package org.apereo.cas.oidc.web.flow;

import java.util.Map;
import java.util.Optional;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.NameValuePair;
import org.apache.http.client.utils.URIBuilder;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.AuthenticationException;
import org.apereo.cas.authentication.MultifactorAuthenticationProvider;
import org.apereo.cas.authentication.MultifactorAuthenticationProviderResolver;
import org.apereo.cas.authentication.MultifactorAuthenticationTrigger;
import org.apereo.cas.authentication.MultifactorAuthenticationUtils;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.util.spring.ApplicationContextProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apereo/cas/oidc/web/flow/OidcMultifactorAuthenticationTrigger.class */
public class OidcMultifactorAuthenticationTrigger implements MultifactorAuthenticationTrigger {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(OidcMultifactorAuthenticationTrigger.class);
    private final CasConfigurationProperties casProperties;
    private final MultifactorAuthenticationProviderResolver multifactorAuthenticationProviderResolver;
    private int order = Integer.MAX_VALUE;

    public Optional<MultifactorAuthenticationProvider> isActivated(Authentication authentication, RegisteredService registeredService, HttpServletRequest httpServletRequest, Service service) {
        if (registeredService == null || authentication == null) {
            LOGGER.debug("No service or authentication is available to determine event for principal");
            return Optional.empty();
        }
        String parameter = httpServletRequest.getParameter("acr_values");
        if (StringUtils.isBlank(parameter)) {
            URIBuilder uRIBuilder = new URIBuilder(httpServletRequest.getRequestURL() + "?" + httpServletRequest.getQueryString());
            Optional findFirst = uRIBuilder.getQueryParams().stream().filter(nameValuePair -> {
                return nameValuePair.getName().equals("service");
            }).findFirst();
            if (findFirst.isPresent()) {
                uRIBuilder = new URIBuilder(((NameValuePair) findFirst.get()).getValue());
            }
            Optional findFirst2 = uRIBuilder.getQueryParams().stream().filter(nameValuePair2 -> {
                return nameValuePair2.getName().equals("acr_values");
            }).findFirst();
            if (findFirst2.isPresent()) {
                parameter = ((NameValuePair) findFirst2.get()).getValue();
            }
        }
        if (StringUtils.isBlank(parameter)) {
            LOGGER.debug("No ACR provided in the authentication request");
            return Optional.empty();
        }
        Set commaDelimitedListToSet = org.springframework.util.StringUtils.commaDelimitedListToSet(parameter);
        if (commaDelimitedListToSet.isEmpty()) {
            LOGGER.trace("No ACR values are provided in the authentication request");
            return Optional.empty();
        }
        Map availableMultifactorAuthenticationProviders = MultifactorAuthenticationUtils.getAvailableMultifactorAuthenticationProviders(ApplicationContextProvider.getApplicationContext());
        if (!availableMultifactorAuthenticationProviders.isEmpty()) {
            return availableMultifactorAuthenticationProviders.values().stream().filter(multifactorAuthenticationProvider -> {
                return commaDelimitedListToSet.contains(multifactorAuthenticationProvider.getId());
            }).findAny();
        }
        LOGGER.error("No multifactor authentication providers are available in the application context to handle [{}]", commaDelimitedListToSet);
        throw new AuthenticationException();
    }

    @Generated
    public CasConfigurationProperties getCasProperties() {
        return this.casProperties;
    }

    @Generated
    public MultifactorAuthenticationProviderResolver getMultifactorAuthenticationProviderResolver() {
        return this.multifactorAuthenticationProviderResolver;
    }

    @Generated
    public int getOrder() {
        return this.order;
    }

    @Generated
    public void setOrder(int i) {
        this.order = i;
    }

    @Generated
    public OidcMultifactorAuthenticationTrigger(CasConfigurationProperties casConfigurationProperties, MultifactorAuthenticationProviderResolver multifactorAuthenticationProviderResolver) {
        this.casProperties = casConfigurationProperties;
        this.multifactorAuthenticationProviderResolver = multifactorAuthenticationProviderResolver;
    }
}
