package org.apereo.cas.config;

import com.github.benmanes.caffeine.cache.Caffeine;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import javax.naming.directory.SearchControls;
import lombok.Generated;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.apereo.cas.authentication.CoreAuthenticationUtils;
import org.apereo.cas.authentication.attribute.AttributeDefinitionStore;
import org.apereo.cas.authentication.attribute.DefaultAttributeDefinitionStore;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.principal.PrincipalFactoryUtils;
import org.apereo.cas.authentication.principal.PrincipalResolutionExecutionPlanConfigurer;
import org.apereo.cas.authentication.principal.PrincipalResolver;
import org.apereo.cas.authentication.principal.resolvers.InternalGroovyScriptDao;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.core.authentication.GrouperPrincipalAttributesProperties;
import org.apereo.cas.configuration.model.core.authentication.JdbcPrincipalAttributesProperties;
import org.apereo.cas.configuration.model.core.authentication.PrincipalAttributesProperties;
import org.apereo.cas.configuration.model.support.ldap.LdapSearchEntryHandlersProperties;
import org.apereo.cas.configuration.support.Beans;
import org.apereo.cas.configuration.support.JpaBeans;
import org.apereo.cas.persondir.DefaultPersonDirectoryAttributeRepositoryPlan;
import org.apereo.cas.persondir.PersonDirectoryAttributeRepositoryPlan;
import org.apereo.cas.persondir.PersonDirectoryAttributeRepositoryPlanConfigurer;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.LdapUtils;
import org.apereo.cas.util.ResourceUtils;
import org.apereo.cas.util.function.FunctionUtils;
import org.apereo.cas.util.io.FileWatcherService;
import org.apereo.services.persondir.IPersonAttributeDao;
import org.apereo.services.persondir.support.AbstractAggregatingDefaultQueryPersonAttributeDao;
import org.apereo.services.persondir.support.CachingPersonAttributeDaoImpl;
import org.apereo.services.persondir.support.CascadingPersonAttributeDao;
import org.apereo.services.persondir.support.GroovyPersonAttributeDao;
import org.apereo.services.persondir.support.GrouperPersonAttributeDao;
import org.apereo.services.persondir.support.JsonBackedComplexStubPersonAttributeDao;
import org.apereo.services.persondir.support.MergingPersonAttributeDaoImpl;
import org.apereo.services.persondir.support.RestfulPersonAttributeDao;
import org.apereo.services.persondir.support.ScriptEnginePersonAttributeDao;
import org.apereo.services.persondir.support.jdbc.AbstractJdbcPersonAttributeDao;
import org.apereo.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao;
import org.apereo.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao;
import org.apereo.services.persondir.support.ldap.LdaptivePersonAttributeDao;
import org.apereo.services.persondir.util.CaseCanonicalizationMode;
import org.jooq.lambda.Unchecked;
import org.ldaptive.handler.LdapEntryHandler;
import org.ldaptive.handler.SearchResultHandler;
import org.pac4j.core.authorization.generator.SpringSecurityPropertiesAuthorizationGenerator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.xml.BeanDefinitionParserDelegate;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Scope;
import org.springframework.core.annotation.AnnotationAwareOrderComparator;
import org.springframework.core.io.Resource;
import org.springframework.http.HttpMethod;
import org.thymeleaf.standard.processor.StandardReplaceTagProcessor;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("casPersonDirectoryConfiguration")
/* loaded from: input_file:WEB-INF/lib/cas-server-support-person-directory-6.2.8.jar:org/apereo/cas/config/CasPersonDirectoryConfiguration.class */
public class CasPersonDirectoryConfiguration {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) CasPersonDirectoryConfiguration.class);

    @Autowired
    private ConfigurableApplicationContext applicationContext;

    @Autowired
    private CasConfigurationProperties casProperties;

