package net.unicon.cas.mfa.web.flow;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.annotation.PostConstruct;
import net.sf.json.util.JSONUtils;
import net.unicon.cas.mfa.authentication.principal.MultiFactorCredentials;
import net.unicon.cas.mfa.web.flow.util.MultiFactorRequestContextUtils;
import net.unicon.cas.mfa.web.support.MultiFactorAuthenticationSupportingWebApplicationService;
import net.unicon.cas.mfa.web.support.UnrecognizedAuthenticationMethodException;
import org.apache.commons.lang.ArrayUtils;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver;
import org.jasig.services.persondir.IPersonAttributeDao;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.binding.convert.ConversionExecutor;
import org.springframework.binding.convert.service.RuntimeBindingConversionExecutor;
import org.springframework.binding.expression.EvaluationException;
import org.springframework.binding.expression.Expression;
import org.springframework.binding.expression.ExpressionParser;
import org.springframework.binding.expression.support.AbstractGetValueExpression;
import org.springframework.binding.expression.support.FluentParserContext;
import org.springframework.binding.expression.support.LiteralExpression;
import org.springframework.binding.mapping.Mapper;
import org.springframework.binding.mapping.impl.DefaultMapper;
import org.springframework.binding.mapping.impl.DefaultMapping;
import org.springframework.stereotype.Component;
import org.springframework.util.ClassUtils;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.webflow.action.EvaluateAction;
import org.springframework.webflow.action.ViewFactoryActionAdapter;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.ActionState;
import org.springframework.webflow.engine.DecisionState;
import org.springframework.webflow.engine.EndState;
import org.springframework.webflow.engine.Flow;
import org.springframework.webflow.engine.SubflowAttributeMapper;
import org.springframework.webflow.engine.SubflowState;
import org.springframework.webflow.engine.TargetStateResolver;
import org.springframework.webflow.engine.Transition;
import org.springframework.webflow.engine.TransitionableState;
import org.springframework.webflow.engine.builder.support.FlowBuilderServices;
import org.springframework.webflow.engine.support.DefaultTargetStateResolver;
import org.springframework.webflow.engine.support.DefaultTransitionCriteria;
import org.springframework.webflow.engine.support.GenericSubflowAttributeMapper;
import org.springframework.webflow.engine.support.TransitionExecutingFlowExecutionExceptionHandler;
import org.springframework.webflow.execution.Action;

@Component
/* loaded from: input_file:WEB-INF/lib/cas-mfa-java-1.0.0-RC10.jar:net/unicon/cas/mfa/web/flow/CasMultiFactorWebflowConfigurer.class */
public class CasMultiFactorWebflowConfigurer implements InitializingBean {
    private static final Logger LOGGER = LoggerFactory.getLogger(CasMultiFactorWebflowConfigurer.class);
    private static final String FLOW_ID_LOGIN = "login";
    private static final String STATE_DEFINITION_ID_TGT_EXISTS_CHECK = "ticketGrantingTicketExistsCheck";
    private static final String STATE_DEFINITION_ID_REAL_SUBMIT = "realSubmit";
    private static final String STATE_DEFINITION_ID_SERVICE_CHECK = "serviceCheck";
    private static final String UNKNOWN_PRINCIPAL_ERROR_EVENT_ID = "unknownPrincipalError";
    private static final String MFA_UNRECOGNIZED_AUTHN_METHOD_ERROR_EVENT_ID = "mfaUnrecognizedAuthnMethodError";
    private static final String MFA_SUCCESS_EVENT_ID = "mfaSuccess";
    private static final String SEND_TICKET_GRANTING_TICKET_EVENT_ID = "sendTicketGrantingTicket";

    @Autowired
    private FlowBuilderServices flowBuilderServices;

    @Autowired
    private FlowDefinitionRegistry flowDefinitionRegistry;

    @Autowired
    private WebApplicationContext context;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/cas-mfa-java-1.0.0-RC10.jar:net/unicon/cas/mfa/web/flow/CasMultiFactorWebflowConfigurer$BasicSubflowExpression.class */
    public class BasicSubflowExpression extends AbstractGetValueExpression {
        private final String subflowId;

