package org.apereo.cas.config;

import java.util.ArrayList;
import java.util.List;
import lombok.Generated;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlan;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationManager;
import org.apereo.cas.authentication.AuthenticationResultBuilderFactory;
import org.apereo.cas.authentication.AuthenticationTransactionFactory;
import org.apereo.cas.authentication.AuthenticationTransactionManager;
import org.apereo.cas.authentication.DefaultAuthenticationAttributeReleasePolicy;
import org.apereo.cas.authentication.DefaultAuthenticationEventExecutionPlan;
import org.apereo.cas.authentication.DefaultAuthenticationManager;
import org.apereo.cas.authentication.DefaultAuthenticationResultBuilderFactory;
import org.apereo.cas.authentication.DefaultAuthenticationTransactionFactory;
import org.apereo.cas.authentication.DefaultAuthenticationTransactionManager;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.configuration.model.core.authentication.AuthenticationAttributeReleaseProperties;
import org.apereo.cas.util.model.TriStateBoolean;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.apereo.cas.validation.AuthenticationAttributeReleasePolicy;
import org.jooq.lambda.Unchecked;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.AutoConfigureOrder;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.core.annotation.AnnotationAwareOrderComparator;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@AutoConfiguration(after = {CasCoreServicesConfiguration.class})
@ConditionalOnFeatureEnabled(feature = CasFeatureModule.FeatureCatalog.Authentication)
/* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-6.6.12.jar:org/apereo/cas/config/CasCoreAuthenticationConfiguration.class */
public class CasCoreAuthenticationConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) CasCoreAuthenticationConfiguration.class);

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCoreAuthenticationBaseConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-6.6.12.jar:org/apereo/cas/config/CasCoreAuthenticationConfiguration$CasCoreAuthenticationBaseConfiguration.class */
    public static class CasCoreAuthenticationBaseConfiguration {
        @ConditionalOnMissingBean(name = {"authenticationResultBuilderFactory"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public AuthenticationResultBuilderFactory authenticationResultBuilderFactory() {
            return new DefaultAuthenticationResultBuilderFactory();
        }

        @ConditionalOnMissingBean(name = {"authenticationTransactionFactory"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public AuthenticationTransactionFactory authenticationTransactionFactory() {
            return new DefaultAuthenticationTransactionFactory();
        }

        @ConditionalOnMissingBean(name = {AuthenticationAttributeReleasePolicy.BEAN_NAME})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public AuthenticationAttributeReleasePolicy authenticationAttributeReleasePolicy(CasConfigurationProperties casConfigurationProperties) {
            AuthenticationAttributeReleaseProperties authenticationAttributeRelease = casConfigurationProperties.getAuthn().getAuthenticationAttributeRelease();
            if (authenticationAttributeRelease.isEnabled()) {
                return new DefaultAuthenticationAttributeReleasePolicy(authenticationAttributeRelease.getOnlyRelease(), authenticationAttributeRelease.getNeverRelease(), casConfigurationProperties.getAuthn().getMfa().getCore().getAuthenticationContextAttribute());
            }
            CasCoreAuthenticationConfiguration.LOGGER.debug("CAS is configured to not release protocol-level authentication attributes.");
            return AuthenticationAttributeReleasePolicy.none();
        }
    }

    @Configuration(value = "CasCoreAuthenticationManagerConfiguration", proxyBeanMethods = false)
    @AutoConfigureOrder(Integer.MAX_VALUE)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-6.6.12.jar:org/apereo/cas/config/CasCoreAuthenticationConfiguration$CasCoreAuthenticationManagerConfiguration.class */
    public static class CasCoreAuthenticationManagerConfiguration {
        @ConditionalOnMissingBean(name = {"authenticationTransactionManager"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public AuthenticationTransactionManager authenticationTransactionManager(@Qualifier("casAuthenticationManager") AuthenticationManager authenticationManager, ConfigurableApplicationContext configurableApplicationContext) {
            return new DefaultAuthenticationTransactionManager(configurableApplicationContext, authenticationManager);
        }

        @ConditionalOnMissingBean(name = {"casAuthenticationManager"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public AuthenticationManager casAuthenticationManager(CasConfigurationProperties casConfigurationProperties, ConfigurableApplicationContext configurableApplicationContext, @Qualifier("authenticationEventExecutionPlan") AuthenticationEventExecutionPlan authenticationEventExecutionPlan) {
            return new DefaultAuthenticationManager(authenticationEventExecutionPlan, casConfigurationProperties.getPersonDirectory().getPrincipalResolutionFailureFatal() == TriStateBoolean.TRUE, configurableApplicationContext);
        }
    }

    @Configuration(value = "CasCoreAuthenticationPlanConfiguration", proxyBeanMethods = false)
    @AutoConfigureOrder(Integer.MIN_VALUE)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-6.6.12.jar:org/apereo/cas/config/CasCoreAuthenticationConfiguration$CasCoreAuthenticationPlanConfiguration.class */
    public static class CasCoreAuthenticationPlanConfiguration {
        @ConditionalOnMissingBean(name = {AuthenticationEventExecutionPlan.DEFAULT_BEAN_NAME})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public AuthenticationEventExecutionPlan authenticationEventExecutionPlan(List<AuthenticationEventExecutionPlanConfigurer> list) {
            DefaultAuthenticationEventExecutionPlan defaultAuthenticationEventExecutionPlan = new DefaultAuthenticationEventExecutionPlan();
            ArrayList arrayList = new ArrayList(list);
            AnnotationAwareOrderComparator.sortIfNecessary(arrayList);
            arrayList.forEach(Unchecked.consumer(authenticationEventExecutionPlanConfigurer -> {
                CasCoreAuthenticationConfiguration.LOGGER.trace("Configuring authentication execution plan [{}]", authenticationEventExecutionPlanConfigurer.getName());
                authenticationEventExecutionPlanConfigurer.configureAuthenticationExecutionPlan(defaultAuthenticationEventExecutionPlan);
            }));
            return defaultAuthenticationEventExecutionPlan;
        }
    }
}
