package org.apereo.cas.web.flow.config;

import java.util.List;
import javax.security.auth.login.AccountExpiredException;
import javax.security.auth.login.AccountLockedException;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.CredentialExpiredException;
import javax.security.auth.login.FailedLoginException;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.CentralAuthenticationService;
import org.apereo.cas.audit.AuditableExecution;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlan;
import org.apereo.cas.authentication.AuthenticationException;
import org.apereo.cas.authentication.AuthenticationServiceSelectionPlan;
import org.apereo.cas.authentication.AuthenticationSystemSupport;
import org.apereo.cas.authentication.MultifactorAuthenticationContextValidator;
import org.apereo.cas.authentication.MultifactorAuthenticationProviderAbsentException;
import org.apereo.cas.authentication.MultifactorAuthenticationRequiredException;
import org.apereo.cas.authentication.PrincipalException;
import org.apereo.cas.authentication.adaptive.UnauthorizedAuthenticationException;
import org.apereo.cas.authentication.exceptions.AccountDisabledException;
import org.apereo.cas.authentication.exceptions.AccountPasswordMustChangeException;
import org.apereo.cas.authentication.exceptions.InvalidLoginLocationException;
import org.apereo.cas.authentication.exceptions.InvalidLoginTimeException;
import org.apereo.cas.authentication.exceptions.UniquePrincipalRequiredException;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.principal.ResponseBuilderLocator;
import org.apereo.cas.config.CasCoreServicesConfiguration;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.configuration.model.core.util.EncryptionRandomizedSigningJwtCryptographyProperties;
import org.apereo.cas.configuration.model.core.web.MessageBundleProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.services.UnauthorizedServiceForPrincipalException;
import org.apereo.cas.ticket.AbstractTicketException;
import org.apereo.cas.ticket.UnsatisfiedAuthenticationPolicyException;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.apereo.cas.ticket.registry.TicketRegistrySupport;
import org.apereo.cas.util.cipher.WebflowConversationStateCipherExecutor;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.apereo.cas.util.spring.beans.BeanCondition;
import org.apereo.cas.util.spring.beans.BeanSupplier;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.apereo.cas.web.cookie.CasCookieBuilder;
import org.apereo.cas.web.flow.CasWebflowConstants;
import org.apereo.cas.web.flow.ChainingSingleSignOnParticipationStrategy;
import org.apereo.cas.web.flow.DefaultSingleSignOnParticipationStrategy;
import org.apereo.cas.web.flow.SingleSignOnParticipationStrategy;
import org.apereo.cas.web.flow.SingleSignOnParticipationStrategyConfigurer;
import org.apereo.cas.web.flow.actions.AuthenticationExceptionHandlerAction;
import org.apereo.cas.web.flow.actions.CheckWebAuthenticationRequestAction;
import org.apereo.cas.web.flow.actions.ClearWebflowCredentialAction;
import org.apereo.cas.web.flow.actions.InjectResponseHeadersAction;
import org.apereo.cas.web.flow.actions.RedirectToServiceAction;
import org.apereo.cas.web.flow.actions.RenewAuthenticationRequestCheckAction;
import org.apereo.cas.web.flow.actions.WebflowActionBeanSupplier;
import org.apereo.cas.web.flow.authentication.CasWebflowExceptionCatalog;
import org.apereo.cas.web.flow.authentication.CasWebflowExceptionHandler;
import org.apereo.cas.web.flow.authentication.DefaultCasWebflowAbstractTicketExceptionHandler;
import org.apereo.cas.web.flow.authentication.DefaultCasWebflowAuthenticationExceptionHandler;
import org.apereo.cas.web.flow.authentication.DefaultCasWebflowExceptionCatalog;
import org.apereo.cas.web.flow.authentication.GenericCasWebflowExceptionHandler;
import org.apereo.cas.web.flow.authentication.GroovyCasWebflowAuthenticationExceptionHandler;
import org.apereo.cas.web.flow.authentication.RegisteredServiceAuthenticationPolicySingleSignOnParticipationStrategy;
import org.apereo.cas.web.flow.resolver.CasWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.CasWebflowEventResolutionConfigurationContext;
import org.apereo.cas.web.flow.resolver.impl.ServiceTicketRequestWebflowEventResolver;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.core.annotation.AnnotationAwareOrderComparator;
import org.springframework.webflow.execution.Action;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@AutoConfiguration(after = {CasCoreServicesConfiguration.class})
@ConditionalOnFeatureEnabled(feature = CasFeatureModule.FeatureCatalog.Webflow)
/* loaded from: input_file:WEB-INF/lib/cas-server-core-webflow-6.6.12.jar:org/apereo/cas/web/flow/config/CasCoreWebflowConfiguration.class */
public class CasCoreWebflowConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) CasCoreWebflowConfiguration.class);

