package org.apereo.cas.config;

import lombok.Generated;
import org.apereo.cas.adaptors.generic.GroovyAuthenticationHandler;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.principal.PrincipalFactoryUtils;
import org.apereo.cas.authentication.principal.PrincipalResolver;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.configuration.model.support.generic.GroovyAuthenticationProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.util.spring.beans.BeanCondition;
import org.apereo.cas.util.spring.beans.BeanSupplier;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.apereo.cas.util.spring.boot.ConditionalOnMissingGraalVMNativeImage;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.core.io.Resource;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration(value = "GroovyAuthenticationEventExecutionPlanConfiguration", proxyBeanMethods = false)
@ConditionalOnFeatureEnabled(feature = {CasFeatureModule.FeatureCatalog.Authentication}, module = "generic")
@ConditionalOnMissingGraalVMNativeImage
/* loaded from: input_file:org/apereo/cas/config/GroovyAuthenticationEventExecutionPlanConfiguration.class */
class GroovyAuthenticationEventExecutionPlanConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(GroovyAuthenticationEventExecutionPlanConfiguration.class);

    GroovyAuthenticationEventExecutionPlanConfiguration() {
    }

    @ConditionalOnMissingBean(name = {"groovyPrincipalFactory"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @ConditionalOnMissingGraalVMNativeImage
    @Bean
    public PrincipalFactory groovyPrincipalFactory() {
        return PrincipalFactoryUtils.newPrincipalFactory();
    }

    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @ConditionalOnMissingGraalVMNativeImage
    @Bean
    public AuthenticationHandler groovyResourceAuthenticationHandler(ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties, @Qualifier("groovyPrincipalFactory") PrincipalFactory principalFactory, @Qualifier("servicesManager") ServicesManager servicesManager) {
        return (AuthenticationHandler) BeanSupplier.of(AuthenticationHandler.class).when(BeanCondition.on("cas.authn.groovy.location").exists().given(configurableApplicationContext.getEnvironment())).supply(() -> {
            GroovyAuthenticationProperties groovy = casConfigurationProperties.getAuthn().getGroovy();
            GroovyAuthenticationHandler groovyAuthenticationHandler = new GroovyAuthenticationHandler(groovy.getName(), servicesManager, principalFactory, groovy.getLocation(), groovy.getOrder());
            groovyAuthenticationHandler.setState(groovy.getState());
            return groovyAuthenticationHandler;
        }).otherwiseProxy().get();
    }

    @ConditionalOnMissingBean(name = {"groovyResourceAuthenticationEventExecutionPlanConfigurer"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @ConditionalOnMissingGraalVMNativeImage
    @Bean
    public AuthenticationEventExecutionPlanConfigurer groovyResourceAuthenticationEventExecutionPlanConfigurer(CasConfigurationProperties casConfigurationProperties, @Qualifier("groovyResourceAuthenticationHandler") AuthenticationHandler authenticationHandler, @Qualifier("defaultPrincipalResolver") PrincipalResolver principalResolver) {
        return authenticationEventExecutionPlan -> {
            Resource location = casConfigurationProperties.getAuthn().getGroovy().getLocation();
            if (location != null) {
                LOGGER.debug("Activating Groovy authentication handler via [{}]", location);
                authenticationEventExecutionPlan.registerAuthenticationHandlerWithPrincipalResolver(authenticationHandler, principalResolver);
            }
        };
    }
}
