package org.apache.syncope.wa.bootstrap.mapping;

import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.syncope.client.lib.SyncopeClient;
import org.apache.syncope.common.lib.AbstractJDBCConf;
import org.apache.syncope.common.lib.AbstractLDAPConf;
import org.apache.syncope.common.lib.auth.AbstractOIDCAuthModuleConf;
import org.apache.syncope.common.lib.auth.AppleOIDCAuthModuleConf;
import org.apache.syncope.common.lib.auth.AuthModuleConf;
import org.apache.syncope.common.lib.auth.AzureOIDCAuthModuleConf;
import org.apache.syncope.common.lib.auth.DuoMfaAuthModuleConf;
import org.apache.syncope.common.lib.auth.GoogleMfaAuthModuleConf;
import org.apache.syncope.common.lib.auth.GoogleOIDCAuthModuleConf;
import org.apache.syncope.common.lib.auth.JDBCAuthModuleConf;
import org.apache.syncope.common.lib.auth.JaasAuthModuleConf;
import org.apache.syncope.common.lib.auth.KeycloakOIDCAuthModuleConf;
import org.apache.syncope.common.lib.auth.LDAPAuthModuleConf;
import org.apache.syncope.common.lib.auth.OAuth20AuthModuleConf;
import org.apache.syncope.common.lib.auth.OIDCAuthModuleConf;
import org.apache.syncope.common.lib.auth.SAML2IdPAuthModuleConf;
import org.apache.syncope.common.lib.auth.SimpleMfaAuthModuleConf;
import org.apache.syncope.common.lib.auth.SpnegoAuthModuleConf;
import org.apache.syncope.common.lib.auth.StaticAuthModuleConf;
import org.apache.syncope.common.lib.auth.SyncopeAuthModuleConf;
import org.apache.syncope.common.lib.auth.U2FAuthModuleConf;
import org.apache.syncope.common.lib.auth.X509AuthModuleConf;
import org.apache.syncope.common.lib.to.AuthModuleTO;
import org.apache.syncope.common.lib.types.AuthModuleState;
import org.apache.syncope.wa.bootstrap.WARestClient;
import org.apereo.cas.configuration.CasCoreConfigurationUtils;
import org.apereo.cas.configuration.model.core.authentication.AuthenticationHandlerStates;
import org.apereo.cas.configuration.model.support.generic.AcceptAuthenticationProperties;
import org.apereo.cas.configuration.model.support.jaas.JaasAuthenticationProperties;
import org.apereo.cas.configuration.model.support.jdbc.authn.QueryJdbcAuthenticationProperties;
import org.apereo.cas.configuration.model.support.jpa.AbstractJpaProperties;
import org.apereo.cas.configuration.model.support.ldap.AbstractLdapAuthenticationProperties;
import org.apereo.cas.configuration.model.support.ldap.AbstractLdapProperties;
import org.apereo.cas.configuration.model.support.ldap.AbstractLdapSearchProperties;
import org.apereo.cas.configuration.model.support.ldap.LdapAuthenticationProperties;
import org.apereo.cas.configuration.model.support.mfa.DuoSecurityMultifactorAuthenticationProperties;
import org.apereo.cas.configuration.model.support.mfa.gauth.GoogleAuthenticatorMultifactorProperties;
import org.apereo.cas.configuration.model.support.mfa.gauth.LdapGoogleAuthenticatorMultifactorProperties;
import org.apereo.cas.configuration.model.support.mfa.simple.CasSimpleMultifactorAuthenticationProperties;
import org.apereo.cas.configuration.model.support.mfa.u2f.U2FMultifactorAuthenticationProperties;
import org.apereo.cas.configuration.model.support.pac4j.oauth.Pac4jOAuth20ClientProperties;
import org.apereo.cas.configuration.model.support.pac4j.oidc.BasePac4jOidcClientProperties;
import org.apereo.cas.configuration.model.support.pac4j.oidc.Pac4jAppleOidcClientProperties;
import org.apereo.cas.configuration.model.support.pac4j.oidc.Pac4jAzureOidcClientProperties;
import org.apereo.cas.configuration.model.support.pac4j.oidc.Pac4jGenericOidcClientProperties;
import org.apereo.cas.configuration.model.support.pac4j.oidc.Pac4jGoogleOidcClientProperties;
import org.apereo.cas.configuration.model.support.pac4j.oidc.Pac4jKeyCloakOidcClientProperties;
import org.apereo.cas.configuration.model.support.pac4j.oidc.Pac4jOidcClientProperties;
import org.apereo.cas.configuration.model.support.pac4j.saml.Pac4jSamlClientProperties;
import org.apereo.cas.configuration.model.support.spnego.SpnegoAuthenticationProperties;
import org.apereo.cas.configuration.model.support.spnego.SpnegoLdapProperties;
import org.apereo.cas.configuration.model.support.spnego.SpnegoProperties;
import org.apereo.cas.configuration.model.support.syncope.SyncopeAuthenticationProperties;
import org.apereo.cas.configuration.model.support.x509.SubjectDnPrincipalResolverProperties;
import org.apereo.cas.configuration.model.support.x509.X509LdapProperties;
import org.apereo.cas.configuration.model.support.x509.X509Properties;
import org.apereo.cas.util.ResourceUtils;
import org.apereo.cas.util.model.TriStateBoolean;

/* loaded from: input_file:org/apache/syncope/wa/bootstrap/mapping/AuthModulePropertySourceMapper.class */
