package org.apereo.cas.config;

import com.github.benmanes.caffeine.cache.Caffeine;
import org.apereo.cas.adaptors.u2f.storage.U2FDeviceRepository;
import org.apereo.cas.adaptors.u2f.storage.U2FDynamoDbDeviceRepository;
import org.apereo.cas.adaptors.u2f.storage.U2FDynamoDbFacilitator;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.mfa.u2f.U2FDynamoDbMultifactorAuthenticationProperties;
import org.apereo.cas.configuration.model.support.mfa.u2f.U2FMultifactorAuthenticationProperties;
import org.apereo.cas.configuration.support.CasFeatureModule;
import org.apereo.cas.dynamodb.AmazonDynamoDbClientFactory;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.apereo.cas.util.spring.boot.ConditionalOnFeature;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;
import software.amazon.awssdk.services.dynamodb.DynamoDbClient;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration(value = "U2fDynamoDbConfiguration", proxyBeanMethods = false)
@ConditionalOnFeature(feature = CasFeatureModule.FeatureCatalog.U2F, module = "dynamodb")
/* loaded from: input_file:org/apereo/cas/config/U2FDynamoDbConfiguration.class */
public class U2FDynamoDbConfiguration {
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public U2FDynamoDbFacilitator u2fDynamoDbFacilitator(@Qualifier("u2fDynamoDbClient") DynamoDbClient dynamoDbClient, CasConfigurationProperties casConfigurationProperties) {
        U2FDynamoDbMultifactorAuthenticationProperties dynamoDb = casConfigurationProperties.getAuthn().getMfa().getU2f().getDynamoDb();
        U2FDynamoDbFacilitator u2FDynamoDbFacilitator = new U2FDynamoDbFacilitator(dynamoDb, dynamoDbClient);
        if (!dynamoDb.isPreventTableCreationOnStartup()) {
            u2FDynamoDbFacilitator.createTable(dynamoDb.isDropTablesOnStartup());
        }
        return u2FDynamoDbFacilitator;
    }

    @ConditionalOnMissingBean(name = {"u2fDynamoDbClient"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public DynamoDbClient u2fDynamoDbClient(CasConfigurationProperties casConfigurationProperties) {
        return new AmazonDynamoDbClientFactory().createAmazonDynamoDb(casConfigurationProperties.getAuthn().getMfa().getU2f().getDynamoDb());
    }

    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public U2FDeviceRepository u2fDeviceRepository(@Qualifier("u2fDynamoDbFacilitator") U2FDynamoDbFacilitator u2FDynamoDbFacilitator, CasConfigurationProperties casConfigurationProperties, @Qualifier("u2fRegistrationRecordCipherExecutor") CipherExecutor cipherExecutor) {
        U2FMultifactorAuthenticationProperties u2f = casConfigurationProperties.getAuthn().getMfa().getU2f();
        return new U2FDynamoDbDeviceRepository(Caffeine.newBuilder().expireAfterWrite(u2f.getCore().getExpireRegistrations(), u2f.getCore().getExpireRegistrationsTimeUnit()).build(str -> {
            return "";
        }), cipherExecutor, casConfigurationProperties, u2FDynamoDbFacilitator);
    }
}
