package org.apereo.cas.config;

import com.warrenstrange.googleauth.IGoogleAuthenticator;
import org.apereo.cas.authentication.CasSSLContext;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.mfa.gauth.MongoDbGoogleAuthenticatorMultifactorProperties;
import org.apereo.cas.gauth.credential.MongoDbGoogleAuthenticatorTokenCredentialRepository;
import org.apereo.cas.gauth.token.GoogleAuthenticatorMongoDbTokenRepository;
import org.apereo.cas.mongo.MongoDbConnectionFactory;
import org.apereo.cas.otp.repository.credentials.OneTimeTokenCredentialRepository;
import org.apereo.cas.otp.repository.token.OneTimeTokenRepository;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.dao.annotation.PersistenceExceptionTranslationPostProcessor;
import org.springframework.data.mongodb.core.MongoTemplate;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.transaction.annotation.EnableTransactionManagement;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@EnableScheduling
@EnableTransactionManagement
@Configuration(value = "GoogleAuthenticatorMongoDbConfiguration", proxyBeanMethods = false)
/* loaded from: input_file:org/apereo/cas/config/GoogleAuthenticatorMongoDbConfiguration.class */
public class GoogleAuthenticatorMongoDbConfiguration {
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public PersistenceExceptionTranslationPostProcessor persistenceExceptionTranslationPostProcessor() {
        return new PersistenceExceptionTranslationPostProcessor();
    }

    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public MongoTemplate mongoDbGoogleAuthenticatorTemplate(CasConfigurationProperties casConfigurationProperties, @Qualifier("casSslContext") CasSSLContext casSSLContext) {
        MongoDbGoogleAuthenticatorMultifactorProperties mongo = casConfigurationProperties.getAuthn().getMfa().getGauth().getMongo();
        MongoTemplate buildMongoTemplate = new MongoDbConnectionFactory(casSSLContext.getSslContext()).buildMongoTemplate(mongo);
        MongoDbConnectionFactory.createCollection(buildMongoTemplate, mongo.getTokenCollection(), mongo.isDropCollection());
        return buildMongoTemplate;
    }

    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public OneTimeTokenCredentialRepository googleAuthenticatorAccountRegistry(@Qualifier("googleAuthenticatorInstance") IGoogleAuthenticator iGoogleAuthenticator, @Qualifier("googleAuthenticatorAccountCipherExecutor") CipherExecutor cipherExecutor, CasConfigurationProperties casConfigurationProperties, @Qualifier("mongoDbGoogleAuthenticatorTemplate") MongoTemplate mongoTemplate) {
        return new MongoDbGoogleAuthenticatorTokenCredentialRepository(iGoogleAuthenticator, mongoTemplate, casConfigurationProperties.getAuthn().getMfa().getGauth().getMongo().getCollection(), cipherExecutor);
    }

    @Bean
    public OneTimeTokenRepository oneTimeTokenAuthenticatorTokenRepository(CasConfigurationProperties casConfigurationProperties, @Qualifier("mongoDbGoogleAuthenticatorTemplate") MongoTemplate mongoTemplate) {
        return new GoogleAuthenticatorMongoDbTokenRepository(mongoTemplate, casConfigurationProperties.getAuthn().getMfa().getGauth().getMongo().getTokenCollection(), casConfigurationProperties.getAuthn().getMfa().getGauth().getCore().getTimeStepSize());
    }
}
