package org.apereo.cas.spring.boot;

import java.util.Map;
import org.apereo.cas.spring.boot.CasProperties;
import org.apereo.cas.spring.boot.property.CasAssertionProperties;
import org.apereo.cas.spring.boot.property.CasAuthcProperties;
import org.apereo.cas.spring.boot.property.CasErrorProperties;
import org.apereo.cas.spring.boot.property.CasSsoProperties;
import org.apereo.cas.spring.boot.property.CasTicketProperties;
import org.apereo.cas.spring.boot.property.CasWrapperProperties;
import org.jasig.cas.client.authentication.AuthenticationFilter;
import org.jasig.cas.client.authentication.GatewayResolver;
import org.jasig.cas.client.authentication.Saml11AuthenticationFilter;
import org.jasig.cas.client.authentication.UrlPatternMatcherStrategy;
import org.jasig.cas.client.configuration.ConfigurationKeys;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.jasig.cas.client.util.AssertionThreadLocalFilter;
import org.jasig.cas.client.util.ErrorRedirectFilter;
import org.jasig.cas.client.util.HttpServletRequestWrapperFilter;
import org.jasig.cas.client.validation.AbstractTicketValidationFilter;
import org.jasig.cas.client.validation.Cas10TicketValidationFilter;
import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter;
import org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter;
import org.jasig.cas.client.validation.Saml11TicketValidationFilter;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.context.properties.PropertyMapper;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.util.StringUtils;

@EnableConfigurationProperties({CasProperties.class})
@Configuration
@ConditionalOnClass({AuthenticationFilter.class})
@ConditionalOnProperty(prefix = CasProperties.PREFIX, value = {"enabled"}, havingValue = "true")
/* loaded from: input_file:org/apereo/cas/spring/boot/CasFilterAutoConfiguration.class */
public class CasFilterAutoConfiguration {
    @Bean
    public ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> singleSignOutHttpSessionListener() {
        ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> servletListenerRegistrationBean = new ServletListenerRegistrationBean<>(new SingleSignOutHttpSessionListener());
        servletListenerRegistrationBean.setOrder(1);
        return servletListenerRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean<ErrorRedirectFilter> errorRedirectFilter(CasErrorProperties casErrorProperties) {
        FilterRegistrationBean<ErrorRedirectFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new ErrorRedirectFilter());
        filterRegistrationBean.addInitParameter("defaultErrorRedirectPage", casErrorProperties.getErrorRedirectUrl());
        Map<String, String> errorRedirectMappings = casErrorProperties.getErrorRedirectMappings();
        if (errorRedirectMappings != null) {
            for (Map.Entry<String, String> entry : errorRedirectMappings.entrySet()) {
                filterRegistrationBean.addInitParameter(entry.getKey(), entry.getValue());
            }
        }
        filterRegistrationBean.setEnabled(casErrorProperties.isEnabled());
        filterRegistrationBean.addUrlPatterns(casErrorProperties.getPathPatterns());
        filterRegistrationBean.setOrder(1);
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean<SingleSignOutFilter> singleSignOutFilter(CasProperties casProperties, CasSsoProperties casSsoProperties) {
        FilterRegistrationBean<SingleSignOutFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new SingleSignOutFilter());
        filterRegistrationBean.setEnabled(casProperties.isEnabled());
        if (StringUtils.hasText(casProperties.getArtifactParameterName())) {
            filterRegistrationBean.addInitParameter(ConfigurationKeys.ARTIFACT_PARAMETER_NAME.getName(), casProperties.getArtifactParameterName());
        }
        if (StringUtils.hasText(casProperties.getLogoutParameterName())) {
            filterRegistrationBean.addInitParameter(ConfigurationKeys.LOGOUT_PARAMETER_NAME.getName(), casProperties.getLogoutParameterName());
        }
        if (StringUtils.hasText(casProperties.getRelayStateParameterName())) {
            filterRegistrationBean.addInitParameter(ConfigurationKeys.RELAY_STATE_PARAMETER_NAME.getName(), casProperties.getRelayStateParameterName());
        }
        filterRegistrationBean.addInitParameter(ConfigurationKeys.CAS_SERVER_URL_PREFIX.getName(), casProperties.getPrefixUrl());
        filterRegistrationBean.addInitParameter(ConfigurationKeys.ARTIFACT_PARAMETER_OVER_POST.getName(), String.valueOf(casProperties.isArtifactParameterOverPost()));
