package org.apereo.cas.azure.ad.config;

import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.CoreAuthenticationUtils;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.principal.PrincipalFactoryUtils;
import org.apereo.cas.authentication.principal.PrincipalNameTransformerUtils;
import org.apereo.cas.authentication.principal.PrincipalResolver;
import org.apereo.cas.authentication.support.password.PasswordEncoderUtils;
import org.apereo.cas.azure.ad.authentication.AzureActiveDirectoryAuthenticationHandler;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.azuread.AzureActiveDirectoryAuthenticationProperties;
import org.apereo.cas.persondir.PersonDirectoryAttributeRepositoryPlanConfigurer;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.util.function.FunctionUtils;
import org.apereo.services.persondir.IPersonAttributeDao;
import org.apereo.services.persondir.support.MicrosoftGraphPersonAttributeDao;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration(value = "azureActiveDirectoryAuthenticationConfiguration", proxyBeanMethods = false)
/* loaded from: input_file:org/apereo/cas/azure/ad/config/AzureActiveDirectoryAuthenticationConfiguration.class */
public class AzureActiveDirectoryAuthenticationConfiguration {

    @Autowired
    private ConfigurableApplicationContext applicationContext;

    @Autowired
    @Qualifier("servicesManager")
    private ObjectProvider<ServicesManager> servicesManager;

    @Autowired
    @Qualifier("defaultPrincipalResolver")
    private ObjectProvider<PrincipalResolver> defaultPrincipalResolver;

    @Autowired
    private CasConfigurationProperties casProperties;

    @Configuration(value = "AzureActiveDirectoryAuthenticationInternalConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/azure/ad/config/AzureActiveDirectoryAuthenticationConfiguration$AzureActiveDirectoryAuthenticationInternalConfiguration.class */
    public class AzureActiveDirectoryAuthenticationInternalConfiguration {
        public AzureActiveDirectoryAuthenticationInternalConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"microsoftAzureActiveDirectoryAttributeRepositories"})
        @RefreshScope
        @Bean
        public List<IPersonAttributeDao> microsoftAzureActiveDirectoryAttributeRepositories() {
            ArrayList arrayList = new ArrayList();
            AzureActiveDirectoryAuthenticationConfiguration.this.casProperties.getAuthn().getAttributeRepository().getAzureActiveDirectory().stream().filter(azureActiveDirectoryAttributesProperties -> {
                return StringUtils.isNotBlank(azureActiveDirectoryAttributesProperties.getClientId()) && StringUtils.isNotBlank(azureActiveDirectoryAttributesProperties.getClientSecret());
            }).forEach(azureActiveDirectoryAttributesProperties2 -> {
                MicrosoftGraphPersonAttributeDao microsoftGraphPersonAttributeDao = new MicrosoftGraphPersonAttributeDao();
                String id = azureActiveDirectoryAttributesProperties2.getId();
                Objects.requireNonNull(microsoftGraphPersonAttributeDao);
                FunctionUtils.doIfNotNull(id, str -> {
                    microsoftGraphPersonAttributeDao.setId(new String[]{str});
                });
                String domain = azureActiveDirectoryAttributesProperties2.getDomain();
                Objects.requireNonNull(microsoftGraphPersonAttributeDao);
                FunctionUtils.doIfNotNull(domain, microsoftGraphPersonAttributeDao::setDomain);
                String apiBaseUrl = azureActiveDirectoryAttributesProperties2.getApiBaseUrl();
                Objects.requireNonNull(microsoftGraphPersonAttributeDao);
                FunctionUtils.doIfNotNull(apiBaseUrl, microsoftGraphPersonAttributeDao::setApiBaseUrl);
                String grantType = azureActiveDirectoryAttributesProperties2.getGrantType();
                Objects.requireNonNull(microsoftGraphPersonAttributeDao);
                FunctionUtils.doIfNotNull(grantType, microsoftGraphPersonAttributeDao::setGrantType);
                String loginBaseUrl = azureActiveDirectoryAttributesProperties2.getLoginBaseUrl();
                Objects.requireNonNull(microsoftGraphPersonAttributeDao);
                FunctionUtils.doIfNotNull(loginBaseUrl, microsoftGraphPersonAttributeDao::setLoginBaseUrl);
                String loggingLevel = azureActiveDirectoryAttributesProperties2.getLoggingLevel();
                Objects.requireNonNull(microsoftGraphPersonAttributeDao);
                FunctionUtils.doIfNotNull(loggingLevel, microsoftGraphPersonAttributeDao::setLoggingLevel);
                String attributes = azureActiveDirectoryAttributesProperties2.getAttributes();
                Objects.requireNonNull(microsoftGraphPersonAttributeDao);
                FunctionUtils.doIfNotNull(attributes, microsoftGraphPersonAttributeDao::setProperties);
                String resource = azureActiveDirectoryAttributesProperties2.getResource();
                Objects.requireNonNull(microsoftGraphPersonAttributeDao);
                FunctionUtils.doIfNotNull(resource, microsoftGraphPersonAttributeDao::setResource);
                String scope = azureActiveDirectoryAttributesProperties2.getScope();
                Objects.requireNonNull(microsoftGraphPersonAttributeDao);
                FunctionUtils.doIfNotNull(scope, microsoftGraphPersonAttributeDao::setScope);
                String tenant = azureActiveDirectoryAttributesProperties2.getTenant();
                Objects.requireNonNull(microsoftGraphPersonAttributeDao);
                FunctionUtils.doIfNotNull(tenant, microsoftGraphPersonAttributeDao::setTenant);
                microsoftGraphPersonAttributeDao.setClientSecret(azureActiveDirectoryAttributesProperties2.getClientSecret());
                microsoftGraphPersonAttributeDao.setClientId(azureActiveDirectoryAttributesProperties2.getClientId());
                microsoftGraphPersonAttributeDao.setOrder(azureActiveDirectoryAttributesProperties2.getOrder());
                arrayList.add(microsoftGraphPersonAttributeDao);
            });
            return arrayList;
        }

