package org.apereo.cas.web.flow;

import lombok.Generated;
import org.apache.commons.lang3.tuple.ImmutablePair;
import org.apache.commons.lang3.tuple.Pair;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.web.flow.configurer.AbstractCasWebflowConfigurer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.ActionState;
import org.springframework.webflow.engine.Flow;
import org.springframework.webflow.engine.TransitionSet;
import org.springframework.webflow.engine.builder.support.FlowBuilderServices;

/* loaded from: input_file:org/apereo/cas/web/flow/X509WebflowConfigurer.class */
public class X509WebflowConfigurer extends AbstractCasWebflowConfigurer {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(X509WebflowConfigurer.class);

    public X509WebflowConfigurer(FlowBuilderServices flowBuilderServices, FlowDefinitionRegistry flowDefinitionRegistry, ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties) {
        super(flowBuilderServices, flowDefinitionRegistry, configurableApplicationContext, casConfigurationProperties);
        setOrder(casConfigurationProperties.getAuthn().getX509().getWebflow().getOrder());
    }

    protected void doInitialize() {
        Flow loginFlow = getLoginFlow();
        if (loginFlow != null) {
            ActionState createActionState = createActionState(loginFlow, "startX509Authenticate", new String[]{"x509Check"});
            TransitionSet transitionSet = createActionState.getTransitionSet();
            Pair<String, String> targetStates = getTargetStates(loginFlow);
            transitionSet.add(createTransition("success", "createTicketGrantingTicket"));
            transitionSet.add(createTransition("warn", "warn"));
            transitionSet.add(createTransition("error", getStateIdOnX509Failure(loginFlow, targetStates)));
            transitionSet.add(createTransition("authenticationFailure", "handleAuthenticationFailure"));
            transitionSet.add(createTransition("successWithWarnings", "showAuthenticationWarningMessages"));
            createActionState.getExitActionList().add(createEvaluateAction("clearWebflowCredentialsAction"));
            createTransitionForState((ActionState) getState(loginFlow, (String) targetStates.getLeft(), ActionState.class), (String) targetStates.getRight(), "startX509Authenticate", true);
        }
    }

    private String getStateIdOnX509Failure(Flow flow, Pair<String, String> pair) {
        return ((ActionState) getState(flow, (String) pair.getLeft(), ActionState.class)).getTransition((String) pair.getRight()).getTargetStateId();
    }

    protected Pair<String, String> getTargetStates(Flow flow) {
        if (((ActionState) getState(flow, "initializeLoginForm", ActionState.class)).getTransition("passwordlessGetUserId") != null) {
            LOGGER.debug("Attaching X509 flow to passwordless flow");
            return new ImmutablePair("initializeLoginForm", "passwordlessGetUserId");
        }
        LOGGER.debug("Attaching X509 flow to regular login flow");
        return new ImmutablePair("afterInitializeLoginForm", "success");
    }
}