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCoreWebflowActionConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-webflow-6.6.12.jar:org/apereo/cas/web/flow/config/CasCoreWebflowConfiguration$CasCoreWebflowActionConfiguration.class */
    public static class CasCoreWebflowActionConfiguration {
        /* JADX WARN: Type inference failed for: r0v1, types: [org.apereo.cas.web.flow.actions.WebflowActionBeanSupplier$WebflowActionBeanSupplierBuilder] */
        @ConditionalOnMissingBean(name = {CasWebflowConstants.ACTION_ID_CLEAR_WEBFLOW_CREDENTIALS})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action clearWebflowCredentialsAction(ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties) {
            return WebflowActionBeanSupplier.builder().withApplicationContext(configurableApplicationContext).withProperties(casConfigurationProperties).withAction(ClearWebflowCredentialAction::new).withId(CasWebflowConstants.ACTION_ID_CLEAR_WEBFLOW_CREDENTIALS).build().get();
        }

        /* JADX WARN: Type inference failed for: r0v1, types: [org.apereo.cas.web.flow.actions.WebflowActionBeanSupplier$WebflowActionBeanSupplierBuilder] */
        @ConditionalOnMissingBean(name = {CasWebflowConstants.ACTION_ID_CHECK_WEB_AUTHENTICATION_REQUEST})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action checkWebAuthenticationRequestAction(ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties) {
            return WebflowActionBeanSupplier.builder().withApplicationContext(configurableApplicationContext).withProperties(casConfigurationProperties).withAction(() -> {
                return new CheckWebAuthenticationRequestAction(casConfigurationProperties.getAuthn().getMfa().getCore().getContentType());
            }).withId(CasWebflowConstants.ACTION_ID_CHECK_WEB_AUTHENTICATION_REQUEST).build().get();
        }

        /* JADX WARN: Type inference failed for: r0v1, types: [org.apereo.cas.web.flow.actions.WebflowActionBeanSupplier$WebflowActionBeanSupplierBuilder] */
        @ConditionalOnMissingBean(name = {CasWebflowConstants.ACTION_ID_RENEW_AUTHN_REQUEST})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action renewAuthenticationRequestCheckAction(ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties, @Qualifier("singleSignOnParticipationStrategy") SingleSignOnParticipationStrategy singleSignOnParticipationStrategy) {
            return WebflowActionBeanSupplier.builder().withApplicationContext(configurableApplicationContext).withProperties(casConfigurationProperties).withAction(() -> {
                return new RenewAuthenticationRequestCheckAction(singleSignOnParticipationStrategy);
            }).withId(CasWebflowConstants.ACTION_ID_RENEW_AUTHN_REQUEST).build().get();
        }

