package org.apereo.cas.support.saml.config;

import lombok.Generated;
import org.apereo.cas.authentication.principal.ResponseBuilder;
import org.apereo.cas.authentication.principal.ServiceFactory;
import org.apereo.cas.authentication.principal.ServiceFactoryConfigurer;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.saml.googleapps.GoogleAppsProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.saml.OpenSamlConfigBean;
import org.apereo.cas.support.saml.authentication.principal.GoogleAccountsServiceFactory;
import org.apereo.cas.support.saml.authentication.principal.GoogleAccountsServiceResponseBuilder;
import org.apereo.cas.support.saml.util.GoogleSaml20ObjectBuilder;
import org.apereo.cas.util.AsciiArtUtils;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.web.UrlValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Lazy;
import org.springframework.context.annotation.ScopedProxyMode;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@AutoConfiguration
@Deprecated(since = "6.2.0")
/* loaded from: input_file:org/apereo/cas/support/saml/config/SamlGoogleAppsConfiguration.class */
public class SamlGoogleAppsConfiguration implements InitializingBean {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(SamlGoogleAppsConfiguration.class);

    @Bean
    public ServiceFactoryConfigurer googleAccountsServiceFactoryConfigurer(@Qualifier("googleAccountsServiceFactory") ServiceFactory serviceFactory) {
        return () -> {
            return CollectionUtils.wrap(serviceFactory);
        };
    }

    @ConditionalOnMissingBean(name = {"googleAccountsServiceFactory"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public ServiceFactory googleAccountsServiceFactory(@Qualifier("googleSaml20ObjectBuilder") GoogleSaml20ObjectBuilder googleSaml20ObjectBuilder) {
        return new GoogleAccountsServiceFactory(googleSaml20ObjectBuilder);
    }

    @ConditionalOnMissingBean(name = {"googleSaml20ObjectBuilder"})
    @Bean
    public GoogleSaml20ObjectBuilder googleSaml20ObjectBuilder(@Qualifier("shibboleth.OpenSAMLConfig") OpenSamlConfigBean openSamlConfigBean) {
        return new GoogleSaml20ObjectBuilder(openSamlConfigBean);
    }

    @ConditionalOnMissingBean(name = {"googleAccountsServiceResponseBuilder"})
    @Bean
    @Lazy
    public ResponseBuilder googleAccountsServiceResponseBuilder(CasConfigurationProperties casConfigurationProperties, @Qualifier("googleSaml20ObjectBuilder") GoogleSaml20ObjectBuilder googleSaml20ObjectBuilder, @Qualifier("urlValidator") UrlValidator urlValidator, @Qualifier("servicesManager") ServicesManager servicesManager) {
        GoogleAppsProperties googleApps = casConfigurationProperties.getGoogleApps();
        return new GoogleAccountsServiceResponseBuilder(googleApps.getPrivateKeyLocation(), googleApps.getPublicKeyLocation(), googleApps.getKeyAlgorithm(), servicesManager, googleSaml20ObjectBuilder, casConfigurationProperties.getSamlCore().getSkewAllowance(), casConfigurationProperties.getServer().getPrefix(), urlValidator);
    }

    public void afterPropertiesSet() {
        AsciiArtUtils.printAsciiArtWarning(LOGGER, "CAS integration with Google Apps is now deprecated and scheduled to be removed in the future. The functionality is now redundant and unnecessary with CAS able to provide SAML2 identity provider features.To handle the integration, you should configure CAS to act as a SAML2 identity provider and remove this integration from your deployment to protected against future removals and surprises.");
    }
}
