package org.apereo.cas.config;

import jcifs.spnego.Authentication;
import lombok.Generated;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.principal.PrincipalFactoryUtils;
import org.apereo.cas.authentication.principal.PrincipalNameTransformerUtils;
import org.apereo.cas.authentication.principal.PrincipalResolver;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.ntlm.NtlmProperties;
import org.apereo.cas.configuration.model.support.spnego.SpnegoProperties;
import org.apereo.cas.configuration.support.Beans;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.spnego.authentication.handler.support.JcifsConfig;
import org.apereo.cas.support.spnego.authentication.handler.support.JcifsSpnegoAuthenticationHandler;
import org.apereo.cas.support.spnego.authentication.handler.support.NtlmAuthenticationHandler;
import org.apereo.cas.support.spnego.authentication.principal.SpnegoPrincipalResolver;
import org.apereo.services.persondir.IPersonAttributeDao;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("spnegoConfiguration")
/* loaded from: input_file:org/apereo/cas/config/SpnegoConfiguration.class */
public class SpnegoConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(SpnegoConfiguration.class);

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @Autowired
    @Qualifier("attributeRepository")
    private IPersonAttributeDao attributeRepository;

    @Autowired
    private CasConfigurationProperties casProperties;

    @ConditionalOnMissingBean(name = {"spnegoAuthentication"})
    @RefreshScope
    @Bean
    public Authentication spnegoAuthentication() {
        return new Authentication();
    }

    @ConditionalOnMissingBean(name = {"jcifsConfig"})
    @RefreshScope
    @Bean
    public JcifsConfig jcifsConfig() {
        JcifsConfig jcifsConfig = new JcifsConfig();
        SpnegoProperties spnego = this.casProperties.getAuthn().getSpnego();
        jcifsConfig.setJcifsDomain(spnego.getJcifsDomain());
        jcifsConfig.setJcifsDomainController(spnego.getJcifsDomainController());
        jcifsConfig.setJcifsNetbiosCachePolicy(spnego.getCachePolicy());
        jcifsConfig.setJcifsNetbiosWins(spnego.getJcifsNetbiosWins());
        jcifsConfig.setJcifsPassword(spnego.getJcifsPassword());
        jcifsConfig.setJcifsServicePassword(spnego.getJcifsServicePassword());
        jcifsConfig.setJcifsServicePrincipal(spnego.getJcifsServicePrincipal());
        jcifsConfig.setJcifsSocketTimeout(Beans.newDuration(spnego.getTimeout()).toMillis());
        jcifsConfig.setJcifsUsername(spnego.getJcifsUsername());
        jcifsConfig.setKerberosConf(spnego.getKerberosConf());
        jcifsConfig.setKerberosDebug(spnego.getKerberosDebug());
        jcifsConfig.setKerberosKdc(spnego.getKerberosKdc());
        jcifsConfig.setKerberosRealm(spnego.getKerberosRealm());
        jcifsConfig.setLoginConf(spnego.getLoginConf());
        jcifsConfig.setUseSubjectCredsOnly(spnego.isUseSubjectCredsOnly());
        return jcifsConfig;
    }

    @ConditionalOnMissingBean(name = {"spnegoHandler"})
    @RefreshScope
    @Bean
    public AuthenticationHandler spnegoHandler() {
        SpnegoProperties spnego = this.casProperties.getAuthn().getSpnego();
        JcifsSpnegoAuthenticationHandler jcifsSpnegoAuthenticationHandler = new JcifsSpnegoAuthenticationHandler(spnego.getName(), this.servicesManager, spnegoPrincipalFactory(), spnegoAuthentication(), spnego.isPrincipalWithDomainName(), spnego.isNtlmAllowed());
        jcifsSpnegoAuthenticationHandler.setAuthentication(spnegoAuthentication());
        jcifsSpnegoAuthenticationHandler.setPrincipalWithDomainName(spnego.isPrincipalWithDomainName());
        jcifsSpnegoAuthenticationHandler.setNtlmAllowed(spnego.isNtlmAllowed());
        return jcifsSpnegoAuthenticationHandler;
    }

    @RefreshScope
    @Bean
    public AuthenticationHandler ntlmAuthenticationHandler() {
        NtlmProperties ntlm = this.casProperties.getAuthn().getNtlm();
        return new NtlmAuthenticationHandler(ntlm.getName(), this.servicesManager, ntlmPrincipalFactory(), ntlm.isLoadBalance(), ntlm.getDomainController(), ntlm.getIncludePattern());
    }

    @ConditionalOnMissingBean(name = {"ntlmPrincipalFactory"})
    @Bean
    public PrincipalFactory ntlmPrincipalFactory() {
        return PrincipalFactoryUtils.newPrincipalFactory();
    }

    @ConditionalOnMissingBean(name = {"spnegoPrincipalResolver"})
    @RefreshScope
    @Bean
    public PrincipalResolver spnegoPrincipalResolver() {
        SpnegoProperties spnego = this.casProperties.getAuthn().getSpnego();
        return new SpnegoPrincipalResolver(this.attributeRepository, spnegoPrincipalFactory(), spnego.getPrincipal().isReturnNull(), PrincipalNameTransformerUtils.newPrincipalNameTransformer(spnego.getPrincipalTransformation()), spnego.getPrincipal().getPrincipalAttribute());
    }

    @ConditionalOnMissingBean(name = {"spnegoPrincipalFactory"})
    @Bean
    public PrincipalFactory spnegoPrincipalFactory() {
        return PrincipalFactoryUtils.newPrincipalFactory();
    }

    @ConditionalOnMissingBean(name = {"spnegoAuthenticationEventExecutionPlanConfigurer"})
    @Bean
    public AuthenticationEventExecutionPlanConfigurer spnegoAuthenticationEventExecutionPlanConfigurer() {
        return authenticationEventExecutionPlan -> {
            authenticationEventExecutionPlan.registerAuthenticationHandlerWithPrincipalResolver(spnegoHandler(), spnegoPrincipalResolver());
        };
    }
}