        /* JADX WARN: Type inference failed for: r0v1, types: [org.apereo.cas.web.flow.actions.WebflowActionBeanSupplier$WebflowActionBeanSupplierBuilder] */
        @ConditionalOnMissingBean(name = {CasWebflowConstants.ACTION_ID_REDIRECT_TO_SERVICE})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action redirectToServiceAction(ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties, @Qualifier("webApplicationResponseBuilderLocator") ResponseBuilderLocator responseBuilderLocator) {
            return WebflowActionBeanSupplier.builder().withApplicationContext(configurableApplicationContext).withProperties(casConfigurationProperties).withAction(() -> {
                return new RedirectToServiceAction(responseBuilderLocator);
            }).withId(CasWebflowConstants.ACTION_ID_REDIRECT_TO_SERVICE).build().get();
        }

        /* JADX WARN: Type inference failed for: r0v1, types: [org.apereo.cas.web.flow.actions.WebflowActionBeanSupplier$WebflowActionBeanSupplierBuilder] */
        @ConditionalOnMissingBean(name = {CasWebflowConstants.ACTION_ID_INJECT_RESPONSE_HEADERS})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action injectResponseHeadersAction(CasConfigurationProperties casConfigurationProperties, ConfigurableApplicationContext configurableApplicationContext, @Qualifier("webApplicationResponseBuilderLocator") ResponseBuilderLocator responseBuilderLocator) {
            return WebflowActionBeanSupplier.builder().withApplicationContext(configurableApplicationContext).withProperties(casConfigurationProperties).withAction(() -> {
                return new InjectResponseHeadersAction(responseBuilderLocator);
            }).withId(CasWebflowConstants.ACTION_ID_INJECT_RESPONSE_HEADERS).build().get();
        }

        /* JADX WARN: Type inference failed for: r0v2, types: [org.apereo.cas.web.flow.actions.WebflowActionBeanSupplier$WebflowActionBeanSupplierBuilder] */
        @ConditionalOnMissingBean(name = {CasWebflowConstants.ACTION_ID_AUTHENTICATION_EXCEPTION_HANDLER})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public Action authenticationExceptionHandler(ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties, List<CasWebflowExceptionHandler> list) {
            AnnotationAwareOrderComparator.sort(list);
            return WebflowActionBeanSupplier.builder().withApplicationContext(configurableApplicationContext).withProperties(casConfigurationProperties).withAction(() -> {
                return new AuthenticationExceptionHandlerAction(list);
            }).withId(CasWebflowConstants.ACTION_ID_AUTHENTICATION_EXCEPTION_HANDLER).build().get();
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCoreWebflowContextConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-webflow-6.6.12.jar:org/apereo/cas/web/flow/config/CasCoreWebflowConfiguration$CasCoreWebflowContextConfiguration.class */
    public static class CasCoreWebflowContextConfiguration {
        /* JADX WARN: Type inference failed for: r0v1, types: [org.apereo.cas.web.flow.resolver.impl.CasWebflowEventResolutionConfigurationContext$CasWebflowEventResolutionConfigurationContextBuilder] */
