package org.apereo.cas.config;

import org.apereo.cas.bucket4j.consumer.BucketConsumer;
import org.apereo.cas.bucket4j.consumer.DefaultBucketConsumer;
import org.apereo.cas.bucket4j.producer.BucketStore;
import org.apereo.cas.bucket4j.producer.InMemoryBucketStore;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.mfa.simple.CasSimpleMultifactorTokenCommunicationStrategy;
import org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationTicket;
import org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationTicketExpirationPolicyBuilder;
import org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationTicketFactory;
import org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationTicketImpl;
import org.apereo.cas.mfa.simple.ticket.CasSimpleMultifactorAuthenticationUniqueTicketIdGenerator;
import org.apereo.cas.mfa.simple.ticket.DefaultCasSimpleMultifactorAuthenticationTicketFactory;
import org.apereo.cas.mfa.simple.validation.CasSimpleMultifactorAuthenticationService;
import org.apereo.cas.mfa.simple.web.CasSimpleMultifactorAuthenticationEndpoint;
import org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorSendTokenAction;
import org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorUpdateEmailAction;
import org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorVerifyEmailAction;
import org.apereo.cas.multitenancy.TenantExtractor;
import org.apereo.cas.notifications.CommunicationsManager;
import org.apereo.cas.ticket.ExpirationPolicyBuilder;
import org.apereo.cas.ticket.TicketFactoryExecutionPlanConfigurer;
import org.apereo.cas.ticket.UniqueTicketIdGenerator;
import org.apereo.cas.ticket.serialization.TicketSerializationExecutionPlanConfigurer;
import org.apereo.cas.util.serialization.BaseJacksonSerializer;
import org.apereo.cas.util.spring.beans.BeanCondition;
import org.apereo.cas.util.spring.beans.BeanSupplier;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.apereo.cas.web.flow.CasWebflowConfigurer;
import org.apereo.cas.web.flow.CasWebflowExecutionPlanConfigurer;
import org.apereo.cas.web.flow.actions.WebflowActionBeanSupplier;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.actuate.autoconfigure.endpoint.condition.ConditionalOnAvailableEndpoint;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.webflow.execution.Action;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@EnableScheduling
@Configuration(value = "CasSimpleMultifactorAuthenticationConfiguration", proxyBeanMethods = false)
@ConditionalOnFeatureEnabled(feature = {CasFeatureModule.FeatureCatalog.SimpleMFA})
/* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration.class */
class CasSimpleMultifactorAuthenticationConfiguration {
    private static final BeanCondition CONDITION_BUCKET4J_ENABLED = BeanCondition.on("cas.authn.mfa.simple.bucket4j.enabled").isTrue();

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationActionConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationActionConfiguration.class */
    static class CasSimpleMultifactorAuthenticationActionConfiguration {
        CasSimpleMultifactorAuthenticationActionConfiguration() {
        }

        @ConditionalOnAvailableEndpoint
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasSimpleMultifactorAuthenticationEndpoint mfaSimpleMultifactorEndpoint(CasConfigurationProperties casConfigurationProperties, ConfigurableApplicationContext configurableApplicationContext) {
            return new CasSimpleMultifactorAuthenticationEndpoint(casConfigurationProperties, configurableApplicationContext);
        }

        @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorSendTokenAction"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action mfaSimpleMultifactorSendTokenAction(@Qualifier("tenantExtractor") TenantExtractor tenantExtractor, ConfigurableApplicationContext configurableApplicationContext, @Qualifier("casSimpleMultifactorAuthenticationService") CasSimpleMultifactorAuthenticationService casSimpleMultifactorAuthenticationService, @Qualifier("mfaSimpleMultifactorTokenCommunicationStrategy") CasSimpleMultifactorTokenCommunicationStrategy casSimpleMultifactorTokenCommunicationStrategy, CasConfigurationProperties casConfigurationProperties, @Qualifier("communicationsManager") CommunicationsManager communicationsManager, @Qualifier("mfaSimpleMultifactorBucketConsumer") BucketConsumer bucketConsumer) {
            return WebflowActionBeanSupplier.builder().withApplicationContext(configurableApplicationContext).withProperties(casConfigurationProperties).withAction(() -> {
                return new CasSimpleMultifactorSendTokenAction(communicationsManager, casSimpleMultifactorAuthenticationService, casConfigurationProperties.getAuthn().getMfa().getSimple(), casSimpleMultifactorTokenCommunicationStrategy, bucketConsumer, tenantExtractor);
            }).withId("mfaSimpleMultifactorSendTokenAction").build().get();
        }

