package org.apereo.cas.web.config;

import java.util.ArrayList;
import org.apache.commons.lang3.tuple.Pair;
import org.apereo.cas.CentralAuthenticationService;
import org.apereo.cas.authentication.AuthenticationServiceSelectionPlan;
import org.apereo.cas.authentication.AuthenticationSystemSupport;
import org.apereo.cas.authentication.ProtocolAttributeEncoder;
import org.apereo.cas.authentication.principal.ServiceFactory;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.ticket.proxy.ProxyHandler;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.validation.AuthenticationAttributeReleasePolicy;
import org.apereo.cas.validation.CasProtocolAttributesRenderer;
import org.apereo.cas.validation.CasProtocolValidationSpecification;
import org.apereo.cas.validation.CasProtocolViewFactory;
import org.apereo.cas.validation.ChainingCasProtocolValidationSpecification;
import org.apereo.cas.validation.RequestedAuthenticationContextValidator;
import org.apereo.cas.validation.ServiceTicketValidationAuthorizersExecutionPlan;
import org.apereo.cas.web.ServiceValidateConfigurationContext;
import org.apereo.cas.web.ServiceValidationViewFactory;
import org.apereo.cas.web.ServiceValidationViewFactoryConfigurer;
import org.apereo.cas.web.ServiceValidationViewTypes;
import org.apereo.cas.web.support.ArgumentExtractor;
import org.apereo.cas.web.v1.LegacyValidateController;
import org.apereo.cas.web.v2.ProxyController;
import org.apereo.cas.web.v2.ProxyValidateController;
import org.apereo.cas.web.v2.ServiceValidateController;
import org.apereo.cas.web.v3.V3ProxyValidateController;
import org.apereo.cas.web.v3.V3ServiceValidateController;
import org.apereo.cas.web.view.Cas10ResponseView;
import org.apereo.cas.web.view.Cas20ResponseView;
import org.apereo.cas.web.view.Cas30ResponseView;
import org.apereo.cas.web.view.attributes.AttributeValuesPerLineProtocolAttributesRenderer;
import org.apereo.cas.web.view.attributes.DefaultCas30ProtocolAttributesRenderer;
import org.apereo.cas.web.view.attributes.InlinedCas30ProtocolAttributesRenderer;
import org.apereo.cas.web.view.attributes.NoOpProtocolAttributesRenderer;
import org.apereo.cas.web.view.json.Cas30JsonResponseView;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.AnnotationAwareOrderComparator;
import org.springframework.web.servlet.View;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("casValidationConfiguration")
/* loaded from: input_file:WEB-INF/lib/cas-server-support-validation-6.3.0-RC4.jar:org/apereo/cas/web/config/CasValidationConfiguration.class */
public class CasValidationConfiguration {

    @Autowired
    @Qualifier("casProtocolViewFactory")
    private ObjectProvider<CasProtocolViewFactory> casProtocolViewFactory;

    @Autowired
    private ConfigurableApplicationContext applicationContext;

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("casAttributeEncoder")
    private ObjectProvider<ProtocolAttributeEncoder> protocolAttributeEncoder;

    @Autowired
    @Qualifier("authenticationAttributeReleasePolicy")
    private ObjectProvider<AuthenticationAttributeReleasePolicy> authenticationAttributeReleasePolicy;

    @Autowired
    @Qualifier("cas20WithoutProxyProtocolValidationSpecification")
    private ObjectProvider<CasProtocolValidationSpecification> cas20WithoutProxyProtocolValidationSpecification;

    @Autowired
    @Qualifier("cas20ProtocolValidationSpecification")
    private ObjectProvider<CasProtocolValidationSpecification> cas20ProtocolValidationSpecification;

    @Autowired
    @Qualifier("cas10ProtocolValidationSpecification")
    private ObjectProvider<CasProtocolValidationSpecification> cas10ProtocolValidationSpecification;

    @Autowired
    @Qualifier("webApplicationServiceFactory")
    private ServiceFactory<WebApplicationService> webApplicationServiceFactory;

    @Autowired
    @Qualifier("serviceValidationAuthorizers")
    private ObjectProvider<ServiceTicketValidationAuthorizersExecutionPlan> serviceValidationAuthorizers;

    @Autowired
    @Qualifier("proxy10Handler")
    private ObjectProvider<ProxyHandler> proxy10Handler;

    @Autowired
    @Qualifier("proxy20Handler")
    private ObjectProvider<ProxyHandler> proxy20Handler;

    @Autowired
    @Qualifier("servicesManager")
    private ObjectProvider<ServicesManager> servicesManager;

    @Autowired
    @Qualifier("centralAuthenticationService")
    private ObjectProvider<CentralAuthenticationService> centralAuthenticationService;

    @Autowired
    @Qualifier("requestedContextValidator")
    private ObjectProvider<RequestedAuthenticationContextValidator> requestedContextValidator;