    @ConditionalOnProperty(name = {"cas.authn.attribute-repository.groovy[0].location"})
    @Configuration("CasPersonDirectoryGroovyConfiguration")
    /* loaded from: input_file:WEB-INF/lib/cas-server-support-person-directory-6.2.8.jar:org/apereo/cas/config/CasPersonDirectoryConfiguration$CasPersonDirectoryGroovyConfiguration.class */
    public class CasPersonDirectoryGroovyConfiguration implements PersonDirectoryAttributeRepositoryPlanConfigurer {
        public CasPersonDirectoryGroovyConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"groovyAttributeRepositories"})
        @RefreshScope
        @Bean
        public List<IPersonAttributeDao> groovyAttributeRepositories() {
            ArrayList arrayList = new ArrayList();
            CasPersonDirectoryConfiguration.this.casProperties.getAuthn().getAttributeRepository().getGroovy().stream().filter(groovyPrincipalAttributesProperties -> {
                return groovyPrincipalAttributesProperties.getLocation() != null;
            }).forEach(groovyPrincipalAttributesProperties2 -> {
                GroovyPersonAttributeDao groovyPersonAttributeDao = new GroovyPersonAttributeDao(new InternalGroovyScriptDao(CasPersonDirectoryConfiguration.this.applicationContext, CasPersonDirectoryConfiguration.this.casProperties));
                groovyPersonAttributeDao.setCaseInsensitiveUsername(groovyPrincipalAttributesProperties2.isCaseInsensitive());
                groovyPersonAttributeDao.setOrder(groovyPrincipalAttributesProperties2.getOrder());
                String id = groovyPrincipalAttributesProperties2.getId();
                Objects.requireNonNull(groovyPersonAttributeDao);
                FunctionUtils.doIfNotNull(id, str -> {
                    groovyPersonAttributeDao.setId(str);
                });
                CasPersonDirectoryConfiguration.LOGGER.debug("Configured Groovy attribute sources from [{}]", groovyPrincipalAttributesProperties2.getLocation());
                arrayList.add(groovyPersonAttributeDao);
            });
            return arrayList;
        }

        @Override // org.apereo.cas.persondir.PersonDirectoryAttributeRepositoryPlanConfigurer
        public void configureAttributeRepositoryPlan(PersonDirectoryAttributeRepositoryPlan personDirectoryAttributeRepositoryPlan) {
            personDirectoryAttributeRepositoryPlan.registerAttributeRepositories(groovyAttributeRepositories());
        }
    }

    @ConditionalOnProperty(prefix = "cas.authn.attribute-repository.grouper", name = {SpringSecurityPropertiesAuthorizationGenerator.ENABLED}, havingValue = "true")
    @Configuration("CasPersonDirectoryGrouperConfiguration")
    /* loaded from: input_file:WEB-INF/lib/cas-server-support-person-directory-6.2.8.jar:org/apereo/cas/config/CasPersonDirectoryConfiguration$CasPersonDirectoryGrouperConfiguration.class */
    public class CasPersonDirectoryGrouperConfiguration implements PersonDirectoryAttributeRepositoryPlanConfigurer {
        public CasPersonDirectoryGrouperConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"grouperAttributeRepositories"})
        @RefreshScope
        @Bean
        public List<IPersonAttributeDao> grouperAttributeRepositories() {
            ArrayList arrayList = new ArrayList();
            GrouperPrincipalAttributesProperties grouper = CasPersonDirectoryConfiguration.this.casProperties.getAuthn().getAttributeRepository().getGrouper();
            if (grouper.isEnabled()) {
                GrouperPersonAttributeDao grouperPersonAttributeDao = new GrouperPersonAttributeDao();
                grouperPersonAttributeDao.setOrder(grouper.getOrder());
                String id = grouper.getId();
                Objects.requireNonNull(grouperPersonAttributeDao);
                FunctionUtils.doIfNotNull(id, str -> {
                    grouperPersonAttributeDao.setId(str);
                });
                CasPersonDirectoryConfiguration.LOGGER.debug("Configured Grouper attribute source");
                arrayList.add(grouperPersonAttributeDao);
            }
            return arrayList;
        }

        @Override // org.apereo.cas.persondir.PersonDirectoryAttributeRepositoryPlanConfigurer
        public void configureAttributeRepositoryPlan(PersonDirectoryAttributeRepositoryPlan personDirectoryAttributeRepositoryPlan) {
            personDirectoryAttributeRepositoryPlan.registerAttributeRepositories(grouperAttributeRepositories());
        }
    }

