package org.apereo.cas.config.support.authentication;

import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.DefaultChainingMultifactorAuthenticationBypassProvider;
import org.apereo.cas.authentication.bypass.AuthenticationMultifactorAuthenticationProviderBypass;
import org.apereo.cas.authentication.bypass.CredentialMultifactorAuthenticationProviderBypass;
import org.apereo.cas.authentication.bypass.GroovyMultifactorAuthenticationProviderBypass;
import org.apereo.cas.authentication.bypass.HttpRequestMultifactorAuthenticationProviderBypass;
import org.apereo.cas.authentication.bypass.MultifactorAuthenticationProviderBypass;
import org.apereo.cas.authentication.bypass.PrincipalMultifactorAuthenticationProviderBypass;
import org.apereo.cas.authentication.bypass.RegisteredServiceMultifactorAuthenticationProviderBypass;
import org.apereo.cas.authentication.bypass.RestMultifactorAuthenticationProviderBypass;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties;
import org.apereo.cas.configuration.model.support.mfa.U2FMultifactorProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("u2fAuthenticationMultifactorProviderBypassConfiguration")
/* loaded from: input_file:org/apereo/cas/config/support/authentication/U2FAuthenticationMultifactorProviderBypassConfiguration.class */
public class U2FAuthenticationMultifactorProviderBypassConfiguration {

    @Autowired
    private CasConfigurationProperties casProperties;

    @ConditionalOnMissingBean(name = {"u2fBypassEvaluator"})
    @RefreshScope
    @Bean
    public MultifactorAuthenticationProviderBypass u2fBypassEvaluator() {
        DefaultChainingMultifactorAuthenticationBypassProvider defaultChainingMultifactorAuthenticationBypassProvider = new DefaultChainingMultifactorAuthenticationBypassProvider();
        MultifactorAuthenticationProviderBypassProperties bypass = this.casProperties.getAuthn().getMfa().getU2f().getBypass();
        if (StringUtils.isNotBlank(bypass.getPrincipalAttributeName())) {
            defaultChainingMultifactorAuthenticationBypassProvider.addMultifactorAuthenticationProviderBypass(u2fRegisteredServiceMultifactorAuthenticationProviderBypass());
        }
        if (StringUtils.isNotBlank(bypass.getAuthenticationAttributeName()) || StringUtils.isNotBlank(bypass.getAuthenticationHandlerName()) || StringUtils.isNotBlank(bypass.getAuthenticationMethodName())) {
            defaultChainingMultifactorAuthenticationBypassProvider.addMultifactorAuthenticationProviderBypass(u2fAuthenticationMultifactorAuthenticationProviderBypass());
        }
        if (StringUtils.isNotBlank(bypass.getCredentialClassType())) {
            defaultChainingMultifactorAuthenticationBypassProvider.addMultifactorAuthenticationProviderBypass(u2fCredentialMultifactorAuthenticationProviderBypass());
        }
        if (StringUtils.isNotBlank(bypass.getHttpRequestHeaders()) || StringUtils.isNotBlank(bypass.getHttpRequestRemoteAddress())) {
            defaultChainingMultifactorAuthenticationBypassProvider.addMultifactorAuthenticationProviderBypass(u2fHttpRequestMultifactorAuthenticationProviderBypass());
        }
        if (bypass.getGroovy().getLocation() != null) {
            defaultChainingMultifactorAuthenticationBypassProvider.addMultifactorAuthenticationProviderBypass(u2fGroovyMultifactorAuthenticationProviderBypass());
        }
        if (StringUtils.isNotBlank(bypass.getRest().getUrl())) {
            defaultChainingMultifactorAuthenticationBypassProvider.addMultifactorAuthenticationProviderBypass(u2fRestMultifactorAuthenticationProviderBypass());
        }
        return defaultChainingMultifactorAuthenticationBypassProvider;
    }

    @ConditionalOnMissingBean(name = {"u2fRestMultifactorAuthenticationProviderBypass"})
    @RefreshScope
    @Bean
    public MultifactorAuthenticationProviderBypass u2fRestMultifactorAuthenticationProviderBypass() {
        U2FMultifactorProperties u2f = this.casProperties.getAuthn().getMfa().getU2f();
        return new RestMultifactorAuthenticationProviderBypass(u2f.getBypass(), u2f.getId());
    }

    @ConditionalOnMissingBean(name = {"u2fGroovyMultifactorAuthenticationProviderBypass"})
    @RefreshScope
    @Bean
    public MultifactorAuthenticationProviderBypass u2fGroovyMultifactorAuthenticationProviderBypass() {
        U2FMultifactorProperties u2f = this.casProperties.getAuthn().getMfa().getU2f();
        return new GroovyMultifactorAuthenticationProviderBypass(u2f.getBypass(), u2f.getId());
    }

    @ConditionalOnMissingBean(name = {"u2fHttpRequestMultifactorAuthenticationProviderBypass"})
    @RefreshScope
    @Bean
    public MultifactorAuthenticationProviderBypass u2fHttpRequestMultifactorAuthenticationProviderBypass() {
        U2FMultifactorProperties u2f = this.casProperties.getAuthn().getMfa().getU2f();
        return new HttpRequestMultifactorAuthenticationProviderBypass(u2f.getBypass(), u2f.getId());
    }

    @ConditionalOnMissingBean(name = {"u2fCredentialMultifactorAuthenticationProviderBypass"})
    @RefreshScope
    @Bean
    public MultifactorAuthenticationProviderBypass u2fCredentialMultifactorAuthenticationProviderBypass() {
        U2FMultifactorProperties u2f = this.casProperties.getAuthn().getMfa().getU2f();
        return new CredentialMultifactorAuthenticationProviderBypass(u2f.getBypass(), u2f.getId());
    }

    @ConditionalOnMissingBean(name = {"u2fRegisteredServiceMultifactorAuthenticationProviderBypass"})
    @RefreshScope
    @Bean
    public MultifactorAuthenticationProviderBypass u2fRegisteredServiceMultifactorAuthenticationProviderBypass() {
        return new RegisteredServiceMultifactorAuthenticationProviderBypass(this.casProperties.getAuthn().getMfa().getU2f().getId());
    }

    @ConditionalOnMissingBean(name = {"u2fPrincipalMultifactorAuthenticationProviderBypass"})
    @Bean
    public MultifactorAuthenticationProviderBypass u2fPrincipalMultifactorAuthenticationProviderBypass() {
        U2FMultifactorProperties u2f = this.casProperties.getAuthn().getMfa().getU2f();
        return new PrincipalMultifactorAuthenticationProviderBypass(u2f.getBypass(), u2f.getId());
    }

    @ConditionalOnMissingBean(name = {"u2fAuthenticationMultifactorAuthenticationProviderBypass"})
    @RefreshScope
    @Bean
    public MultifactorAuthenticationProviderBypass u2fAuthenticationMultifactorAuthenticationProviderBypass() {
        U2FMultifactorProperties u2f = this.casProperties.getAuthn().getMfa().getU2f();
        return new AuthenticationMultifactorAuthenticationProviderBypass(u2f.getBypass(), u2f.getId());
    }
}
