package org.apereo.cas.config;

import com.warrenstrange.googleauth.IGoogleAuthenticator;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.mfa.gauth.DynamoDbGoogleAuthenticatorMultifactorProperties;
import org.apereo.cas.dynamodb.AmazonDynamoDbClientFactory;
import org.apereo.cas.gauth.credential.DynamoDbGoogleAuthenticatorTokenCredentialRepository;
import org.apereo.cas.gauth.credential.DynamoDbGoogleAuthenticatorTokenCredentialRepositoryFacilitator;
import org.apereo.cas.gauth.token.GoogleAuthenticatorDynamoDbTokenRepository;
import org.apereo.cas.gauth.token.GoogleAuthenticatorDynamoDbTokenRepositoryFacilitator;
import org.apereo.cas.otp.repository.credentials.OneTimeTokenCredentialRepository;
import org.apereo.cas.otp.repository.token.OneTimeTokenRepository;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;
import software.amazon.awssdk.services.dynamodb.DynamoDbClient;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration(value = "GoogleAuthenticatorDynamoDbConfiguration", proxyBeanMethods = false)
/* loaded from: input_file:org/apereo/cas/config/GoogleAuthenticatorDynamoDbConfiguration.class */
public class GoogleAuthenticatorDynamoDbConfiguration {
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public OneTimeTokenCredentialRepository googleAuthenticatorAccountRegistry(@Qualifier("googleAuthenticatorInstance") IGoogleAuthenticator iGoogleAuthenticator, @Qualifier("googleAuthenticatorAccountCipherExecutor") CipherExecutor cipherExecutor, @Qualifier("googleAuthenticatorTokenCredentialRepositoryFacilitator") DynamoDbGoogleAuthenticatorTokenCredentialRepositoryFacilitator dynamoDbGoogleAuthenticatorTokenCredentialRepositoryFacilitator) {
        return new DynamoDbGoogleAuthenticatorTokenCredentialRepository(iGoogleAuthenticator, cipherExecutor, dynamoDbGoogleAuthenticatorTokenCredentialRepositoryFacilitator);
    }

    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public OneTimeTokenRepository oneTimeTokenAuthenticatorTokenRepository(CasConfigurationProperties casConfigurationProperties, @Qualifier("googleAuthenticatorDynamoDbTokenRepositoryFacilitator") GoogleAuthenticatorDynamoDbTokenRepositoryFacilitator googleAuthenticatorDynamoDbTokenRepositoryFacilitator) {
        return new GoogleAuthenticatorDynamoDbTokenRepository(googleAuthenticatorDynamoDbTokenRepositoryFacilitator, casConfigurationProperties.getAuthn().getMfa().getGauth().getCore().getTimeStepSize());
    }

    @ConditionalOnMissingBean(name = {"googleAuthenticatorDynamoDbTokenRepositoryFacilitator"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public GoogleAuthenticatorDynamoDbTokenRepositoryFacilitator googleAuthenticatorDynamoDbTokenRepositoryFacilitator(CasConfigurationProperties casConfigurationProperties, @Qualifier("amazonDynamoDbGoogleAuthenticatorClient") DynamoDbClient dynamoDbClient) {
        DynamoDbGoogleAuthenticatorMultifactorProperties dynamoDb = casConfigurationProperties.getAuthn().getMfa().getGauth().getDynamoDb();
        GoogleAuthenticatorDynamoDbTokenRepositoryFacilitator googleAuthenticatorDynamoDbTokenRepositoryFacilitator = new GoogleAuthenticatorDynamoDbTokenRepositoryFacilitator(dynamoDb, dynamoDbClient);
        if (!dynamoDb.isPreventTableCreationOnStartup()) {
            googleAuthenticatorDynamoDbTokenRepositoryFacilitator.createTable(dynamoDb.isDropTablesOnStartup());
        }
        return googleAuthenticatorDynamoDbTokenRepositoryFacilitator;
    }

    @ConditionalOnMissingBean(name = {"googleAuthenticatorTokenCredentialRepositoryFacilitator"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public DynamoDbGoogleAuthenticatorTokenCredentialRepositoryFacilitator googleAuthenticatorTokenCredentialRepositoryFacilitator(CasConfigurationProperties casConfigurationProperties, @Qualifier("amazonDynamoDbGoogleAuthenticatorClient") DynamoDbClient dynamoDbClient) {
        DynamoDbGoogleAuthenticatorMultifactorProperties dynamoDb = casConfigurationProperties.getAuthn().getMfa().getGauth().getDynamoDb();
        DynamoDbGoogleAuthenticatorTokenCredentialRepositoryFacilitator dynamoDbGoogleAuthenticatorTokenCredentialRepositoryFacilitator = new DynamoDbGoogleAuthenticatorTokenCredentialRepositoryFacilitator(dynamoDb, dynamoDbClient);
        if (!dynamoDb.isPreventTableCreationOnStartup()) {
            dynamoDbGoogleAuthenticatorTokenCredentialRepositoryFacilitator.createTable(dynamoDb.isDropTablesOnStartup());
        }
        return dynamoDbGoogleAuthenticatorTokenCredentialRepositoryFacilitator;
    }

    @ConditionalOnMissingBean(name = {"amazonDynamoDbGoogleAuthenticatorClient"})
    @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
    @Bean
    public DynamoDbClient amazonDynamoDbGoogleAuthenticatorClient(CasConfigurationProperties casConfigurationProperties) {
        return new AmazonDynamoDbClientFactory().createAmazonDynamoDb(casConfigurationProperties.getAuthn().getMfa().getGauth().getDynamoDb());
    }
}