public class AuthModulePropertySourceMapper extends PropertySourceMapper implements AuthModuleConf.Mapper {
    protected final WARestClient waRestClient;

    /* renamed from: org.apache.syncope.wa.bootstrap.mapping.AuthModulePropertySourceMapper$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/syncope/wa/bootstrap/mapping/AuthModulePropertySourceMapper$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apereo$cas$configuration$model$support$x509$X509Properties$PrincipalTypes = new int[X509Properties.PrincipalTypes.values().length];

        static {
            try {
                $SwitchMap$org$apereo$cas$configuration$model$support$x509$X509Properties$PrincipalTypes[X509Properties.PrincipalTypes.CN_EDIPI.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apereo$cas$configuration$model$support$x509$X509Properties$PrincipalTypes[X509Properties.PrincipalTypes.RFC822_EMAIL.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apereo$cas$configuration$model$support$x509$X509Properties$PrincipalTypes[X509Properties.PrincipalTypes.SUBJECT.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$apereo$cas$configuration$model$support$x509$X509Properties$PrincipalTypes[X509Properties.PrincipalTypes.SUBJECT_ALT_NAME.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$apereo$cas$configuration$model$support$x509$X509Properties$PrincipalTypes[X509Properties.PrincipalTypes.SUBJECT_DN.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$apereo$cas$configuration$model$support$x509$X509Properties$PrincipalTypes[X509Properties.PrincipalTypes.SERIAL_NO_DN.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$org$apereo$cas$configuration$model$support$x509$X509Properties$PrincipalTypes[X509Properties.PrincipalTypes.SERIAL_NO.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
        }
    }

    public AuthModulePropertySourceMapper(WARestClient wARestClient) {
        this.waRestClient = wARestClient;
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, StaticAuthModuleConf staticAuthModuleConf) {
        AcceptAuthenticationProperties acceptAuthenticationProperties = new AcceptAuthenticationProperties();
        acceptAuthenticationProperties.setName(authModuleTO.getKey());
        acceptAuthenticationProperties.setState(AuthenticationHandlerStates.valueOf(authModuleTO.getState().name()));
        acceptAuthenticationProperties.setOrder(authModuleTO.getOrder());
        acceptAuthenticationProperties.setUsers((String) staticAuthModuleConf.getUsers().entrySet().stream().map(entry -> {
            return ((String) entry.getKey()) + "::" + ((String) entry.getValue());
        }).collect(Collectors.joining(",")));
        return prefix("cas.authn.accept.", CasCoreConfigurationUtils.asMap(acceptAuthenticationProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, LDAPAuthModuleConf lDAPAuthModuleConf) {
        LdapAuthenticationProperties ldapAuthenticationProperties = new LdapAuthenticationProperties();
        ldapAuthenticationProperties.setName(authModuleTO.getKey());
        ldapAuthenticationProperties.setState(AuthenticationHandlerStates.valueOf(authModuleTO.getState().name()));
        ldapAuthenticationProperties.setOrder(Integer.valueOf(authModuleTO.getOrder()));
        ldapAuthenticationProperties.setType(AbstractLdapAuthenticationProperties.AuthenticationTypes.valueOf(lDAPAuthModuleConf.getAuthenticationType().name()));
        ldapAuthenticationProperties.setDnFormat(lDAPAuthModuleConf.getDnFormat());
        ldapAuthenticationProperties.setEnhanceWithEntryResolver(lDAPAuthModuleConf.isEnhanceWithEntryResolver());
        ldapAuthenticationProperties.setDerefAliases((String) Optional.ofNullable(lDAPAuthModuleConf.getDerefAliases()).map((v0) -> {
            return v0.name();
        }).orElse(null));
        ldapAuthenticationProperties.setResolveFromAttribute(lDAPAuthModuleConf.getResolveFromAttribute());
        ldapAuthenticationProperties.setPrincipalAttributeId(lDAPAuthModuleConf.getPrincipalAttributeId());
        ldapAuthenticationProperties.setPrincipalDnAttributeName(lDAPAuthModuleConf.getPrincipalDnAttributeName());
        ldapAuthenticationProperties.setPrincipalAttributeList((List) authModuleTO.getItems().stream().map(item -> {
            return item.getIntAttrName() + ":" + item.getExtAttrName();
        }).collect(Collectors.toList()));
        ldapAuthenticationProperties.setAllowMultiplePrincipalAttributeValues(lDAPAuthModuleConf.isAllowMultiplePrincipalAttributeValues());
        ldapAuthenticationProperties.setAdditionalAttributes(lDAPAuthModuleConf.getAdditionalAttributes());
