package org.apereo.cas.config;

import org.apereo.cas.adaptors.yubikey.YubiKeyAccountRegistry;
import org.apereo.cas.adaptors.yubikey.web.flow.YubiKeyAccountCheckRegistrationAction;
import org.apereo.cas.adaptors.yubikey.web.flow.YubiKeyAccountSaveRegistrationAction;
import org.apereo.cas.adaptors.yubikey.web.flow.YubiKeyAuthenticationPrepareLoginAction;
import org.apereo.cas.adaptors.yubikey.web.flow.YubiKeyAuthenticationWebflowAction;
import org.apereo.cas.adaptors.yubikey.web.flow.YubiKeyAuthenticationWebflowEventResolver;
import org.apereo.cas.adaptors.yubikey.web.flow.YubiKeyMultifactorTrustedDeviceWebflowConfigurer;
import org.apereo.cas.adaptors.yubikey.web.flow.YubiKeyMultifactorWebflowConfigurer;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.support.CasFeatureModule;
import org.apereo.cas.trusted.config.MultifactorAuthnTrustConfiguration;
import org.apereo.cas.util.spring.beans.BeanCondition;
import org.apereo.cas.util.spring.beans.BeanSupplier;
import org.apereo.cas.util.spring.boot.ConditionalOnFeature;
import org.apereo.cas.web.flow.CasWebflowConfigurer;
import org.apereo.cas.web.flow.CasWebflowExecutionPlanConfigurer;
import org.apereo.cas.web.flow.resolver.CasWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.CasWebflowEventResolutionConfigurationContext;
import org.apereo.cas.web.flow.util.MultifactorAuthenticationWebflowUtils;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.webflow.config.FlowDefinitionRegistryBuilder;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.builder.FlowBuilder;
import org.springframework.webflow.engine.builder.support.FlowBuilderServices;
import org.springframework.webflow.execution.Action;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration(value = "YubiKeyAuthenticationWebflowConfiguration", proxyBeanMethods = false)
@ConditionalOnFeature(feature = CasFeatureModule.FeatureCatalog.YubiKey)
/* loaded from: input_file:org/apereo/cas/config/YubiKeyAuthenticationWebflowConfiguration.class */
public class YubiKeyAuthenticationWebflowConfiguration {
    private static final int WEBFLOW_CONFIGURER_ORDER = 100;

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "YubiKeyAuthenticationWebflowActionConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/YubiKeyAuthenticationWebflowConfiguration$YubiKeyAuthenticationWebflowActionConfiguration.class */
    public static class YubiKeyAuthenticationWebflowActionConfiguration {
        @ConditionalOnMissingBean(name = {"yubikeyAuthenticationWebflowAction"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action yubikeyAuthenticationWebflowAction(@Qualifier("yubikeyAuthenticationWebflowEventResolver") CasWebflowEventResolver casWebflowEventResolver) {
            return new YubiKeyAuthenticationWebflowAction(casWebflowEventResolver);
        }

        @ConditionalOnMissingBean(name = {"prepareYubiKeyAuthenticationLoginAction"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action prepareYubiKeyAuthenticationLoginAction(CasConfigurationProperties casConfigurationProperties) {
            return new YubiKeyAuthenticationPrepareLoginAction(casConfigurationProperties);
        }

        @ConditionalOnMissingBean(name = {"yubiKeyAccountRegistrationAction"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action yubiKeyAccountRegistrationAction(@Qualifier("yubiKeyAccountRegistry") YubiKeyAccountRegistry yubiKeyAccountRegistry) {
            return new YubiKeyAccountCheckRegistrationAction(yubiKeyAccountRegistry);
        }

        @ConditionalOnMissingBean(name = {"yubiKeySaveAccountRegistrationAction"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action yubiKeySaveAccountRegistrationAction(@Qualifier("yubiKeyAccountRegistry") YubiKeyAccountRegistry yubiKeyAccountRegistry) {
            return new YubiKeyAccountSaveRegistrationAction(yubiKeyAccountRegistry);
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "YubiKeyAuthenticationWebflowCoreConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/YubiKeyAuthenticationWebflowConfiguration$YubiKeyAuthenticationWebflowCoreConfiguration.class */
    public static class YubiKeyAuthenticationWebflowCoreConfiguration {
        @ConditionalOnMissingBean(name = {"yubikeyFlowRegistry"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public FlowDefinitionRegistry yubikeyFlowRegistry(@Qualifier("flowBuilder") FlowBuilder flowBuilder, ConfigurableApplicationContext configurableApplicationContext, @Qualifier("flowBuilderServices") FlowBuilderServices flowBuilderServices) {
            FlowDefinitionRegistryBuilder flowDefinitionRegistryBuilder = new FlowDefinitionRegistryBuilder(configurableApplicationContext, flowBuilderServices);
            flowDefinitionRegistryBuilder.addFlowBuilder(flowBuilder, "mfa-yubikey");
            return flowDefinitionRegistryBuilder.build();
        }

