package org.apereo.cas.config;

import lombok.Generated;
import org.apereo.cas.authentication.AuthenticationSystemSupport;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.authentication.principal.ServiceFactory;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.saml.idp.SamlIdPAlgorithmsProperties;
import org.apereo.cas.services.RegexRegisteredService;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.ServiceRegistryExecutionPlan;
import org.apereo.cas.services.ServiceRegistryExecutionPlanConfigurer;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.saml.OpenSamlConfigBean;
import org.apereo.cas.support.saml.services.SamlIdPServiceRegistry;
import org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver;
import org.apereo.cas.support.saml.web.idp.profile.IdPInitiatedProfileHandlerController;
import org.apereo.cas.support.saml.web.idp.profile.artifact.Saml1ArtifactResolutionProfileHandlerController;
import org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileObjectBuilder;
import org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner;
import org.apereo.cas.support.saml.web.idp.profile.builders.enc.validate.SamlIdPObjectSignatureValidator;
import org.apereo.cas.support.saml.web.idp.profile.builders.enc.validate.SamlObjectSignatureValidator;
import org.apereo.cas.support.saml.web.idp.profile.ecp.ECPProfileHandlerController;
import org.apereo.cas.support.saml.web.idp.profile.query.Saml2AttributeQueryProfileHandlerController;
import org.apereo.cas.support.saml.web.idp.profile.slo.SLOSamlPostProfileHandlerController;
import org.apereo.cas.support.saml.web.idp.profile.slo.SLOSamlRedirectProfileHandlerController;
import org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlPostProfileHandlerController;
import org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlPostSimpleSignProfileHandlerController;
import org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlProfileCallbackHandlerController;
import org.apereo.cas.support.saml.web.idp.profile.sso.request.DefaultSSOSamlHttpRequestExtractor;
import org.apereo.cas.support.saml.web.idp.profile.sso.request.SSOSamlHttpRequestExtractor;
import org.apereo.cas.ticket.artifact.SamlArtifactTicketFactory;
import org.apereo.cas.ticket.query.SamlAttributeQueryTicketFactory;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.apereo.cas.util.RandomUtils;
import org.apereo.cas.web.support.CookieRetrievingCookieGenerator;
import org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator;
import org.opensaml.saml.metadata.resolver.MetadataResolver;
import org.opensaml.saml.saml2.core.Response;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("samlIdPEndpointsConfiguration")
/* loaded from: input_file:org/apereo/cas/config/SamlIdPEndpointsConfiguration.class */
public class SamlIdPEndpointsConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(SamlIdPEndpointsConfiguration.class);

    @Autowired
    private ApplicationEventPublisher eventPublisher;

    @Autowired
    @Qualifier("casClientTicketValidator")
    private ObjectProvider<AbstractUrlBasedTicketValidator> casClientTicketValidator;

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("servicesManager")
    private ObjectProvider<ServicesManager> servicesManager;

    @Autowired
    @Qualifier("shibboleth.OpenSAMLConfig")
    private ObjectProvider<OpenSamlConfigBean> openSamlConfigBean;

    @Autowired
    @Qualifier("samlProfileSamlResponseBuilder")
    private ObjectProvider<SamlProfileObjectBuilder<Response>> samlProfileSamlResponseBuilder;

    @Autowired
    @Qualifier("defaultSamlRegisteredServiceCachingMetadataResolver")
    private ObjectProvider<SamlRegisteredServiceCachingMetadataResolver> defaultSamlRegisteredServiceCachingMetadataResolver;

    @Autowired
    @Qualifier("webApplicationServiceFactory")
    private ObjectProvider<ServiceFactory<WebApplicationService>> webApplicationServiceFactory;

    @Autowired
    @Qualifier("defaultAuthenticationSystemSupport")
    private ObjectProvider<AuthenticationSystemSupport> authenticationSystemSupport;

    @Autowired
    @Qualifier("samlObjectSigner")
    private ObjectProvider<SamlIdPObjectSigner> samlObjectSigner;

    @Autowired
    @Qualifier("ticketGrantingTicketCookieGenerator")
    private ObjectProvider<CookieRetrievingCookieGenerator> ticketGrantingTicketCookieGenerator;

    @Autowired
    @Qualifier("casSamlIdPMetadataResolver")
    private ObjectProvider<MetadataResolver> casSamlIdPMetadataResolver;

    @Autowired
    @Qualifier("samlProfileSamlSoap11ResponseBuilder")
    private SamlProfileObjectBuilder<org.opensaml.saml.saml2.ecp.Response> samlProfileSamlSoap11ResponseBuilder;

