package org.apereo.cas.config;

import com.yubico.u2f.U2F;
import org.apereo.cas.adaptors.u2f.storage.U2FDeviceRepository;
import org.apereo.cas.adaptors.u2f.web.U2FRegisteredDevicesEndpoint;
import org.apereo.cas.adaptors.u2f.web.flow.U2FAccountCheckRegistrationAction;
import org.apereo.cas.adaptors.u2f.web.flow.U2FAccountSaveRegistrationAction;
import org.apereo.cas.adaptors.u2f.web.flow.U2FAuthenticationWebflowAction;
import org.apereo.cas.adaptors.u2f.web.flow.U2FAuthenticationWebflowEventResolver;
import org.apereo.cas.adaptors.u2f.web.flow.U2FMultifactorTrustedDeviceWebflowConfigurer;
import org.apereo.cas.adaptors.u2f.web.flow.U2FMultifactorWebflowConfigurer;
import org.apereo.cas.adaptors.u2f.web.flow.U2FStartAuthenticationAction;
import org.apereo.cas.adaptors.u2f.web.flow.U2FStartRegistrationAction;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.trusted.config.MultifactorAuthnTrustConfiguration;
import org.apereo.cas.util.spring.beans.BeanCondition;
import org.apereo.cas.util.spring.beans.BeanSupplier;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.apereo.cas.web.flow.CasWebflowConfigurer;
import org.apereo.cas.web.flow.CasWebflowExecutionPlanConfigurer;
import org.apereo.cas.web.flow.resolver.CasWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.CasWebflowEventResolutionConfigurationContext;
import org.apereo.cas.web.flow.util.MultifactorAuthenticationWebflowUtils;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.actuate.autoconfigure.endpoint.condition.ConditionalOnAvailableEndpoint;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.webflow.config.FlowDefinitionRegistryBuilder;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.builder.FlowBuilder;
import org.springframework.webflow.engine.builder.support.FlowBuilderServices;
import org.springframework.webflow.execution.Action;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@AutoConfiguration
@ConditionalOnFeatureEnabled(feature = CasFeatureModule.FeatureCatalog.U2F)
/* loaded from: input_file:org/apereo/cas/config/U2FWebflowConfiguration.class */
public class U2FWebflowConfiguration {
    private static final int WEBFLOW_CONFIGURER_ORDER = 100;

    @DependsOn({"u2fMultifactorWebflowConfigurer"})
    @ConditionalOnClass({MultifactorAuthnTrustConfiguration.class})
    @Configuration(value = "U2fMultifactorTrustConfiguration", proxyBeanMethods = false)
    @ConditionalOnFeatureEnabled(feature = CasFeatureModule.FeatureCatalog.MultifactorAuthenticationTrustedDevices, module = "u2f")
    /* loaded from: input_file:org/apereo/cas/config/U2FWebflowConfiguration$U2FMultifactorTrustConfiguration.class */
    public static class U2FMultifactorTrustConfiguration {
        private static final BeanCondition CONDITION = BeanCondition.on("cas.authn.mfa.u2f.trusted-device-enabled").isTrue().evenIfMissing();

        @ConditionalOnMissingBean(name = {"u2fMultifactorTrustWebflowConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowConfigurer u2fMultifactorTrustWebflowConfigurer(@Qualifier("u2fFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry, ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties, @Qualifier("loginFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry2, @Qualifier("logoutFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry3, @Qualifier("flowBuilderServices") FlowBuilderServices flowBuilderServices) {
            return (CasWebflowConfigurer) BeanSupplier.of(CasWebflowConfigurer.class).when(CONDITION.given(configurableApplicationContext.getEnvironment())).supply(() -> {
                U2FMultifactorTrustedDeviceWebflowConfigurer u2FMultifactorTrustedDeviceWebflowConfigurer = new U2FMultifactorTrustedDeviceWebflowConfigurer(flowBuilderServices, flowDefinitionRegistry2, flowDefinitionRegistry, configurableApplicationContext, casConfigurationProperties, MultifactorAuthenticationWebflowUtils.getMultifactorAuthenticationWebflowCustomizers(configurableApplicationContext));
                u2FMultifactorTrustedDeviceWebflowConfigurer.setOrder(101);
                return u2FMultifactorTrustedDeviceWebflowConfigurer;
            }).otherwiseProxy().get();
        }

        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowExecutionPlanConfigurer u2fMultifactorTrustCasWebflowExecutionPlanConfigurer(ConfigurableApplicationContext configurableApplicationContext, @Qualifier("u2fMultifactorTrustWebflowConfigurer") CasWebflowConfigurer casWebflowConfigurer) {
            return (CasWebflowExecutionPlanConfigurer) BeanSupplier.of(CasWebflowExecutionPlanConfigurer.class).when(CONDITION.given(configurableApplicationContext.getEnvironment())).supply(() -> {
                return casWebflowExecutionPlan -> {
                    casWebflowExecutionPlan.registerWebflowConfigurer(casWebflowConfigurer);
                };
            }).otherwiseProxy().get();
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "U2FWebflowActionConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/U2FWebflowConfiguration$U2FWebflowActionConfiguration.class */
    public static class U2FWebflowActionConfiguration {
        @ConditionalOnMissingBean(name = {"u2fAuthenticationWebflowAction"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action u2fAuthenticationWebflowAction(@Qualifier("u2fAuthenticationWebflowEventResolver") CasWebflowEventResolver casWebflowEventResolver) {
            return new U2FAuthenticationWebflowAction(casWebflowEventResolver);
        }