        ldapAuthenticationProperties.setAllowMissingPrincipalAttributeValue(lDAPAuthModuleConf.isAllowMissingPrincipalAttributeValue());
        ldapAuthenticationProperties.setCollectDnAttribute(ldapAuthenticationProperties.isCollectDnAttribute());
        ldapAuthenticationProperties.getPasswordPolicy().setType(AbstractLdapProperties.LdapType.valueOf(lDAPAuthModuleConf.getLdapType().name()));
        fill((AbstractLdapSearchProperties) ldapAuthenticationProperties, (AbstractLDAPConf) lDAPAuthModuleConf);
        return prefix("cas.authn.ldap[].", CasCoreConfigurationUtils.asMap(ldapAuthenticationProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, JDBCAuthModuleConf jDBCAuthModuleConf) {
        QueryJdbcAuthenticationProperties queryJdbcAuthenticationProperties = new QueryJdbcAuthenticationProperties();
        queryJdbcAuthenticationProperties.setName(authModuleTO.getKey());
        queryJdbcAuthenticationProperties.setState(AuthenticationHandlerStates.valueOf(authModuleTO.getState().name()));
        queryJdbcAuthenticationProperties.setOrder(authModuleTO.getOrder());
        queryJdbcAuthenticationProperties.setSql(jDBCAuthModuleConf.getSql());
        queryJdbcAuthenticationProperties.setFieldDisabled(jDBCAuthModuleConf.getFieldDisabled());
        queryJdbcAuthenticationProperties.setFieldExpired(jDBCAuthModuleConf.getFieldExpired());
        queryJdbcAuthenticationProperties.setFieldPassword(jDBCAuthModuleConf.getFieldPassword());
        queryJdbcAuthenticationProperties.setPrincipalAttributeList((List) authModuleTO.getItems().stream().map(item -> {
            return item.getIntAttrName() + ":" + item.getExtAttrName();
        }).collect(Collectors.toList()));
        fill((AbstractJpaProperties) queryJdbcAuthenticationProperties, (AbstractJDBCConf) jDBCAuthModuleConf);
        return prefix("cas.authn.jdbc.query[].", CasCoreConfigurationUtils.asMap(queryJdbcAuthenticationProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, JaasAuthModuleConf jaasAuthModuleConf) {
        JaasAuthenticationProperties jaasAuthenticationProperties = new JaasAuthenticationProperties();
        jaasAuthenticationProperties.setName(authModuleTO.getKey());
        jaasAuthenticationProperties.setState(AuthenticationHandlerStates.valueOf(authModuleTO.getState().name()));
        jaasAuthenticationProperties.setOrder(authModuleTO.getOrder());
        jaasAuthenticationProperties.setLoginConfigType(jaasAuthModuleConf.getLoginConfigType());
        jaasAuthenticationProperties.setKerberosKdcSystemProperty(jaasAuthModuleConf.getKerberosKdcSystemProperty());
        jaasAuthenticationProperties.setKerberosRealmSystemProperty(jaasAuthModuleConf.getKerberosRealmSystemProperty());
        jaasAuthenticationProperties.setLoginConfigType(jaasAuthModuleConf.getLoginConfigurationFile());
        jaasAuthenticationProperties.setRealm(jaasAuthModuleConf.getRealm());
        return prefix("cas.authn.jaas[].", CasCoreConfigurationUtils.asMap(jaasAuthenticationProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, OAuth20AuthModuleConf oAuth20AuthModuleConf) {
        Pac4jOAuth20ClientProperties pac4jOAuth20ClientProperties = new Pac4jOAuth20ClientProperties();
        pac4jOAuth20ClientProperties.setId(oAuth20AuthModuleConf.getClientId());
        pac4jOAuth20ClientProperties.setSecret(oAuth20AuthModuleConf.getClientSecret());
        pac4jOAuth20ClientProperties.setClientName((String) Optional.ofNullable(oAuth20AuthModuleConf.getClientName()).orElse(authModuleTO.getKey()));
        pac4jOAuth20ClientProperties.setEnabled(authModuleTO.getState() == AuthModuleState.ACTIVE);
        pac4jOAuth20ClientProperties.setCustomParams(oAuth20AuthModuleConf.getCustomParams());
        pac4jOAuth20ClientProperties.setAuthUrl(oAuth20AuthModuleConf.getAuthUrl());
        pac4jOAuth20ClientProperties.setProfilePath(oAuth20AuthModuleConf.getProfilePath());
        pac4jOAuth20ClientProperties.setProfileVerb(oAuth20AuthModuleConf.getProfileVerb());
        pac4jOAuth20ClientProperties.setProfileUrl(oAuth20AuthModuleConf.getProfileUrl());
        pac4jOAuth20ClientProperties.setTokenUrl(oAuth20AuthModuleConf.getTokenUrl());
        pac4jOAuth20ClientProperties.setResponseType(oAuth20AuthModuleConf.getResponseType());
        pac4jOAuth20ClientProperties.setScope(oAuth20AuthModuleConf.getScope());
        pac4jOAuth20ClientProperties.setPrincipalAttributeId(oAuth20AuthModuleConf.getUserIdAttribute());
        pac4jOAuth20ClientProperties.setWithState(oAuth20AuthModuleConf.isWithState());
        pac4jOAuth20ClientProperties.setProfileAttrs((Map) authModuleTO.getItems().stream().collect(Collectors.toMap((v0) -> {