        filterRegistrationBean.addInitParameter(ConfigurationKeys.EAGERLY_CREATE_SESSIONS.getName(), String.valueOf(casProperties.isEagerlyCreateSessions()));
        filterRegistrationBean.setEnabled(casProperties.isEnabled());
        filterRegistrationBean.addUrlPatterns(casSsoProperties.getPathPatterns());
        filterRegistrationBean.setOrder(2);
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean<AbstractTicketValidationFilter> ticketValidationFilter(CasProperties casProperties, CasTicketProperties casTicketProperties) {
        FilterRegistrationBean<AbstractTicketValidationFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setEnabled(casProperties.isEnabled());
        if (CasProperties.CasProtocol.CAS10.equals(casProperties.getProtocol())) {
            filterRegistrationBean.setFilter(new Cas10TicketValidationFilter());
        } else if (CasProperties.CasProtocol.CAS20_PROXY.equals(casProperties.getProtocol())) {
            filterRegistrationBean.setFilter(new Cas20ProxyReceivingTicketValidationFilter());
            filterRegistrationBean.addInitParameter(ConfigurationKeys.ACCEPT_ANY_PROXY.getName(), Boolean.toString(casProperties.isAcceptAnyProxy()));
            if (StringUtils.hasText(casProperties.getAllowedProxyChains())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.ALLOWED_PROXY_CHAINS.getName(), casProperties.getAllowedProxyChains());
            }
            filterRegistrationBean.addInitParameter(ConfigurationKeys.ARTIFACT_PARAMETER_OVER_POST.getName(), Boolean.toString(casProperties.isArtifactParameterOverPost()));
            if (StringUtils.hasText(casProperties.getArtifactParameterName())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.ARTIFACT_PARAMETER_NAME.getName(), casProperties.getArtifactParameterName());
            }
            if (StringUtils.hasText(casTicketProperties.getAuthenticationRedirectStrategyClass())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.AUTHENTICATION_REDIRECT_STRATEGY_CLASS.getName(), casTicketProperties.getAuthenticationRedirectStrategyClass());
            }
            if (StringUtils.hasText(casTicketProperties.getCipherAlgorithm())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.CIPHER_ALGORITHM.getName(), casTicketProperties.getCipherAlgorithm());
            }
            filterRegistrationBean.addInitParameter(ConfigurationKeys.EAGERLY_CREATE_SESSIONS.getName(), Boolean.toString(casProperties.isEagerlyCreateSessions()));
            filterRegistrationBean.addInitParameter(ConfigurationKeys.GATEWAY.getName(), Boolean.toString(casProperties.isGateway()));
            if (StringUtils.hasText(casTicketProperties.getGatewayStorageClass())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.GATEWAY_STORAGE_CLASS.getName(), casTicketProperties.getGatewayStorageClass());
            }
            filterRegistrationBean.addInitParameter(ConfigurationKeys.IGNORE_CASE.getName(), Boolean.toString(casTicketProperties.isIgnoreCase()));
            if (StringUtils.hasText(casTicketProperties.getIgnorePattern())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.IGNORE_PATTERN.getName(), casTicketProperties.getIgnorePattern());
            }
            filterRegistrationBean.addInitParameter(ConfigurationKeys.IGNORE_URL_PATTERN_TYPE.getName(), casTicketProperties.getIgnoreUrlPatternType().toString());
            if (StringUtils.hasText(casProperties.getLogoutParameterName())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.LOGOUT_PARAMETER_NAME.getName(), casProperties.getLogoutParameterName());
            }
            filterRegistrationBean.addInitParameter(ConfigurationKeys.MILLIS_BETWEEN_CLEAN_UPS.getName(), Long.toString(casTicketProperties.getMillisBetweenCleanUps()));
            if (StringUtils.hasText(casTicketProperties.getProxyReceptorUrl())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.PROXY_RECEPTOR_URL.getName(), casTicketProperties.getProxyReceptorUrl());
            }
            if (StringUtils.hasText(casTicketProperties.getProxyCallbackUrl())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.PROXY_CALLBACK_URL.getName(), casTicketProperties.getProxyCallbackUrl());
            }
            if (StringUtils.hasText(casTicketProperties.getProxyGrantingTicketStorageClass())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.PROXY_GRANTING_TICKET_STORAGE_CLASS.getName(), casTicketProperties.getProxyGrantingTicketStorageClass());
            }
            if (StringUtils.hasText(casProperties.getRelayStateParameterName())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.RELAY_STATE_PARAMETER_NAME.getName(), casProperties.getRelayStateParameterName());