    @ConditionalOnClass({JpaBeans.class})
    @Configuration("CasPersonDirectoryJdbcConfiguration")
    /* loaded from: input_file:WEB-INF/lib/cas-server-support-person-directory-6.2.8.jar:org/apereo/cas/config/CasPersonDirectoryConfiguration$CasPersonDirectoryJdbcConfiguration.class */
    public class CasPersonDirectoryJdbcConfiguration implements PersonDirectoryAttributeRepositoryPlanConfigurer {
        public CasPersonDirectoryJdbcConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"jdbcAttributeRepositories"})
        @RefreshScope
        @Bean
        public List<IPersonAttributeDao> jdbcAttributeRepositories() {
            ArrayList arrayList = new ArrayList();
            CasPersonDirectoryConfiguration.this.casProperties.getAuthn().getAttributeRepository().getJdbc().stream().filter(jdbcPrincipalAttributesProperties -> {
                return StringUtils.isNotBlank(jdbcPrincipalAttributesProperties.getSql()) && StringUtils.isNotBlank(jdbcPrincipalAttributesProperties.getUrl());
            }).forEach(jdbcPrincipalAttributesProperties2 -> {
                AbstractJdbcPersonAttributeDao createJdbcPersonAttributeDao = createJdbcPersonAttributeDao(jdbcPrincipalAttributesProperties2);
                String id = jdbcPrincipalAttributesProperties2.getId();
                Objects.requireNonNull(createJdbcPersonAttributeDao);
                FunctionUtils.doIfNotNull(id, str -> {
                    createJdbcPersonAttributeDao.setId(str);
                });
                createJdbcPersonAttributeDao.setQueryAttributeMapping(CollectionUtils.wrap("username", jdbcPrincipalAttributesProperties2.getUsername()));
                Map<String, String> attributes = jdbcPrincipalAttributesProperties2.getAttributes();
                if (attributes != null && !attributes.isEmpty()) {
                    CasPersonDirectoryConfiguration.LOGGER.debug("Configured result attribute mapping for [{}] to be [{}]", jdbcPrincipalAttributesProperties2.getUrl(), jdbcPrincipalAttributesProperties2.getAttributes());
                    createJdbcPersonAttributeDao.setResultAttributeMapping(attributes);
                }
                createJdbcPersonAttributeDao.setRequireAllQueryAttributes(jdbcPrincipalAttributesProperties2.isRequireAllAttributes());
                createJdbcPersonAttributeDao.setUsernameCaseCanonicalizationMode(jdbcPrincipalAttributesProperties2.getCaseCanonicalization());
                createJdbcPersonAttributeDao.setDefaultCaseCanonicalizationMode(jdbcPrincipalAttributesProperties2.getCaseCanonicalization());
                createJdbcPersonAttributeDao.setQueryType(jdbcPrincipalAttributesProperties2.getQueryType());
                createJdbcPersonAttributeDao.setOrder(jdbcPrincipalAttributesProperties2.getOrder());
                arrayList.add(createJdbcPersonAttributeDao);
            });
            return arrayList;
        }

        @Override // org.apereo.cas.persondir.PersonDirectoryAttributeRepositoryPlanConfigurer
        public void configureAttributeRepositoryPlan(PersonDirectoryAttributeRepositoryPlan personDirectoryAttributeRepositoryPlan) {
            personDirectoryAttributeRepositoryPlan.registerAttributeRepositories(jdbcAttributeRepositories());
        }

        private AbstractJdbcPersonAttributeDao createJdbcPersonAttributeDao(JdbcPrincipalAttributesProperties jdbcPrincipalAttributesProperties) {
            if (jdbcPrincipalAttributesProperties.isSingleRow()) {
                CasPersonDirectoryConfiguration.LOGGER.debug("Configured single-row JDBC attribute repository for [{}]", jdbcPrincipalAttributesProperties.getUrl());
                return CasPersonDirectoryConfiguration.configureJdbcPersonAttributeDao(new SingleRowJdbcPersonAttributeDao(JpaBeans.newDataSource(jdbcPrincipalAttributesProperties), jdbcPrincipalAttributesProperties.getSql()), jdbcPrincipalAttributesProperties);
            }
            CasPersonDirectoryConfiguration.LOGGER.debug("Configured multi-row JDBC attribute repository for [{}]", jdbcPrincipalAttributesProperties.getUrl());
            MultiRowJdbcPersonAttributeDao multiRowJdbcPersonAttributeDao = new MultiRowJdbcPersonAttributeDao(JpaBeans.newDataSource(jdbcPrincipalAttributesProperties), jdbcPrincipalAttributesProperties.getSql());
            CasPersonDirectoryConfiguration.LOGGER.debug("Configured multi-row JDBC column mappings for [{}] are [{}]", jdbcPrincipalAttributesProperties.getUrl(), jdbcPrincipalAttributesProperties.getColumnMappings());
            multiRowJdbcPersonAttributeDao.setNameValueColumnMappings(jdbcPrincipalAttributesProperties.getColumnMappings());
            return CasPersonDirectoryConfiguration.configureJdbcPersonAttributeDao(multiRowJdbcPersonAttributeDao, jdbcPrincipalAttributesProperties);
        }
    }