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowEventResolutionConfigurationContext casWebflowConfigurationContext(ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties, @Qualifier("principalFactory") PrincipalFactory principalFactory, @Qualifier("defaultTicketRegistrySupport") TicketRegistrySupport ticketRegistrySupport, @Qualifier("defaultAuthenticationSystemSupport") AuthenticationSystemSupport authenticationSystemSupport, @Qualifier("authenticationServiceSelectionPlan") AuthenticationServiceSelectionPlan authenticationServiceSelectionPlan, @Qualifier("centralAuthenticationService") CentralAuthenticationService centralAuthenticationService, @Qualifier("authenticationContextValidator") MultifactorAuthenticationContextValidator multifactorAuthenticationContextValidator, @Qualifier("authenticationEventExecutionPlan") AuthenticationEventExecutionPlan authenticationEventExecutionPlan, @Qualifier("servicesManager") ServicesManager servicesManager, @Qualifier("warnCookieGenerator") CasCookieBuilder casCookieBuilder, @Qualifier("ticketRegistry") TicketRegistry ticketRegistry, @Qualifier("singleSignOnParticipationStrategy") SingleSignOnParticipationStrategy singleSignOnParticipationStrategy, @Qualifier("registeredServiceAccessStrategyEnforcer") AuditableExecution auditableExecution, @Qualifier("ticketGrantingTicketCookieGenerator") CasCookieBuilder casCookieBuilder2) {
            return CasWebflowEventResolutionConfigurationContext.builder().authenticationContextValidator(multifactorAuthenticationContextValidator).authenticationSystemSupport(authenticationSystemSupport).centralAuthenticationService(centralAuthenticationService).servicesManager(servicesManager).ticketRegistrySupport(ticketRegistrySupport).warnCookieGenerator(casCookieBuilder).authenticationRequestServiceSelectionStrategies(authenticationServiceSelectionPlan).registeredServiceAccessStrategyEnforcer(auditableExecution).casProperties(casConfigurationProperties).ticketRegistry(ticketRegistry).singleSignOnParticipationStrategy(singleSignOnParticipationStrategy).applicationContext(configurableApplicationContext).ticketGrantingTicketCookieGenerator(casCookieBuilder2).authenticationEventExecutionPlan(authenticationEventExecutionPlan).principalFactory(principalFactory).build();
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCoreWebflowEventResolutionConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-webflow-6.6.12.jar:org/apereo/cas/web/flow/config/CasCoreWebflowConfiguration$CasCoreWebflowEventResolutionConfiguration.class */
    public static class CasCoreWebflowEventResolutionConfiguration {
        @ConditionalOnMissingBean(name = {"serviceTicketRequestWebflowEventResolver"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowEventResolver serviceTicketRequestWebflowEventResolver(@Qualifier("casWebflowConfigurationContext") CasWebflowEventResolutionConfigurationContext casWebflowEventResolutionConfigurationContext) {
            return new ServiceTicketRequestWebflowEventResolver(casWebflowEventResolutionConfigurationContext);
        }

