package org.apereo.cas.web.flow;

import java.util.HashMap;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.web.flow.actions.BaseCasWebflowAction;
import org.apereo.cas.web.flow.configurer.AbstractCasWebflowConfigurer;
import org.apereo.cas.web.support.WebUtils;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.ActionState;
import org.springframework.webflow.engine.Flow;
import org.springframework.webflow.engine.History;
import org.springframework.webflow.engine.TransitionSet;
import org.springframework.webflow.engine.ViewState;
import org.springframework.webflow.engine.builder.support.FlowBuilderServices;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:org/apereo/cas/web/flow/DelegatedAuthenticationWebflowConfigurer.class */
public class DelegatedAuthenticationWebflowConfigurer extends AbstractCasWebflowConfigurer {
    private static final String DECISION_STATE_CHECK_DELEGATED_AUTHN_FAILURE = "checkDelegatedAuthnFailureDecision";

    public DelegatedAuthenticationWebflowConfigurer(FlowBuilderServices flowBuilderServices, FlowDefinitionRegistry flowDefinitionRegistry, FlowDefinitionRegistry flowDefinitionRegistry2, ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties) {
        super(flowBuilderServices, flowDefinitionRegistry, configurableApplicationContext, casConfigurationProperties);
        setLogoutFlowDefinitionRegistry(flowDefinitionRegistry2);
        setOrder(casConfigurationProperties.getAuthn().getPac4j().getWebflow().getOrder());
    }

    protected void doInitialize() {
        Flow loginFlow = getLoginFlow();
        if (loginFlow != null) {
            createClientActionState(loginFlow);
            createStopWebflowViewState(loginFlow);
            createDelegatedClientLogoutAction();
            if (this.casProperties.getAuthn().getPac4j().getCore().getDiscoverySelection().getSelectionType().isDynamic()) {
                createDynamicDiscoveryViewState(loginFlow);
                createDynamicDiscoveryActionState(loginFlow);
                createRedirectToProviderViewState(loginFlow);
            }
        }
    }

    protected void createDelegatedClientLogoutAction() {
        Flow logoutFlow = getLogoutFlow();
        getState(logoutFlow, "terminateSession").getEntryActionList().add(createEvaluateAction("delegatedAuthenticationClientLogoutAction"));
        ((ActionState) getState(logoutFlow, "finishLogout", ActionState.class)).getExitActionList().add(createEvaluateAction("delegatedAuthenticationClientFinishLogoutAction"));
    }

    protected void createClientActionState(Flow flow) {
        ActionState createActionState = createActionState(flow, "delegatedAuthentication", createEvaluateAction("delegatedAuthenticationAction"));
        TransitionSet transitionSet = createActionState.getTransitionSet();
        transitionSet.add(createTransition("success", "createTicketGrantingTicket"));
        transitionSet.add(createTransition("error", getStartState(flow).getId()));
        transitionSet.add(createTransition("successWithWarnings", "showAuthenticationWarningMessages"));
        transitionSet.add(createTransition("resume", "createTicketGrantingTicket"));
        transitionSet.add(createTransition("authenticationFailure", DECISION_STATE_CHECK_DELEGATED_AUTHN_FAILURE));
        transitionSet.add(createTransition("stop", "stopWebflow"));
        transitionSet.add(createTransition("warn", "warn"));
        transitionSet.add(createTransition("generateServiceTicket", "generateServiceTicket"));
        setStartState(flow, createActionState);
    }

    protected void createStopWebflowViewState(Flow flow) {
        createDecisionState(flow, DECISION_STATE_CHECK_DELEGATED_AUTHN_FAILURE, "flowScope.unauthorizedRedirectUrl != null", "serviceUnauthorizedCheck", "stopWebflow");
        ViewState createViewState = createViewState(flow, "stopWebflow", "delegated-authn/casDelegatedAuthnStopWebflow");
        createViewState.getEntryActionList().add(new BaseCasWebflowAction() { // from class: org.apereo.cas.web.flow.DelegatedAuthenticationWebflowConfigurer.1
            protected Event doExecute(RequestContext requestContext) {
                DelegatedClientAuthenticationAction.hasDelegationRequestFailed(WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext), WebUtils.getHttpServletResponseFromExternalWebflowContext(requestContext).getStatus()).ifPresent(modelAndView -> {
                    modelAndView.getModel().forEach((str, obj) -> {
                        requestContext.getFlowScope().put(str, obj);
                    });
                });
                return null;
            }
        });
        createTransitionForState(createViewState, "retry", "delegatedAuthenticationClientRetry");
        createEndState(flow, "delegatedAuthenticationClientRetry").setFinalResponseAction(createEvaluateAction("delegatedAuthenticationClientRetryAction"));
    }

    private void createDynamicDiscoveryViewState(Flow flow) {
        HashMap hashMap = new HashMap();
        hashMap.put("bind", Boolean.FALSE);
        hashMap.put("validate", Boolean.FALSE);
        hashMap.put("history", History.INVALIDATE);
        ViewState createViewState = createViewState(flow, "delegatedAuthenticationDynamicDiscoveryView", "delegated-authn/casDynamicDiscoveryView");
        createTransitionForState(createViewState, "execute", "delegatedAuthenticationProviderDiscoveryExecution");
        createTransitionForState(createViewState, "back", "initializeLoginForm");
        createTransitionForState(getState(flow, "viewLoginForm"), "discovery", "delegatedAuthenticationDynamicDiscoveryView", hashMap);
    }

    private void createDynamicDiscoveryActionState(Flow flow) {
        ActionState createActionState = createActionState(flow, "delegatedAuthenticationProviderDiscoveryExecution", "delegatedAuthenticationProviderDynamicDiscoveryExecutionAction");
        createTransitionForState(createActionState, "error", "delegatedAuthenticationDynamicDiscoveryView");
        createTransitionForState(createActionState, "redirect", "redirectToDelegatedAuthnProviderView");
    }

    private void createRedirectToProviderViewState(Flow flow) {
        createViewState(flow, "redirectToDelegatedAuthnProviderView", createExternalRedirectViewFactory("requestScope.delegatedAuthProviderRedirectUrl"));
    }
}