    @ConditionalOnProperty(name = {"cas.authn.attribute-repository.json[0].location"})
    @Configuration("CasPersonDirectoryJsonConfiguration")
    /* loaded from: input_file:WEB-INF/lib/cas-server-support-person-directory-6.2.8.jar:org/apereo/cas/config/CasPersonDirectoryConfiguration$CasPersonDirectoryJsonConfiguration.class */
    public class CasPersonDirectoryJsonConfiguration implements PersonDirectoryAttributeRepositoryPlanConfigurer {
        public CasPersonDirectoryJsonConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"jsonAttributeRepositories"})
        @RefreshScope
        @Bean
        public List<IPersonAttributeDao> jsonAttributeRepositories() {
            ArrayList arrayList = new ArrayList();
            CasPersonDirectoryConfiguration.this.casProperties.getAuthn().getAttributeRepository().getJson().stream().filter(jsonPrincipalAttributesProperties -> {
                return ResourceUtils.doesResourceExist(jsonPrincipalAttributesProperties.getLocation());
            }).forEach(Unchecked.consumer(jsonPrincipalAttributesProperties2 -> {
                Resource location = jsonPrincipalAttributesProperties2.getLocation();
                JsonBackedComplexStubPersonAttributeDao jsonBackedComplexStubPersonAttributeDao = new JsonBackedComplexStubPersonAttributeDao(location);
                try {
                    if (location.isFile()) {
                        FileWatcherService fileWatcherService = new FileWatcherService(location.getFile(), file -> {
                            try {
                                jsonBackedComplexStubPersonAttributeDao.init();
                            } catch (Exception e) {
                                CasPersonDirectoryConfiguration.LOGGER.error(e.getMessage(), (Throwable) e);
                            }
                        });
                        fileWatcherService.start(getClass().getSimpleName());
                        jsonBackedComplexStubPersonAttributeDao.setResourceWatcherService(fileWatcherService);
                    }
                } catch (Exception e) {
                    CasPersonDirectoryConfiguration.LOGGER.debug(e.getMessage(), (Throwable) e);
                }
                jsonBackedComplexStubPersonAttributeDao.setOrder(jsonPrincipalAttributesProperties2.getOrder());
                String id = jsonPrincipalAttributesProperties2.getId();
                Objects.requireNonNull(jsonBackedComplexStubPersonAttributeDao);
                FunctionUtils.doIfNotNull(id, str -> {
                    jsonBackedComplexStubPersonAttributeDao.setId(str);
                });
                jsonBackedComplexStubPersonAttributeDao.init();
                CasPersonDirectoryConfiguration.LOGGER.debug("Configured JSON attribute sources from [{}]", location);
                arrayList.add(jsonBackedComplexStubPersonAttributeDao);
            }));
            return arrayList;
        }

        @Override // org.apereo.cas.persondir.PersonDirectoryAttributeRepositoryPlanConfigurer
        public void configureAttributeRepositoryPlan(PersonDirectoryAttributeRepositoryPlan personDirectoryAttributeRepositoryPlan) {
            personDirectoryAttributeRepositoryPlan.registerAttributeRepositories(jsonAttributeRepositories());
        }
    }