            }
            if (StringUtils.hasText(casTicketProperties.getRoleAttribute())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.ROLE_ATTRIBUTE.getName(), casTicketProperties.getRoleAttribute());
            }
            if (StringUtils.hasText(casTicketProperties.getSecretKey())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.SECRET_KEY.getName(), casTicketProperties.getSecretKey());
            }
            if (StringUtils.hasText(casTicketProperties.getTicketValidatorClass())) {
                filterRegistrationBean.addInitParameter(ConfigurationKeys.TICKET_VALIDATOR_CLASS.getName(), casTicketProperties.getTicketValidatorClass());
            }
            filterRegistrationBean.addInitParameter(ConfigurationKeys.TOLERANCE.getName(), Long.toString(casTicketProperties.getTolerance()));
        } else if (CasProperties.CasProtocol.CAS30_PROXY.equals(casProperties.getProtocol())) {
            filterRegistrationBean.setFilter(new Cas30ProxyReceivingTicketValidationFilter());
        } else if (CasProperties.CasProtocol.SAML.equals(casProperties.getProtocol())) {
            filterRegistrationBean.setFilter(new Saml11TicketValidationFilter());
            filterRegistrationBean.addInitParameter(ConfigurationKeys.TOLERANCE.getName(), Long.toString(casTicketProperties.getTolerance()));
        }
        filterRegistrationBean.addInitParameter(ConfigurationKeys.ENCODE_SERVICE_URL.getName(), Boolean.toString(casProperties.isEncodeServiceUrl()));
        if (StringUtils.hasText(casProperties.getEncoding())) {
            filterRegistrationBean.addInitParameter(ConfigurationKeys.ENCODING.getName(), casProperties.getEncoding());
        }
        filterRegistrationBean.addInitParameter(ConfigurationKeys.EXCEPTION_ON_VALIDATION_FAILURE.getName(), Boolean.toString(casTicketProperties.isExceptionOnValidationFailure()));
        filterRegistrationBean.addInitParameter(ConfigurationKeys.CAS_SERVER_LOGIN_URL.getName(), casProperties.getLoginUrl());
        filterRegistrationBean.addInitParameter(ConfigurationKeys.CAS_SERVER_URL_PREFIX.getName(), casProperties.getPrefixUrl());
        if (StringUtils.hasText(casTicketProperties.getHostnameVerifier())) {
            filterRegistrationBean.addInitParameter(ConfigurationKeys.HOSTNAME_VERIFIER.getName(), casTicketProperties.getHostnameVerifier());
        }
        if (StringUtils.hasText(casTicketProperties.getHostnameVerifierConfig())) {
            filterRegistrationBean.addInitParameter(ConfigurationKeys.HOSTNAME_VERIFIER_CONFIG.getName(), casTicketProperties.getHostnameVerifierConfig());
        }
        filterRegistrationBean.addInitParameter(ConfigurationKeys.REDIRECT_AFTER_VALIDATION.getName(), Boolean.toString(casTicketProperties.isRedirectAfterValidation()));
        if (StringUtils.hasText(casProperties.getServerName())) {
            filterRegistrationBean.addInitParameter(ConfigurationKeys.SERVER_NAME.getName(), casProperties.getServerName());
        } else if (StringUtils.hasText(casProperties.getService())) {
            filterRegistrationBean.addInitParameter(ConfigurationKeys.SERVICE.getName(), casProperties.getService());
        }
        if (StringUtils.hasText(casTicketProperties.getSslConfigFile())) {
            filterRegistrationBean.addInitParameter(ConfigurationKeys.SSL_CONFIG_FILE.getName(), casTicketProperties.getSslConfigFile());
        }
        filterRegistrationBean.addInitParameter(ConfigurationKeys.USE_SESSION.getName(), Boolean.toString(casTicketProperties.isUseSession()));
        filterRegistrationBean.addUrlPatterns(casTicketProperties.getPathPatterns());
        filterRegistrationBean.setOrder(3);
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean<AuthenticationFilter> authenticationFilter(CasProperties casProperties, CasAuthcProperties casAuthcProperties, GatewayResolver gatewayResolver, UrlPatternMatcherStrategy urlPatternMatcherStrategy) {
        FilterRegistrationBean<AuthenticationFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        Saml11AuthenticationFilter saml11AuthenticationFilter = CasProperties.CasProtocol.SAML.equals(casProperties.getProtocol()) ? new Saml11AuthenticationFilter() : new AuthenticationFilter();
        PropertyMapper alwaysApplyingWhenNonNull = PropertyMapper.get().alwaysApplyingWhenNonNull();
        PropertyMapper.Source from = alwaysApplyingWhenNonNull.from(casProperties.getLoginUrl());
        Saml11AuthenticationFilter saml11AuthenticationFilter2 = saml11AuthenticationFilter;