        @ConditionalOnMissingBean(name = {"microsoftAzureActiveDirectoryPrincipalFactory"})
        @Bean
        public PrincipalFactory microsoftAzureActiveDirectoryPrincipalFactory() {
            return PrincipalFactoryUtils.newPrincipalFactory();
        }

        @ConditionalOnMissingBean(name = {"microsoftAzureActiveDirectoryAuthenticationHandler"})
        @RefreshScope
        @Autowired
        @Bean
        public AuthenticationHandler microsoftAzureActiveDirectoryAuthenticationHandler(@Qualifier("microsoftAzureActiveDirectoryPrincipalFactory") PrincipalFactory principalFactory) {
            AzureActiveDirectoryAuthenticationProperties azureActiveDirectory = AzureActiveDirectoryAuthenticationConfiguration.this.casProperties.getAuthn().getAzureActiveDirectory();
            AzureActiveDirectoryAuthenticationHandler azureActiveDirectoryAuthenticationHandler = new AzureActiveDirectoryAuthenticationHandler(azureActiveDirectory.getName(), (ServicesManager) AzureActiveDirectoryAuthenticationConfiguration.this.servicesManager.getObject(), principalFactory, Integer.valueOf(azureActiveDirectory.getOrder()), azureActiveDirectory.getClientId(), azureActiveDirectory.getLoginUrl(), azureActiveDirectory.getResource());
            azureActiveDirectoryAuthenticationHandler.setState(azureActiveDirectory.getState());
            azureActiveDirectoryAuthenticationHandler.setPrincipalNameTransformer(PrincipalNameTransformerUtils.newPrincipalNameTransformer(azureActiveDirectory.getPrincipalTransformation()));
            azureActiveDirectoryAuthenticationHandler.setPasswordEncoder(PasswordEncoderUtils.newPasswordEncoder(azureActiveDirectory.getPasswordEncoder(), AzureActiveDirectoryAuthenticationConfiguration.this.applicationContext));
            azureActiveDirectoryAuthenticationHandler.setCredentialSelectionPredicate(CoreAuthenticationUtils.newCredentialSelectionPredicate(azureActiveDirectory.getCredentialCriteria()));
            return azureActiveDirectoryAuthenticationHandler;
        }
    }

    @ConditionalOnMissingBean(name = {"microsoftAzureActiveDirectoryAuthenticationEventExecutionPlanConfigurer"})
    @RefreshScope
    @Autowired
    @Bean
    public AuthenticationEventExecutionPlanConfigurer microsoftAzureActiveDirectoryAuthenticationEventExecutionPlanConfigurer(@Qualifier("microsoftAzureActiveDirectoryAuthenticationHandler") AuthenticationHandler authenticationHandler) {
        return authenticationEventExecutionPlan -> {
            authenticationEventExecutionPlan.registerAuthenticationHandlerWithPrincipalResolver(authenticationHandler, (PrincipalResolver) this.defaultPrincipalResolver.getObject());
        };
    }

    @ConditionalOnMissingBean(name = {"microsoftAzureActiveDirectoryAttributeRepositoryPlanConfigurer"})
    @Autowired
    @Bean
    public PersonDirectoryAttributeRepositoryPlanConfigurer microsoftAzureActiveDirectoryAttributeRepositoryPlanConfigurer(@Qualifier("microsoftAzureActiveDirectoryAttributeRepositories") List<IPersonAttributeDao> list) {
        return personDirectoryAttributeRepositoryPlan -> {
            Objects.requireNonNull(personDirectoryAttributeRepositoryPlan);
            list.forEach(personDirectoryAttributeRepositoryPlan::registerAttributeRepository);
        };
    }
}