            return v0.getIntAttrName();
        }, (v0) -> {
            return v0.getExtAttrName();
        })));
        return prefix("cas.authn.pac4j.oauth2[].", CasCoreConfigurationUtils.asMap(pac4jOAuth20ClientProperties));
    }

    protected void map(AuthModuleTO authModuleTO, BasePac4jOidcClientProperties basePac4jOidcClientProperties, AbstractOIDCAuthModuleConf abstractOIDCAuthModuleConf) {
        basePac4jOidcClientProperties.setId(abstractOIDCAuthModuleConf.getClientId());
        basePac4jOidcClientProperties.setSecret(abstractOIDCAuthModuleConf.getClientSecret());
        basePac4jOidcClientProperties.setClientName((String) Optional.ofNullable(abstractOIDCAuthModuleConf.getClientName()).orElse(authModuleTO.getKey()));
        basePac4jOidcClientProperties.setEnabled(authModuleTO.getState() == AuthModuleState.ACTIVE);
        basePac4jOidcClientProperties.setCustomParams(abstractOIDCAuthModuleConf.getCustomParams());
        basePac4jOidcClientProperties.setDiscoveryUri(abstractOIDCAuthModuleConf.getDiscoveryUri());
        basePac4jOidcClientProperties.setMaxClockSkew(abstractOIDCAuthModuleConf.getMaxClockSkew());
        basePac4jOidcClientProperties.setPreferredJwsAlgorithm(abstractOIDCAuthModuleConf.getPreferredJwsAlgorithm());
        basePac4jOidcClientProperties.setResponseMode(abstractOIDCAuthModuleConf.getResponseMode());
        basePac4jOidcClientProperties.setResponseType(abstractOIDCAuthModuleConf.getResponseType());
        basePac4jOidcClientProperties.setScope(abstractOIDCAuthModuleConf.getScope());
        basePac4jOidcClientProperties.setPrincipalAttributeId(abstractOIDCAuthModuleConf.getUserIdAttribute());
        basePac4jOidcClientProperties.setExpireSessionWithToken(abstractOIDCAuthModuleConf.isExpireSessionWithToken());
        basePac4jOidcClientProperties.setTokenExpirationAdvance(abstractOIDCAuthModuleConf.getTokenExpirationAdvance());
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, OIDCAuthModuleConf oIDCAuthModuleConf) {
        Pac4jGenericOidcClientProperties pac4jGenericOidcClientProperties = new Pac4jGenericOidcClientProperties();
        map(authModuleTO, pac4jGenericOidcClientProperties, oIDCAuthModuleConf);
        new Pac4jOidcClientProperties().setGeneric(pac4jGenericOidcClientProperties);
        return prefix("cas.authn.pac4j.oidc[].generic.", CasCoreConfigurationUtils.asMap(pac4jGenericOidcClientProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, AzureOIDCAuthModuleConf azureOIDCAuthModuleConf) {
        Pac4jAzureOidcClientProperties pac4jAzureOidcClientProperties = new Pac4jAzureOidcClientProperties();
        map(authModuleTO, pac4jAzureOidcClientProperties, azureOIDCAuthModuleConf);
        pac4jAzureOidcClientProperties.setTenant(azureOIDCAuthModuleConf.getTenant());
        new Pac4jOidcClientProperties().setAzure(pac4jAzureOidcClientProperties);
        return prefix("cas.authn.pac4j.oidc[].azure.", CasCoreConfigurationUtils.asMap(pac4jAzureOidcClientProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, GoogleOIDCAuthModuleConf googleOIDCAuthModuleConf) {
        Pac4jGoogleOidcClientProperties pac4jGoogleOidcClientProperties = new Pac4jGoogleOidcClientProperties();
        map(authModuleTO, pac4jGoogleOidcClientProperties, googleOIDCAuthModuleConf);
        new Pac4jOidcClientProperties().setGoogle(pac4jGoogleOidcClientProperties);
        return prefix("cas.authn.pac4j.oidc[].google.", CasCoreConfigurationUtils.asMap(pac4jGoogleOidcClientProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, KeycloakOIDCAuthModuleConf keycloakOIDCAuthModuleConf) {
        Pac4jKeyCloakOidcClientProperties pac4jKeyCloakOidcClientProperties = new Pac4jKeyCloakOidcClientProperties();
        map(authModuleTO, pac4jKeyCloakOidcClientProperties, keycloakOIDCAuthModuleConf);
        pac4jKeyCloakOidcClientProperties.setRealm(keycloakOIDCAuthModuleConf.getRealm());
        pac4jKeyCloakOidcClientProperties.setBaseUri(keycloakOIDCAuthModuleConf.getBaseUri());
        new Pac4jOidcClientProperties().setKeycloak(pac4jKeyCloakOidcClientProperties);
        return prefix("cas.authn.pac4j.oidc[].keycloak.", CasCoreConfigurationUtils.asMap(pac4jKeyCloakOidcClientProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, AppleOIDCAuthModuleConf appleOIDCAuthModuleConf) {
        Pac4jAppleOidcClientProperties pac4jAppleOidcClientProperties = new Pac4jAppleOidcClientProperties();
        map(authModuleTO, pac4jAppleOidcClientProperties, appleOIDCAuthModuleConf);
        pac4jAppleOidcClientProperties.setTimeout(appleOIDCAuthModuleConf.getTimeout());
