package org.apache.syncope.wa.starter.mapping;

import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.syncope.common.lib.auth.MFAAuthModuleConf;
import org.apache.syncope.common.lib.auth.Pac4jAuthModuleConf;
import org.apache.syncope.common.lib.policy.AuthPolicyTO;
import org.apache.syncope.common.lib.policy.DefaultAuthPolicyConf;
import org.apache.syncope.common.lib.to.AuthModuleTO;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlan;
import org.apereo.cas.authentication.MultifactorAuthenticationHandler;
import org.apereo.cas.authentication.MultifactorAuthenticationProvider;
import org.apereo.cas.services.AnyAuthenticationHandlerRegisteredServiceAuthenticationPolicyCriteria;
import org.apereo.cas.services.DefaultRegisteredServiceAuthenticationPolicy;
import org.apereo.cas.services.DefaultRegisteredServiceDelegatedAuthenticationPolicy;
import org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.context.ConfigurableApplicationContext;

@AuthMapFor(authPolicyConfClass = DefaultAuthPolicyConf.class)
/* loaded from: input_file:org/apache/syncope/wa/starter/mapping/DefaultAuthMapper.class */
public class DefaultAuthMapper implements AuthMapper {
    protected static final Logger LOG = LoggerFactory.getLogger(DefaultAuthMapper.class);

    @Override // org.apache.syncope.wa.starter.mapping.AuthMapper
    public AuthMapperResult build(ConfigurableApplicationContext configurableApplicationContext, String str, ObjectProvider<AuthenticationEventExecutionPlan> objectProvider, AuthPolicyTO authPolicyTO, List<AuthModuleTO> list) {
        DefaultRegisteredServiceAuthenticationPolicy defaultRegisteredServiceAuthenticationPolicy = new DefaultRegisteredServiceAuthenticationPolicy();
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        DefaultAuthPolicyConf conf = authPolicyTO.getConf();
        if (!conf.getAuthModules().isEmpty()) {
            HashSet hashSet3 = new HashSet(conf.getAuthModules());
            Stream stream = ((AuthenticationEventExecutionPlan) objectProvider.getObject()).getAuthenticationHandlers().stream();
            Class<MultifactorAuthenticationHandler> cls = MultifactorAuthenticationHandler.class;
            Objects.requireNonNull(MultifactorAuthenticationHandler.class);
            hashSet.addAll((Collection) stream.filter((v1) -> {
                return r2.isInstance(v1);
            }).filter(authenticationHandler -> {
                return conf.getAuthModules().contains(authenticationHandler.getName());
            }).map((v0) -> {
                return v0.getName();
            }).collect(Collectors.toSet()));
            hashSet3.removeAll(hashSet);
            hashSet2.addAll((Collection) list.stream().filter(authModuleTO -> {
                return authModuleTO.getConf() instanceof Pac4jAuthModuleConf;
            }).map(authModuleTO2 -> {
                return Pair.of(authModuleTO2.getKey(), (String) Optional.ofNullable(authModuleTO2.getConf().getClientName()).orElse(authModuleTO2.getKey()));
            }).collect(Collectors.toSet()));
            if (!hashSet2.isEmpty()) {
                hashSet3.removeAll((Collection) hashSet2.stream().map((v0) -> {
                    return v0.getLeft();
                }).collect(Collectors.toSet()));
                hashSet3.add(str);
            }
            defaultRegisteredServiceAuthenticationPolicy.setRequiredAuthenticationHandlers(hashSet3);
        }
        AnyAuthenticationHandlerRegisteredServiceAuthenticationPolicyCriteria anyAuthenticationHandlerRegisteredServiceAuthenticationPolicyCriteria = new AnyAuthenticationHandlerRegisteredServiceAuthenticationPolicyCriteria();
        anyAuthenticationHandlerRegisteredServiceAuthenticationPolicyCriteria.setTryAll(conf.isTryAll());
        defaultRegisteredServiceAuthenticationPolicy.setCriteria(anyAuthenticationHandlerRegisteredServiceAuthenticationPolicyCriteria);
        DefaultRegisteredServiceMultifactorPolicy defaultRegisteredServiceMultifactorPolicy = null;
        if (!hashSet.isEmpty()) {
            Set set = (Set) hashSet.stream().map(str2 -> {
                return list.stream().filter(authModuleTO3 -> {
                    return str2.equals(authModuleTO3.getKey());
                }).findFirst();
            }).filter((v0) -> {
                return v0.isPresent();
            }).map((v0) -> {
                return v0.get();
            }).filter(authModuleTO3 -> {
                return authModuleTO3.getConf() instanceof MFAAuthModuleConf;
            }).map(authModuleTO4 -> {
                return authModuleTO4.getConf().getFriendlyName();
            }).collect(Collectors.toSet());
            Set set2 = (Set) configurableApplicationContext.getBeansOfType(MultifactorAuthenticationProvider.class).values().stream().filter(multifactorAuthenticationProvider -> {
                return set.contains(multifactorAuthenticationProvider.getFriendlyName());
            }).map((v0) -> {
                return v0.getId();
            }).collect(Collectors.toSet());
            defaultRegisteredServiceMultifactorPolicy = new DefaultRegisteredServiceMultifactorPolicy();
            defaultRegisteredServiceMultifactorPolicy.setBypassEnabled(false);
            defaultRegisteredServiceMultifactorPolicy.setForceExecution(true);
            defaultRegisteredServiceMultifactorPolicy.setMultifactorAuthenticationProviders(set2);
        }
        DefaultRegisteredServiceDelegatedAuthenticationPolicy defaultRegisteredServiceDelegatedAuthenticationPolicy = null;
        if (!hashSet2.isEmpty()) {
            defaultRegisteredServiceDelegatedAuthenticationPolicy = new DefaultRegisteredServiceDelegatedAuthenticationPolicy();
            defaultRegisteredServiceDelegatedAuthenticationPolicy.getAllowedProviders().addAll((Collection) hashSet2.stream().map((v0) -> {
                return v0.getRight();
            }).collect(Collectors.toSet()));
        }
        return new AuthMapperResult(defaultRegisteredServiceAuthenticationPolicy, defaultRegisteredServiceMultifactorPolicy, defaultRegisteredServiceDelegatedAuthenticationPolicy);
    }
}