        @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorUpdateEmailAction"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action mfaSimpleMultifactorUpdateEmailAction(ConfigurableApplicationContext configurableApplicationContext, @Qualifier("casSimpleMultifactorAuthenticationService") CasSimpleMultifactorAuthenticationService casSimpleMultifactorAuthenticationService, @Qualifier("mfaSimpleMultifactorTokenCommunicationStrategy") CasSimpleMultifactorTokenCommunicationStrategy casSimpleMultifactorTokenCommunicationStrategy, CasConfigurationProperties casConfigurationProperties, @Qualifier("communicationsManager") CommunicationsManager communicationsManager, @Qualifier("mfaSimpleMultifactorBucketConsumer") BucketConsumer bucketConsumer) {
            return WebflowActionBeanSupplier.builder().withApplicationContext(configurableApplicationContext).withProperties(casConfigurationProperties).withAction(() -> {
                return new CasSimpleMultifactorUpdateEmailAction(communicationsManager, casSimpleMultifactorAuthenticationService, casConfigurationProperties.getAuthn().getMfa().getSimple(), casSimpleMultifactorTokenCommunicationStrategy, bucketConsumer);
            }).withId("mfaSimpleMultifactorUpdateEmailAction").build().get();
        }

        @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorVerifyEmailAction"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action mfaSimpleMultifactorVerifyEmailAction(@Qualifier("tenantExtractor") TenantExtractor tenantExtractor, ConfigurableApplicationContext configurableApplicationContext, @Qualifier("casSimpleMultifactorAuthenticationService") CasSimpleMultifactorAuthenticationService casSimpleMultifactorAuthenticationService, @Qualifier("mfaSimpleMultifactorTokenCommunicationStrategy") CasSimpleMultifactorTokenCommunicationStrategy casSimpleMultifactorTokenCommunicationStrategy, CasConfigurationProperties casConfigurationProperties, @Qualifier("communicationsManager") CommunicationsManager communicationsManager, @Qualifier("mfaSimpleMultifactorBucketConsumer") BucketConsumer bucketConsumer) {
            return WebflowActionBeanSupplier.builder().withApplicationContext(configurableApplicationContext).withProperties(casConfigurationProperties).withAction(() -> {
                return new CasSimpleMultifactorVerifyEmailAction(communicationsManager, casSimpleMultifactorAuthenticationService, casConfigurationProperties.getAuthn().getMfa().getSimple(), casSimpleMultifactorTokenCommunicationStrategy, bucketConsumer, tenantExtractor);
            }).withId("mfaSimpleMultifactorVerifyEmailAction").build().get();
        }

        @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorBucketConsumer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public BucketConsumer mfaSimpleMultifactorBucketConsumer(ConfigurableApplicationContext configurableApplicationContext, @Qualifier("mfaSimpleMultifactorBucketStore") BucketStore bucketStore, CasConfigurationProperties casConfigurationProperties) {
            return (BucketConsumer) BeanSupplier.of(BucketConsumer.class).when(CasSimpleMultifactorAuthenticationConfiguration.CONDITION_BUCKET4J_ENABLED.given(configurableApplicationContext.getEnvironment())).supply(() -> {
                return new DefaultBucketConsumer(bucketStore, casConfigurationProperties.getAuthn().getMfa().getSimple().getBucket4j());
            }).otherwise(BucketConsumer::permitAll).get();
        }

        @ConditionalOnMissingBean(name = {"mfaSimpleMultifactorBucketStore"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public BucketStore mfaSimpleMultifactorBucketStore(ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties) {
            return (BucketStore) BeanSupplier.of(BucketStore.class).when(CasSimpleMultifactorAuthenticationConfiguration.CONDITION_BUCKET4J_ENABLED.given(configurableApplicationContext.getEnvironment())).supply(() -> {
                return new InMemoryBucketStore(casConfigurationProperties.getAuthn().getMfa().getSimple().getBucket4j());
            }).otherwiseProxy().get();
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationPlanConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationPlanConfiguration.class */
    static class CasSimpleMultifactorAuthenticationPlanConfiguration {
        CasSimpleMultifactorAuthenticationPlanConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"mfaSimpleCasWebflowExecutionPlanConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowExecutionPlanConfigurer mfaSimpleCasWebflowExecutionPlanConfigurer(@Qualifier("mfaSimpleMultifactorWebflowConfigurer") CasWebflowConfigurer casWebflowConfigurer) {
            return casWebflowExecutionPlan -> {
                casWebflowExecutionPlan.registerWebflowConfigurer(casWebflowConfigurer);
            };
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationTicketConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationTicketConfiguration.class */
    static class CasSimpleMultifactorAuthenticationTicketConfiguration {
        CasSimpleMultifactorAuthenticationTicketConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationTicketExpirationPolicy"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public ExpirationPolicyBuilder casSimpleMultifactorAuthenticationTicketExpirationPolicy(CasConfigurationProperties casConfigurationProperties) {
            return new CasSimpleMultifactorAuthenticationTicketExpirationPolicyBuilder(casConfigurationProperties);
        }

