package org.apereo.cas.config;

import com.okta.sdk.client.Client;
import java.util.List;
import java.util.Objects;
import org.apereo.cas.authentication.attribute.SimpleUsernameAttributeProvider;
import org.apereo.cas.authentication.principal.attribute.PersonAttributeDao;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.configuration.model.support.okta.OktaPrincipalAttributesProperties;
import org.apereo.cas.okta.OktaConfigurationFactory;
import org.apereo.cas.okta.OktaPersonAttributeDao;
import org.apereo.cas.persondir.PersonDirectoryAttributeRepositoryPlanConfigurer;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.function.FunctionUtils;
import org.apereo.cas.util.spring.beans.BeanCondition;
import org.apereo.cas.util.spring.beans.BeanContainer;
import org.apereo.cas.util.spring.beans.BeanSupplier;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration(value = "OktaPersonDirectoryConfiguration", proxyBeanMethods = false)
@ConditionalOnFeatureEnabled(feature = {CasFeatureModule.FeatureCatalog.PersonDirectory}, module = "okta")
/* loaded from: input_file:org/apereo/cas/config/OktaPersonDirectoryConfiguration.class */
class OktaPersonDirectoryConfiguration {
    private static final BeanCondition CONDITION = BeanCondition.on("cas.authn.attribute-repository.okta.organization-url");

    OktaPersonDirectoryConfiguration() {
    }

    @ConditionalOnMissingBean(name = {"oktaPersonDirectoryClient"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public Client oktaPersonDirectoryClient(ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties) {
        return (Client) BeanSupplier.of(Client.class).when(CONDITION.given(configurableApplicationContext.getEnvironment())).supply(() -> {
            return OktaConfigurationFactory.buildClient(casConfigurationProperties.getAuthn().getAttributeRepository().getOkta());
        }).otherwiseProxy().get();
    }

    @ConditionalOnMissingBean(name = {"oktaPersonAttributeDaos"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public BeanContainer<PersonAttributeDao> oktaPersonAttributeDaos(ConfigurableApplicationContext configurableApplicationContext, @Qualifier("oktaPersonDirectoryClient") Client client, CasConfigurationProperties casConfigurationProperties) {
        return (BeanContainer) BeanSupplier.of(BeanContainer.class).when(CONDITION.given(configurableApplicationContext.getEnvironment())).supply(() -> {
            OktaPrincipalAttributesProperties okta = casConfigurationProperties.getAuthn().getAttributeRepository().getOkta();
            OktaPersonAttributeDao oktaPersonAttributeDao = new OktaPersonAttributeDao(client);
            oktaPersonAttributeDao.setUsernameAttributeProvider(new SimpleUsernameAttributeProvider(okta.getUsernameAttribute()));
            oktaPersonAttributeDao.setOrder(okta.getOrder());
            FunctionUtils.doIfNotNull(okta.getId(), str -> {
                oktaPersonAttributeDao.setId(new String[]{str});
            });
            return BeanContainer.of(CollectionUtils.wrapList(new OktaPersonAttributeDao[]{oktaPersonAttributeDao}));
        }).otherwise(BeanContainer::empty).get();
    }

    @ConditionalOnMissingBean(name = {"oktaAttributeRepositoryPlanConfigurer"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public PersonDirectoryAttributeRepositoryPlanConfigurer oktaAttributeRepositoryPlanConfigurer(ConfigurableApplicationContext configurableApplicationContext, @Qualifier("oktaPersonAttributeDaos") BeanContainer<PersonAttributeDao> beanContainer) {
        return (PersonDirectoryAttributeRepositoryPlanConfigurer) BeanSupplier.of(PersonDirectoryAttributeRepositoryPlanConfigurer.class).when(CONDITION.given(configurableApplicationContext.getEnvironment())).supply(() -> {
            return personDirectoryAttributeRepositoryPlan -> {
                List list = beanContainer.toList();
                Objects.requireNonNull(personDirectoryAttributeRepositoryPlan);
                list.forEach(personDirectoryAttributeRepositoryPlan::registerAttributeRepository);
            };
        }).otherwiseProxy().get();
    }
}
