package org.apereo.cas.config.support.authentication;

import java.io.File;
import java.io.FileNotFoundException;
import lombok.Generated;
import net.phonefactor.pfsdk.PFAuth;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.adaptors.azure.AzureAuthenticatorAuthenticationHandler;
import org.apereo.cas.adaptors.azure.AzureAuthenticatorAuthenticationRequestBuilder;
import org.apereo.cas.adaptors.azure.AzureAuthenticatorMultifactorAuthenticationProvider;
import org.apereo.cas.adaptors.azure.web.flow.AzureAuthenticatorGenerateTokenAction;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.AuthenticationMetaDataPopulator;
import org.apereo.cas.authentication.MultifactorAuthenticationProviderBypass;
import org.apereo.cas.authentication.MultifactorAuthenticationUtils;
import org.apereo.cas.authentication.metadata.AuthenticationContextAttributeMetaDataPopulator;
import org.apereo.cas.authentication.principal.DefaultPrincipalFactory;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.mfa.AzureMultifactorProperties;
import org.apereo.cas.services.MultifactorAuthenticationProvider;
import org.apereo.cas.services.ServicesManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.webflow.execution.Action;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("azureAuthenticatorAuthenticationEventExecutionPlanConfiguration")
/* loaded from: input_file:org/apereo/cas/config/support/authentication/AzureAuthenticatorAuthenticationEventExecutionPlanConfiguration.class */
public class AzureAuthenticatorAuthenticationEventExecutionPlanConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(AzureAuthenticatorAuthenticationEventExecutionPlanConfiguration.class);

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @Bean
    public PFAuth azureAuthenticatorInstance() {
        AzureMultifactorProperties azure = this.casProperties.getAuthn().getMfa().getAzure();
        File file = new File(azure.getConfigDir());
        if (!file.exists() || !file.isDirectory()) {
            throw new FileNotFoundException(file.getAbsolutePath() + " does not exist or is not a directory");
        }
        PFAuth pFAuth = new PFAuth();
        pFAuth.setDebug(true);
        pFAuth.setAllowInternationalCalls(azure.isAllowInternationalCalls());
        pFAuth.initialize(StringUtils.appendIfMissing(azure.getConfigDir(), "/", new CharSequence[0]), azure.getPrivateKeyPassword());
        return pFAuth;
    }

    @Bean
    public AzureAuthenticatorAuthenticationRequestBuilder azureAuthenticationRequestBuilder() {
        AzureMultifactorProperties azure = this.casProperties.getAuthn().getMfa().getAzure();
        return new AzureAuthenticatorAuthenticationRequestBuilder(azure.getPhoneAttributeName(), azure.getMode());
    }

    @RefreshScope
    @Bean
    public AuthenticationHandler azureAuthenticatorAuthenticationHandler() {
        return new AzureAuthenticatorAuthenticationHandler(this.casProperties.getAuthn().getMfa().getAzure().getName(), this.servicesManager, azurePrincipalFactory(), azureAuthenticatorInstance(), azureAuthenticationRequestBuilder());
    }

    @RefreshScope
    @Bean
    public MultifactorAuthenticationProviderBypass azureBypassEvaluator() {
        return MultifactorAuthenticationUtils.newMultifactorAuthenticationProviderBypass(this.casProperties.getAuthn().getMfa().getAzure().getBypass());
    }

    @RefreshScope
    @Bean
    public MultifactorAuthenticationProvider azureAuthenticatorAuthenticationProvider() {
        AzureMultifactorProperties azure = this.casProperties.getAuthn().getMfa().getAzure();
        AzureAuthenticatorMultifactorAuthenticationProvider azureAuthenticatorMultifactorAuthenticationProvider = new AzureAuthenticatorMultifactorAuthenticationProvider();
        azureAuthenticatorMultifactorAuthenticationProvider.setBypassEvaluator(azureBypassEvaluator());
        azureAuthenticatorMultifactorAuthenticationProvider.setGlobalFailureMode(this.casProperties.getAuthn().getMfa().getGlobalFailureMode());
        azureAuthenticatorMultifactorAuthenticationProvider.setOrder(azure.getRank());
        azureAuthenticatorMultifactorAuthenticationProvider.setId(azure.getId());
        return azureAuthenticatorMultifactorAuthenticationProvider;
    }

    @RefreshScope
    @Bean
    public AuthenticationMetaDataPopulator azureAuthenticatorAuthenticationMetaDataPopulator() {
        return new AuthenticationContextAttributeMetaDataPopulator(this.casProperties.getAuthn().getMfa().getAuthenticationContextAttribute(), azureAuthenticatorAuthenticationHandler(), azureAuthenticatorAuthenticationProvider());
    }

    @RefreshScope
    @Bean
    public Action azureGenerateTokenAction() {
        return new AzureAuthenticatorGenerateTokenAction(this.casProperties.getAuthn().getMfa().getAzure().getMode());
    }

    @ConditionalOnMissingBean(name = {"azurePrincipalFactory"})
    @Bean
    public PrincipalFactory azurePrincipalFactory() {
        return new DefaultPrincipalFactory();
    }

    @ConditionalOnMissingBean(name = {"azureAuthenticatorAuthenticationEventExecutionPlanConfigurer"})
    @Bean
    public AuthenticationEventExecutionPlanConfigurer azureAuthenticatorAuthenticationEventExecutionPlanConfigurer() {
        return authenticationEventExecutionPlan -> {
            if (StringUtils.isNotBlank(this.casProperties.getAuthn().getMfa().getAzure().getConfigDir())) {
                authenticationEventExecutionPlan.registerAuthenticationHandler(azureAuthenticatorAuthenticationHandler());
                authenticationEventExecutionPlan.registerMetadataPopulator(azureAuthenticatorAuthenticationMetaDataPopulator());
            }
        };
    }
}
