServiceSelectionPlan) {
            return new RegisteredServiceAuthenticationPolicyResolver(servicesManager, authenticationServiceSelectionPlan);
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCoreAuthenticationPrincipalCacheConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-6.5.4.jar:org/apereo/cas/config/CasCoreAuthenticationSupportConfiguration$CasCoreAuthenticationPrincipalCacheConfiguration.class */
    public static class CasCoreAuthenticationPrincipalCacheConfiguration {
        @ConditionalOnMissingBean(name = {PrincipalAttributesRepositoryCache.DEFAULT_BEAN_NAME})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public PrincipalAttributesRepositoryCache principalAttributesRepositoryCache() {
            return new DefaultPrincipalAttributesRepositoryCache();
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCoreAuthenticationSupportBaseConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-6.5.4.jar:org/apereo/cas/config/CasCoreAuthenticationSupportConfiguration$CasCoreAuthenticationSupportBaseConfiguration.class */
    public static class CasCoreAuthenticationSupportBaseConfiguration {
        @ConditionalOnMissingBean(name = {AuthenticationSystemSupport.BEAN_NAME})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public AuthenticationSystemSupport defaultAuthenticationSystemSupport(@Qualifier("authenticationTransactionManager") AuthenticationTransactionManager authenticationTransactionManager, @Qualifier("principalElectionStrategy") PrincipalElectionStrategy principalElectionStrategy, @Qualifier("authenticationResultBuilderFactory") AuthenticationResultBuilderFactory authenticationResultBuilderFactory, @Qualifier("authenticationTransactionFactory") AuthenticationTransactionFactory authenticationTransactionFactory) {
            return new DefaultAuthenticationSystemSupport(authenticationTransactionManager, principalElectionStrategy, authenticationResultBuilderFactory, authenticationTransactionFactory);
        }
    }
}