        pac4jAppleOidcClientProperties.setPrivateKey(appleOIDCAuthModuleConf.getPrivateKey());
        pac4jAppleOidcClientProperties.setPrivateKeyId(appleOIDCAuthModuleConf.getPrivateKeyId());
        pac4jAppleOidcClientProperties.setTeamId(appleOIDCAuthModuleConf.getTeamId());
        new Pac4jOidcClientProperties().setApple(pac4jAppleOidcClientProperties);
        return prefix("cas.authn.pac4j.oidc[].apple.", CasCoreConfigurationUtils.asMap(pac4jAppleOidcClientProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, SAML2IdPAuthModuleConf sAML2IdPAuthModuleConf) {
        Pac4jSamlClientProperties pac4jSamlClientProperties = new Pac4jSamlClientProperties();
        pac4jSamlClientProperties.setClientName((String) Optional.ofNullable(sAML2IdPAuthModuleConf.getClientName()).orElse(authModuleTO.getKey()));
        pac4jSamlClientProperties.setEnabled(authModuleTO.getState() == AuthModuleState.ACTIVE);
        pac4jSamlClientProperties.setAcceptedSkew(sAML2IdPAuthModuleConf.getAcceptedSkew());
        pac4jSamlClientProperties.setAssertionConsumerServiceIndex(sAML2IdPAuthModuleConf.getAssertionConsumerServiceIndex());
        pac4jSamlClientProperties.setAttributeConsumingServiceIndex(sAML2IdPAuthModuleConf.getAttributeConsumingServiceIndex());
        pac4jSamlClientProperties.setAuthnContextClassRef(sAML2IdPAuthModuleConf.getAuthnContextClassRefs());
        pac4jSamlClientProperties.setAuthnContextComparisonType(sAML2IdPAuthModuleConf.getAuthnContextComparisonType());
        pac4jSamlClientProperties.setBlockedSignatureSigningAlgorithms(sAML2IdPAuthModuleConf.getBlockedSignatureSigningAlgorithms());
        pac4jSamlClientProperties.setDestinationBinding(sAML2IdPAuthModuleConf.getDestinationBinding().getUri());
        pac4jSamlClientProperties.setIdentityProviderMetadataPath(sAML2IdPAuthModuleConf.getIdentityProviderMetadataPath());
        pac4jSamlClientProperties.setServiceProviderMetadataPath(sAML2IdPAuthModuleConf.getServiceProviderMetadataPath());
        pac4jSamlClientProperties.setKeystorePath(sAML2IdPAuthModuleConf.getKeystorePath());
        pac4jSamlClientProperties.setWantsAssertionsSigned(sAML2IdPAuthModuleConf.isWantsAssertionsSigned());
        pac4jSamlClientProperties.setWantsResponsesSigned(sAML2IdPAuthModuleConf.isResponsesSigned());
        pac4jSamlClientProperties.setKeystoreAlias(sAML2IdPAuthModuleConf.getKeystoreAlias());
        pac4jSamlClientProperties.setKeystorePassword(sAML2IdPAuthModuleConf.getKeystorePassword());
        pac4jSamlClientProperties.setMaximumAuthenticationLifetime(sAML2IdPAuthModuleConf.getMaximumAuthenticationLifetime());
        pac4jSamlClientProperties.setNameIdPolicyFormat(sAML2IdPAuthModuleConf.getNameIdPolicyFormat());
        pac4jSamlClientProperties.setPrivateKeyPassword(sAML2IdPAuthModuleConf.getPrivateKeyPassword());
        pac4jSamlClientProperties.setProviderName(sAML2IdPAuthModuleConf.getProviderName());
        pac4jSamlClientProperties.setServiceProviderEntityId(sAML2IdPAuthModuleConf.getServiceProviderEntityId());
        pac4jSamlClientProperties.setSignatureAlgorithms(sAML2IdPAuthModuleConf.getSignatureAlgorithms());
        pac4jSamlClientProperties.setSignatureCanonicalizationAlgorithm(sAML2IdPAuthModuleConf.getSignatureCanonicalizationAlgorithm());
        pac4jSamlClientProperties.setSignatureReferenceDigestMethods(sAML2IdPAuthModuleConf.getSignatureReferenceDigestMethods());
        pac4jSamlClientProperties.setPrincipalAttributeId(sAML2IdPAuthModuleConf.getUserIdAttribute());
        pac4jSamlClientProperties.setNameIdPolicyAllowCreate(StringUtils.isBlank(sAML2IdPAuthModuleConf.getNameIdPolicyAllowCreate()) ? TriStateBoolean.UNDEFINED : TriStateBoolean.valueOf(sAML2IdPAuthModuleConf.getNameIdPolicyAllowCreate().toUpperCase()));
        return prefix("cas.authn.pac4j.saml[].", CasCoreConfigurationUtils.asMap(pac4jSamlClientProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, X509AuthModuleConf x509AuthModuleConf) {
        X509Properties x509Properties = new X509Properties();
        x509Properties.setName(x509AuthModuleConf.getName());
        x509Properties.setOrder(x509AuthModuleConf.getOrder());
        x509Properties.setCacheDiskOverflow(x509AuthModuleConf.isCacheDiskOverflow());
        x509Properties.setCacheDiskSize(x509AuthModuleConf.getCacheDiskSize());
        x509Properties.setCacheEternal(x509AuthModuleConf.isCacheEternal());
        x509Properties.setCacheMaxElementsInMemory(x509AuthModuleConf.getCacheMaxElementsInMemory());
        x509Properties.setCacheTimeToLiveSeconds(x509AuthModuleConf.getCacheTimeToLiveSeconds());
        x509Properties.setCheckAll(x509AuthModuleConf.isCheckAll());