    @Autowired
    @Qualifier("authenticationServiceSelectionPlan")
    private ObjectProvider<AuthenticationServiceSelectionPlan> authenticationServiceSelectionPlan;

    @Autowired
    @Qualifier("argumentExtractor")
    private ObjectProvider<ArgumentExtractor> argumentExtractor;

    @Autowired
    @Qualifier("defaultAuthenticationSystemSupport")
    private ObjectProvider<AuthenticationSystemSupport> authenticationSystemSupport;

    @ConditionalOnMissingBean(name = {"cas1ServiceSuccessView"})
    @RefreshScope
    @Bean
    public View cas1ServiceSuccessView() {
        return new Cas10ResponseView(true, this.protocolAttributeEncoder.getObject(), this.servicesManager.getObject(), this.authenticationAttributeReleasePolicy.getObject(), this.authenticationServiceSelectionPlan.getObject(), cas1ProtocolAttributesRenderer());
    }

    @ConditionalOnMissingBean(name = {"cas1ServiceFailureView"})
    @RefreshScope
    @Bean
    public View cas1ServiceFailureView() {
        return new Cas10ResponseView(false, this.protocolAttributeEncoder.getObject(), this.servicesManager.getObject(), this.authenticationAttributeReleasePolicy.getObject(), this.authenticationServiceSelectionPlan.getObject(), cas1ProtocolAttributesRenderer());
    }

    @ConditionalOnMissingBean(name = {"cas2ServiceSuccessView"})
    @RefreshScope
    @Bean
    public View cas2ServiceSuccessView() {
        return new Cas20ResponseView(true, this.protocolAttributeEncoder.getObject(), this.servicesManager.getObject(), cas2SuccessView(), this.authenticationAttributeReleasePolicy.getObject(), this.authenticationServiceSelectionPlan.getObject(), NoOpProtocolAttributesRenderer.INSTANCE);
    }

    @ConditionalOnMissingBean(name = {"cas3ServiceJsonView"})
    @RefreshScope
    @Bean
    public View cas3ServiceJsonView() {
        return new Cas30JsonResponseView(true, this.protocolAttributeEncoder.getObject(), this.servicesManager.getObject(), this.authenticationAttributeReleasePolicy.getObject(), this.authenticationServiceSelectionPlan.getObject(), cas3ProtocolAttributesRenderer());
    }

    @ConditionalOnMissingBean(name = {"cas3ProtocolAttributesRenderer"})
    @RefreshScope
    @Bean
    public CasProtocolAttributesRenderer cas3ProtocolAttributesRenderer() {
        switch (this.casProperties.getView().getCas3().getAttributeRendererType()) {
            case INLINE:
                return new InlinedCas30ProtocolAttributesRenderer();
            case DEFAULT:
            default:
                return new DefaultCas30ProtocolAttributesRenderer();
        }
    }

    @ConditionalOnMissingBean(name = {"cas1ProtocolAttributesRenderer"})
    @RefreshScope
    @Bean
    public CasProtocolAttributesRenderer cas1ProtocolAttributesRenderer() {
        switch (this.casProperties.getView().getCas1().getAttributeRendererType()) {
            case VALUES_PER_LINE:
                return new AttributeValuesPerLineProtocolAttributesRenderer();
            case DEFAULT:
            default:
                return NoOpProtocolAttributesRenderer.INSTANCE;
        }
    }

    @ConditionalOnMissingBean(name = {"cas3ServiceSuccessView"})
    @RefreshScope
    @Bean
    public View cas3ServiceSuccessView() {
        return new Cas30ResponseView(true, this.protocolAttributeEncoder.getObject(), this.servicesManager.getObject(), cas3SuccessView(), this.authenticationAttributeReleasePolicy.getObject(), this.authenticationServiceSelectionPlan.getObject(), cas3ProtocolAttributesRenderer());
    }

    @ConditionalOnMissingBean(name = {"proxyController"})
    @ConditionalOnProperty(prefix = "cas.sso", name = {"proxy-authn-enabled"}, havingValue = "true", matchIfMissing = true)
    @Bean
    public ProxyController proxyController() {
        return new ProxyController(cas2ProxySuccessView(), cas2ProxyFailureView(), this.centralAuthenticationService.getObject(), this.webApplicationServiceFactory, this.applicationContext);
    }

    @ConditionalOnMissingBean(name = {"serviceValidationViewFactory"})
    @RefreshScope
    @Bean
    public ServiceValidationViewFactory serviceValidationViewFactory() {
        ServiceValidationViewFactory serviceValidationViewFactory = new ServiceValidationViewFactory();
        ArrayList arrayList = new ArrayList(this.applicationContext.getBeansOfType(ServiceValidationViewFactoryConfigurer.class, false, true).values());
        AnnotationAwareOrderComparator.sort(arrayList);
        arrayList.forEach(serviceValidationViewFactoryConfigurer -> {
            serviceValidationViewFactoryConfigurer.configureViewFactory(serviceValidationViewFactory);
        });
        return serviceValidationViewFactory;
    }

