package org.apereo.cas.adaptors.generic.config;

import lombok.Generated;
import org.apereo.cas.adaptors.generic.FileAuthenticationHandler;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.principal.PrincipalFactoryUtils;
import org.apereo.cas.authentication.principal.PrincipalNameTransformerUtils;
import org.apereo.cas.authentication.principal.PrincipalResolver;
import org.apereo.cas.authentication.support.password.PasswordEncoderUtils;
import org.apereo.cas.authentication.support.password.PasswordPolicyContext;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.configuration.model.support.generic.FileAuthenticationProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.util.spring.beans.BeanCondition;
import org.apereo.cas.util.spring.beans.BeanSupplier;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ScopedProxyMode;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@AutoConfiguration
@ConditionalOnFeatureEnabled(feature = {CasFeatureModule.FeatureCatalog.Authentication}, module = "generic")
/* loaded from: input_file:org/apereo/cas/adaptors/generic/config/FileAuthenticationEventExecutionPlanConfiguration.class */
public class FileAuthenticationEventExecutionPlanConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(FileAuthenticationEventExecutionPlanConfiguration.class);
    private static final BeanCondition CONDITION = BeanCondition.on("cas.authn.file.filename").exists();

    @ConditionalOnMissingBean(name = {"filePrincipalFactory"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public PrincipalFactory filePrincipalFactory() {
        return PrincipalFactoryUtils.newPrincipalFactory();
    }

    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public AuthenticationHandler fileAuthenticationHandler(@Qualifier("filePasswordPolicyConfiguration") PasswordPolicyContext passwordPolicyContext, @Qualifier("filePrincipalFactory") PrincipalFactory principalFactory, @Qualifier("servicesManager") ServicesManager servicesManager, CasConfigurationProperties casConfigurationProperties, ConfigurableApplicationContext configurableApplicationContext) throws Exception {
        return (AuthenticationHandler) BeanSupplier.of(AuthenticationHandler.class).when(CONDITION.given(configurableApplicationContext.getEnvironment())).supply(() -> {
            FileAuthenticationProperties file = casConfigurationProperties.getAuthn().getFile();
            FileAuthenticationHandler fileAuthenticationHandler = new FileAuthenticationHandler(file.getName(), servicesManager, principalFactory, file.getFilename(), file.getSeparator());
            fileAuthenticationHandler.setPasswordEncoder(PasswordEncoderUtils.newPasswordEncoder(file.getPasswordEncoder(), configurableApplicationContext));
            fileAuthenticationHandler.setPasswordPolicyConfiguration(passwordPolicyContext);
            fileAuthenticationHandler.setPrincipalNameTransformer(PrincipalNameTransformerUtils.newPrincipalNameTransformer(file.getPrincipalTransformation()));
            return fileAuthenticationHandler;
        }).otherwiseProxy().get();
    }

    @ConditionalOnMissingBean(name = {"fileAuthenticationEventExecutionPlanConfigurer"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public AuthenticationEventExecutionPlanConfigurer fileAuthenticationEventExecutionPlanConfigurer(ConfigurableApplicationContext configurableApplicationContext, @Qualifier("fileAuthenticationHandler") AuthenticationHandler authenticationHandler, CasConfigurationProperties casConfigurationProperties, @Qualifier("defaultPrincipalResolver") PrincipalResolver principalResolver) throws Exception {
        return (AuthenticationEventExecutionPlanConfigurer) BeanSupplier.of(AuthenticationEventExecutionPlanConfigurer.class).when(CONDITION.given(configurableApplicationContext.getEnvironment())).supply(() -> {
            return authenticationEventExecutionPlan -> {
                LOGGER.debug("Added file-based authentication handler for the target file [{}]", casConfigurationProperties.getAuthn().getFile().getFilename().getDescription());
                authenticationEventExecutionPlan.registerAuthenticationHandlerWithPrincipalResolver(authenticationHandler, principalResolver);
            };
        }).otherwiseProxy().get();
    }

    @ConditionalOnMissingBean(name = {"filePasswordPolicyConfiguration"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public PasswordPolicyContext filePasswordPolicyConfiguration() {
        return new PasswordPolicyContext();
    }
}
