package org.apereo.cas.config.support.authentication;

import org.apereo.cas.adaptors.u2f.U2FAuthenticationHandler;
import org.apereo.cas.adaptors.u2f.U2FMultifactorAuthenticationProvider;
import org.apereo.cas.adaptors.u2f.storage.U2FDeviceRepository;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationMetaDataPopulator;
import org.apereo.cas.authentication.MultifactorAuthenticationProviderBypass;
import org.apereo.cas.authentication.MultifactorAuthenticationUtils;
import org.apereo.cas.authentication.metadata.AuthenticationContextAttributeMetaDataPopulator;
import org.apereo.cas.authentication.principal.DefaultPrincipalFactory;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.MultifactorAuthenticationProvider;
import org.apereo.cas.services.ServicesManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("u2fAuthenticationEventExecutionPlanConfiguration")
/* loaded from: input_file:org/apereo/cas/config/support/authentication/U2FAuthenticationEventExecutionPlanConfiguration.class */
public class U2FAuthenticationEventExecutionPlanConfiguration {

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @Autowired
    @Lazy
    @Qualifier("u2fDeviceRepository")
    private U2FDeviceRepository u2fDeviceRepository;

    @RefreshScope
    @Bean
    public AuthenticationMetaDataPopulator u2fAuthenticationMetaDataPopulator() {
        return new AuthenticationContextAttributeMetaDataPopulator(this.casProperties.getAuthn().getMfa().getAuthenticationContextAttribute(), u2fAuthenticationHandler(), u2fAuthenticationProvider());
    }

    @RefreshScope
    @Bean
    public MultifactorAuthenticationProviderBypass u2fBypassEvaluator() {
        return MultifactorAuthenticationUtils.newMultifactorAuthenticationProviderBypass(this.casProperties.getAuthn().getMfa().getU2f().getBypass());
    }

    @ConditionalOnMissingBean(name = {"u2fPrincipalFactory"})
    @Bean
    public PrincipalFactory u2fPrincipalFactory() {
        return new DefaultPrincipalFactory();
    }

    @RefreshScope
    @Bean
    public U2FAuthenticationHandler u2fAuthenticationHandler() {
        return new U2FAuthenticationHandler(this.casProperties.getAuthn().getMfa().getU2f().getName(), this.servicesManager, u2fPrincipalFactory(), this.u2fDeviceRepository);
    }

    @RefreshScope
    @Bean
    public MultifactorAuthenticationProvider u2fAuthenticationProvider() {
        U2FMultifactorAuthenticationProvider u2FMultifactorAuthenticationProvider = new U2FMultifactorAuthenticationProvider();
        u2FMultifactorAuthenticationProvider.setBypassEvaluator(u2fBypassEvaluator());
        u2FMultifactorAuthenticationProvider.setGlobalFailureMode(this.casProperties.getAuthn().getMfa().getGlobalFailureMode());
        u2FMultifactorAuthenticationProvider.setOrder(this.casProperties.getAuthn().getMfa().getU2f().getRank());
        u2FMultifactorAuthenticationProvider.setId(this.casProperties.getAuthn().getMfa().getU2f().getId());
        return u2FMultifactorAuthenticationProvider;
    }

    @ConditionalOnMissingBean(name = {"u2fAuthenticationEventExecutionPlanConfigurer"})
    @Bean
    public AuthenticationEventExecutionPlanConfigurer u2fAuthenticationEventExecutionPlanConfigurer() {
        return authenticationEventExecutionPlan -> {
            authenticationEventExecutionPlan.registerAuthenticationHandler(u2fAuthenticationHandler());
            authenticationEventExecutionPlan.registerMetadataPopulator(u2fAuthenticationMetaDataPopulator());
        };
    }
}