        x509Properties.setCheckKeyUsage(x509AuthModuleConf.isCheckKeyUsage());
        x509Properties.setCrlExpiredPolicy(x509AuthModuleConf.getCrlExpiredPolicy().name());
        x509Properties.setCrlFetcher(x509AuthModuleConf.getCrlFetcher().name());
        x509Properties.setCrlResourceExpiredPolicy(x509AuthModuleConf.getCrlResourceExpiredPolicy().name());
        x509Properties.setCrlResourceUnavailablePolicy(x509AuthModuleConf.getCrlResourceUnavailablePolicy().name());
        x509Properties.setCrlResources(x509AuthModuleConf.getCrlResources());
        x509Properties.setCrlUnavailablePolicy(x509AuthModuleConf.getCrlUnavailablePolicy().name());
        x509Properties.setExtractCert(x509AuthModuleConf.isExtractCert());
        x509Properties.setMaxPathLength(x509AuthModuleConf.getMaxPathLength());
        x509Properties.setMaxPathLengthAllowUnspecified(x509AuthModuleConf.isMaxPathLengthAllowUnspecified());
        x509Properties.setMixedMode(x509AuthModuleConf.isMixedMode());
        x509Properties.setRefreshIntervalSeconds(x509AuthModuleConf.getRefreshIntervalSeconds());
        x509Properties.setRegExSubjectDnPattern(x509AuthModuleConf.getRegExSubjectDnPattern());
        x509Properties.setRegExTrustedIssuerDnPattern(x509AuthModuleConf.getRegExTrustedIssuerDnPattern());
        x509Properties.setRequireKeyUsage(x509AuthModuleConf.isRequireKeyUsage());
        x509Properties.setRevocationChecker(x509AuthModuleConf.getRevocationChecker().name());
        x509Properties.setRevocationPolicyThreshold(x509AuthModuleConf.getRevocationPolicyThreshold());
        x509Properties.setSslHeaderName(x509AuthModuleConf.getSslHeaderName());
        x509Properties.setThrowOnFetchFailure(x509AuthModuleConf.isThrowOnFetchFailure());
        x509Properties.setPrincipalType(X509Properties.PrincipalTypes.valueOf(x509AuthModuleConf.getPrincipalType().name()));
        if (StringUtils.isNotBlank(x509AuthModuleConf.getPrincipalAlternateAttribute())) {
            switch (AnonymousClass1.$SwitchMap$org$apereo$cas$configuration$model$support$x509$X509Properties$PrincipalTypes[x509Properties.getPrincipalType().ordinal()]) {
                case 1:
                    x509Properties.getCnEdipi().setAlternatePrincipalAttribute(x509AuthModuleConf.getPrincipalAlternateAttribute());
                    break;
                case 2:
                    x509Properties.getRfc822Email().setAlternatePrincipalAttribute(x509AuthModuleConf.getPrincipalAlternateAttribute());
                    break;
                case 3:
                    x509Properties.setPrincipalDescriptor(x509AuthModuleConf.getPrincipalAlternateAttribute());
                    break;
                case 4:
                    x509Properties.getSubjectAltName().setAlternatePrincipalAttribute(x509AuthModuleConf.getPrincipalAlternateAttribute());
                    break;
            }
        }
        x509Properties.getSubjectDn().setFormat(SubjectDnPrincipalResolverProperties.SubjectDnFormat.valueOf(x509AuthModuleConf.getPrincipalTypeSubjectDnFormat().name()));
        x509Properties.getSerialNoDn().setSerialNumberPrefix(x509AuthModuleConf.getPrincipalTypeSerialNoDnSerialNumberPrefix());
        x509Properties.getSerialNoDn().setValueDelimiter(x509AuthModuleConf.getPrincipalTypeSerialNoDnValueDelimiter());
        x509Properties.getSerialNo().setPrincipalHexSNZeroPadding(x509AuthModuleConf.isPrincipalTypeSerialNoHexSNZeroPadding());
        x509Properties.getSerialNo().setPrincipalSNRadix(x509AuthModuleConf.getPrincipalTypeSerialNoSNRadix());
        if (x509AuthModuleConf.getLdap() != null) {
            X509LdapProperties x509LdapProperties = new X509LdapProperties();
            x509LdapProperties.setCertificateAttribute(x509AuthModuleConf.getLdap().getCertificateAttribute());
            fill((AbstractLdapSearchProperties) x509LdapProperties, (AbstractLDAPConf) x509AuthModuleConf.getLdap());
            x509Properties.setLdap(x509LdapProperties);
        }
        return prefix("cas.authn.x509.", CasCoreConfigurationUtils.asMap(x509Properties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, SyncopeAuthModuleConf syncopeAuthModuleConf) {
        SyncopeClient syncopeClient = this.waRestClient.getSyncopeClient();
        if (syncopeClient == null) {
            LOG.warn("Application context is not ready to bootstrap WA configuration");
            return Map.of();
        }
        SyncopeAuthenticationProperties syncopeAuthenticationProperties = new SyncopeAuthenticationProperties();
        syncopeAuthenticationProperties.setName(authModuleTO.getKey());
        syncopeAuthenticationProperties.setState(AuthenticationHandlerStates.valueOf(authModuleTO.getState().name()));
