package org.apereo.cas.web.flow;

import java.util.HashMap;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.spring.beans.BeanSupplier;
import org.apereo.cas.web.DelegatedClientIdentityProviderConfigurationFactory;
import org.apereo.cas.web.flow.configurer.AbstractCasWebflowConfigurer;
import org.springframework.binding.convert.service.RuntimeBindingConversionExecutor;
import org.springframework.binding.mapping.impl.DefaultMapping;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.core.annotation.AnnotationAwareOrderComparator;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.ActionState;
import org.springframework.webflow.engine.Flow;
import org.springframework.webflow.engine.History;
import org.springframework.webflow.engine.SubflowState;
import org.springframework.webflow.engine.TransitionSet;
import org.springframework.webflow.engine.ViewState;
import org.springframework.webflow.engine.builder.support.FlowBuilderServices;

/* loaded from: input_file:org/apereo/cas/web/flow/DelegatedAuthenticationWebflowConfigurer.class */
public class DelegatedAuthenticationWebflowConfigurer extends AbstractCasWebflowConfigurer {
    private final FlowDefinitionRegistry delegatedClientRedirectFlowRegistry;

    public DelegatedAuthenticationWebflowConfigurer(FlowBuilderServices flowBuilderServices, FlowDefinitionRegistry flowDefinitionRegistry, FlowDefinitionRegistry flowDefinitionRegistry2, FlowDefinitionRegistry flowDefinitionRegistry3, ConfigurableApplicationContext configurableApplicationContext, CasConfigurationProperties casConfigurationProperties) {
        super(flowBuilderServices, flowDefinitionRegistry, configurableApplicationContext, casConfigurationProperties);
        this.delegatedClientRedirectFlowRegistry = flowDefinitionRegistry3;
        setLogoutFlowDefinitionRegistry(flowDefinitionRegistry2);
        setOrder(casConfigurationProperties.getAuthn().getPac4j().getWebflow().getOrder());
    }

    protected void doInitialize() {
        Optional.ofNullable(getLoginFlow()).ifPresent(flow -> {
            createClientActionState(flow);
            createStopWebflowViewState(flow);
            createDelegatedClientLogoutAction();
            createClientRedirectSubflow(flow);
            if (this.casProperties.getAuthn().getPac4j().getCore().getDiscoverySelection().getSelectionType().isDynamic()) {
                createDynamicDiscoveryViewState(flow);
                createDynamicDiscoveryActionState(flow);
                createRedirectToProviderViewState(flow);
            }
        });
    }

    protected void createDelegatedClientLogoutAction() {
        Flow logoutFlow = getLogoutFlow();
        getState(logoutFlow, "terminateSession").getEntryActionList().add(createEvaluateAction("delegatedAuthenticationClientLogoutAction"));
        ((ActionState) getState(logoutFlow, "finishLogout", ActionState.class)).getExitActionList().add(createEvaluateAction("delegatedAuthenticationClientFinishLogoutAction"));
    }

    protected void createDelegatedClientCredentialSelectionState(Flow flow) {
        ViewState createViewState = createViewState(flow, "viewDelegatedAuthnCredentials", "delegated-authn/casDelegatedAuthnSelectionView.html");
        ActionState createActionState = createActionState(flow, "delegatedAuthenticationSelectCredential", new String[]{"delegatedAuthenticationClientCredentialSelectionAction"});
        createTransitionForState(createActionState, "select", createViewState.getId());
        createTransitionForState(createActionState, "finalize", "delegatedAuthenticationFinalizeCredential");
        createTransitionForState(createViewState, "select", "delegatedAuthenticationFinalizeCredential");
        createTransitionForState(createViewState, "cancel", "stopWebflow");
        createTransitionForState(createActionState(flow, "delegatedAuthenticationFinalizeCredential", createEvaluateAction("delegatedAuthenticationClientCredentialSelectionFinalizeAction")), "success", "delegatedAuthentication");
    }

    protected void createClientActionState(Flow flow) {
        ActionState createActionState = createActionState(flow, "delegatedAuthentication", createEvaluateAction("delegatedAuthenticationAction"));
        TransitionSet transitionSet = createActionState.getTransitionSet();
        transitionSet.add(createTransition("success", "createTicketGrantingTicket"));
        transitionSet.add(createTransition("select", "delegatedAuthenticationSelectCredential"));
        transitionSet.add(createTransition("generate", getStartState(flow).getId()));
        transitionSet.add(createTransition("successWithWarnings", "showAuthenticationWarningMessages"));
        transitionSet.add(createTransition("resume", "createTicketGrantingTicket"));
        transitionSet.add(createTransition("authenticationFailure", "checkDelegatedAuthnFailureDecision"));
        transitionSet.add(createTransition("stop", "stopWebflow"));
        transitionSet.add(createTransition("warn", "warn"));
        transitionSet.add(createTransition("generateServiceTicket", "generateServiceTicket"));
        ViewState transitionableState = getTransitionableState(flow, "viewLoginForm", ViewState.class);
        transitionableState.getRenderActionList().add(createEvaluateAction("delegatedAuthenticationCreateClientsAction"));
        createDelegatedClientCredentialSelectionState(flow);
        setStartState(flow, createActionState);
    }