    @Configuration("CasPersonDirectoryLdapConfiguration")
    /* loaded from: input_file:WEB-INF/lib/cas-server-support-person-directory-6.2.8.jar:org/apereo/cas/config/CasPersonDirectoryConfiguration$CasPersonDirectoryLdapConfiguration.class */
    public class CasPersonDirectoryLdapConfiguration implements PersonDirectoryAttributeRepositoryPlanConfigurer {
        public CasPersonDirectoryLdapConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"ldapAttributeRepositories"})
        @RefreshScope
        @Bean
        public List<IPersonAttributeDao> ldapAttributeRepositories() {
            ArrayList arrayList = new ArrayList();
            CasPersonDirectoryConfiguration.this.casProperties.getAuthn().getAttributeRepository().getLdap().stream().filter(ldapPrincipalAttributesProperties -> {
                return StringUtils.isNotBlank(ldapPrincipalAttributesProperties.getBaseDn()) && StringUtils.isNotBlank(ldapPrincipalAttributesProperties.getLdapUrl());
            }).forEach(ldapPrincipalAttributesProperties2 -> {
                LdaptivePersonAttributeDao ldaptivePersonAttributeDao = new LdaptivePersonAttributeDao();
                String id = ldapPrincipalAttributesProperties2.getId();
                Objects.requireNonNull(ldaptivePersonAttributeDao);
                FunctionUtils.doIfNotNull(id, str -> {
                    ldaptivePersonAttributeDao.setId(str);
                });
                CasPersonDirectoryConfiguration.LOGGER.debug("Configured LDAP attribute source for [{}] and baseDn [{}]", ldapPrincipalAttributesProperties2.getLdapUrl(), ldapPrincipalAttributesProperties2.getBaseDn());
                ldaptivePersonAttributeDao.setConnectionFactory(LdapUtils.newLdaptiveConnectionFactory(ldapPrincipalAttributesProperties2));
                ldaptivePersonAttributeDao.setBaseDN(ldapPrincipalAttributesProperties2.getBaseDn());
                CasPersonDirectoryConfiguration.LOGGER.debug("LDAP attributes are fetched from [{}] via filter [{}]", ldapPrincipalAttributesProperties2.getLdapUrl(), ldapPrincipalAttributesProperties2.getSearchFilter());
                ldaptivePersonAttributeDao.setSearchFilter(ldapPrincipalAttributesProperties2.getSearchFilter());
                SearchControls searchControls = new SearchControls();
                if (ldapPrincipalAttributesProperties2.getAttributes() == null || ldapPrincipalAttributesProperties2.getAttributes().isEmpty()) {
                    CasPersonDirectoryConfiguration.LOGGER.debug("Retrieving all attributes as no explicit attribute mappings are defined for [{}]", ldapPrincipalAttributesProperties2.getLdapUrl());
                    searchControls.setReturningAttributes((String[]) null);
                } else {
                    CasPersonDirectoryConfiguration.LOGGER.debug("Configured result attribute mapping for [{}] to be [{}]", ldapPrincipalAttributesProperties2.getLdapUrl(), ldapPrincipalAttributesProperties2.getAttributes());
                    ldaptivePersonAttributeDao.setResultAttributeMapping(ldapPrincipalAttributesProperties2.getAttributes());
                    searchControls.setReturningAttributes((String[]) ldapPrincipalAttributesProperties2.getAttributes().keySet().toArray(ArrayUtils.EMPTY_STRING_ARRAY));
                }
                List<String> binaryAttributes = ldapPrincipalAttributesProperties2.getBinaryAttributes();
                if (binaryAttributes != null && !binaryAttributes.isEmpty()) {
                    CasPersonDirectoryConfiguration.LOGGER.debug("Setting binary attributes [{}]", binaryAttributes);
                    ldaptivePersonAttributeDao.setBinaryAttributes((String[]) binaryAttributes.toArray(ArrayUtils.EMPTY_STRING_ARRAY));
                }
                List<LdapSearchEntryHandlersProperties> searchEntryHandlers = ldapPrincipalAttributesProperties2.getSearchEntryHandlers();
                if (searchEntryHandlers != null && !searchEntryHandlers.isEmpty()) {
                    List<LdapEntryHandler> newLdaptiveEntryHandlers = LdapUtils.newLdaptiveEntryHandlers(searchEntryHandlers);
                    if (newLdaptiveEntryHandlers != null && !newLdaptiveEntryHandlers.isEmpty()) {
                        CasPersonDirectoryConfiguration.LOGGER.debug("Setting entry handlers [{}]", newLdaptiveEntryHandlers);
                        ldaptivePersonAttributeDao.setEntryHandlers((LdapEntryHandler[]) newLdaptiveEntryHandlers.toArray(new LdapEntryHandler[0]));
                    }
                    List<SearchResultHandler> newLdaptiveSearchResultHandlers = LdapUtils.newLdaptiveSearchResultHandlers(searchEntryHandlers);
                    if (newLdaptiveSearchResultHandlers != null && !newLdaptiveSearchResultHandlers.isEmpty()) {
                        CasPersonDirectoryConfiguration.LOGGER.debug("Setting search result handlers [{}]", newLdaptiveSearchResultHandlers);
                        ldaptivePersonAttributeDao.setSearchResultHandlers((SearchResultHandler[]) newLdaptiveSearchResultHandlers.toArray(new SearchResultHandler[0]));
                    }
                }
                if (ldapPrincipalAttributesProperties2.isSubtreeSearch()) {
                    CasPersonDirectoryConfiguration.LOGGER.debug("Configured subtree searching for [{}]", ldapPrincipalAttributesProperties2.getLdapUrl());
                    searchControls.setSearchScope(2);
                }
                searchControls.setDerefLinkFlag(true);
                ldaptivePersonAttributeDao.setSearchControls(searchControls);
                ldaptivePersonAttributeDao.setOrder(ldapPrincipalAttributesProperties2.getOrder());
                CasPersonDirectoryConfiguration.LOGGER.debug("Adding LDAP attribute source for [{}]", ldapPrincipalAttributesProperties2.getLdapUrl());
                arrayList.add(ldaptivePersonAttributeDao);
            });
            return arrayList;
        }

        @Override // org.apereo.cas.persondir.PersonDirectoryAttributeRepositoryPlanConfigurer
        public void configureAttributeRepositoryPlan(PersonDirectoryAttributeRepositoryPlan personDirectoryAttributeRepositoryPlan) {
            personDirectoryAttributeRepositoryPlan.registerAttributeRepositories(ldapAttributeRepositories());
        }
    }