        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CipherExecutor webflowCipherExecutor(CasConfigurationProperties casConfigurationProperties) {
            EncryptionRandomizedSigningJwtCryptographyProperties crypto = casConfigurationProperties.getWebflow().getCrypto();
            boolean isEnabled = crypto.isEnabled();
            if (!isEnabled && StringUtils.isNotBlank(crypto.getEncryption().getKey()) && StringUtils.isNotBlank(crypto.getSigning().getKey())) {
                CasCoreWebflowConfiguration.LOGGER.warn("Webflow encryption/signing is not enabled explicitly in the configuration, yet signing/encryption keys are defined for operations. CAS will proceed to enable the webflow encryption/signing functionality.");
                isEnabled = true;
            }
            if (isEnabled) {
                return new WebflowConversationStateCipherExecutor(crypto.getEncryption().getKey(), crypto.getSigning().getKey(), crypto.getAlg(), crypto.getSigning().getKeySize(), crypto.getEncryption().getKeySize());
            }
            CasCoreWebflowConfiguration.LOGGER.warn("Webflow encryption/signing is turned off. This MAY NOT be safe in a production environment. Consider using other choices to handle encryption, signing and verification of webflow state.");
            return CipherExecutor.noOp();
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCoreWebflowExceptionCatalogConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-webflow-6.6.12.jar:org/apereo/cas/web/flow/config/CasCoreWebflowConfiguration$CasCoreWebflowExceptionCatalogConfiguration.class */
    public static class CasCoreWebflowExceptionCatalogConfiguration {
        @ConditionalOnMissingBean(name = {"handledAuthenticationExceptions"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowExceptionCatalog handledAuthenticationExceptions(CasConfigurationProperties casConfigurationProperties) {
            DefaultCasWebflowExceptionCatalog defaultCasWebflowExceptionCatalog = new DefaultCasWebflowExceptionCatalog();
            defaultCasWebflowExceptionCatalog.registerException(AccountLockedException.class);
            defaultCasWebflowExceptionCatalog.registerException(CredentialExpiredException.class);
            defaultCasWebflowExceptionCatalog.registerException(AccountExpiredException.class);
            defaultCasWebflowExceptionCatalog.registerException(AccountDisabledException.class);
            defaultCasWebflowExceptionCatalog.registerException(InvalidLoginLocationException.class);
            defaultCasWebflowExceptionCatalog.registerException(AccountPasswordMustChangeException.class);
            defaultCasWebflowExceptionCatalog.registerException(InvalidLoginTimeException.class);
            defaultCasWebflowExceptionCatalog.registerException(UniquePrincipalRequiredException.class);
            defaultCasWebflowExceptionCatalog.registerException(AccountNotFoundException.class);
            defaultCasWebflowExceptionCatalog.registerException(FailedLoginException.class);
            defaultCasWebflowExceptionCatalog.registerException(UnauthorizedServiceForPrincipalException.class);
            defaultCasWebflowExceptionCatalog.registerException(PrincipalException.class);
            defaultCasWebflowExceptionCatalog.registerException(UnsatisfiedAuthenticationPolicyException.class);
            defaultCasWebflowExceptionCatalog.registerException(UnauthorizedAuthenticationException.class);
            defaultCasWebflowExceptionCatalog.registerException(MultifactorAuthenticationProviderAbsentException.class);
            defaultCasWebflowExceptionCatalog.registerException(MultifactorAuthenticationRequiredException.class);
            defaultCasWebflowExceptionCatalog.registerExceptions(casConfigurationProperties.getAuthn().getErrors().getExceptions());
            return defaultCasWebflowExceptionCatalog;
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCoreWebflowExceptionHandlingConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-webflow-6.6.12.jar:org/apereo/cas/web/flow/config/CasCoreWebflowConfiguration$CasCoreWebflowExceptionHandlingConfiguration.class */
    public static class CasCoreWebflowExceptionHandlingConfiguration {
        @ConditionalOnMissingBean(name = {"groovyCasWebflowAuthenticationExceptionHandler"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowExceptionHandler<Exception> groovyCasWebflowAuthenticationExceptionHandler(ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties) throws Exception {
            return (CasWebflowExceptionHandler) BeanSupplier.of(CasWebflowExceptionHandler.class).when(BeanCondition.on("cas.authn.errors.groovy.location").exists().given(configurableApplicationContext.getEnvironment())).supply(() -> {
                return new GroovyCasWebflowAuthenticationExceptionHandler(casConfigurationProperties.getAuthn().getErrors().getGroovy().getLocation(), configurableApplicationContext);
            }).otherwiseProxy().get();
        }

