package org.apereo.cas.config;

import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.CentralAuthenticationService;
import org.apereo.cas.audit.AuditableExecution;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.support.CasFeatureModule;
import org.apereo.cas.support.oauth.web.endpoints.OAuth20AccessTokenEndpointController;
import org.apereo.cas.support.oauth.web.endpoints.OAuth20AuthorizeEndpointController;
import org.apereo.cas.support.oauth.web.endpoints.OAuth20CallbackAuthorizeEndpointController;
import org.apereo.cas.support.oauth.web.endpoints.OAuth20ConfigurationContext;
import org.apereo.cas.support.oauth.web.endpoints.OAuth20DeviceUserCodeApprovalEndpointController;
import org.apereo.cas.support.oauth.web.endpoints.OAuth20IntrospectionEndpointController;
import org.apereo.cas.support.oauth.web.endpoints.OAuth20RevocationEndpointController;
import org.apereo.cas.support.oauth.web.endpoints.OAuth20UserProfileEndpointController;
import org.apereo.cas.support.oauth.web.mgmt.OAuth20TokenManagementEndpoint;
import org.apereo.cas.token.JwtBuilder;
import org.apereo.cas.util.spring.boot.ConditionalOnFeature;
import org.apereo.cas.web.ProtocolEndpointWebSecurityConfigurer;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.actuate.autoconfigure.endpoint.condition.ConditionalOnAvailableEndpoint;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@ConditionalOnFeature(feature = CasFeatureModule.FeatureCatalog.OAuth)
@AutoConfiguration
/* loaded from: input_file:org/apereo/cas/config/CasOAuth20EndpointsConfiguration.class */
public class CasOAuth20EndpointsConfiguration {

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasOAuth20EndpointControllersConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasOAuth20EndpointsConfiguration$CasOAuth20EndpointControllersConfiguration.class */
    public static class CasOAuth20EndpointControllersConfiguration {
        @ConditionalOnMissingBean(name = {"callbackAuthorizeController"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public OAuth20CallbackAuthorizeEndpointController callbackAuthorizeController(@Qualifier("oauth20ConfigurationContext") OAuth20ConfigurationContext oAuth20ConfigurationContext) {
            return new OAuth20CallbackAuthorizeEndpointController(oAuth20ConfigurationContext);
        }

        @ConditionalOnMissingBean(name = {"introspectionEndpointController"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public OAuth20IntrospectionEndpointController<OAuth20ConfigurationContext> introspectionEndpointController(@Qualifier("oauth20ConfigurationContext") OAuth20ConfigurationContext oAuth20ConfigurationContext) {
            return new OAuth20IntrospectionEndpointController<>(oAuth20ConfigurationContext);
        }

        @ConditionalOnMissingBean(name = {"accessTokenController"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public OAuth20AccessTokenEndpointController<OAuth20ConfigurationContext> accessTokenController(@Qualifier("accessTokenGrantAuditableRequestExtractor") AuditableExecution auditableExecution, @Qualifier("oauth20ConfigurationContext") OAuth20ConfigurationContext oAuth20ConfigurationContext) {
            return new OAuth20AccessTokenEndpointController<>(oAuth20ConfigurationContext, auditableExecution);
        }

        @ConditionalOnMissingBean(name = {"deviceUserCodeApprovalEndpointController"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public OAuth20DeviceUserCodeApprovalEndpointController deviceUserCodeApprovalEndpointController(@Qualifier("oauth20ConfigurationContext") OAuth20ConfigurationContext oAuth20ConfigurationContext) {
            return new OAuth20DeviceUserCodeApprovalEndpointController(oAuth20ConfigurationContext);
        }

        @ConditionalOnMissingBean(name = {"oauthProfileController"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public OAuth20UserProfileEndpointController<OAuth20ConfigurationContext> oauthProfileController(@Qualifier("oauth20ConfigurationContext") OAuth20ConfigurationContext oAuth20ConfigurationContext) {
            return new OAuth20UserProfileEndpointController<>(oAuth20ConfigurationContext);
        }

        @ConditionalOnMissingBean(name = {"oauthRevocationController"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public OAuth20RevocationEndpointController<OAuth20ConfigurationContext> oauthRevocationController(@Qualifier("oauth20ConfigurationContext") OAuth20ConfigurationContext oAuth20ConfigurationContext) {
            return new OAuth20RevocationEndpointController<>(oAuth20ConfigurationContext);
        }

        @ConditionalOnMissingBean(name = {"authorizeController"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public OAuth20AuthorizeEndpointController<OAuth20ConfigurationContext> authorizeController(@Qualifier("oauth20ConfigurationContext") OAuth20ConfigurationContext oAuth20ConfigurationContext) {
            return new OAuth20AuthorizeEndpointController<>(oAuth20ConfigurationContext);
        }

        @ConditionalOnAvailableEndpoint
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public OAuth20TokenManagementEndpoint oauth20TokenManagementEndpoint(@Qualifier("accessTokenJwtBuilder") JwtBuilder jwtBuilder, @Qualifier("centralAuthenticationService") CentralAuthenticationService centralAuthenticationService, CasConfigurationProperties casConfigurationProperties) {
            return new OAuth20TokenManagementEndpoint(casConfigurationProperties, centralAuthenticationService, jwtBuilder);
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasOAuth20EndpointSecurityConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasOAuth20EndpointsConfiguration$CasOAuth20EndpointSecurityConfiguration.class */
    public static class CasOAuth20EndpointSecurityConfiguration {
        @ConditionalOnMissingBean(name = {"oauth20ProtocolEndpointConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public ProtocolEndpointWebSecurityConfigurer<Void> oauth20ProtocolEndpointConfigurer() {
            return new ProtocolEndpointWebSecurityConfigurer<Void>() { // from class: org.apereo.cas.config.CasOAuth20EndpointsConfiguration.CasOAuth20EndpointSecurityConfiguration.1
                public List<String> getIgnoredEndpoints() {
                    return List.of(StringUtils.prependIfMissing("/oauth2.0", "/", new CharSequence[0]));
                }
            };
        }
    }
}
