package org.apereo.cas.web.flow.config;

import com.google.common.collect.Lists;
import org.apereo.cas.authentication.adaptive.AdaptiveAuthenticationPolicy;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.support.Beans;
import org.apereo.cas.web.flow.CasWebflowConfigurer;
import org.apereo.cas.web.flow.SpengoWebflowConfigurer;
import org.apereo.cas.web.flow.SpnegoCredentialsAction;
import org.apereo.cas.web.flow.SpnegoNegociateCredentialsAction;
import org.apereo.cas.web.flow.client.BaseSpnegoKnownClientSystemsFilterAction;
import org.apereo.cas.web.flow.client.HostNameSpnegoKnownClientSystemsFilterAction;
import org.apereo.cas.web.flow.client.LdapSpnegoKnownClientSystemsFilterAction;
import org.apereo.cas.web.flow.resolver.CasWebflowEventResolver;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import org.springframework.util.StringUtils;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.builder.support.FlowBuilderServices;
import org.springframework.webflow.execution.Action;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("spnegoWebflowConfiguration")
/* loaded from: input_file:org/apereo/cas/web/flow/config/SpnegoWebflowConfiguration.class */
public class SpnegoWebflowConfiguration {

    @Autowired
    @Qualifier("adaptiveAuthenticationPolicy")
    private AdaptiveAuthenticationPolicy adaptiveAuthenticationPolicy;

    @Autowired
    @Qualifier("serviceTicketRequestWebflowEventResolver")
    private CasWebflowEventResolver serviceTicketRequestWebflowEventResolver;

    @Autowired
    @Qualifier("initialAuthenticationAttemptWebflowEventResolver")
    private CasWebflowEventResolver initialAuthenticationAttemptWebflowEventResolver;

    @Autowired
    @Qualifier("loginFlowRegistry")
    private FlowDefinitionRegistry loginFlowDefinitionRegistry;

    @Autowired
    private FlowBuilderServices flowBuilderServices;

    @Autowired
    private CasConfigurationProperties casProperties;

    @ConditionalOnMissingBean(name = {"spnegoWebflowConfigurer"})
    @Bean
    public CasWebflowConfigurer spnegoWebflowConfigurer() {
        SpengoWebflowConfigurer spengoWebflowConfigurer = new SpengoWebflowConfigurer();
        spengoWebflowConfigurer.setLoginFlowDefinitionRegistry(this.loginFlowDefinitionRegistry);
        spengoWebflowConfigurer.setFlowBuilderServices(this.flowBuilderServices);
        return spengoWebflowConfigurer;
    }

    @RefreshScope
    @Bean
    public Action spnego() {
        SpnegoCredentialsAction spnegoCredentialsAction = new SpnegoCredentialsAction();
        spnegoCredentialsAction.setNtlm(this.casProperties.getAuthn().getSpnego().isNtlm());
        spnegoCredentialsAction.setSend401OnAuthenticationFailure(this.casProperties.getAuthn().getSpnego().isSend401OnAuthenticationFailure());
        spnegoCredentialsAction.setAdaptiveAuthenticationPolicy(this.adaptiveAuthenticationPolicy);
        spnegoCredentialsAction.setInitialAuthenticationAttemptWebflowEventResolver(this.initialAuthenticationAttemptWebflowEventResolver);
        spnegoCredentialsAction.setServiceTicketRequestWebflowEventResolver(this.serviceTicketRequestWebflowEventResolver);
        return spnegoCredentialsAction;
    }

    @RefreshScope
    @Bean
    public Action negociateSpnego() {
        SpnegoNegociateCredentialsAction spnegoNegociateCredentialsAction = new SpnegoNegociateCredentialsAction();
        spnegoNegociateCredentialsAction.setMixedModeAuthentication(this.casProperties.getAuthn().getSpnego().isMixedModeAuthentication());
        spnegoNegociateCredentialsAction.setNtlm(this.casProperties.getAuthn().getSpnego().isNtlm());
        spnegoNegociateCredentialsAction.setSupportedBrowsers(Lists.newArrayList(StringUtils.commaDelimitedListToStringArray(this.casProperties.getAuthn().getSpnego().getSupportedBrowsers())));
        return spnegoNegociateCredentialsAction;
    }

    @RefreshScope
    @Bean
    public Action baseSpnegoClientAction() {
        BaseSpnegoKnownClientSystemsFilterAction baseSpnegoKnownClientSystemsFilterAction = new BaseSpnegoKnownClientSystemsFilterAction();
        baseSpnegoKnownClientSystemsFilterAction.setIpsToCheckPattern(this.casProperties.getAuthn().getSpnego().getIpsToCheckPattern());
        baseSpnegoKnownClientSystemsFilterAction.setAlternativeRemoteHostAttribute(this.casProperties.getAuthn().getSpnego().getAlternativeRemoteHostAttribute());
        baseSpnegoKnownClientSystemsFilterAction.setTimeout(this.casProperties.getAuthn().getSpnego().getDnsTimeout());
        return baseSpnegoKnownClientSystemsFilterAction;
    }

    @RefreshScope
    @Bean
    public Action hostnameSpnegoClientAction() {
        HostNameSpnegoKnownClientSystemsFilterAction hostNameSpnegoKnownClientSystemsFilterAction = new HostNameSpnegoKnownClientSystemsFilterAction(this.casProperties.getAuthn().getSpnego().getHostNamePatternString());
        hostNameSpnegoKnownClientSystemsFilterAction.setIpsToCheckPattern(this.casProperties.getAuthn().getSpnego().getIpsToCheckPattern());
        hostNameSpnegoKnownClientSystemsFilterAction.setAlternativeRemoteHostAttribute(this.casProperties.getAuthn().getSpnego().getAlternativeRemoteHostAttribute());
        hostNameSpnegoKnownClientSystemsFilterAction.setTimeout(this.casProperties.getAuthn().getSpnego().getDnsTimeout());
        return hostNameSpnegoKnownClientSystemsFilterAction;
    }

    @RefreshScope
    @Lazy
    @Bean
    public Action ldapSpnegoClientAction() {
        LdapSpnegoKnownClientSystemsFilterAction ldapSpnegoKnownClientSystemsFilterAction = new LdapSpnegoKnownClientSystemsFilterAction(Beans.newPooledConnectionFactory(this.casProperties.getAuthn().getSpnego().getLdap()), Beans.newSearchRequest(this.casProperties.getAuthn().getSpnego().getLdap().getBaseDn(), Beans.newSearchFilter(this.casProperties.getAuthn().getSpnego().getLdap().getSearchFilter(), new String[0])), this.casProperties.getAuthn().getSpnego().getSpnegoAttributeName());
        ldapSpnegoKnownClientSystemsFilterAction.setIpsToCheckPattern(this.casProperties.getAuthn().getSpnego().getIpsToCheckPattern());
        ldapSpnegoKnownClientSystemsFilterAction.setAlternativeRemoteHostAttribute(this.casProperties.getAuthn().getSpnego().getAlternativeRemoteHostAttribute());
        ldapSpnegoKnownClientSystemsFilterAction.setTimeout(this.casProperties.getAuthn().getSpnego().getDnsTimeout());
        return ldapSpnegoKnownClientSystemsFilterAction;
    }
}
