package org.apereo.cas.config;

import com.yubico.core.RegistrationStorage;
import com.yubico.core.SessionManager;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.trusted.config.ConditionalOnMultifactorTrustedDevicesEnabled;
import org.apereo.cas.trusted.config.MultifactorAuthnTrustConfiguration;
import org.apereo.cas.web.flow.CasWebflowConfigurer;
import org.apereo.cas.web.flow.CasWebflowExecutionPlanConfigurer;
import org.apereo.cas.web.flow.resolver.CasWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.impl.CasWebflowEventResolutionConfigurationContext;
import org.apereo.cas.web.flow.util.MultifactorAuthenticationWebflowUtils;
import org.apereo.cas.webauthn.web.flow.WebAuthnAccountCheckRegistrationAction;
import org.apereo.cas.webauthn.web.flow.WebAuthnAccountSaveRegistrationAction;
import org.apereo.cas.webauthn.web.flow.WebAuthnAuthenticationWebflowAction;
import org.apereo.cas.webauthn.web.flow.WebAuthnAuthenticationWebflowEventResolver;
import org.apereo.cas.webauthn.web.flow.WebAuthnMultifactorTrustWebflowConfigurer;
import org.apereo.cas.webauthn.web.flow.WebAuthnMultifactorWebflowConfigurer;
import org.apereo.cas.webauthn.web.flow.WebAuthnStartAuthenticationAction;
import org.apereo.cas.webauthn.web.flow.WebAuthnStartRegistrationAction;
import org.apereo.cas.webauthn.web.flow.WebAuthnValidateSessionCredentialTokenAction;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import org.springframework.security.web.csrf.CsrfTokenRepository;
import org.springframework.webflow.config.FlowDefinitionRegistryBuilder;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.builder.FlowBuilder;
import org.springframework.webflow.engine.builder.support.FlowBuilderServices;
import org.springframework.webflow.execution.Action;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@ConditionalOnWebAuthnEnabled
@Configuration(value = "webAuthnWebflowConfiguration", proxyBeanMethods = true)
/* loaded from: input_file:org/apereo/cas/config/WebAuthnWebflowConfiguration.class */
public class WebAuthnWebflowConfiguration {
    private static final int WEBFLOW_CONFIGURER_ORDER = 100;

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("webAuthnCsrfTokenRepository")
    private ObjectProvider<CsrfTokenRepository> webAuthnCsrfTokenRepository;

    @Autowired
    @Qualifier("webAuthnPrincipalFactory")
    private ObjectProvider<PrincipalFactory> webAuthnPrincipalFactory;

    @Autowired
    @Qualifier("webAuthnSessionManager")
    private ObjectProvider<SessionManager> webAuthnSessionManager;

    @Autowired
    @Qualifier("loginFlowRegistry")
    private ObjectProvider<FlowDefinitionRegistry> loginFlowDefinitionRegistry;

    @Autowired
    private ObjectProvider<FlowBuilderServices> flowBuilderServices;

    @Autowired
    @Qualifier("webAuthnCredentialRepository")
    private ObjectProvider<RegistrationStorage> webAuthnCredentialRepository;

    @Autowired
    private ConfigurableApplicationContext applicationContext;

    @Autowired
    @Qualifier("casWebflowConfigurationContext")
    private ObjectProvider<CasWebflowEventResolutionConfigurationContext> casWebflowConfigurationContext;

    @Autowired
    @Qualifier("flowBuilder")
    private ObjectProvider<FlowBuilder> flowBuilder;

    @ConditionalOnClass({MultifactorAuthnTrustConfiguration.class})
    @Configuration("webAuthnMultifactorTrustConfiguration")
    @ConditionalOnWebAuthnEnabled
    @ConditionalOnMultifactorTrustedDevicesEnabled(prefix = "cas.authn.mfa.web-authn")
    /* loaded from: input_file:org/apereo/cas/config/WebAuthnWebflowConfiguration$WebAuthnMultifactorTrustConfiguration.class */
    public class WebAuthnMultifactorTrustConfiguration {
        public WebAuthnMultifactorTrustConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"webAuthnMultifactorTrustWebflowConfigurer"})
        @DependsOn({"defaultWebflowConfigurer"})
        @Bean
        public CasWebflowConfigurer webAuthnMultifactorTrustWebflowConfigurer() {
            WebAuthnMultifactorTrustWebflowConfigurer webAuthnMultifactorTrustWebflowConfigurer = new WebAuthnMultifactorTrustWebflowConfigurer((FlowBuilderServices) WebAuthnWebflowConfiguration.this.flowBuilderServices.getObject(), (FlowDefinitionRegistry) WebAuthnWebflowConfiguration.this.loginFlowDefinitionRegistry.getObject(), WebAuthnWebflowConfiguration.this.webAuthnFlowRegistry(), WebAuthnWebflowConfiguration.this.applicationContext, WebAuthnWebflowConfiguration.this.casProperties, MultifactorAuthenticationWebflowUtils.getMultifactorAuthenticationWebflowCustomizers(WebAuthnWebflowConfiguration.this.applicationContext));
            webAuthnMultifactorTrustWebflowConfigurer.setOrder(101);
            return webAuthnMultifactorTrustWebflowConfigurer;
        }