        @ConditionalOnMissingBean(name = {"u2fStartAuthenticationAction"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action u2fStartAuthenticationAction(CasConfigurationProperties casConfigurationProperties, @Qualifier("u2fDeviceRepository") U2FDeviceRepository u2FDeviceRepository, @Qualifier("u2fService") U2F u2f) {
            return new U2FStartAuthenticationAction(u2f, casConfigurationProperties.getServer().getName(), u2FDeviceRepository);
        }

        @ConditionalOnMissingBean(name = {"u2fStartRegistrationAction"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action u2fStartRegistrationAction(CasConfigurationProperties casConfigurationProperties, @Qualifier("u2fDeviceRepository") U2FDeviceRepository u2FDeviceRepository, @Qualifier("u2fService") U2F u2f) {
            return new U2FStartRegistrationAction(u2f, casConfigurationProperties.getServer().getName(), u2FDeviceRepository);
        }

        @ConditionalOnMissingBean(name = {"u2fCheckAccountRegistrationAction"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action u2fCheckAccountRegistrationAction(@Qualifier("u2fDeviceRepository") U2FDeviceRepository u2FDeviceRepository) {
            return new U2FAccountCheckRegistrationAction(u2FDeviceRepository);
        }

        @ConditionalOnMissingBean(name = {"u2fSaveAccountRegistrationAction"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action u2fSaveAccountRegistrationAction(@Qualifier("u2fDeviceRepository") U2FDeviceRepository u2FDeviceRepository, @Qualifier("u2fService") U2F u2f) {
            return new U2FAccountSaveRegistrationAction(u2f, u2FDeviceRepository);
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "U2FWebflowBaseConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/U2FWebflowConfiguration$U2FWebflowBaseConfiguration.class */
    public static class U2FWebflowBaseConfiguration {
        @ConditionalOnMissingBean(name = {"u2fMultifactorWebflowConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowConfigurer u2fMultifactorWebflowConfigurer(CasConfigurationProperties casConfigurationProperties, ConfigurableApplicationContext configurableApplicationContext, @Qualifier("u2fFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry, @Qualifier("loginFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry2, @Qualifier("flowBuilderServices") FlowBuilderServices flowBuilderServices) {
            U2FMultifactorWebflowConfigurer u2FMultifactorWebflowConfigurer = new U2FMultifactorWebflowConfigurer(flowBuilderServices, flowDefinitionRegistry2, flowDefinitionRegistry, configurableApplicationContext, casConfigurationProperties, MultifactorAuthenticationWebflowUtils.getMultifactorAuthenticationWebflowCustomizers(configurableApplicationContext));
            u2FMultifactorWebflowConfigurer.setOrder(U2FWebflowConfiguration.WEBFLOW_CONFIGURER_ORDER);
            return u2FMultifactorWebflowConfigurer;
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "U2FWebflowEndpointConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/U2FWebflowConfiguration$U2FWebflowEndpointConfiguration.class */
    public static class U2FWebflowEndpointConfiguration {
        @ConditionalOnAvailableEndpoint
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public U2FRegisteredDevicesEndpoint u2fRegisteredDevicesEndpoint(CasConfigurationProperties casConfigurationProperties, @Qualifier("u2fDeviceRepository") ObjectProvider<U2FDeviceRepository> objectProvider) {
            return new U2FRegisteredDevicesEndpoint(casConfigurationProperties, objectProvider);
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "U2FWebflowEventConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/U2FWebflowConfiguration$U2FWebflowEventConfiguration.class */
    public static class U2FWebflowEventConfiguration {
        @ConditionalOnMissingBean(name = {"u2fAuthenticationWebflowEventResolver"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowEventResolver u2fAuthenticationWebflowEventResolver(@Qualifier("casWebflowConfigurationContext") CasWebflowEventResolutionConfigurationContext casWebflowEventResolutionConfigurationContext) {
            return new U2FAuthenticationWebflowEventResolver(casWebflowEventResolutionConfigurationContext);
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "U2FWebflowExecutionPlanConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/U2FWebflowConfiguration$U2FWebflowExecutionPlanConfiguration.class */
    public static class U2FWebflowExecutionPlanConfiguration {
        @ConditionalOnMissingBean(name = {"u2fCasWebflowExecutionPlanConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowExecutionPlanConfigurer u2fCasWebflowExecutionPlanConfigurer(@Qualifier("u2fMultifactorWebflowConfigurer") CasWebflowConfigurer casWebflowConfigurer) {
            return casWebflowExecutionPlan -> {
                casWebflowExecutionPlan.registerWebflowConfigurer(casWebflowConfigurer);
            };
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "U2FWebflowRegistryConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/U2FWebflowConfiguration$U2FWebflowRegistryConfiguration.class */
    public static class U2FWebflowRegistryConfiguration {
        @ConditionalOnMissingBean(name = {"u2fFlowRegistry"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public FlowDefinitionRegistry u2fFlowRegistry(ConfigurableApplicationContext configurableApplicationContext, @Qualifier("flowBuilderServices") FlowBuilderServices flowBuilderServices, @Qualifier("flowBuilder") FlowBuilder flowBuilder) {
            FlowDefinitionRegistryBuilder flowDefinitionRegistryBuilder = new FlowDefinitionRegistryBuilder(configurableApplicationContext, flowBuilderServices);
            flowDefinitionRegistryBuilder.addFlowBuilder(flowBuilder, U2FMultifactorWebflowConfigurer.MFA_U2F_EVENT_ID);
            return flowDefinitionRegistryBuilder.build();
        }
    }
}
