package org.apereo.cas.config;

import com.warrenstrange.googleauth.IGoogleAuthenticator;
import javax.persistence.EntityManagerFactory;
import javax.sql.DataSource;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.configuration.model.support.jpa.JpaConfigurationContext;
import org.apereo.cas.configuration.support.JpaBeans;
import org.apereo.cas.gauth.credential.GoogleAuthenticatorAccount;
import org.apereo.cas.gauth.credential.JpaGoogleAuthenticatorTokenCredentialRepository;
import org.apereo.cas.gauth.token.GoogleAuthenticatorJpaTokenRepository;
import org.apereo.cas.gauth.token.JpaGoogleAuthenticatorToken;
import org.apereo.cas.jpa.JpaBeanFactory;
import org.apereo.cas.otp.repository.credentials.OneTimeTokenCredentialRepository;
import org.apereo.cas.otp.repository.token.OneTimeTokenRepository;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.apereo.cas.util.spring.beans.BeanContainer;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.springframework.beans.factory.FactoryBean;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.orm.jpa.JpaTransactionManager;
import org.springframework.orm.jpa.JpaVendorAdapter;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.transaction.PlatformTransactionManager;
import org.springframework.transaction.annotation.EnableTransactionManagement;
import org.springframework.transaction.support.TransactionTemplate;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@EnableScheduling
@EnableTransactionManagement(proxyTargetClass = false)
@AutoConfiguration
@ConditionalOnFeatureEnabled(feature = CasFeatureModule.FeatureCatalog.GoogleAuthenticator, module = "jpa")
/* loaded from: input_file:org/apereo/cas/config/GoogleAuthenticatorJpaConfiguration.class */
public class GoogleAuthenticatorJpaConfiguration {

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "GoogleAuthenticatorJpaDataConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/GoogleAuthenticatorJpaConfiguration$GoogleAuthenticatorJpaDataConfiguration.class */
    public static class GoogleAuthenticatorJpaDataConfiguration {
        @ConditionalOnMissingBean(name = {"dataSourceGoogleAuthenticator"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public DataSource dataSourceGoogleAuthenticator(CasConfigurationProperties casConfigurationProperties) {
            return JpaBeans.newDataSource(casConfigurationProperties.getAuthn().getMfa().getGauth().getJpa());
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "GoogleAuthenticatorJpaEntityConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/GoogleAuthenticatorJpaConfiguration$GoogleAuthenticatorJpaEntityConfiguration.class */
    public static class GoogleAuthenticatorJpaEntityConfiguration {
        @ConditionalOnMissingBean(name = {"jpaPackagesToScanGoogleAuthenticator"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public BeanContainer<String> jpaPackagesToScanGoogleAuthenticator() {
            return BeanContainer.of(CollectionUtils.wrapSet(new String[]{GoogleAuthenticatorAccount.class.getPackage().getName(), JpaGoogleAuthenticatorToken.class.getPackage().getName()}));
        }

        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public JpaVendorAdapter jpaGoogleAuthenticatorVendorAdapter(CasConfigurationProperties casConfigurationProperties, @Qualifier("jpaBeanFactory") JpaBeanFactory jpaBeanFactory) {
            return jpaBeanFactory.newJpaVendorAdapter(casConfigurationProperties.getJdbc());
        }

        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public FactoryBean<EntityManagerFactory> googleAuthenticatorEntityManagerFactory(CasConfigurationProperties casConfigurationProperties, @Qualifier("jpaGoogleAuthenticatorVendorAdapter") JpaVendorAdapter jpaVendorAdapter, @Qualifier("dataSourceGoogleAuthenticator") DataSource dataSource, @Qualifier("jpaPackagesToScanGoogleAuthenticator") BeanContainer<String> beanContainer, @Qualifier("jpaBeanFactory") JpaBeanFactory jpaBeanFactory) throws Exception {
            return jpaBeanFactory.newEntityManagerFactoryBean(JpaConfigurationContext.builder().jpaVendorAdapter(jpaVendorAdapter).persistenceUnitName("jpaGoogleAuthenticatorContext").dataSource(dataSource).packagesToScan(beanContainer.toSet()).build(), casConfigurationProperties.getAuthn().getMfa().getGauth().getJpa());
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "GoogleAuthenticatorJpaRepositoryConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/GoogleAuthenticatorJpaConfiguration$GoogleAuthenticatorJpaRepositoryConfiguration.class */
    public static class GoogleAuthenticatorJpaRepositoryConfiguration {
        @ConditionalOnMissingBean(name = {"googleAuthenticatorAccountRegistry"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public OneTimeTokenCredentialRepository googleAuthenticatorAccountRegistry(@Qualifier("googleAuthenticatorInstance") IGoogleAuthenticator iGoogleAuthenticator, @Qualifier("googleAuthenticatorAccountCipherExecutor") CipherExecutor cipherExecutor, @Qualifier("googleAuthenticatorScratchCodesCipherExecutor") CipherExecutor cipherExecutor2) {
            return new JpaGoogleAuthenticatorTokenCredentialRepository(cipherExecutor, cipherExecutor2, iGoogleAuthenticator);
        }

        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public OneTimeTokenRepository oneTimeTokenAuthenticatorTokenRepository(CasConfigurationProperties casConfigurationProperties, @Qualifier("transactionManagerGoogleAuthenticator") PlatformTransactionManager platformTransactionManager) {
            return new GoogleAuthenticatorJpaTokenRepository(casConfigurationProperties.getAuthn().getMfa().getGauth().getCore().getTimeStepSize(), new TransactionTemplate(platformTransactionManager));
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "GoogleAuthenticatorJpaTransactionConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/GoogleAuthenticatorJpaConfiguration$GoogleAuthenticatorJpaTransactionConfiguration.class */
    public static class GoogleAuthenticatorJpaTransactionConfiguration {
        @ConditionalOnMissingBean(name = {"transactionManagerGoogleAuthenticator"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public PlatformTransactionManager transactionManagerGoogleAuthenticator(@Qualifier("googleAuthenticatorEntityManagerFactory") EntityManagerFactory entityManagerFactory) {
            JpaTransactionManager jpaTransactionManager = new JpaTransactionManager();
            jpaTransactionManager.setEntityManagerFactory(entityManagerFactory);
            return jpaTransactionManager;
        }
    }
}
