package org.apereo.cas.validation.config;

import java.util.List;
import java.util.Optional;
import lombok.Generated;
import org.apache.commons.lang3.tuple.Pair;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.RegisteredServiceAccessStrategyUtils;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.validation.Cas10ProtocolValidationSpecification;
import org.apereo.cas.validation.Cas20ProtocolValidationSpecification;
import org.apereo.cas.validation.Cas20WithoutProxyingValidationSpecification;
import org.apereo.cas.validation.CasProtocolValidationSpecification;
import org.apereo.cas.validation.DefaultServiceTicketValidationAuthorizersExecutionPlan;
import org.apereo.cas.validation.RegisteredServiceRequiredHandlersServiceTicketValidationAuthorizer;
import org.apereo.cas.validation.RequestedAuthenticationContextValidator;
import org.apereo.cas.validation.ServiceTicketValidationAuthorizer;
import org.apereo.cas.validation.ServiceTicketValidationAuthorizerConfigurer;
import org.apereo.cas.validation.ServiceTicketValidationAuthorizersExecutionPlan;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Scope;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("casCoreValidationConfiguration")
/* loaded from: input_file:WEB-INF/lib/cas-server-core-validation-6.1.7.2.jar:org/apereo/cas/validation/config/CasCoreValidationConfiguration.class */
public class CasCoreValidationConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) CasCoreValidationConfiguration.class);

    @Autowired
    @Qualifier("servicesManager")
    private ObjectProvider<ServicesManager> servicesManager;

    @Scope("prototype")
    @Bean
    public CasProtocolValidationSpecification cas10ProtocolValidationSpecification() {
        return new Cas10ProtocolValidationSpecification(this.servicesManager.getObject());
    }

    @Scope("prototype")
    @Bean
    public CasProtocolValidationSpecification cas20ProtocolValidationSpecification() {
        return new Cas20ProtocolValidationSpecification(this.servicesManager.getObject());
    }

    @Scope("prototype")
    @Bean
    public CasProtocolValidationSpecification cas20WithoutProxyProtocolValidationSpecification() {
        return new Cas20WithoutProxyingValidationSpecification(this.servicesManager.getObject());
    }

    @ConditionalOnMissingBean(name = {"serviceValidationAuthorizers"})
    @Autowired
    @Bean
    public ServiceTicketValidationAuthorizersExecutionPlan serviceValidationAuthorizers(List<ServiceTicketValidationAuthorizerConfigurer> list) {
        DefaultServiceTicketValidationAuthorizersExecutionPlan defaultServiceTicketValidationAuthorizersExecutionPlan = new DefaultServiceTicketValidationAuthorizersExecutionPlan();
        list.forEach(serviceTicketValidationAuthorizerConfigurer -> {
            LOGGER.trace("Configuring service ticket validation authorizer execution plan [{}]", serviceTicketValidationAuthorizerConfigurer.getName());
            serviceTicketValidationAuthorizerConfigurer.configureAuthorizersExecutionPlan(defaultServiceTicketValidationAuthorizersExecutionPlan);
        });
        return defaultServiceTicketValidationAuthorizersExecutionPlan;
    }

    @Bean
    public ServiceTicketValidationAuthorizer requiredHandlersServiceTicketValidationAuthorizer() {
        return new RegisteredServiceRequiredHandlersServiceTicketValidationAuthorizer(this.servicesManager.getObject());
    }

    @Bean
    public ServiceTicketValidationAuthorizerConfigurer casCoreServiceTicketValidationAuthorizerConfigurer() {
        return serviceTicketValidationAuthorizersExecutionPlan -> {
            serviceTicketValidationAuthorizersExecutionPlan.registerAuthorizer(requiredHandlersServiceTicketValidationAuthorizer());
        };
    }

    @ConditionalOnMissingBean(name = {"requestedContextValidator"})
    @Bean
    public RequestedAuthenticationContextValidator requestedContextValidator() {
        return (assertion, httpServletRequest) -> {
            LOGGER.trace("Locating the primary authentication associated with this service request [{}]", assertion.getService());
            RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(assertion.getService(), this.servicesManager.getObject().findServiceBy(assertion.getService()));
            return Pair.of(Boolean.TRUE, Optional.empty());
        };
    }
}