    @ConditionalOnMissingBean(name = {"casServiceValidationViewFactoryConfigurer"})
    @RefreshScope
    @Bean
    public ServiceValidationViewFactoryConfigurer casServiceValidationViewFactoryConfigurer() {
        return serviceValidationViewFactory -> {
            serviceValidationViewFactory.registerView(ServiceValidationViewTypes.JSON, cas3ServiceJsonView());
            View cas3ServiceSuccessView = cas3ServiceSuccessView();
            View cas3ServiceFailureView = cas3ServiceFailureView();
            serviceValidationViewFactory.registerView(V3ServiceValidateController.class, Pair.of(cas3ServiceSuccessView, cas3ServiceFailureView));
            serviceValidationViewFactory.registerView(V3ProxyValidateController.class, Pair.of(cas3ServiceSuccessView, cas3ServiceFailureView));
            if (this.casProperties.getView().getCas2().isV3ForwardCompatible()) {
                serviceValidationViewFactory.registerView(ProxyValidateController.class, Pair.of(cas3ServiceSuccessView, cas3ServiceFailureView));
                serviceValidationViewFactory.registerView(ServiceValidateController.class, Pair.of(cas3ServiceSuccessView, cas3ServiceFailureView));
            } else {
                View cas2ServiceSuccessView = cas2ServiceSuccessView();
                View cas2ServiceFailureView = cas2ServiceFailureView();
                serviceValidationViewFactory.registerView(ProxyValidateController.class, Pair.of(cas2ServiceSuccessView, cas2ServiceFailureView));
                serviceValidationViewFactory.registerView(ServiceValidateController.class, Pair.of(cas2ServiceSuccessView, cas2ServiceFailureView));
            }
            serviceValidationViewFactory.registerView(LegacyValidateController.class, Pair.of(cas1ServiceSuccessView(), cas1ServiceFailureView()));
        };
    }

    @ConditionalOnMissingBean(name = {"v3ServiceValidateControllerValidationSpecification"})
    @Bean
    public CasProtocolValidationSpecification v3ServiceValidateControllerValidationSpecification() {
        ChainingCasProtocolValidationSpecification chainingCasProtocolValidationSpecification = new ChainingCasProtocolValidationSpecification();
        chainingCasProtocolValidationSpecification.addSpecification(this.cas20WithoutProxyProtocolValidationSpecification.getObject());
        return chainingCasProtocolValidationSpecification;
    }

    @ConditionalOnMissingBean(name = {"v3ServiceValidateController"})
    @Bean
    public V3ServiceValidateController v3ServiceValidateController() {
        return new V3ServiceValidateController(getServiceValidateConfigurationContextBuilder().validationSpecifications(CollectionUtils.wrapSet(v3ServiceValidateControllerValidationSpecification())).proxyHandler(this.proxy20Handler.getObject()).build());
    }

    @ConditionalOnMissingBean(name = {"v3ProxyValidateControllerValidationSpecification"})
    @ConditionalOnProperty(prefix = "cas.sso", name = {"proxy-authn-enabled"}, havingValue = "true", matchIfMissing = true)
    @Bean
    public CasProtocolValidationSpecification v3ProxyValidateControllerValidationSpecification() {
        ChainingCasProtocolValidationSpecification chainingCasProtocolValidationSpecification = new ChainingCasProtocolValidationSpecification();
        chainingCasProtocolValidationSpecification.addSpecification(this.cas20ProtocolValidationSpecification.getObject());
        return chainingCasProtocolValidationSpecification;
    }

    @ConditionalOnMissingBean(name = {"v3ProxyValidateController"})
    @ConditionalOnProperty(prefix = "cas.sso", name = {"proxy-authn-enabled"}, havingValue = "true", matchIfMissing = true)
    @Bean
    public V3ProxyValidateController v3ProxyValidateController() {
        return new V3ProxyValidateController(getServiceValidateConfigurationContextBuilder().validationSpecifications(CollectionUtils.wrapSet(v3ProxyValidateControllerValidationSpecification())).proxyHandler(this.proxy20Handler.getObject()).build());
    }

    @ConditionalOnMissingBean(name = {"proxyValidateControllerValidationSpecification"})
    @Bean
    public CasProtocolValidationSpecification proxyValidateControllerValidationSpecification() {
        ChainingCasProtocolValidationSpecification chainingCasProtocolValidationSpecification = new ChainingCasProtocolValidationSpecification();
        chainingCasProtocolValidationSpecification.addSpecification(this.cas20ProtocolValidationSpecification.getObject());
        return chainingCasProtocolValidationSpecification;
    }