    @Configuration("CasPersonDirectoryRestConfiguration")
    /* loaded from: input_file:WEB-INF/lib/cas-server-support-person-directory-6.2.8.jar:org/apereo/cas/config/CasPersonDirectoryConfiguration$CasPersonDirectoryRestConfiguration.class */
    public class CasPersonDirectoryRestConfiguration implements PersonDirectoryAttributeRepositoryPlanConfigurer {
        public CasPersonDirectoryRestConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"restfulAttributeRepositories"})
        @RefreshScope
        @Bean
        public List<IPersonAttributeDao> restfulAttributeRepositories() {
            ArrayList arrayList = new ArrayList();
            CasPersonDirectoryConfiguration.this.casProperties.getAuthn().getAttributeRepository().getRest().stream().filter(restPrincipalAttributesProperties -> {
                return StringUtils.isNotBlank(restPrincipalAttributesProperties.getUrl());
            }).forEach(restPrincipalAttributesProperties2 -> {
                RestfulPersonAttributeDao restfulPersonAttributeDao = new RestfulPersonAttributeDao();
                restfulPersonAttributeDao.setCaseInsensitiveUsername(restPrincipalAttributesProperties2.isCaseInsensitive());
                restfulPersonAttributeDao.setOrder(restPrincipalAttributesProperties2.getOrder());
                String id = restPrincipalAttributesProperties2.getId();
                Objects.requireNonNull(restfulPersonAttributeDao);
                FunctionUtils.doIfNotNull(id, str -> {
                    restfulPersonAttributeDao.setId(str);
                });
                restfulPersonAttributeDao.setUrl(restPrincipalAttributesProperties2.getUrl());
                restfulPersonAttributeDao.setMethod(((HttpMethod) Objects.requireNonNull(HttpMethod.resolve(restPrincipalAttributesProperties2.getMethod()))).name());
                if (StringUtils.isNotBlank(restPrincipalAttributesProperties2.getBasicAuthPassword()) && StringUtils.isNotBlank(restPrincipalAttributesProperties2.getBasicAuthUsername())) {
                    restfulPersonAttributeDao.setBasicAuthPassword(restPrincipalAttributesProperties2.getBasicAuthPassword());
                    restfulPersonAttributeDao.setBasicAuthUsername(restPrincipalAttributesProperties2.getBasicAuthUsername());
                    CasPersonDirectoryConfiguration.LOGGER.debug("Basic authentication credentials are located for REST endpoint [{}]", restPrincipalAttributesProperties2.getUrl());
                } else {
                    CasPersonDirectoryConfiguration.LOGGER.debug("Basic authentication credentials are not defined for REST endpoint [{}]", restPrincipalAttributesProperties2.getUrl());
                }
                CasPersonDirectoryConfiguration.LOGGER.debug("Configured REST attribute sources from [{}]", restPrincipalAttributesProperties2.getUrl());
                arrayList.add(restfulPersonAttributeDao);
            });
            return arrayList;
        }

        @Override // org.apereo.cas.persondir.PersonDirectoryAttributeRepositoryPlanConfigurer
        public void configureAttributeRepositoryPlan(PersonDirectoryAttributeRepositoryPlan personDirectoryAttributeRepositoryPlan) {
            personDirectoryAttributeRepositoryPlan.registerAttributeRepositories(restfulAttributeRepositories());
        }
    }

    @Configuration("CasPersonDirectoryScriptedConfiguration")
    @Deprecated(since = "6.2.0")
    /* loaded from: input_file:WEB-INF/lib/cas-server-support-person-directory-6.2.8.jar:org/apereo/cas/config/CasPersonDirectoryConfiguration$CasPersonDirectoryScriptedConfiguration.class */
    public class CasPersonDirectoryScriptedConfiguration implements PersonDirectoryAttributeRepositoryPlanConfigurer {
        public CasPersonDirectoryScriptedConfiguration() {
        }

        @ConditionalOnMissingBean(name = {"scriptedAttributeRepositories"})
        @RefreshScope
        @Bean
        public List<IPersonAttributeDao> scriptedAttributeRepositories() {
            ArrayList arrayList = new ArrayList();
            CasPersonDirectoryConfiguration.this.casProperties.getAuthn().getAttributeRepository().getScript().forEach(Unchecked.consumer(scriptedPrincipalAttributesProperties -> {
                ScriptEnginePersonAttributeDao scriptEnginePersonAttributeDao = new ScriptEnginePersonAttributeDao(IOUtils.toString(scriptedPrincipalAttributesProperties.getLocation().getInputStream(), StandardCharsets.UTF_8), scriptedPrincipalAttributesProperties.getEngineName() == null ? ScriptEnginePersonAttributeDao.getScriptEngineName(scriptedPrincipalAttributesProperties.getLocation().getFilename()) : scriptedPrincipalAttributesProperties.getEngineName());
                scriptEnginePersonAttributeDao.setCaseInsensitiveUsername(scriptedPrincipalAttributesProperties.isCaseInsensitive());
                scriptEnginePersonAttributeDao.setOrder(scriptedPrincipalAttributesProperties.getOrder());
                String id = scriptedPrincipalAttributesProperties.getId();
                Objects.requireNonNull(scriptEnginePersonAttributeDao);
                FunctionUtils.doIfNotNull(id, str -> {
                    scriptEnginePersonAttributeDao.setId(str);
                });
                CasPersonDirectoryConfiguration.LOGGER.debug("Configured scripted attribute sources from [{}]", scriptedPrincipalAttributesProperties.getLocation());
                arrayList.add(scriptEnginePersonAttributeDao);
            }));
            return arrayList;
        }

