package org.apereo.cas.adaptors.generic.config;

import lombok.Generated;
import org.apereo.cas.adaptors.generic.JsonResourceAuthenticationHandler;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.principal.PrincipalFactoryUtils;
import org.apereo.cas.authentication.principal.PrincipalNameTransformerUtils;
import org.apereo.cas.authentication.principal.PrincipalResolver;
import org.apereo.cas.authentication.support.password.PasswordEncoderUtils;
import org.apereo.cas.authentication.support.password.PasswordPolicyContext;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.configuration.model.support.generic.JsonResourceAuthenticationProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.core.io.Resource;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@AutoConfiguration
@ConditionalOnFeatureEnabled(feature = CasFeatureModule.FeatureCatalog.Authentication, module = "generic")
/* loaded from: input_file:org/apereo/cas/adaptors/generic/config/JsonResourceAuthenticationEventExecutionPlanConfiguration.class */
public class JsonResourceAuthenticationEventExecutionPlanConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(JsonResourceAuthenticationEventExecutionPlanConfiguration.class);

    @ConditionalOnMissingBean(name = {"jsonPrincipalFactory"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public PrincipalFactory jsonPrincipalFactory() {
        return PrincipalFactoryUtils.newPrincipalFactory();
    }

    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public AuthenticationHandler jsonResourceAuthenticationHandler(CasConfigurationProperties casConfigurationProperties, ConfigurableApplicationContext configurableApplicationContext, @Qualifier("jsonPrincipalFactory") PrincipalFactory principalFactory, @Qualifier("servicesManager") ServicesManager servicesManager) {
        JsonResourceAuthenticationProperties json = casConfigurationProperties.getAuthn().getJson();
        JsonResourceAuthenticationHandler jsonResourceAuthenticationHandler = new JsonResourceAuthenticationHandler(json.getName(), servicesManager, principalFactory, null, json.getLocation());
        jsonResourceAuthenticationHandler.setPasswordEncoder(PasswordEncoderUtils.newPasswordEncoder(json.getPasswordEncoder(), configurableApplicationContext));
        if (json.getPasswordPolicy().isEnabled()) {
            jsonResourceAuthenticationHandler.setPasswordPolicyConfiguration(new PasswordPolicyContext(json.getPasswordPolicy()));
        }
        jsonResourceAuthenticationHandler.setPrincipalNameTransformer(PrincipalNameTransformerUtils.newPrincipalNameTransformer(json.getPrincipalTransformation()));
        jsonResourceAuthenticationHandler.setState(json.getState());
        return jsonResourceAuthenticationHandler;
    }

    @ConditionalOnMissingBean(name = {"jsonResourceAuthenticationEventExecutionPlanConfigurer"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public AuthenticationEventExecutionPlanConfigurer jsonResourceAuthenticationEventExecutionPlanConfigurer(CasConfigurationProperties casConfigurationProperties, @Qualifier("jsonResourceAuthenticationHandler") AuthenticationHandler authenticationHandler, @Qualifier("defaultPrincipalResolver") PrincipalResolver principalResolver) {
        return authenticationEventExecutionPlan -> {
            Resource location = casConfigurationProperties.getAuthn().getJson().getLocation();
            if (location != null) {
                LOGGER.debug("Added JSON resource authentication handler for the target file [{}]", location.getFilename());
                authenticationEventExecutionPlan.registerAuthenticationHandlerWithPrincipalResolver(authenticationHandler, principalResolver);
            }
        };
    }
}
