package org.apereo.cas.config;

import java.lang.invoke.SerializedLambda;
import java.util.Set;
import lombok.Generated;
import org.apereo.cas.CentralAuthenticationService;
import org.apereo.cas.CentralAuthenticationServiceContext;
import org.apereo.cas.DefaultCentralAuthenticationService;
import org.apereo.cas.audit.AuditableExecution;
import org.apereo.cas.authentication.AuthenticationPolicy;
import org.apereo.cas.authentication.AuthenticationPolicyExecutionResult;
import org.apereo.cas.authentication.AuthenticationServiceSelectionPlan;
import org.apereo.cas.authentication.AuthenticationServiceSelectionStrategyConfigurer;
import org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionStrategy;
import org.apereo.cas.authentication.principal.DefaultServiceMatchingStrategy;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.principal.PrincipalResolver;
import org.apereo.cas.authentication.principal.ServiceMatchingStrategy;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.features.CasFeatureModule;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.ticket.TicketFactory;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.apereo.cas.util.lock.LockRepository;
import org.apereo.cas.util.spring.boot.ConditionalOnFeatureEnabled;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.transaction.annotation.EnableTransactionManagement;

/* JADX INFO: Access modifiers changed from: package-private */
@EnableConfigurationProperties({CasConfigurationProperties.class})
@EnableTransactionManagement(proxyTargetClass = false)
@Configuration(value = "CasCoreConfiguration", proxyBeanMethods = false)
@ConditionalOnFeatureEnabled(feature = {CasFeatureModule.FeatureCatalog.Core})
/* loaded from: input_file:WEB-INF/lib/cas-server-core-7.2.0-RC4.jar:org/apereo/cas/config/CasCoreConfiguration.class */
public class CasCoreConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) CasCoreConfiguration.class);

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCoreContextConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-7.2.0-RC4.jar:org/apereo/cas/config/CasCoreConfiguration$CasCoreContextConfiguration.class */
    static class CasCoreContextConfiguration {
        CasCoreContextConfiguration() {
        }

        @ConditionalOnMissingBean(name = {CentralAuthenticationService.BEAN_NAME})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CentralAuthenticationService centralAuthenticationService(@Qualifier("centralAuthenticationServiceContext") CentralAuthenticationServiceContext centralAuthenticationServiceContext) {
            return new DefaultCentralAuthenticationService(centralAuthenticationServiceContext);
        }

        /* JADX WARN: Type inference failed for: r0v1, types: [org.apereo.cas.CentralAuthenticationServiceContext$CentralAuthenticationServiceContextBuilder] */
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public CentralAuthenticationServiceContext centralAuthenticationServiceContext(@Qualifier("defaultPrincipalResolver") PrincipalResolver principalResolver, @Qualifier("authenticationServiceSelectionPlan") AuthenticationServiceSelectionPlan authenticationServiceSelectionPlan, @Qualifier("protocolTicketCipherExecutor") CipherExecutor cipherExecutor, @Qualifier("principalFactory") PrincipalFactory principalFactory, @Qualifier("ticketRegistry") TicketRegistry ticketRegistry, @Qualifier("servicesManager") ServicesManager servicesManager, @Qualifier("defaultTicketFactory") TicketFactory ticketFactory, @Qualifier("registeredServiceAccessStrategyEnforcer") AuditableExecution auditableExecution, @Qualifier("serviceMatchingStrategy") ServiceMatchingStrategy serviceMatchingStrategy, @Qualifier("globalAuthenticationPolicy") AuthenticationPolicy authenticationPolicy, @Qualifier("casTicketRegistryLockRepository") LockRepository lockRepository, ConfigurableApplicationContext configurableApplicationContext) {
            return CentralAuthenticationServiceContext.builder().authenticationServiceSelectionPlan(authenticationServiceSelectionPlan).lockRepository(lockRepository).cipherExecutor(cipherExecutor).principalFactory(principalFactory).ticketRegistry(ticketRegistry).ticketFactory(ticketFactory).registeredServiceAccessStrategyEnforcer(auditableExecution).serviceMatchingStrategy(serviceMatchingStrategy).applicationContext(configurableApplicationContext).servicesManager(servicesManager).authenticationPolicy(authenticationPolicy).principalResolver(principalResolver).build();
        }
    }

