package org.apereo.cas.config;

import java.util.Collection;
import net.shibboleth.ext.spring.resource.ResourceHelper;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties;
import org.apereo.cas.support.saml.OpenSamlConfigBean;
import org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver;
import org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceDefaultCachingMetadataResolver;
import org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceMetadataResolverCacheLoader;
import org.apereo.cas.support.saml.services.idp.metadata.cache.resolver.ClasspathResourceMetadataResolver;
import org.apereo.cas.support.saml.services.idp.metadata.cache.resolver.DynamicMetadataResolver;
import org.apereo.cas.support.saml.services.idp.metadata.cache.resolver.FileSystemResourceMetadataResolver;
import org.apereo.cas.support.saml.services.idp.metadata.cache.resolver.SamlRegisteredServiceMetadataResolver;
import org.apereo.cas.support.saml.services.idp.metadata.cache.resolver.UrlResourceMetadataResolver;
import org.apereo.cas.support.saml.web.idp.metadata.SamlIdpMetadataAndCertificatesGenerationService;
import org.apereo.cas.support.saml.web.idp.metadata.SamlMetadataController;
import org.apereo.cas.support.saml.web.idp.metadata.TemplatedMetadataAndCertificatesGenerationService;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.http.HttpClient;
import org.opensaml.saml.metadata.resolver.MetadataResolver;
import org.opensaml.saml.metadata.resolver.impl.ResourceBackedMetadataResolver;
import org.springframework.beans.factory.BeanCreationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import org.springframework.context.annotation.Lazy;
import org.springframework.core.io.FileSystemResource;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("samlIdPMetadataConfiguration")
/* loaded from: input_file:org/apereo/cas/config/SamlIdPMetadataConfiguration.class */
public class SamlIdPMetadataConfiguration {

    @Autowired
    @Qualifier("noRedirectHttpClient")
    private HttpClient httpClient;

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("shibboleth.OpenSAMLConfig")
    private OpenSamlConfigBean openSamlConfigBean;

    @DependsOn({"shibbolethIdpMetadataAndCertificatesGenerationService"})
    @Lazy
    @Bean
    public MetadataResolver casSamlIdPMetadataResolver() {
        try {
            SamlIdPProperties samlIdp = this.casProperties.getAuthn().getSamlIdp();
            ResourceBackedMetadataResolver resourceBackedMetadataResolver = new ResourceBackedMetadataResolver(ResourceHelper.of(new FileSystemResource(samlIdp.getMetadata().getMetadataFile())));
            resourceBackedMetadataResolver.setParserPool(this.openSamlConfigBean.getParserPool());
            resourceBackedMetadataResolver.setFailFastInitialization(samlIdp.getMetadata().isFailFast());
            resourceBackedMetadataResolver.setRequireValidMetadata(samlIdp.getMetadata().isRequireValidMetadata());
            resourceBackedMetadataResolver.setId(samlIdp.getEntityId());
            resourceBackedMetadataResolver.initialize();
            return resourceBackedMetadataResolver;
        } catch (Exception e) {
            throw new BeanCreationException(e.getMessage(), e);
        }
    }

    @RefreshScope
    @Bean
    public SamlMetadataController samlMetadataController() {
        return new SamlMetadataController(shibbolethIdpMetadataAndCertificatesGenerationService());
    }

    @ConditionalOnMissingBean(name = {"shibbolethIdpMetadataAndCertificatesGenerationService"})
    @Bean
    public SamlIdpMetadataAndCertificatesGenerationService shibbolethIdpMetadataAndCertificatesGenerationService() {
        return new TemplatedMetadataAndCertificatesGenerationService();
    }

    @ConditionalOnMissingBean(name = {"chainingMetadataResolverCacheLoader"})
    @RefreshScope
    @Bean
    public SamlRegisteredServiceMetadataResolverCacheLoader chainingMetadataResolverCacheLoader() throws Exception {
        return new SamlRegisteredServiceMetadataResolverCacheLoader(this.openSamlConfigBean, this.httpClient, this.casProperties.getAuthn().getSamlIdp(), samlRegisteredServiceMetadataResolvers());
    }

    @ConditionalOnMissingBean(name = {"samlRegisteredServiceMetadataResolvers"})
    @RefreshScope
    @Bean
    public Collection<SamlRegisteredServiceMetadataResolver> samlRegisteredServiceMetadataResolvers() throws Exception {
        return CollectionUtils.wrapSet(new SamlRegisteredServiceMetadataResolver[]{new DynamicMetadataResolver(this.casProperties.getAuthn().getSamlIdp(), this.openSamlConfigBean, this.httpClient), new FileSystemResourceMetadataResolver(this.casProperties.getAuthn().getSamlIdp(), this.openSamlConfigBean), new UrlResourceMetadataResolver(this.casProperties.getAuthn().getSamlIdp(), this.openSamlConfigBean), new ClasspathResourceMetadataResolver(this.casProperties.getAuthn().getSamlIdp(), this.openSamlConfigBean)});
    }

    @ConditionalOnMissingBean(name = {"defaultSamlRegisteredServiceCachingMetadataResolver"})
    @RefreshScope
    @Bean
    public SamlRegisteredServiceCachingMetadataResolver defaultSamlRegisteredServiceCachingMetadataResolver() throws Exception {
        return new SamlRegisteredServiceDefaultCachingMetadataResolver(this.casProperties.getAuthn().getSamlIdp().getMetadata().getCacheExpirationMinutes(), chainingMetadataResolverCacheLoader());
    }
}