    @Autowired
    @Qualifier("samlProfileSamlSoap11FaultResponseBuilder")
    private SamlProfileObjectBuilder<org.opensaml.saml.saml2.ecp.Response> samlProfileSamlSoap11FaultResponseBuilder;

    @Autowired
    @Qualifier("samlProfileSamlArtifactResponseBuilder")
    private SamlProfileObjectBuilder<Response> samlProfileSamlArtifactResponseBuilder;

    @Autowired
    @Qualifier("samlProfileSamlArtifactFaultResponseBuilder")
    private SamlProfileObjectBuilder<Response> samlProfileSamlArtifactFaultResponseBuilder;

    @Autowired
    @Qualifier("samlProfileSamlAttributeQueryResponseBuilder")
    private SamlProfileObjectBuilder<Response> samlProfileSamlAttributeQueryResponseBuilder;

    @Autowired
    @Qualifier("samlProfileSamlAttributeQueryFaultResponseBuilder")
    private SamlProfileObjectBuilder<Response> samlProfileSamlAttributeQueryFaultResponseBuilder;

    @Autowired
    @Qualifier("samlAttributeQueryTicketFactory")
    private ObjectProvider<SamlAttributeQueryTicketFactory> samlAttributeQueryTicketFactory;

    @Autowired
    @Qualifier("ticketRegistry")
    private ObjectProvider<TicketRegistry> ticketRegistry;

    @Autowired
    @Qualifier("samlArtifactTicketFactory")
    private ObjectProvider<SamlArtifactTicketFactory> samlArtifactTicketFactory;

    @ConditionalOnMissingBean(name = {"samlIdPObjectSignatureValidator"})
    @Bean
    public SamlObjectSignatureValidator samlIdPObjectSignatureValidator() {
        SamlIdPAlgorithmsProperties algs = this.casProperties.getAuthn().getSamlIdp().getAlgs();
        return new SamlIdPObjectSignatureValidator(algs.getOverrideSignatureReferenceDigestMethods(), algs.getOverrideSignatureAlgorithms(), algs.getOverrideBlackListedSignatureSigningAlgorithms(), algs.getOverrideWhiteListedSignatureSigningAlgorithms(), (MetadataResolver) this.casSamlIdPMetadataResolver.getIfAvailable(), this.casProperties);
    }

    @ConditionalOnMissingBean(name = {"samlObjectSignatureValidator"})
    @Bean
    public SamlObjectSignatureValidator samlObjectSignatureValidator() {
        SamlIdPAlgorithmsProperties algs = this.casProperties.getAuthn().getSamlIdp().getAlgs();
        return new SamlObjectSignatureValidator(algs.getOverrideSignatureReferenceDigestMethods(), algs.getOverrideSignatureAlgorithms(), algs.getOverrideBlackListedSignatureSigningAlgorithms(), algs.getOverrideWhiteListedSignatureSigningAlgorithms(), this.casProperties);
    }

    @ConditionalOnMissingBean(name = {"ssoSamlHttpRequestExtractor"})
    @Bean
    public SSOSamlHttpRequestExtractor ssoSamlHttpRequestExtractor() {
        return new DefaultSSOSamlHttpRequestExtractor(((OpenSamlConfigBean) this.openSamlConfigBean.getObject()).getParserPool());
    }

    @RefreshScope
    @Bean
    public SSOSamlPostProfileHandlerController ssoPostProfileHandlerController() {
        return new SSOSamlPostProfileHandlerController((SamlIdPObjectSigner) this.samlObjectSigner.getObject(), (AuthenticationSystemSupport) this.authenticationSystemSupport.getObject(), (ServicesManager) this.servicesManager.getObject(), (ServiceFactory) this.webApplicationServiceFactory.getIfAvailable(), (SamlRegisteredServiceCachingMetadataResolver) this.defaultSamlRegisteredServiceCachingMetadataResolver.getObject(), (OpenSamlConfigBean) this.openSamlConfigBean.getObject(), (SamlProfileObjectBuilder) this.samlProfileSamlResponseBuilder.getObject(), this.casProperties, samlObjectSignatureValidator(), ssoSamlHttpRequestExtractor(), samlIdPCallbackService());
    }

    @RefreshScope
    @Bean
    public SSOSamlPostSimpleSignProfileHandlerController ssoPostSimpleSignProfileHandlerController() {
        return new SSOSamlPostSimpleSignProfileHandlerController((SamlIdPObjectSigner) this.samlObjectSigner.getObject(), (AuthenticationSystemSupport) this.authenticationSystemSupport.getIfAvailable(), (ServicesManager) this.servicesManager.getIfAvailable(), (ServiceFactory) this.webApplicationServiceFactory.getIfAvailable(), (SamlRegisteredServiceCachingMetadataResolver) this.defaultSamlRegisteredServiceCachingMetadataResolver.getIfAvailable(), (OpenSamlConfigBean) this.openSamlConfigBean.getIfAvailable(), (SamlProfileObjectBuilder) this.samlProfileSamlResponseBuilder.getObject(), this.casProperties, samlObjectSignatureValidator(), ssoSamlHttpRequestExtractor(), samlIdPCallbackService());
    }