        @Bean
        public CasWebflowExecutionPlanConfigurer webAuthnMultifactorTrustCasWebflowExecutionPlanConfigurer() {
            return casWebflowExecutionPlan -> {
                casWebflowExecutionPlan.registerWebflowConfigurer(webAuthnMultifactorTrustWebflowConfigurer());
            };
        }
    }

    @ConditionalOnMissingBean(name = {"webAuthnFlowRegistry"})
    @Bean
    public FlowDefinitionRegistry webAuthnFlowRegistry() {
        FlowDefinitionRegistryBuilder flowDefinitionRegistryBuilder = new FlowDefinitionRegistryBuilder(this.applicationContext, (FlowBuilderServices) this.flowBuilderServices.getObject());
        flowDefinitionRegistryBuilder.addFlowBuilder((FlowBuilder) this.flowBuilder.getObject(), "mfa-webauthn");
        return flowDefinitionRegistryBuilder.build();
    }

    @ConditionalOnMissingBean(name = {"webAuthnAuthenticationWebflowAction"})
    @RefreshScope
    @Autowired
    @Bean
    public Action webAuthnAuthenticationWebflowAction(@Qualifier("webAuthnAuthenticationWebflowEventResolver") CasWebflowEventResolver casWebflowEventResolver) {
        return new WebAuthnAuthenticationWebflowAction(casWebflowEventResolver);
    }

    @ConditionalOnMissingBean(name = {"webAuthnMultifactorWebflowConfigurer"})
    @DependsOn({"defaultWebflowConfigurer"})
    @Bean
    public CasWebflowConfigurer webAuthnMultifactorWebflowConfigurer() {
        WebAuthnMultifactorWebflowConfigurer webAuthnMultifactorWebflowConfigurer = new WebAuthnMultifactorWebflowConfigurer((FlowBuilderServices) this.flowBuilderServices.getObject(), (FlowDefinitionRegistry) this.loginFlowDefinitionRegistry.getObject(), webAuthnFlowRegistry(), this.applicationContext, this.casProperties, MultifactorAuthenticationWebflowUtils.getMultifactorAuthenticationWebflowCustomizers(this.applicationContext));
        webAuthnMultifactorWebflowConfigurer.setOrder(WEBFLOW_CONFIGURER_ORDER);
        return webAuthnMultifactorWebflowConfigurer;
    }

    @ConditionalOnMissingBean(name = {"webAuthnStartAuthenticationAction"})
    @RefreshScope
    @Bean
    public Action webAuthnStartAuthenticationAction() {
        return new WebAuthnStartAuthenticationAction((RegistrationStorage) this.webAuthnCredentialRepository.getObject());
    }

    @ConditionalOnMissingBean(name = {"webAuthnStartRegistrationAction"})
    @RefreshScope
    @Bean
    public Action webAuthnStartRegistrationAction() {
        return new WebAuthnStartRegistrationAction((RegistrationStorage) this.webAuthnCredentialRepository.getObject(), this.casProperties, (CsrfTokenRepository) this.webAuthnCsrfTokenRepository.getObject());
    }

    @ConditionalOnMissingBean(name = {"webAuthnCheckAccountRegistrationAction"})
    @RefreshScope
    @Bean
    public Action webAuthnCheckAccountRegistrationAction() {
        return new WebAuthnAccountCheckRegistrationAction((RegistrationStorage) this.webAuthnCredentialRepository.getObject());
    }

    @ConditionalOnMissingBean(name = {"webAuthnSaveAccountRegistrationAction"})
    @RefreshScope
    @Bean
    public Action webAuthnSaveAccountRegistrationAction() {
        return new WebAuthnAccountSaveRegistrationAction((RegistrationStorage) this.webAuthnCredentialRepository.getObject(), (SessionManager) this.webAuthnSessionManager.getObject());
    }

    @ConditionalOnMissingBean(name = {"webAuthnValidateSessionCredentialTokenAction"})
    @RefreshScope
    @Bean
    public Action webAuthnValidateSessionCredentialTokenAction() {
        return new WebAuthnValidateSessionCredentialTokenAction((RegistrationStorage) this.webAuthnCredentialRepository.getObject(), (SessionManager) this.webAuthnSessionManager.getObject(), (PrincipalFactory) this.webAuthnPrincipalFactory.getObject());
    }

    @ConditionalOnMissingBean(name = {"webAuthnAuthenticationWebflowEventResolver"})
    @RefreshScope
    @Bean
    public CasWebflowEventResolver webAuthnAuthenticationWebflowEventResolver() {
        return new WebAuthnAuthenticationWebflowEventResolver((CasWebflowEventResolutionConfigurationContext) this.casWebflowConfigurationContext.getObject());
    }

    @ConditionalOnMissingBean(name = {"webAuthnCasWebflowExecutionPlanConfigurer"})
    @Autowired
    @Bean
    public CasWebflowExecutionPlanConfigurer webAuthnCasWebflowExecutionPlanConfigurer(@Qualifier("webAuthnMultifactorWebflowConfigurer") CasWebflowConfigurer casWebflowConfigurer) {
        return casWebflowExecutionPlan -> {
            casWebflowExecutionPlan.registerWebflowConfigurer(casWebflowConfigurer);
        };
    }
}