        @ConditionalOnMissingBean(name = {"defaultCasWebflowAuthenticationExceptionHandler"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowExceptionHandler<AuthenticationException> defaultCasWebflowAuthenticationExceptionHandler(@Qualifier("handledAuthenticationExceptions") CasWebflowExceptionCatalog casWebflowExceptionCatalog) {
            return new DefaultCasWebflowAuthenticationExceptionHandler(casWebflowExceptionCatalog, MessageBundleProperties.DEFAULT_BUNDLE_PREFIX_AUTHN_FAILURE);
        }

        @ConditionalOnMissingBean(name = {"defaultCasWebflowAbstractTicketExceptionHandler"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowExceptionHandler<AbstractTicketException> defaultCasWebflowAbstractTicketExceptionHandler(@Qualifier("handledAuthenticationExceptions") CasWebflowExceptionCatalog casWebflowExceptionCatalog) {
            return new DefaultCasWebflowAbstractTicketExceptionHandler(casWebflowExceptionCatalog, MessageBundleProperties.DEFAULT_BUNDLE_PREFIX_AUTHN_FAILURE);
        }

        @ConditionalOnMissingBean(name = {"genericCasWebflowExceptionHandler"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CasWebflowExceptionHandler genericCasWebflowExceptionHandler(@Qualifier("handledAuthenticationExceptions") CasWebflowExceptionCatalog casWebflowExceptionCatalog) {
            return new GenericCasWebflowExceptionHandler(casWebflowExceptionCatalog, MessageBundleProperties.DEFAULT_BUNDLE_PREFIX_AUTHN_FAILURE);
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCoreWebflowSingleSignOnConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-webflow-6.6.12.jar:org/apereo/cas/web/flow/config/CasCoreWebflowConfiguration$CasCoreWebflowSingleSignOnConfiguration.class */
    public static class CasCoreWebflowSingleSignOnConfiguration {
        @ConditionalOnMissingBean(name = {SingleSignOnParticipationStrategy.BEAN_NAME})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public SingleSignOnParticipationStrategy singleSignOnParticipationStrategy(List<SingleSignOnParticipationStrategyConfigurer> list) {
            AnnotationAwareOrderComparator.sort(list);
            ChainingSingleSignOnParticipationStrategy chainingSingleSignOnParticipationStrategy = new ChainingSingleSignOnParticipationStrategy();
            list.forEach(singleSignOnParticipationStrategyConfigurer -> {
                singleSignOnParticipationStrategyConfigurer.configureStrategy(chainingSingleSignOnParticipationStrategy);
            });
            return chainingSingleSignOnParticipationStrategy;
        }

        @ConditionalOnMissingBean(name = {"defaultSingleSignOnParticipationStrategy"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public SingleSignOnParticipationStrategy defaultSingleSignOnParticipationStrategy(CasConfigurationProperties casConfigurationProperties, @Qualifier("authenticationServiceSelectionPlan") AuthenticationServiceSelectionPlan authenticationServiceSelectionPlan, @Qualifier("defaultTicketRegistrySupport") TicketRegistrySupport ticketRegistrySupport, @Qualifier("servicesManager") ServicesManager servicesManager) {
            return new DefaultSingleSignOnParticipationStrategy(servicesManager, casConfigurationProperties.getSso(), ticketRegistrySupport, authenticationServiceSelectionPlan);
        }

        @ConditionalOnMissingBean(name = {"defaultSingleSignOnParticipationStrategyConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public SingleSignOnParticipationStrategyConfigurer defaultSingleSignOnParticipationStrategyConfigurer(@Qualifier("defaultSingleSignOnParticipationStrategy") SingleSignOnParticipationStrategy singleSignOnParticipationStrategy) {
            return chainingSingleSignOnParticipationStrategy -> {
                chainingSingleSignOnParticipationStrategy.addStrategy(singleSignOnParticipationStrategy);
            };
        }

        @ConditionalOnMissingBean(name = {"requiredAuthenticationHandlersSingleSignOnParticipationStrategy"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public SingleSignOnParticipationStrategy requiredAuthenticationHandlersSingleSignOnParticipationStrategy(ConfigurableApplicationContext configurableApplicationContext, @Qualifier("authenticationServiceSelectionPlan") AuthenticationServiceSelectionPlan authenticationServiceSelectionPlan, @Qualifier("servicesManager") ServicesManager servicesManager, @Qualifier("defaultTicketRegistrySupport") TicketRegistrySupport ticketRegistrySupport, @Qualifier("authenticationEventExecutionPlan") AuthenticationEventExecutionPlan authenticationEventExecutionPlan) {
            return new RegisteredServiceAuthenticationPolicySingleSignOnParticipationStrategy(servicesManager, ticketRegistrySupport, authenticationServiceSelectionPlan, authenticationEventExecutionPlan, configurableApplicationContext);
        }

        @ConditionalOnMissingBean(name = {"requiredAuthenticationHandlersSingleSignOnParticipationStrategyConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public SingleSignOnParticipationStrategyConfigurer requiredAuthenticationHandlersSingleSignOnParticipationStrategyConfigurer(@Qualifier("requiredAuthenticationHandlersSingleSignOnParticipationStrategy") SingleSignOnParticipationStrategy singleSignOnParticipationStrategy) {
            return chainingSingleSignOnParticipationStrategy -> {
                chainingSingleSignOnParticipationStrategy.addStrategy(singleSignOnParticipationStrategy);
            };
        }
    }
}