    @ConditionalOnMissingBean(name = {"proxyValidateController"})
    @Bean
    public ProxyValidateController proxyValidateController() {
        return new ProxyValidateController(getServiceValidateConfigurationContextBuilder().validationSpecifications(CollectionUtils.wrapSet(proxyValidateControllerValidationSpecification())).proxyHandler(this.proxy20Handler.getObject()).build());
    }

    @ConditionalOnMissingBean(name = {"legacyValidateControllerValidationSpecification"})
    @Bean
    public CasProtocolValidationSpecification legacyValidateControllerValidationSpecification() {
        ChainingCasProtocolValidationSpecification chainingCasProtocolValidationSpecification = new ChainingCasProtocolValidationSpecification();
        chainingCasProtocolValidationSpecification.addSpecification(this.cas10ProtocolValidationSpecification.getObject());
        return chainingCasProtocolValidationSpecification;
    }

    @ConditionalOnMissingBean(name = {"legacyValidateController"})
    @Bean
    public LegacyValidateController legacyValidateController() {
        return new LegacyValidateController(getServiceValidateConfigurationContextBuilder().validationSpecifications(CollectionUtils.wrapSet(legacyValidateControllerValidationSpecification())).proxyHandler(this.proxy10Handler.getObject()).build());
    }

    @ConditionalOnMissingBean(name = {"serviceValidateControllerValidationSpecification"})
    @Bean
    public CasProtocolValidationSpecification serviceValidateControllerValidationSpecification() {
        ChainingCasProtocolValidationSpecification chainingCasProtocolValidationSpecification = new ChainingCasProtocolValidationSpecification();
        chainingCasProtocolValidationSpecification.addSpecification(this.cas20WithoutProxyProtocolValidationSpecification.getObject());
        return chainingCasProtocolValidationSpecification;
    }

    @ConditionalOnMissingBean(name = {"serviceValidateController"})
    @Bean
    public ServiceValidateController serviceValidateController() {
        return new ServiceValidateController(getServiceValidateConfigurationContextBuilder().validationSpecifications(CollectionUtils.wrapSet(serviceValidateControllerValidationSpecification())).proxyHandler(this.proxy20Handler.getObject()).build());
    }

    @Bean
    public View cas2SuccessView() {
        return this.casProtocolViewFactory.getObject().create(this.applicationContext, this.casProperties.getView().getCas2().getSuccess(), "application/xml");
    }

    @Bean
    public View cas2ServiceFailureView() {
        return this.casProtocolViewFactory.getObject().create(this.applicationContext, this.casProperties.getView().getCas2().getFailure());
    }

    @ConditionalOnProperty(prefix = "cas.sso", name = {"proxy-authn-enabled"}, havingValue = "true", matchIfMissing = true)
    @Bean
    public View cas2ProxyFailureView() {
        return this.casProtocolViewFactory.getObject().create(this.applicationContext, this.casProperties.getView().getCas2().getProxy().getFailure(), "application/xml");
    }

    @ConditionalOnProperty(prefix = "cas.sso", name = {"proxy-authn-enabled"}, havingValue = "true", matchIfMissing = true)
    @Bean
    public View cas2ProxySuccessView() {
        return this.casProtocolViewFactory.getObject().create(this.applicationContext, this.casProperties.getView().getCas2().getProxy().getSuccess(), "application/xml");
    }

    @Bean
    public View cas3SuccessView() {
        return this.casProtocolViewFactory.getObject().create(this.applicationContext, this.casProperties.getView().getCas3().getSuccess());
    }

    @Bean
    public View cas3ServiceFailureView() {
        return this.casProtocolViewFactory.getObject().create(this.applicationContext, this.casProperties.getView().getCas3().getFailure(), "application/xml");
    }

    @Bean
    public View casPostResponseView() {
        return this.casProtocolViewFactory.getObject().create(this.applicationContext, "protocol/casPostResponseView");
    }

    private ServiceValidateConfigurationContext.ServiceValidateConfigurationContextBuilder getServiceValidateConfigurationContextBuilder() {
        return ServiceValidateConfigurationContext.builder().authenticationSystemSupport(this.authenticationSystemSupport.getObject()).servicesManager(this.servicesManager.getObject()).centralAuthenticationService(this.centralAuthenticationService.getObject()).argumentExtractor(this.argumentExtractor.getObject()).requestedContextValidator(this.requestedContextValidator.getObject()).authnContextAttribute(this.casProperties.getAuthn().getMfa().getAuthenticationContextAttribute()).validationAuthorizers(this.serviceValidationAuthorizers.getObject()).renewEnabled(this.casProperties.getSso().isRenewAuthnEnabled()).validationViewFactory(serviceValidationViewFactory());
    }
}
