package org.apereo.cas.config;

import org.apereo.cas.adaptors.yubikey.YubiKeyAccountRegistry;
import org.apereo.cas.adaptors.yubikey.YubiKeyAccountValidator;
import org.apereo.cas.adaptors.yubikey.dao.DynamoDbYubiKeyAccountRegistry;
import org.apereo.cas.adaptors.yubikey.dao.DynamoDbYubiKeyFacilitator;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.configuration.model.support.mfa.yubikey.YubiKeyDynamoDbMultifactorProperties;
import org.apereo.cas.dynamodb.AmazonDynamoDbClientFactory;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ScopedProxyMode;
import software.amazon.awssdk.services.dynamodb.DynamoDbClient;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@AutoConfiguration
@ConditionalOnFeatureEnabled(feature = CasFeatureModule.FeatureCatalog.YubiKey, module = "dynamodb")
/* loaded from: input_file:org/apereo/cas/config/DynamoDbYubiKeyConfiguration.class */
public class DynamoDbYubiKeyConfiguration {
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public DynamoDbYubiKeyFacilitator yubikeyDynamoDbFacilitator(CasConfigurationProperties casConfigurationProperties, @Qualifier("yubikeyDynamoDbClient") DynamoDbClient dynamoDbClient) {
        YubiKeyDynamoDbMultifactorProperties dynamoDb = casConfigurationProperties.getAuthn().getMfa().getYubikey().getDynamoDb();
        DynamoDbYubiKeyFacilitator dynamoDbYubiKeyFacilitator = new DynamoDbYubiKeyFacilitator(dynamoDb, dynamoDbClient);
        if (!dynamoDb.isPreventTableCreationOnStartup()) {
            dynamoDbYubiKeyFacilitator.createTable(dynamoDb.isDropTablesOnStartup());
        }
        return dynamoDbYubiKeyFacilitator;
    }

    @ConditionalOnMissingBean(name = {"yubikeyDynamoDbClient"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public DynamoDbClient yubikeyDynamoDbClient(CasConfigurationProperties casConfigurationProperties) {
        return new AmazonDynamoDbClientFactory().createAmazonDynamoDb(casConfigurationProperties.getAuthn().getMfa().getYubikey().getDynamoDb());
    }

    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public YubiKeyAccountRegistry yubiKeyAccountRegistry(@Qualifier("yubikeyDynamoDbFacilitator") DynamoDbYubiKeyFacilitator dynamoDbYubiKeyFacilitator, @Qualifier("yubiKeyAccountValidator") YubiKeyAccountValidator yubiKeyAccountValidator, @Qualifier("yubikeyAccountCipherExecutor") CipherExecutor cipherExecutor) {
        DynamoDbYubiKeyAccountRegistry dynamoDbYubiKeyAccountRegistry = new DynamoDbYubiKeyAccountRegistry(yubiKeyAccountValidator, dynamoDbYubiKeyFacilitator);
        dynamoDbYubiKeyAccountRegistry.setCipherExecutor(cipherExecutor);
        return dynamoDbYubiKeyAccountRegistry;
    }
}