        BasicSubflowExpression(String str) {
            this.subflowId = str;
        }

        @Override // org.springframework.binding.expression.support.AbstractGetValueExpression, org.springframework.binding.expression.Expression
        public Object getValue(Object obj) throws EvaluationException {
            return CasMultiFactorWebflowConfigurer.this.flowDefinitionRegistry.getFlowDefinition(this.subflowId);
        }
    }

    @Override // org.springframework.beans.factory.InitializingBean
    @PostConstruct
    public void afterPropertiesSet() throws Exception {
        try {
            String[] strArr = (String[]) ArrayUtils.removeElement(this.flowDefinitionRegistry.getFlowDefinitionIds(), FLOW_ID_LOGIN);
            LOGGER.debug("Detected {} flow configurations: [{}]", Integer.valueOf(strArr.length), Arrays.toString(strArr));
            LOGGER.debug("Configuring webflow for multifactor authentication...");
            setupWebflow(strArr);
            LOGGER.debug("Configured webflow for multifactor authentication.");
            LOGGER.debug("Registering default credentials-to-principal resolver...");
            registerDefaultCredentialsToPrincipalResolver();
            LOGGER.debug("Registered default credentials-to-principal resolver.");
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), (Throwable) e);
        }
    }

    protected void registerDefaultCredentialsToPrincipalResolver() {
        List list = (List) this.context.getBean("mfaCredentialsToPrincipalResolvers", List.class);
        UsernamePasswordCredentialsToPrincipalResolver usernamePasswordCredentialsToPrincipalResolver = new UsernamePasswordCredentialsToPrincipalResolver();
        usernamePasswordCredentialsToPrincipalResolver.setAttributeRepository((IPersonAttributeDao) this.context.getBean("attributeRepository", IPersonAttributeDao.class));
        list.add(usernamePasswordCredentialsToPrincipalResolver);
    }

    protected void setupWebflow(String[] strArr) {
        try {
            LOGGER.debug("Starting to configure webflow...");
            Flow flow = (Flow) this.flowDefinitionRegistry.getFlowDefinition(FLOW_ID_LOGIN);
            LOGGER.debug("Retrieved flow id {} from flow definition registry", flow.getId());
            addTicketGrantingTicketExistsCheck(flow, strArr);
            addMultiFactorOutcomeTransitionsToSubmissionActionState(flow, strArr);
            addMultiFactorViewEndStates(flow);
            addMultiFactorGlobalTransitionsForExceptionHandling(flow);
            addOnEntryActionToServiceCheckState(flow);
            createMultiFactorSubflowStateDefinitions(flow, strArr);
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), (Throwable) e);
        }
    }

    protected void addMultiFactorGlobalTransitionsForExceptionHandling(Flow flow) {
        addGlobalTransitionIfExceptionIsThrown(flow, STATE_DEFINITION_ID_TGT_EXISTS_CHECK, NoAuthenticationContextAvailable.class);
        addGlobalTransitionIfExceptionIsThrown(flow, "viewMfaUnrecognizedAuthnMethodErrorView", UnrecognizedAuthenticationMethodException.class);
    }

    protected void addGlobalTransitionIfExceptionIsThrown(Flow flow, String str, Class<?> cls) {
        try {
            TransitionExecutingFlowExecutionExceptionHandler transitionExecutingFlowExecutionExceptionHandler = new TransitionExecutingFlowExecutionExceptionHandler();
            transitionExecutingFlowExecutionExceptionHandler.add(cls, (TargetStateResolver) fromStringTo(TargetStateResolver.class).execute(str));
            LOGGER.debug("Added transition {} to execute on the occurrence of {}", str, cls.getName());
            flow.getExceptionHandlerSet().add(transitionExecutingFlowExecutionExceptionHandler);
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), (Throwable) e);
        }
    }

    private ConversionExecutor fromStringTo(Class cls) {
        return this.flowBuilderServices.getConversionService().getConversionExecutor(String.class, cls);
    }

    private Class toClass(String str) {
        Class classForAlias = this.flowBuilderServices.getConversionService().getClassForAlias(str);
        if (classForAlias != null) {
            return classForAlias;
        }
        try {
            return ClassUtils.forName(str, this.flowBuilderServices.getApplicationContext().getClassLoader());
        } catch (ClassNotFoundException unused) {
            throw new IllegalArgumentException("Unable to load class '" + str + JSONUtils.SINGLE_QUOTE);
        }
    }

