package org.apereo.cas.config;

import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.audit.AuditableExecution;
import org.apereo.cas.authentication.AuthenticationServiceSelectionPlan;
import org.apereo.cas.authentication.AuthenticationServiceSelectionStrategy;
import org.apereo.cas.authentication.AuthenticationServiceSelectionStrategyConfigurer;
import org.apereo.cas.authentication.principal.ServiceFactory;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.saml.ShibbolethIdPEntityIdAuthenticationServiceSelectionStrategy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("externalShibbolethIdPAuthenticationServiceSelectionStrategyConfiguration")
/* loaded from: input_file:org/apereo/cas/config/ExternalShibbolethIdPAuthenticationServiceSelectionStrategyConfiguration.class */
public class ExternalShibbolethIdPAuthenticationServiceSelectionStrategyConfiguration implements AuthenticationServiceSelectionStrategyConfigurer {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(ExternalShibbolethIdPAuthenticationServiceSelectionStrategyConfiguration.class);

    @Autowired
    @Qualifier("registeredServiceAccessStrategyEnforcer")
    private AuditableExecution registeredServiceAccessStrategyEnforcer;

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("webApplicationServiceFactory")
    private ServiceFactory<WebApplicationService> webApplicationServiceFactory;

    @ConditionalOnMissingBean(name = {"shibbolethIdPEntityIdAuthenticationServiceSelectionStrategy"})
    @RefreshScope
    @Bean
    public AuthenticationServiceSelectionStrategy shibbolethIdPEntityIdAuthenticationServiceSelectionStrategy() {
        return new ShibbolethIdPEntityIdAuthenticationServiceSelectionStrategy(this.webApplicationServiceFactory, this.casProperties.getAuthn().getShibIdp().getServerUrl(), this.servicesManager, this.registeredServiceAccessStrategyEnforcer);
    }

    public void configureAuthenticationServiceSelectionStrategy(AuthenticationServiceSelectionPlan authenticationServiceSelectionPlan) {
        if (StringUtils.isNotBlank(this.casProperties.getAuthn().getShibIdp().getServerUrl())) {
            authenticationServiceSelectionPlan.registerStrategy(shibbolethIdPEntityIdAuthenticationServiceSelectionStrategy());
        } else {
            LOGGER.warn("Shibboleth IdP url is not specified; External authentication requests by the IdP will not be recognized by CAS");
        }
    }
}