        @ConditionalOnMissingBean(name = {"yubikeyAuthenticationWebflowEventResolver"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowEventResolver yubikeyAuthenticationWebflowEventResolver(@Qualifier("casWebflowConfigurationContext") CasWebflowEventResolutionConfigurationContext casWebflowEventResolutionConfigurationContext) {
            return new YubiKeyAuthenticationWebflowEventResolver(casWebflowEventResolutionConfigurationContext);
        }

        @ConditionalOnMissingBean(name = {"yubikeyMultifactorWebflowConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowConfigurer yubikeyMultifactorWebflowConfigurer(@Qualifier("yubikeyFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry, ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties, @Qualifier("loginFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry2, @Qualifier("flowBuilderServices") FlowBuilderServices flowBuilderServices) {
            YubiKeyMultifactorWebflowConfigurer yubiKeyMultifactorWebflowConfigurer = new YubiKeyMultifactorWebflowConfigurer(flowBuilderServices, flowDefinitionRegistry2, flowDefinitionRegistry, configurableApplicationContext, casConfigurationProperties, MultifactorAuthenticationWebflowUtils.getMultifactorAuthenticationWebflowCustomizers(configurableApplicationContext));
            yubiKeyMultifactorWebflowConfigurer.setOrder(YubiKeyAuthenticationWebflowConfiguration.WEBFLOW_CONFIGURER_ORDER);
            return yubiKeyMultifactorWebflowConfigurer;
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "YubiKeyAuthenticationWebflowPlanConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/YubiKeyAuthenticationWebflowConfiguration$YubiKeyAuthenticationWebflowPlanConfiguration.class */
    public static class YubiKeyAuthenticationWebflowPlanConfiguration {
        @ConditionalOnMissingBean(name = {"yubikeyCasWebflowExecutionPlanConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowExecutionPlanConfigurer yubikeyCasWebflowExecutionPlanConfigurer(@Qualifier("yubikeyMultifactorWebflowConfigurer") CasWebflowConfigurer casWebflowConfigurer) {
            return casWebflowExecutionPlan -> {
                casWebflowExecutionPlan.registerWebflowConfigurer(casWebflowConfigurer);
            };
        }
    }

    @DependsOn({"yubikeyMultifactorWebflowConfigurer"})
    @ConditionalOnClass({MultifactorAuthnTrustConfiguration.class})
    @ConditionalOnFeature(feature = CasFeatureModule.FeatureCatalog.MultifactorAuthenticationTrustedDevices, module = "yubikey")
    @Configuration(value = "YubiMultifactorTrustConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/YubiKeyAuthenticationWebflowConfiguration$YubiKeyMultifactorTrustConfiguration.class */
    public static class YubiKeyMultifactorTrustConfiguration {
        private static final BeanCondition CONDITION = BeanCondition.on("cas.authn.mfa.yubikey.trusted-device-enabled").isTrue().evenIfMissing();

        @ConditionalOnMissingBean(name = {"yubiMultifactorTrustWebflowConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowConfigurer yubiMultifactorTrustWebflowConfigurer(@Qualifier("yubikeyFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry, ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties, @Qualifier("loginFlowRegistry") FlowDefinitionRegistry flowDefinitionRegistry2, @Qualifier("flowBuilderServices") FlowBuilderServices flowBuilderServices) {
            return (CasWebflowConfigurer) BeanSupplier.of(CasWebflowConfigurer.class).when(CONDITION.given(configurableApplicationContext.getEnvironment())).supply(() -> {
                YubiKeyMultifactorTrustedDeviceWebflowConfigurer yubiKeyMultifactorTrustedDeviceWebflowConfigurer = new YubiKeyMultifactorTrustedDeviceWebflowConfigurer(flowBuilderServices, flowDefinitionRegistry, flowDefinitionRegistry2, configurableApplicationContext, casConfigurationProperties, MultifactorAuthenticationWebflowUtils.getMultifactorAuthenticationWebflowCustomizers(configurableApplicationContext));
                yubiKeyMultifactorTrustedDeviceWebflowConfigurer.setOrder(101);
                return yubiKeyMultifactorTrustedDeviceWebflowConfigurer;
            }).otherwiseProxy().get();
        }

        @ConditionalOnMissingBean(name = {"yubiMultifactorCasWebflowExecutionPlanConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowExecutionPlanConfigurer yubiMultifactorCasWebflowExecutionPlanConfigurer(ConfigurableApplicationContext configurableApplicationContext, @Qualifier("yubiMultifactorTrustWebflowConfigurer") CasWebflowConfigurer casWebflowConfigurer) {
            return (CasWebflowExecutionPlanConfigurer) BeanSupplier.of(CasWebflowExecutionPlanConfigurer.class).when(CONDITION.given(configurableApplicationContext.getEnvironment())).supply(() -> {
                return casWebflowExecutionPlan -> {
                    casWebflowExecutionPlan.registerWebflowConfigurer(casWebflowConfigurer);
                };
            }).otherwiseProxy().get();
        }
    }
}