    protected void addMultiFactorOutcomeTransitionsToSubmissionActionState(Flow flow, String[] strArr) {
        ActionState actionState = (ActionState) flow.getState(STATE_DEFINITION_ID_REAL_SUBMIT);
        LOGGER.debug("Retrieved action state {}", actionState.getId());
        actionState.getActionList().remove(actionState.getActionList().get(0));
        actionState.getActionList().add(createEvaluateAction("initiatingAuthenticationViaFormAction"));
        LOGGER.debug("Set action {} for action state {}", actionState.getId());
        for (String str : strArr) {
            addTransitionToActionState(actionState, str, str);
        }
    }

    protected void addOnEntryActionToServiceCheckState(Flow flow) {
        DecisionState decisionState = (DecisionState) flow.getState(STATE_DEFINITION_ID_SERVICE_CHECK);
        decisionState.getEntryActionList().add(createEvaluateAction("removeHostnameServiceInContextAction"));
        LOGGER.debug("Set on-entry action for decision state {}", decisionState.getId());
    }

    protected EvaluateAction createEvaluateAction(String str) {
        Expression parseExpression = this.flowBuilderServices.getExpressionParser().parseExpression(str, new FluentParserContext());
        EvaluateAction evaluateAction = new EvaluateAction(parseExpression, null);
        LOGGER.debug("Created evaluate action for expression", parseExpression.getExpressionString());
        return evaluateAction;
    }

    protected void addMultiFactorViewEndStates(Flow flow) {
        addEndStateBackedByView(flow, "viewMfaUnrecognizedAuthnMethodErrorView", "casMfaUnrecognizedAuthnMethodErrorView");
        addEndStateBackedByView(flow, "viewUnknownPrincipalErrorView", "casUnknownPrincipalErrorView");
    }

    protected void addTicketGrantingTicketExistsCheck(Flow flow, String[] strArr) {
        try {
            ActionState actionState = new ActionState(flow, "mfaTicketGrantingTicketExistsCheck");
            LOGGER.debug("Created action state {}", actionState.getId());
            actionState.getActionList().add(createEvaluateAction("validateInitialMfaRequestAction"));
            LOGGER.debug("Added action to the action state {} list of actions: {}", actionState.getId(), actionState.getActionList());
            for (String str : strArr) {
                addTransitionToActionState(actionState, str, str);
            }
            TransitionableState transitionableState = (TransitionableState) TransitionableState.class.cast(flow.getStartState());
            LOGGER.debug("Mapping the transition [{}] of state [{}] to the existing start state [{}]", ValidateInitialMultiFactorAuthenticationRequestAction.EVENT_ID_REQUIRE_TGT, actionState.getId(), transitionableState.getId());
            addTransitionToActionState(actionState, ValidateInitialMultiFactorAuthenticationRequestAction.EVENT_ID_REQUIRE_TGT, transitionableState.getId());
            if (!STATE_DEFINITION_ID_TGT_EXISTS_CHECK.equals(transitionableState.getId())) {
                LOGGER.debug("Found a custom existing start state [{}]. Will add a default transition to [{}] so the flow can resume normally.", STATE_DEFINITION_ID_TGT_EXISTS_CHECK, transitionableState.getId());
                addDefaultTransitionToState(transitionableState, STATE_DEFINITION_ID_TGT_EXISTS_CHECK);
            }
            flow.setStartState(actionState);
            LOGGER.debug("Replaced flow {} start state with {}", flow.getId(), flow.getStartState().getId());
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), (Throwable) e);
        }
    }

    protected void addDefaultTransitionToState(TransitionableState transitionableState, String str) {
        if (transitionableState == null) {
            LOGGER.debug("Cant add default transition of [{}] to the given state is null and cannot be found in the flow.", str);
        } else {
            transitionableState.getTransitionSet().add(createTransition(str));
        }
    }

    protected void addTransitionToActionState(ActionState actionState, String str, String str2) {
        try {
            Transition createTransition = createTransition(str, str2);
            actionState.getTransitionSet().add(createTransition);
            LOGGER.debug("Added transition {} to the action state {}", createTransition.getId(), actionState.getId());
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), (Throwable) e);
        }
    }