        saml11AuthenticationFilter2.getClass();
        from.to(saml11AuthenticationFilter2::setCasServerLoginUrl);
        PropertyMapper.Source from2 = alwaysApplyingWhenNonNull.from(casProperties.getPrefixUrl());
        Saml11AuthenticationFilter saml11AuthenticationFilter3 = saml11AuthenticationFilter;
        saml11AuthenticationFilter3.getClass();
        from2.to(saml11AuthenticationFilter3::setCasServerUrlPrefix);
        PropertyMapper.Source from3 = alwaysApplyingWhenNonNull.from(Boolean.valueOf(casProperties.isEncodeServiceUrl()));
        Saml11AuthenticationFilter saml11AuthenticationFilter4 = saml11AuthenticationFilter;
        saml11AuthenticationFilter4.getClass();
        from3.to((v1) -> {
            r1.setEncodeServiceUrl(v1);
        });
        PropertyMapper.Source from4 = alwaysApplyingWhenNonNull.from(Boolean.valueOf(casProperties.isGateway()));
        Saml11AuthenticationFilter saml11AuthenticationFilter5 = saml11AuthenticationFilter;
        saml11AuthenticationFilter5.getClass();
        from4.to((v1) -> {
            r1.setGateway(v1);
        });
        PropertyMapper.Source from5 = alwaysApplyingWhenNonNull.from(gatewayResolver);
        Saml11AuthenticationFilter saml11AuthenticationFilter6 = saml11AuthenticationFilter;
        saml11AuthenticationFilter6.getClass();
        from5.to(saml11AuthenticationFilter6::setGatewayStorage);
        PropertyMapper.Source from6 = alwaysApplyingWhenNonNull.from(true);
        Saml11AuthenticationFilter saml11AuthenticationFilter7 = saml11AuthenticationFilter;
        saml11AuthenticationFilter7.getClass();
        from6.to((v1) -> {
            r1.setIgnoreInitConfiguration(v1);
        });
        PropertyMapper.Source from7 = alwaysApplyingWhenNonNull.from(urlPatternMatcherStrategy);
        Saml11AuthenticationFilter saml11AuthenticationFilter8 = saml11AuthenticationFilter;
        saml11AuthenticationFilter8.getClass();
        from7.to(saml11AuthenticationFilter8::setIgnoreUrlPatternMatcherStrategyClass);
        PropertyMapper.Source from8 = alwaysApplyingWhenNonNull.from(Boolean.valueOf(casProperties.isRenew()));
        Saml11AuthenticationFilter saml11AuthenticationFilter9 = saml11AuthenticationFilter;
        saml11AuthenticationFilter9.getClass();
        from8.to((v1) -> {
            r1.setRenew(v1);
        });
        PropertyMapper.Source from9 = alwaysApplyingWhenNonNull.from(casProperties.getServerName());
        Saml11AuthenticationFilter saml11AuthenticationFilter10 = saml11AuthenticationFilter;
        saml11AuthenticationFilter10.getClass();
        from9.to(saml11AuthenticationFilter10::setServerName);
        PropertyMapper.Source from10 = alwaysApplyingWhenNonNull.from(casProperties.getService());
        Saml11AuthenticationFilter saml11AuthenticationFilter11 = saml11AuthenticationFilter;
        saml11AuthenticationFilter11.getClass();
        from10.to(saml11AuthenticationFilter11::setService);
        filterRegistrationBean.setFilter(saml11AuthenticationFilter);
        filterRegistrationBean.addUrlPatterns(casAuthcProperties.getPathPatterns());
        filterRegistrationBean.setOrder(4);
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean<HttpServletRequestWrapperFilter> requestWrapperFilter(CasWrapperProperties casWrapperProperties) {
        FilterRegistrationBean<HttpServletRequestWrapperFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new HttpServletRequestWrapperFilter());
        filterRegistrationBean.setEnabled(casWrapperProperties.isEnabled());
        filterRegistrationBean.addInitParameter(ConfigurationKeys.IGNORE_CASE.getName(), String.valueOf(casWrapperProperties.isIgnoreCase()));
        if (StringUtils.hasText(casWrapperProperties.getRoleAttribute())) {
            filterRegistrationBean.addInitParameter(ConfigurationKeys.ROLE_ATTRIBUTE.getName(), casWrapperProperties.getRoleAttribute());
        }
        filterRegistrationBean.addUrlPatterns(casWrapperProperties.getPathPatterns());
        filterRegistrationBean.setOrder(5);
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean<AssertionThreadLocalFilter> assertionThreadLocalFilter(CasAssertionProperties casAssertionProperties) {
        FilterRegistrationBean<AssertionThreadLocalFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new AssertionThreadLocalFilter());
        filterRegistrationBean.setEnabled(casAssertionProperties.isEnabled());
        filterRegistrationBean.addUrlPatterns(casAssertionProperties.getPathPatterns());
        filterRegistrationBean.setOrder(6);
        return filterRegistrationBean;
    }
}