        syncopeAuthenticationProperties.setDomain(syncopeAuthModuleConf.getDomain());
        syncopeAuthenticationProperties.setUrl(StringUtils.substringBefore(syncopeClient.getAddress(), "/rest"));
        syncopeAuthenticationProperties.setAttributeMappings((Map) authModuleTO.getItems().stream().collect(Collectors.toMap((v0) -> {
            return v0.getIntAttrName();
        }, (v0) -> {
            return v0.getExtAttrName();
        })));
        return prefix("cas.authn.syncope.", CasCoreConfigurationUtils.asMap(syncopeAuthenticationProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, GoogleMfaAuthModuleConf googleMfaAuthModuleConf) {
        GoogleAuthenticatorMultifactorProperties googleAuthenticatorMultifactorProperties = new GoogleAuthenticatorMultifactorProperties();
        googleAuthenticatorMultifactorProperties.setName(authModuleTO.getKey());
        googleAuthenticatorMultifactorProperties.setOrder(authModuleTO.getOrder());
        googleAuthenticatorMultifactorProperties.getCore().setIssuer(googleMfaAuthModuleConf.getIssuer());
        googleAuthenticatorMultifactorProperties.getCore().setCodeDigits(googleMfaAuthModuleConf.getCodeDigits());
        googleAuthenticatorMultifactorProperties.getCore().setLabel(googleMfaAuthModuleConf.getLabel());
        googleAuthenticatorMultifactorProperties.getCore().setTimeStepSize(googleMfaAuthModuleConf.getTimeStepSize());
        googleAuthenticatorMultifactorProperties.getCore().setWindowSize(googleMfaAuthModuleConf.getWindowSize());
        if (googleMfaAuthModuleConf.getLdap() != null) {
            LdapGoogleAuthenticatorMultifactorProperties ldapGoogleAuthenticatorMultifactorProperties = new LdapGoogleAuthenticatorMultifactorProperties();
            ldapGoogleAuthenticatorMultifactorProperties.setAccountAttributeName(googleMfaAuthModuleConf.getLdap().getAccountAttributeName());
            fill((AbstractLdapSearchProperties) ldapGoogleAuthenticatorMultifactorProperties, (AbstractLDAPConf) googleMfaAuthModuleConf.getLdap());
            googleAuthenticatorMultifactorProperties.setLdap(ldapGoogleAuthenticatorMultifactorProperties);
        }
        return prefix("cas.authn.mfa.gauth.", CasCoreConfigurationUtils.asMap(googleAuthenticatorMultifactorProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, DuoMfaAuthModuleConf duoMfaAuthModuleConf) {
        DuoSecurityMultifactorAuthenticationProperties duoSecurityMultifactorAuthenticationProperties = new DuoSecurityMultifactorAuthenticationProperties();
        duoSecurityMultifactorAuthenticationProperties.setName(authModuleTO.getKey());
        duoSecurityMultifactorAuthenticationProperties.setOrder(authModuleTO.getOrder());
        duoSecurityMultifactorAuthenticationProperties.setDuoApiHost(duoMfaAuthModuleConf.getApiHost());
        duoSecurityMultifactorAuthenticationProperties.setDuoApplicationKey(duoMfaAuthModuleConf.getApplicationKey());
        duoSecurityMultifactorAuthenticationProperties.setDuoIntegrationKey(duoMfaAuthModuleConf.getIntegrationKey());
        duoSecurityMultifactorAuthenticationProperties.setDuoSecretKey(duoMfaAuthModuleConf.getSecretKey());
        return prefix("cas.authn.mfa.duo.", CasCoreConfigurationUtils.asMap(duoSecurityMultifactorAuthenticationProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, U2FAuthModuleConf u2FAuthModuleConf) {
        U2FMultifactorAuthenticationProperties u2FMultifactorAuthenticationProperties = new U2FMultifactorAuthenticationProperties();
        u2FMultifactorAuthenticationProperties.setName(authModuleTO.getKey());
        u2FMultifactorAuthenticationProperties.setOrder(authModuleTO.getOrder());
        u2FMultifactorAuthenticationProperties.getCore().setExpireDevices(u2FAuthModuleConf.getExpireDevices());
        u2FMultifactorAuthenticationProperties.getCore().setExpireDevicesTimeUnit(TimeUnit.valueOf(u2FAuthModuleConf.getExpireDevicesTimeUnit()));
        u2FMultifactorAuthenticationProperties.getCore().setExpireRegistrations(u2FAuthModuleConf.getExpireRegistrations());
        u2FMultifactorAuthenticationProperties.getCore().setExpireRegistrationsTimeUnit(TimeUnit.valueOf(u2FAuthModuleConf.getExpireRegistrationsTimeUnit()));
        return prefix("cas.authn.mfa.u2f.", CasCoreConfigurationUtils.asMap(u2FMultifactorAuthenticationProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, SimpleMfaAuthModuleConf simpleMfaAuthModuleConf) {
        CasSimpleMultifactorAuthenticationProperties casSimpleMultifactorAuthenticationProperties = new CasSimpleMultifactorAuthenticationProperties();