        @Override // org.apereo.cas.persondir.PersonDirectoryAttributeRepositoryPlanConfigurer
        public void configureAttributeRepositoryPlan(PersonDirectoryAttributeRepositoryPlan personDirectoryAttributeRepositoryPlan) {
            personDirectoryAttributeRepositoryPlan.registerAttributeRepositories(scriptedAttributeRepositories());
        }
    }

    @ConditionalOnMissingBean(name = {"personDirectoryPrincipalFactory"})
    @RefreshScope
    @Bean
    public PrincipalFactory personDirectoryPrincipalFactory() {
        return PrincipalFactoryUtils.newPrincipalFactory();
    }

    @ConditionalOnMissingBean(name = {"personDirectoryAttributeRepositoryPrincipalResolver"})
    @RefreshScope
    @Bean
    public PrincipalResolver personDirectoryAttributeRepositoryPrincipalResolver() {
        return CoreAuthenticationUtils.newPersonDirectoryPrincipalResolver(personDirectoryPrincipalFactory(), attributeRepository(), this.casProperties.getPersonDirectory());
    }

    @ConditionalOnMissingBean(name = {"principalResolutionExecutionPlanConfigurer"})
    @RefreshScope
    @Bean
    public PrincipalResolutionExecutionPlanConfigurer principalResolutionExecutionPlanConfigurer() {
        return principalResolutionExecutionPlan -> {
            if (personDirectoryAttributeRepositoryPlan().isEmpty()) {
                LOGGER.debug("Attribute repository sources are not available for person-directory principal resolution");
            } else {
                LOGGER.trace("Attribute repository sources are defined and available for person-directory principal resolution chain. ");
                principalResolutionExecutionPlan.registerPrincipalResolver(personDirectoryAttributeRepositoryPrincipalResolver());
            }
        };
    }

    @ConditionalOnMissingBean(name = {"attributeDefinitionStore"})
    @RefreshScope
    @Bean
    public AttributeDefinitionStore attributeDefinitionStore() throws Exception {
        DefaultAttributeDefinitionStore defaultAttributeDefinitionStore = new DefaultAttributeDefinitionStore(this.casProperties.getPersonDirectory().getAttributeDefinitionStore().getJson().getLocation());
        defaultAttributeDefinitionStore.setScope(this.casProperties.getServer().getScope());
        return defaultAttributeDefinitionStore;
    }

    @ConditionalOnMissingBean(name = {"personDirectoryAttributeRepositoryPlan"})
    @RefreshScope
    @Bean
    public PersonDirectoryAttributeRepositoryPlan personDirectoryAttributeRepositoryPlan() {
        Collection values = this.applicationContext.getBeansOfType(PersonDirectoryAttributeRepositoryPlanConfigurer.class, false, true).values();
        DefaultPersonDirectoryAttributeRepositoryPlan defaultPersonDirectoryAttributeRepositoryPlan = new DefaultPersonDirectoryAttributeRepositoryPlan();
        values.forEach(personDirectoryAttributeRepositoryPlanConfigurer -> {
            personDirectoryAttributeRepositoryPlanConfigurer.configureAttributeRepositoryPlan(defaultPersonDirectoryAttributeRepositoryPlan);
        });
        defaultPersonDirectoryAttributeRepositoryPlan.registerAttributeRepositories(stubAttributeRepositories());
        AnnotationAwareOrderComparator.sort(defaultPersonDirectoryAttributeRepositoryPlan.getAttributeRepositories());
        LOGGER.trace("Final list of attribute repositories is [{}]", defaultPersonDirectoryAttributeRepositoryPlan.getAttributeRepositories());
        return defaultPersonDirectoryAttributeRepositoryPlan;
    }

    @ConditionalOnMissingBean(name = {"attributeRepository"})
    @Scope("prototype")
    @RefreshScope
    @Bean
    public IPersonAttributeDao attributeRepository() {
        return cachingAttributeRepository();
    }

    @ConditionalOnMissingBean(name = {"stubAttributeRepositories"})
    @RefreshScope
    @Bean
    public List<IPersonAttributeDao> stubAttributeRepositories() {
        ArrayList arrayList = new ArrayList();
        Map<String, String> attributes = this.casProperties.getAuthn().getAttributeRepository().getStub().getAttributes();
        if (!attributes.isEmpty()) {
            LOGGER.info("Found and added static attributes [{}] to the list of candidate attribute repositories", attributes.keySet());
            arrayList.add(Beans.newStubAttributeRepository(this.casProperties.getAuthn().getAttributeRepository()));
        }
        return arrayList;
    }