    protected Transition createTransition(String str, String str2) {
        return new Transition(new DefaultTransitionCriteria(new LiteralExpression(str)), new DefaultTargetStateResolver(str2));
    }

    protected Transition createTransition(String str) {
        return new Transition(new DefaultTargetStateResolver(str));
    }

    protected void addEndStateBackedByView(Flow flow, String str, String str2) {
        try {
            new EndState(flow, str).setFinalResponseAction(new ViewFactoryActionAdapter(this.flowBuilderServices.getViewFactoryCreator().createViewFactory(new LiteralExpression(str2), this.flowBuilderServices.getExpressionParser(), this.flowBuilderServices.getConversionService(), null, this.flowBuilderServices.getValidator())));
            LOGGER.debug("Created end state state {} on flow id {}, backed by view {}", str, flow.getId(), str2);
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), (Throwable) e);
        }
    }

    protected void createMultiFactorSubflowStateDefinitions(Flow flow, String[] strArr) {
        createMultiFactorSubflowStateDefinitionsByAuthenticationMethod(flow, strArr);
    }

    protected void createMultiFactorParentSubflowStateDefinitions(Flow flow, String str) {
        SubflowState createSubflowState = createSubflowState(flow, str, str, createEvaluateAction("generateMfaCredentialsAction"));
        ArrayList arrayList = new ArrayList();
        arrayList.add(createMappingToSubflowState(MultiFactorRequestContextUtils.CAS_MFA_CREDENTIALS_ATTR_NAME, "flowScope.mfaCredentials", true, MultiFactorCredentials.class));
        arrayList.add(createMappingToSubflowState("mfaService", "flowScope.service", true, MultiFactorAuthenticationSupportingWebApplicationService.class));
        createSubflowState.setAttributeMapper(createSubflowAttributeMapper(createMapperToSubflowState(arrayList), null));
        createSubflowState.getTransitionSet().add(createTransition(MFA_SUCCESS_EVENT_ID, SEND_TICKET_GRANTING_TICKET_EVENT_ID));
        createSubflowState.getTransitionSet().add(createTransition(UNKNOWN_PRINCIPAL_ERROR_EVENT_ID, "viewUnknownPrincipalErrorView"));
        createSubflowState.getTransitionSet().add(createTransition(MFA_UNRECOGNIZED_AUTHN_METHOD_ERROR_EVENT_ID, "viewMfaUnrecognizedAuthnMethodErrorView"));
    }

    protected void createMultiFactorSubflowStateDefinitionsByAuthenticationMethod(Flow flow, String[] strArr) {
        for (String str : strArr) {
            createMultiFactorParentSubflowStateDefinitions(flow, str);
        }
    }

    protected SubflowState createSubflowState(Flow flow, String str, String str2, Action action) {
        SubflowState subflowState = new SubflowState(flow, str, new BasicSubflowExpression(str2));
        if (action != null) {
            subflowState.getEntryActionList().add(action);
        }
        return subflowState;
    }

    protected Mapper createMapperToSubflowState(List<DefaultMapping> list) {
        DefaultMapper defaultMapper = new DefaultMapper();
        Iterator<DefaultMapping> it = list.iterator();
        while (it.hasNext()) {
            defaultMapper.addMapping(it.next());
        }
        return defaultMapper;
    }

    protected DefaultMapping createMappingToSubflowState(String str, String str2, boolean z, Class cls) {
        ExpressionParser expressionParser = this.flowBuilderServices.getExpressionParser();
        DefaultMapping defaultMapping = new DefaultMapping(expressionParser.parseExpression(str2, new FluentParserContext()), expressionParser.parseExpression(str, new FluentParserContext()));
        defaultMapping.setRequired(z);
        defaultMapping.setTypeConverter(new RuntimeBindingConversionExecutor(cls, this.flowBuilderServices.getConversionService()));
        return defaultMapping;
    }

    protected SubflowAttributeMapper createSubflowAttributeMapper(Mapper mapper, Mapper mapper2) {
        return new GenericSubflowAttributeMapper(mapper, mapper2);
    }
}