    @EnableConfigurationProperties({CasConfigurationProperties.class})
    @Configuration(value = "CasCorePolicyConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-7.2.0-RC4.jar:org/apereo/cas/config/CasCoreConfiguration$CasCorePolicyConfiguration.class */
    static class CasCorePolicyConfiguration {
        CasCorePolicyConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"casCoreAuthenticationServiceSelectionStrategyConfigurer"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public AuthenticationServiceSelectionStrategyConfigurer casCoreAuthenticationServiceSelectionStrategyConfigurer() {
            return authenticationServiceSelectionPlan -> {
                authenticationServiceSelectionPlan.registerStrategy(new DefaultAuthenticationServiceSelectionStrategy());
            };
        }

        @ConditionalOnMissingBean(name = {"serviceMatchingStrategy"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public ServiceMatchingStrategy serviceMatchingStrategy(@Qualifier("servicesManager") ServicesManager servicesManager) {
            return new DefaultServiceMatchingStrategy(servicesManager);
        }

        @ConditionalOnMissingBean(name = {"globalAuthenticationPolicy"})
        @RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
        @Bean
        public AuthenticationPolicy globalAuthenticationPolicy(CasConfigurationProperties casConfigurationProperties) {
            if (!casConfigurationProperties.getAuthn().getPolicy().isRequiredHandlerAuthenticationPolicyEnabled()) {
                return AuthenticationPolicy.alwaysSatisfied();
            }
            CasCoreConfiguration.LOGGER.trace("Applying configuration for Required Handler Authentication Policy");
            return (authentication, set, configurableApplicationContext, map) -> {
                RegisteredService registeredService = (RegisteredService) map.get(RegisteredService.class.getName());
                Set<String> requiredAuthenticationHandlers = registeredService.getAuthenticationPolicy().getRequiredAuthenticationHandlers();
                CasCoreConfiguration.LOGGER.debug("Required authentication handlers for this service [{}] are [{}]", registeredService.getName(), requiredAuthenticationHandlers);
                return AuthenticationPolicyExecutionResult.success(requiredAuthenticationHandlers.stream().allMatch(str -> {
                    return authentication.getSuccesses().containsKey(str);
                }));
            };
        }

        private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
            String implMethodName = serializedLambda.getImplMethodName();
            boolean z = -1;
            switch (implMethodName.hashCode()) {
                case 797891034:
                    if (implMethodName.equals("lambda$globalAuthenticationPolicy$412b6a72$1")) {
                        z = false;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/apereo/cas/authentication/AuthenticationPolicy") && serializedLambda.getFunctionalInterfaceMethodName().equals("isSatisfiedBy") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/apereo/cas/authentication/Authentication;Ljava/util/Set;Lorg/springframework/context/ConfigurableApplicationContext;Ljava/util/Map;)Lorg/apereo/cas/authentication/AuthenticationPolicyExecutionResult;") && serializedLambda.getImplClass().equals("org/apereo/cas/config/CasCoreConfiguration$CasCorePolicyConfiguration") && serializedLambda.getImplMethodSignature().equals("(Lorg/apereo/cas/authentication/Authentication;Ljava/util/Set;Lorg/springframework/context/ConfigurableApplicationContext;Ljava/util/Map;)Lorg/apereo/cas/authentication/AuthenticationPolicyExecutionResult;")) {
                        return (authentication, set, configurableApplicationContext, map) -> {
                            RegisteredService registeredService = (RegisteredService) map.get(RegisteredService.class.getName());
                            Set<String> requiredAuthenticationHandlers = registeredService.getAuthenticationPolicy().getRequiredAuthenticationHandlers();
                            CasCoreConfiguration.LOGGER.debug("Required authentication handlers for this service [{}] are [{}]", registeredService.getName(), requiredAuthenticationHandlers);
                            return AuthenticationPolicyExecutionResult.success(requiredAuthenticationHandlers.stream().allMatch(str -> {
                                return authentication.getSuccesses().containsKey(str);
                            }));
                        };
                    }
                    break;
            }
            throw new IllegalArgumentException("Invalid lambda deserialization");
        }
    }

    CasCoreConfiguration() {
    }
}