    @ConditionalOnMissingBean(name = {"cachingAttributeRepository"})
    @RefreshScope
    @Bean
    public IPersonAttributeDao cachingAttributeRepository() {
        PrincipalAttributesProperties attributeRepository = this.casProperties.getAuthn().getAttributeRepository();
        if (attributeRepository.getExpirationTime() <= 0) {
            LOGGER.warn("Attribute repository caching is disabled");
            return aggregatingAttributeRepository();
        }
        CachingPersonAttributeDaoImpl cachingPersonAttributeDaoImpl = new CachingPersonAttributeDaoImpl();
        cachingPersonAttributeDaoImpl.setCacheNullResults(false);
        cachingPersonAttributeDaoImpl.setUserInfoCache(Caffeine.newBuilder().maximumSize(attributeRepository.getMaximumCacheSize()).expireAfterWrite(attributeRepository.getExpirationTime(), TimeUnit.valueOf(attributeRepository.getExpirationTimeUnit().toUpperCase())).build().asMap());
        cachingPersonAttributeDaoImpl.setCachedPersonAttributesDao(aggregatingAttributeRepository());
        LOGGER.trace("Configured cache expiration policy for merging attribute sources to be [{}] minute(s)", Integer.valueOf(attributeRepository.getExpirationTime()));
        return cachingPersonAttributeDaoImpl;
    }

    @ConditionalOnMissingBean(name = {"aggregatingAttributeRepository"})
    @RefreshScope
    @Bean
    public IPersonAttributeDao aggregatingAttributeRepository() {
        AbstractAggregatingDefaultQueryPersonAttributeDao aggregateAttributeRepository = getAggregateAttributeRepository();
        String trim = ((String) StringUtils.defaultIfBlank(this.casProperties.getAuthn().getAttributeRepository().getMerger(), StandardReplaceTagProcessor.ATTR_NAME)).trim();
        LOGGER.trace("Configured merging strategy for attribute sources is [{}]", trim);
        aggregateAttributeRepository.setMerger(CoreAuthenticationUtils.getAttributeMerger(trim));
        List<IPersonAttributeDao> attributeRepositories = personDirectoryAttributeRepositoryPlan().getAttributeRepositories();
        aggregateAttributeRepository.setPersonAttributeDaos(attributeRepositories);
        if (attributeRepositories.isEmpty()) {
            LOGGER.debug("No attribute repository sources are available/defined to merge together.");
        } else {
            LOGGER.debug("Configured attribute repository sources to merge together: [{}]", (String) attributeRepositories.stream().map(iPersonAttributeDao -> {
                return Arrays.toString(iPersonAttributeDao.getId());
            }).collect(Collectors.joining(",")));
        }
        return aggregateAttributeRepository;
    }

    private AbstractAggregatingDefaultQueryPersonAttributeDao getAggregateAttributeRepository() {
        String lowerCase = ((String) StringUtils.defaultIfBlank(this.casProperties.getAuthn().getAttributeRepository().getAggregation(), BeanDefinitionParserDelegate.MERGE_ATTRIBUTE)).trim().toLowerCase();
        boolean z = -1;
        switch (lowerCase.hashCode()) {
            case 103785528:
                if (lowerCase.equals(BeanDefinitionParserDelegate.MERGE_ATTRIBUTE)) {
                    z = 2;
                    break;
                }
                break;
            case 107944136:
                if (lowerCase.equals("query")) {
                    z = true;
                    break;
                }
                break;
            case 554829492:
                if (lowerCase.equals("cascade")) {
                    z = false;
                    break;
                }
                break;
            case 950074687:
                if (lowerCase.equals("combine")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
            case true:
                CascadingPersonAttributeDao cascadingPersonAttributeDao = new CascadingPersonAttributeDao();
                cascadingPersonAttributeDao.setAddOriginalAttributesToQuery(true);
                cascadingPersonAttributeDao.setStopIfFirstDaoReturnsNull(true);
                return cascadingPersonAttributeDao;
            case true:
            case true:
            default:
                return new MergingPersonAttributeDaoImpl();
        }
    }

    private static AbstractJdbcPersonAttributeDao configureJdbcPersonAttributeDao(AbstractJdbcPersonAttributeDao abstractJdbcPersonAttributeDao, JdbcPrincipalAttributesProperties jdbcPrincipalAttributesProperties) {
        abstractJdbcPersonAttributeDao.setCaseInsensitiveQueryAttributes((Map) CollectionUtils.convertDirectedListToMap(jdbcPrincipalAttributesProperties.getCaseInsensitiveQueryAttributes()).entrySet().stream().map(entry -> {
            return Pair.of((String) entry.getKey(), StringUtils.isBlank((CharSequence) entry.getValue()) ? jdbcPrincipalAttributesProperties.getCaseCanonicalization() : CaseCanonicalizationMode.valueOf(((String) entry.getValue()).toUpperCase()));
        }).collect(Collectors.toMap((v0) -> {
            return v0.getKey();
        }, (v0) -> {
            return v0.getValue();
        })));
        return abstractJdbcPersonAttributeDao;
    }
}
