package org.apereo.cas.config;

import com.warrenstrange.googleauth.IGoogleAuthenticator;
import java.util.Set;
import javax.persistence.EntityManagerFactory;
import javax.sql.DataSource;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.jpa.JpaConfigurationContext;
import org.apereo.cas.configuration.support.JpaBeans;
import org.apereo.cas.gauth.credential.GoogleAuthenticatorAccount;
import org.apereo.cas.gauth.credential.JpaGoogleAuthenticatorTokenCredentialRepository;
import org.apereo.cas.gauth.token.GoogleAuthenticatorJpaTokenRepository;
import org.apereo.cas.gauth.token.JpaGoogleAuthenticatorToken;
import org.apereo.cas.jpa.JpaBeanFactory;
import org.apereo.cas.otp.repository.credentials.OneTimeTokenCredentialRepository;
import org.apereo.cas.otp.repository.token.OneTimeTokenRepository;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import org.springframework.orm.jpa.JpaTransactionManager;
import org.springframework.orm.jpa.JpaVendorAdapter;
import org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.transaction.PlatformTransactionManager;
import org.springframework.transaction.annotation.EnableTransactionManagement;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@EnableScheduling
@Configuration("googleAuthentiacatorJpaConfiguration")
@EnableTransactionManagement(proxyTargetClass = true)
/* loaded from: input_file:org/apereo/cas/config/GoogleAuthenticatorJpaConfiguration.class */
public class GoogleAuthenticatorJpaConfiguration {

    @Autowired
    @Qualifier("jpaBeanFactory")
    private ObjectProvider<JpaBeanFactory> jpaBeanFactory;

    @Autowired
    private CasConfigurationProperties casProperties;

    @RefreshScope
    @Bean
    public JpaVendorAdapter jpaGoogleAuthenticatorVendorAdapter() {
        return ((JpaBeanFactory) this.jpaBeanFactory.getObject()).newJpaVendorAdapter(this.casProperties.getJdbc());
    }

    @ConditionalOnMissingBean(name = {"dataSourceGoogleAuthenticator"})
    @RefreshScope
    @Bean
    public DataSource dataSourceGoogleAuthenticator() {
        return JpaBeans.newDataSource(this.casProperties.getAuthn().getMfa().getGauth().getJpa());
    }

    @ConditionalOnMissingBean(name = {"jpaPackagesToScanGoogleAuthenticator"})
    @Bean
    public Set<String> jpaPackagesToScanGoogleAuthenticator() {
        return CollectionUtils.wrapSet(new String[]{GoogleAuthenticatorAccount.class.getPackage().getName(), JpaGoogleAuthenticatorToken.class.getPackage().getName()});
    }

    @Lazy
    @Bean
    public LocalContainerEntityManagerFactoryBean googleAuthenticatorEntityManagerFactory() {
        return ((JpaBeanFactory) this.jpaBeanFactory.getObject()).newEntityManagerFactoryBean(JpaConfigurationContext.builder().jpaVendorAdapter(jpaGoogleAuthenticatorVendorAdapter()).persistenceUnitName("jpaGoogleAuthenticatorContext").dataSource(dataSourceGoogleAuthenticator()).packagesToScan(jpaPackagesToScanGoogleAuthenticator()).build(), this.casProperties.getAuthn().getMfa().getGauth().getJpa());
    }

    @ConditionalOnMissingBean(name = {"transactionManagerGoogleAuthenticator"})
    @Autowired
    @Bean
    public PlatformTransactionManager transactionManagerGoogleAuthenticator(@Qualifier("googleAuthenticatorEntityManagerFactory") EntityManagerFactory entityManagerFactory) {
        JpaTransactionManager jpaTransactionManager = new JpaTransactionManager();
        jpaTransactionManager.setEntityManagerFactory(entityManagerFactory);
        return jpaTransactionManager;
    }

    @ConditionalOnMissingBean(name = {"googleAuthenticatorAccountRegistry"})
    @Autowired
    @Bean
    public OneTimeTokenCredentialRepository googleAuthenticatorAccountRegistry(@Qualifier("googleAuthenticatorInstance") IGoogleAuthenticator iGoogleAuthenticator, @Qualifier("googleAuthenticatorAccountCipherExecutor") CipherExecutor cipherExecutor) {
        return new JpaGoogleAuthenticatorTokenCredentialRepository(cipherExecutor, iGoogleAuthenticator);
    }

    @Bean
    public OneTimeTokenRepository oneTimeTokenAuthenticatorTokenRepository() {
        return new GoogleAuthenticatorJpaTokenRepository(this.casProperties.getAuthn().getMfa().getGauth().getCore().getTimeStepSize());
    }
}