    protected void createStopWebflowViewState(Flow flow) {
        createDecisionState(flow, "checkDelegatedAuthnFailureDecision", "flowScope.unauthorizedRedirectUrl != null", "serviceUnauthorizedCheck", "stopWebflow");
        ViewState createViewState = createViewState(flow, "stopWebflow", "delegated-authn/casDelegatedAuthnStopWebflow");
        createViewState.getEntryActionList().add(createEvaluateAction("delegatedAuthenticationFailureAction"));
        createTransitionForState(createViewState, "retry", "delegatedAuthenticationClientRetry");
        createEndState(flow, "delegatedAuthenticationClientRetry").setFinalResponseAction(createEvaluateAction("delegatedAuthenticationClientRetryAction"));
    }

    private void createDynamicDiscoveryViewState(Flow flow) {
        HashMap hashMap = new HashMap();
        hashMap.put("bind", Boolean.FALSE);
        hashMap.put("validate", Boolean.FALSE);
        hashMap.put("history", History.INVALIDATE);
        ViewState createViewState = createViewState(flow, "delegatedAuthenticationDynamicDiscoveryView", "delegated-authn/casDynamicDiscoveryView");
        createTransitionForState(createViewState, "execute", "delegatedAuthenticationProviderDiscoveryExecution");
        createTransitionForState(createViewState, "back", "initializeLoginForm");
        createTransitionForState(getState(flow, "viewLoginForm"), "discovery", "delegatedAuthenticationDynamicDiscoveryView", hashMap);
    }

    private void createDynamicDiscoveryActionState(Flow flow) {
        ActionState createActionState = createActionState(flow, "delegatedAuthenticationProviderDiscoveryExecution", new String[]{"delegatedAuthenticationProviderDynamicDiscoveryExecutionAction"});
        createTransitionForState(createActionState, "error", "delegatedAuthenticationDynamicDiscoveryView");
        createTransitionForState(createActionState, "redirect", "redirectToDelegatedAuthnProviderView");
    }

    private void createRedirectToProviderViewState(Flow flow) {
        createViewState(flow, "redirectToDelegatedAuthnProviderView", createExternalRedirectViewFactory("requestScope.delegatedAuthProviderRedirectUrl"));
    }

    private void createClientRedirectSubflow(Flow flow) {
        Flow buildFlow = buildFlow(DelegatedClientIdentityProviderConfigurationFactory.ENDPOINT_URL_REDIRECT);
        createEndState(buildFlow, "success");
        ActionState createActionState = createActionState(buildFlow, "delegatedAuthenticationStoreWebflowState", new String[]{"delegatedAuthenticationStoreWebflowAction"});
        createTransitionForState(createActionState, "redirect", "delegatedAuthenticationClientRedirect");
        createTransitionForState(createActionState(buildFlow, "delegatedAuthenticationClientRedirect", new String[]{"delegatedAuthenticationRedirectToClientAction"}), "success", "success");
        buildFlow.setStartState(createActionState);
        this.delegatedClientRedirectFlowRegistry.registerFlowDefinition(buildFlow);
        this.mainFlowDefinitionRegistry.registerFlowDefinition(buildFlow);
        createTransitionForState(getState(flow, "viewLoginForm"), "delegatedAuthenticationRedirect", "delegatedAuthenticationClientSubflow");
        SubflowState createSubflowState = createSubflowState(flow, "delegatedAuthenticationClientSubflow", DelegatedClientIdentityProviderConfigurationFactory.ENDPOINT_URL_REDIRECT);
        createTransitionForState(createSubflowState, "success", "endWebflowExecution");
        List list = (List) this.applicationContext.getBeansOfType(DelegatedClientWebflowCustomizer.class).values().stream().filter((v0) -> {
            return BeanSupplier.isNotProxy(v0);
        }).sorted(AnnotationAwareOrderComparator.INSTANCE).collect(Collectors.toList());
        List wrapList = CollectionUtils.wrapList(new DefaultMapping[]{new DefaultMapping(createExpression("flowScope.service"), createExpression("service"))});
        list.forEach(delegatedClientWebflowCustomizer -> {
            delegatedClientWebflowCustomizer.getWebflowAttributeMappings().forEach(str -> {
                wrapList.add(new DefaultMapping(createExpression("flowScope." + str), createExpression(str)));
            });
        });
        createSubflowState.setAttributeMapper(createSubflowAttributeMapper(createFlowInputMapper(wrapList), null));
        DefaultMapping defaultMapping = new DefaultMapping(createExpression("service"), createExpression("flowScope.service"));
        defaultMapping.setTypeConverter(new RuntimeBindingConversionExecutor(Service.class, this.flowBuilderServices.getConversionService()));
        List wrapList2 = CollectionUtils.wrapList(new DefaultMapping[]{defaultMapping});
        list.forEach(delegatedClientWebflowCustomizer2 -> {
            delegatedClientWebflowCustomizer2.getWebflowAttributeMappings().forEach(str -> {
                wrapList2.add(new DefaultMapping(createExpression(str), createExpression("flowScope." + str)));
            });
        });
        createFlowInputMapper(wrapList2, buildFlow);
    }
}
