package org.apereo.cas.config;

import jakarta.persistence.EntityManagerFactory;
import javax.sql.DataSource;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.configuration.model.support.jpa.JpaConfigurationContext;
import org.apereo.cas.configuration.model.support.mfa.trusteddevice.JpaTrustedDevicesMultifactorProperties;
import org.apereo.cas.configuration.support.JpaBeans;
import org.apereo.cas.jpa.JpaBeanFactory;
import org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustRecordKeyGenerator;
import org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustStorage;
import org.apereo.cas.trusted.authentication.storage.JpaMultifactorAuthenticationTrustRecordEntityFactory;
import org.apereo.cas.trusted.authentication.storage.JpaMultifactorAuthenticationTrustStorage;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.apereo.cas.util.spring.beans.BeanContainer;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.springframework.beans.factory.FactoryBean;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.orm.jpa.JpaTransactionManager;
import org.springframework.orm.jpa.JpaVendorAdapter;
import org.springframework.transaction.PlatformTransactionManager;
import org.springframework.transaction.annotation.EnableTransactionManagement;
import org.springframework.transaction.support.TransactionOperations;
import org.springframework.transaction.support.TransactionTemplate;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@EnableTransactionManagement(proxyTargetClass = false)
@AutoConfiguration
@ConditionalOnFeatureEnabled(feature = {CasFeatureModule.FeatureCatalog.MultifactorAuthenticationTrustedDevices}, module = "jdbc")
/* loaded from: input_file:org/apereo/cas/config/CasJdbcMultifactorAuthnTrustAutoConfiguration.class */
public class CasJdbcMultifactorAuthnTrustAutoConfiguration {

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "JdbcMultifactorAuthnTrustDataConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasJdbcMultifactorAuthnTrustAutoConfiguration$JdbcMultifactorAuthnTrustDataConfiguration.class */
    static class JdbcMultifactorAuthnTrustDataConfiguration {
        JdbcMultifactorAuthnTrustDataConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"dataSourceMfaTrustedAuthn"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public DataSource dataSourceMfaTrustedAuthn(CasConfigurationProperties casConfigurationProperties) {
            return JpaBeans.newDataSource(casConfigurationProperties.getAuthn().getMfa().getTrusted().getJpa());
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "JdbcMultifactorAuthnTrustEngineConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasJdbcMultifactorAuthnTrustAutoConfiguration$JdbcMultifactorAuthnTrustEngineConfiguration.class */
    static class JdbcMultifactorAuthnTrustEngineConfiguration {
        JdbcMultifactorAuthnTrustEngineConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"jpaMfaTrustEngine"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public MultifactorAuthenticationTrustStorage mfaTrustEngine(@Qualifier("dataSourceMfaTrustedAuthn") DataSource dataSource, @Qualifier("jpaMfaTrustTransactionTemplate") TransactionOperations transactionOperations, CasConfigurationProperties casConfigurationProperties, @Qualifier("mfaTrustCipherExecutor") CipherExecutor cipherExecutor, @Qualifier("mfaTrustRecordKeyGenerator") MultifactorAuthenticationTrustRecordKeyGenerator multifactorAuthenticationTrustRecordKeyGenerator) {
            return new JpaMultifactorAuthenticationTrustStorage(casConfigurationProperties.getAuthn().getMfa().getTrusted(), cipherExecutor, multifactorAuthenticationTrustRecordKeyGenerator, transactionOperations, dataSource);
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "JdbcMultifactorAuthnTrustEntityConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasJdbcMultifactorAuthnTrustAutoConfiguration$JdbcMultifactorAuthnTrustEntityConfiguration.class */
    static class JdbcMultifactorAuthnTrustEntityConfiguration {
        JdbcMultifactorAuthnTrustEntityConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"jpaMfaTrustedAuthnVendorAdapter"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public JpaVendorAdapter jpaMfaTrustedAuthnVendorAdapter(CasConfigurationProperties casConfigurationProperties, @Qualifier("jpaBeanFactory") JpaBeanFactory jpaBeanFactory) {
            return jpaBeanFactory.newJpaVendorAdapter(casConfigurationProperties.getJdbc());
        }

        @ConditionalOnMissingBean(name = {"jpaMfaTrustedAuthnPackagesToScan"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public BeanContainer<String> jpaMfaTrustedAuthnPackagesToScan(CasConfigurationProperties casConfigurationProperties) {
            return BeanContainer.of(CollectionUtils.wrapSet(new JpaMultifactorAuthenticationTrustRecordEntityFactory(casConfigurationProperties.getAuthn().getMfa().getTrusted().getJpa().getDialect()).getType().getPackage().getName()));
        }

        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public FactoryBean<EntityManagerFactory> mfaTrustedAuthnEntityManagerFactory(CasConfigurationProperties casConfigurationProperties, @Qualifier("dataSourceMfaTrustedAuthn") DataSource dataSource, @Qualifier("jpaMfaTrustedAuthnPackagesToScan") BeanContainer<String> beanContainer, @Qualifier("jpaMfaTrustedAuthnVendorAdapter") JpaVendorAdapter jpaVendorAdapter, @Qualifier("jpaBeanFactory") JpaBeanFactory jpaBeanFactory) {
            return jpaBeanFactory.newEntityManagerFactoryBean(JpaConfigurationContext.builder().dataSource(dataSource).packagesToScan(beanContainer.toSet()).persistenceUnitName("jpaMfaTrustedAuthnContext").jpaVendorAdapter(jpaVendorAdapter).build(), casConfigurationProperties.getAuthn().getMfa().getTrusted().getJpa());
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "JdbcMultifactorAuthnTrustTransactionConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/config/CasJdbcMultifactorAuthnTrustAutoConfiguration$JdbcMultifactorAuthnTrustTransactionConfiguration.class */
    static class JdbcMultifactorAuthnTrustTransactionConfiguration {
        JdbcMultifactorAuthnTrustTransactionConfiguration() {
        }

        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public PlatformTransactionManager jpaMfaTrustTransactionManager(ConfigurableApplicationContext configurableApplicationContext, @Qualifier("mfaTrustedAuthnEntityManagerFactory") EntityManagerFactory entityManagerFactory) {
            JpaTransactionManager jpaTransactionManager = new JpaTransactionManager();
            jpaTransactionManager.setEntityManagerFactory(entityManagerFactory);
            return jpaTransactionManager;
        }

        @ConditionalOnMissingBean(name = {"jpaMfaTrustTransactionTemplate"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public TransactionOperations jpaMfaTrustTransactionTemplate(CasConfigurationProperties casConfigurationProperties, @Qualifier("jpaMfaTrustTransactionManager") PlatformTransactionManager platformTransactionManager, ConfigurableApplicationContext configurableApplicationContext) {
            TransactionTemplate transactionTemplate = new TransactionTemplate(platformTransactionManager);
            JpaTrustedDevicesMultifactorProperties jpa = casConfigurationProperties.getAuthn().getMfa().getTrusted().getJpa();
            transactionTemplate.setIsolationLevelName(jpa.getIsolationLevelName());
            transactionTemplate.setPropagationBehaviorName(jpa.getPropagationBehaviorName());
            return transactionTemplate;
        }
    }
}