        casSimpleMultifactorAuthenticationProperties.setName(authModuleTO.getKey());
        casSimpleMultifactorAuthenticationProperties.setOrder(authModuleTO.getOrder());
        casSimpleMultifactorAuthenticationProperties.getMail().setAttributeName(simpleMfaAuthModuleConf.getEmailAttribute());
        casSimpleMultifactorAuthenticationProperties.getMail().setFrom(simpleMfaAuthModuleConf.getEmailFrom());
        casSimpleMultifactorAuthenticationProperties.getMail().setSubject(simpleMfaAuthModuleConf.getEmailSubject());
        casSimpleMultifactorAuthenticationProperties.getMail().setText(simpleMfaAuthModuleConf.getEmailText());
        casSimpleMultifactorAuthenticationProperties.getToken().getCore().setTokenLength(simpleMfaAuthModuleConf.getTokenLength());
        casSimpleMultifactorAuthenticationProperties.getToken().getCore().setTimeToKillInSeconds(simpleMfaAuthModuleConf.getTimeToKillInSeconds());
        if (StringUtils.isNotBlank(simpleMfaAuthModuleConf.getBypassGroovyScript())) {
            try {
                casSimpleMultifactorAuthenticationProperties.getBypass().getGroovy().setLocation(ResourceUtils.getResourceFrom(simpleMfaAuthModuleConf.getBypassGroovyScript()));
            } catch (Exception e) {
                LOG.error("Unable to load groovy script for bypass", e);
                throw new IllegalArgumentException(e);
            }
        }
        return prefix("cas.authn.mfa.simple.", CasCoreConfigurationUtils.asMap(casSimpleMultifactorAuthenticationProperties));
    }

    public Map<String, Object> map(AuthModuleTO authModuleTO, SpnegoAuthModuleConf spnegoAuthModuleConf) {
        SpnegoProperties spnegoProperties = new SpnegoProperties();
        spnegoProperties.setName(authModuleTO.getKey());
        spnegoProperties.setOrder(authModuleTO.getOrder());
        SpnegoAuthenticationProperties spnegoAuthenticationProperties = new SpnegoAuthenticationProperties();
        spnegoAuthenticationProperties.setJcifsServicePrincipal(spnegoAuthModuleConf.getJcifsServicePrincipal());
        spnegoProperties.getProperties().add(spnegoAuthenticationProperties);
        spnegoProperties.setMixedModeAuthentication(spnegoAuthModuleConf.isMixedModeAuthentication());
        spnegoProperties.setIpsToCheckPattern(spnegoAuthModuleConf.getIpsToCheckPattern());
        spnegoProperties.setSend401OnAuthenticationFailure(spnegoAuthModuleConf.isSend401OnAuthenticationFailure());
        spnegoProperties.setAlternativeRemoteHostAttribute(spnegoAuthModuleConf.getAlternativeRemoteHostAttribute());
        spnegoProperties.setDnsTimeout(spnegoAuthModuleConf.getDnsTimeout());
        spnegoProperties.setHostNameClientActionStrategy(spnegoAuthModuleConf.getHostNameClientActionStrategy());
        spnegoProperties.setHostNamePatternString(spnegoAuthModuleConf.getHostNamePatternString());
        spnegoProperties.setNtlm(spnegoAuthModuleConf.isNtlm());
        spnegoProperties.setNtlmAllowed(spnegoAuthModuleConf.isNtlmAllowed());
        spnegoProperties.setPoolSize(spnegoAuthModuleConf.getPoolSize());
        spnegoProperties.setPoolTimeout(spnegoAuthModuleConf.getPoolTimeout());
        spnegoProperties.setPrincipalWithDomainName(spnegoAuthModuleConf.isPrincipalWithDomainName());
        spnegoProperties.setSpnegoAttributeName(spnegoAuthModuleConf.getSpnegoAttributeName());
        spnegoProperties.setSupportedBrowsers(spnegoAuthModuleConf.getSupportedBrowsers());
        spnegoProperties.getSystem().setUseSubjectCredsOnly(spnegoAuthModuleConf.isUseSubjectCredsOnly());
        spnegoProperties.getSystem().setLoginConf(spnegoAuthModuleConf.getLoginConf());
        spnegoProperties.getSystem().setKerberosKdc(spnegoAuthModuleConf.getKerberosKdc());
        spnegoProperties.getSystem().setKerberosRealm(spnegoAuthModuleConf.getKerberosRealm());
        spnegoProperties.getSystem().setKerberosConf(spnegoAuthModuleConf.getKerberosConf());
        spnegoProperties.getSystem().setKerberosDebug(BooleanUtils.toStringTrueFalse(spnegoAuthModuleConf.isKerberosDebug()));
        if (spnegoAuthModuleConf.getLdap() != null) {
            SpnegoLdapProperties spnegoLdapProperties = new SpnegoLdapProperties();
            fill((AbstractLdapSearchProperties) spnegoLdapProperties, (AbstractLDAPConf) spnegoAuthModuleConf.getLdap());
            spnegoProperties.setLdap(spnegoLdapProperties);
        } else {
            spnegoProperties.setLdap((SpnegoLdapProperties) null);
        }
        spnegoProperties.getPrincipal().setActiveAttributeRepositoryIds(spnegoAuthModuleConf.getAttributeRepoId());
        return prefix("cas.authn.spnego.", CasCoreConfigurationUtils.asMap(spnegoProperties));
    }
}