        @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationUniqueTicketIdGenerator"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public UniqueTicketIdGenerator casSimpleMultifactorAuthenticationUniqueTicketIdGenerator(CasConfigurationProperties casConfigurationProperties) {
            return new CasSimpleMultifactorAuthenticationUniqueTicketIdGenerator(casConfigurationProperties.getAuthn().getMfa().getSimple().getToken().getCore().getTokenLength());
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationTicketFactoryConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationTicketFactoryConfiguration.class */
    static class CasSimpleMultifactorAuthenticationTicketFactoryConfiguration {
        CasSimpleMultifactorAuthenticationTicketFactoryConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationTicketFactory"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasSimpleMultifactorAuthenticationTicketFactory casSimpleMultifactorAuthenticationTicketFactory(@Qualifier("casSimpleMultifactorAuthenticationUniqueTicketIdGenerator") UniqueTicketIdGenerator uniqueTicketIdGenerator, @Qualifier("casSimpleMultifactorAuthenticationTicketExpirationPolicy") ExpirationPolicyBuilder expirationPolicyBuilder) {
            return new DefaultCasSimpleMultifactorAuthenticationTicketFactory(expirationPolicyBuilder, uniqueTicketIdGenerator);
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationTicketFactoryPlanConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationTicketFactoryPlanConfiguration.class */
    static class CasSimpleMultifactorAuthenticationTicketFactoryPlanConfiguration {
        CasSimpleMultifactorAuthenticationTicketFactoryPlanConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"casSimpleMultifactorAuthenticationTicketFactoryConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public TicketFactoryExecutionPlanConfigurer casSimpleMultifactorAuthenticationTicketFactoryConfigurer(@Qualifier("casSimpleMultifactorAuthenticationTicketFactory") CasSimpleMultifactorAuthenticationTicketFactory casSimpleMultifactorAuthenticationTicketFactory) {
            return () -> {
                return casSimpleMultifactorAuthenticationTicketFactory;
            };
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasSimpleMultifactorAuthenticationTicketSerializationConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationTicketSerializationConfiguration.class */
    static class CasSimpleMultifactorAuthenticationTicketSerializationConfiguration {

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:org/apereo/cas/config/CasSimpleMultifactorAuthenticationConfiguration$CasSimpleMultifactorAuthenticationTicketSerializationConfiguration$CasSimpleMultifactorAuthenticationTicketStringSerializer.class */
        public static final class CasSimpleMultifactorAuthenticationTicketStringSerializer extends BaseJacksonSerializer<CasSimpleMultifactorAuthenticationTicketImpl> {
            private static final long serialVersionUID = -2198623586274810263L;

            CasSimpleMultifactorAuthenticationTicketStringSerializer(ConfigurableApplicationContext configurableApplicationContext) {
                super(MINIMAL_PRETTY_PRINTER, configurableApplicationContext, CasSimpleMultifactorAuthenticationTicketImpl.class);
            }
        }

        CasSimpleMultifactorAuthenticationTicketSerializationConfiguration() {
        }

        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public TicketSerializationExecutionPlanConfigurer casSimpleMultifactorAuthenticationTicketSerializationExecutionPlanConfigurer(ConfigurableApplicationContext configurableApplicationContext) {
            return ticketSerializationExecutionPlan -> {
                ticketSerializationExecutionPlan.registerTicketSerializer(new CasSimpleMultifactorAuthenticationTicketStringSerializer(configurableApplicationContext));
                ticketSerializationExecutionPlan.registerTicketSerializer(CasSimpleMultifactorAuthenticationTicket.class.getName(), new CasSimpleMultifactorAuthenticationTicketStringSerializer(configurableApplicationContext));
                ticketSerializationExecutionPlan.registerTicketSerializer("CASMFA", new CasSimpleMultifactorAuthenticationTicketStringSerializer(configurableApplicationContext));
            };
        }
    }

    CasSimpleMultifactorAuthenticationConfiguration() {
    }
}