    @RefreshScope
    @Bean
    public SLOSamlRedirectProfileHandlerController sloRedirectProfileHandlerController() {
        return new SLOSamlRedirectProfileHandlerController((SamlIdPObjectSigner) this.samlObjectSigner.getIfAvailable(), (AuthenticationSystemSupport) this.authenticationSystemSupport.getIfAvailable(), (ServicesManager) this.servicesManager.getIfAvailable(), (ServiceFactory) this.webApplicationServiceFactory.getIfAvailable(), (SamlRegisteredServiceCachingMetadataResolver) this.defaultSamlRegisteredServiceCachingMetadataResolver.getIfAvailable(), (OpenSamlConfigBean) this.openSamlConfigBean.getIfAvailable(), (SamlProfileObjectBuilder) this.samlProfileSamlResponseBuilder.getObject(), this.casProperties, samlObjectSignatureValidator(), ssoSamlHttpRequestExtractor(), samlIdPCallbackService());
    }

    @RefreshScope
    @Bean
    public SLOSamlPostProfileHandlerController sloPostProfileHandlerController() {
        return new SLOSamlPostProfileHandlerController((SamlIdPObjectSigner) this.samlObjectSigner.getIfAvailable(), (AuthenticationSystemSupport) this.authenticationSystemSupport.getIfAvailable(), (ServicesManager) this.servicesManager.getIfAvailable(), (ServiceFactory) this.webApplicationServiceFactory.getIfAvailable(), (SamlRegisteredServiceCachingMetadataResolver) this.defaultSamlRegisteredServiceCachingMetadataResolver.getIfAvailable(), (OpenSamlConfigBean) this.openSamlConfigBean.getIfAvailable(), (SamlProfileObjectBuilder) this.samlProfileSamlResponseBuilder.getObject(), this.casProperties, samlObjectSignatureValidator(), ssoSamlHttpRequestExtractor(), samlIdPCallbackService());
    }

    @RefreshScope
    @Bean
    public IdPInitiatedProfileHandlerController idPInitiatedSamlProfileHandlerController() {
        return new IdPInitiatedProfileHandlerController((SamlIdPObjectSigner) this.samlObjectSigner.getIfAvailable(), (AuthenticationSystemSupport) this.authenticationSystemSupport.getIfAvailable(), (ServicesManager) this.servicesManager.getIfAvailable(), (ServiceFactory) this.webApplicationServiceFactory.getIfAvailable(), (SamlRegisteredServiceCachingMetadataResolver) this.defaultSamlRegisteredServiceCachingMetadataResolver.getIfAvailable(), (OpenSamlConfigBean) this.openSamlConfigBean.getIfAvailable(), (SamlProfileObjectBuilder) this.samlProfileSamlResponseBuilder.getObject(), this.casProperties, samlIdPObjectSignatureValidator(), samlIdPCallbackService());
    }

    @RefreshScope
    @Bean
    public SSOSamlProfileCallbackHandlerController ssoPostProfileCallbackHandlerController() {
        return new SSOSamlProfileCallbackHandlerController((SamlIdPObjectSigner) this.samlObjectSigner.getIfAvailable(), (AuthenticationSystemSupport) this.authenticationSystemSupport.getIfAvailable(), (ServicesManager) this.servicesManager.getIfAvailable(), (ServiceFactory) this.webApplicationServiceFactory.getIfAvailable(), (SamlRegisteredServiceCachingMetadataResolver) this.defaultSamlRegisteredServiceCachingMetadataResolver.getIfAvailable(), (OpenSamlConfigBean) this.openSamlConfigBean.getIfAvailable(), (SamlProfileObjectBuilder) this.samlProfileSamlResponseBuilder.getObject(), this.casProperties, samlObjectSignatureValidator(), (AbstractUrlBasedTicketValidator) this.casClientTicketValidator.getIfAvailable(), samlIdPCallbackService());
    }

    @RefreshScope
    @Bean
    public ECPProfileHandlerController ecpProfileHandlerController() {
        return new ECPProfileHandlerController((SamlIdPObjectSigner) this.samlObjectSigner.getIfAvailable(), (AuthenticationSystemSupport) this.authenticationSystemSupport.getIfAvailable(), (ServicesManager) this.servicesManager.getIfAvailable(), (ServiceFactory) this.webApplicationServiceFactory.getIfAvailable(), (SamlRegisteredServiceCachingMetadataResolver) this.defaultSamlRegisteredServiceCachingMetadataResolver.getIfAvailable(), (OpenSamlConfigBean) this.openSamlConfigBean.getIfAvailable(), this.samlProfileSamlSoap11ResponseBuilder, this.samlProfileSamlSoap11FaultResponseBuilder, this.casProperties, samlObjectSignatureValidator(), samlIdPCallbackService());
    }

