package org.apereo.cas.support.pac4j.config.support.authentication;

import java.util.ArrayList;
import java.util.Set;
import lombok.Generated;
import org.apereo.cas.audit.AuditTrailRecordResolutionPlan;
import org.apereo.cas.audit.AuditTrailRecordResolutionPlanConfigurer;
import org.apereo.cas.audit.DelegatedAuthenticationAuditResourceResolver;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.AuthenticationMetaDataPopulator;
import org.apereo.cas.authentication.principal.DefaultPrincipalFactory;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.principal.PrincipalResolver;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.pac4j.Pac4jDelegatedAuthenticationProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.pac4j.authentication.ClientAuthenticationMetaDataPopulator;
import org.apereo.cas.support.pac4j.authentication.DelegatedClientFactory;
import org.apereo.cas.support.pac4j.authentication.handler.support.ClientAuthenticationHandler;
import org.apereo.inspektr.audit.spi.AuditActionResolver;
import org.apereo.inspektr.audit.spi.AuditResourceResolver;
import org.pac4j.core.client.Clients;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("pac4jAuthenticationEventExecutionPlanConfiguration")
/* loaded from: input_file:org/apereo/cas/support/pac4j/config/support/authentication/Pac4jAuthenticationEventExecutionPlanConfiguration.class */
public class Pac4jAuthenticationEventExecutionPlanConfiguration implements AuditTrailRecordResolutionPlanConfigurer {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(Pac4jAuthenticationEventExecutionPlanConfiguration.class);

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @Autowired
    @Qualifier("personDirectoryPrincipalResolver")
    private PrincipalResolver personDirectoryPrincipalResolver;

    @Autowired
    @Qualifier("authenticationActionResolver")
    private AuditActionResolver authenticationActionResolver;

    @ConditionalOnMissingBean(name = {"pac4jDelegatedClientFactory"})
    @Bean
    public DelegatedClientFactory pac4jDelegatedClientFactory() {
        return new DelegatedClientFactory(this.casProperties.getAuthn().getPac4j());
    }

    @Bean
    public Clients builtClients() {
        Set build = pac4jDelegatedClientFactory().build();
        LOGGER.debug("The following clients are built: [{}]", build);
        if (build.isEmpty()) {
            LOGGER.warn("No delegated authentication clients are defined/configured");
        }
        LOGGER.info("Located and prepared [{}] delegated authentication client(s)", Integer.valueOf(build.size()));
        return new Clients(this.casProperties.getServer().getLoginUrl(), new ArrayList(build));
    }

    @ConditionalOnMissingBean(name = {"clientPrincipalFactory"})
    @Bean
    public PrincipalFactory clientPrincipalFactory() {
        return new DefaultPrincipalFactory();
    }

    @ConditionalOnMissingBean(name = {"clientAuthenticationMetaDataPopulator"})
    @Bean
    public AuthenticationMetaDataPopulator clientAuthenticationMetaDataPopulator() {
        return new ClientAuthenticationMetaDataPopulator();
    }

    @ConditionalOnMissingBean(name = {"clientAuthenticationHandler"})
    @RefreshScope
    @Bean
    public AuthenticationHandler clientAuthenticationHandler() {
        Pac4jDelegatedAuthenticationProperties pac4j = this.casProperties.getAuthn().getPac4j();
        ClientAuthenticationHandler clientAuthenticationHandler = new ClientAuthenticationHandler(pac4j.getName(), this.servicesManager, clientPrincipalFactory(), builtClients());
        clientAuthenticationHandler.setTypedIdUsed(pac4j.isTypedIdUsed());
        return clientAuthenticationHandler;
    }

    @ConditionalOnMissingBean(name = {"pac4jAuthenticationEventExecutionPlanConfigurer"})
    @Bean
    public AuthenticationEventExecutionPlanConfigurer pac4jAuthenticationEventExecutionPlanConfigurer() {
        return authenticationEventExecutionPlan -> {
            if (builtClients().findAllClients().isEmpty()) {
                return;
            }
            LOGGER.info("Registering delegated authentication clients...");
            authenticationEventExecutionPlan.registerAuthenticationHandlerWithPrincipalResolver(clientAuthenticationHandler(), this.personDirectoryPrincipalResolver);
            authenticationEventExecutionPlan.registerMetadataPopulator(clientAuthenticationMetaDataPopulator());
        };
    }

    @ConditionalOnMissingBean(name = {"delegatedAuthenticationAuditResourceResolver"})
    @Bean
    public AuditResourceResolver delegatedAuthenticationAuditResourceResolver() {
        return new DelegatedAuthenticationAuditResourceResolver();
    }

    public void configureAuditTrailRecordResolutionPlan(AuditTrailRecordResolutionPlan auditTrailRecordResolutionPlan) {
        auditTrailRecordResolutionPlan.registerAuditActionResolver("DELEGATED_CLIENT_ACTION_RESOLVER", this.authenticationActionResolver);
        auditTrailRecordResolutionPlan.registerAuditResourceResolver("DELEGATED_CLIENT_RESOURCE_RESOLVER", delegatedAuthenticationAuditResourceResolver());
    }
}