    @RefreshScope
    @Bean
    public Saml1ArtifactResolutionProfileHandlerController saml1ArtifactResolutionController() {
        return new Saml1ArtifactResolutionProfileHandlerController((SamlIdPObjectSigner) this.samlObjectSigner.getIfAvailable(), (AuthenticationSystemSupport) this.authenticationSystemSupport.getIfAvailable(), (ServicesManager) this.servicesManager.getIfAvailable(), (ServiceFactory) this.webApplicationServiceFactory.getIfAvailable(), (SamlRegisteredServiceCachingMetadataResolver) this.defaultSamlRegisteredServiceCachingMetadataResolver.getIfAvailable(), (OpenSamlConfigBean) this.openSamlConfigBean.getIfAvailable(), this.samlProfileSamlArtifactResponseBuilder, this.casProperties, samlObjectSignatureValidator(), (TicketRegistry) this.ticketRegistry.getIfAvailable(), (SamlArtifactTicketFactory) this.samlArtifactTicketFactory.getIfAvailable(), this.samlProfileSamlArtifactFaultResponseBuilder, samlIdPCallbackService());
    }

    @RefreshScope
    @ConditionalOnProperty(prefix = "cas.authn.samlIdp", name = {"attributeQueryProfileEnabled"}, havingValue = "true")
    @Bean
    public Saml2AttributeQueryProfileHandlerController saml2AttributeQueryProfileHandlerController() {
        return new Saml2AttributeQueryProfileHandlerController((SamlIdPObjectSigner) this.samlObjectSigner.getIfAvailable(), (AuthenticationSystemSupport) this.authenticationSystemSupport.getIfAvailable(), (ServicesManager) this.servicesManager.getIfAvailable(), (ServiceFactory) this.webApplicationServiceFactory.getIfAvailable(), (SamlRegisteredServiceCachingMetadataResolver) this.defaultSamlRegisteredServiceCachingMetadataResolver.getIfAvailable(), (OpenSamlConfigBean) this.openSamlConfigBean.getIfAvailable(), this.samlProfileSamlAttributeQueryResponseBuilder, this.casProperties, samlObjectSignatureValidator(), (TicketRegistry) this.ticketRegistry.getIfAvailable(), this.samlProfileSamlAttributeQueryFaultResponseBuilder, (CookieRetrievingCookieGenerator) this.ticketGrantingTicketCookieGenerator.getIfAvailable(), (SamlAttributeQueryTicketFactory) this.samlAttributeQueryTicketFactory.getIfAvailable(), samlIdPCallbackService());
    }

    @Bean
    public Service samlIdPCallbackService() {
        return ((ServiceFactory) this.webApplicationServiceFactory.getIfAvailable()).createService(this.casProperties.getServer().getPrefix().concat("/idp/profile/SAML2/Callback"));
    }

    @ConditionalOnMissingBean(name = {"samlIdPServiceRegistryExecutionPlanConfigurer"})
    @Bean
    public ServiceRegistryExecutionPlanConfigurer samlIdPServiceRegistryExecutionPlanConfigurer() {
        return new ServiceRegistryExecutionPlanConfigurer() { // from class: org.apereo.cas.config.SamlIdPEndpointsConfiguration.1
            public void configureServiceRegistry(ServiceRegistryExecutionPlan serviceRegistryExecutionPlan) {
                String concat = SamlIdPEndpointsConfiguration.this.samlIdPCallbackService().getId().concat(".*");
                SamlIdPEndpointsConfiguration.LOGGER.debug("Initializing SAML IdP callback service [{}]", concat);
                RegisteredService regexRegisteredService = new RegexRegisteredService();
                regexRegisteredService.setId(RandomUtils.getNativeInstance().nextLong());
                regexRegisteredService.setEvaluationOrder(Integer.MIN_VALUE);
                regexRegisteredService.setName(regexRegisteredService.getClass().getSimpleName());
                regexRegisteredService.setDescription("SAML Authentication Request Callback");
                regexRegisteredService.setServiceId(concat);
                serviceRegistryExecutionPlan.registerServiceRegistry(new SamlIdPServiceRegistry(SamlIdPEndpointsConfiguration.this.eventPublisher, new RegisteredService[]{regexRegisteredService}));
            }
        };
    }
}
