package org.apereo.cas.support.pac4j.authentication;

import com.github.scribejava.core.model.Verb;
import com.nimbusds.jose.JWSAlgorithm;
import java.util.Collection;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.stream.Collectors;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.pac4j.Pac4jBaseClientProperties;
import org.apereo.cas.configuration.model.support.pac4j.Pac4jDelegatedAuthenticationProperties;
import org.apereo.cas.configuration.model.support.pac4j.oidc.BasePac4jOidcClientProperties;
import org.apereo.cas.configuration.model.support.pac4j.oidc.Pac4jOidcClientProperties;
import org.apereo.cas.configuration.support.Beans;
import org.apereo.cas.util.RandomUtils;
import org.pac4j.cas.client.CasClient;
import org.pac4j.cas.config.CasConfiguration;
import org.pac4j.cas.config.CasProtocol;
import org.pac4j.core.client.IndirectClient;
import org.pac4j.core.http.callback.PathParameterCallbackUrlResolver;
import org.pac4j.oauth.client.BitbucketClient;
import org.pac4j.oauth.client.DropBoxClient;
import org.pac4j.oauth.client.FacebookClient;
import org.pac4j.oauth.client.FoursquareClient;
import org.pac4j.oauth.client.GenericOAuth20Client;
import org.pac4j.oauth.client.GitHubClient;
import org.pac4j.oauth.client.Google2Client;
import org.pac4j.oauth.client.HiOrgServerClient;
import org.pac4j.oauth.client.LinkedIn2Client;
import org.pac4j.oauth.client.OrcidClient;
import org.pac4j.oauth.client.PayPalClient;
import org.pac4j.oauth.client.TwitterClient;
import org.pac4j.oauth.client.WindowsLiveClient;
import org.pac4j.oauth.client.WordPressClient;
import org.pac4j.oauth.client.YahooClient;
import org.pac4j.oidc.client.AzureAdClient;
import org.pac4j.oidc.client.GoogleOidcClient;
import org.pac4j.oidc.client.KeycloakOidcClient;
import org.pac4j.oidc.client.OidcClient;
import org.pac4j.oidc.config.AzureAdOidcConfiguration;
import org.pac4j.oidc.config.KeycloakOidcConfiguration;
import org.pac4j.oidc.config.OidcConfiguration;
import org.pac4j.saml.client.SAML2Client;
import org.pac4j.saml.config.SAML2Configuration;
import org.pac4j.saml.metadata.SAML2ServiceProvicerRequestedAttribute;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apereo/cas/support/pac4j/authentication/DelegatedClientFactory.class */
public class DelegatedClientFactory {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(DelegatedClientFactory.class);
    private final CasConfigurationProperties casProperties;

    protected void configureGitHubClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.Github github = this.casProperties.getAuthn().getPac4j().getGithub();
        if (github.isEnabled() && StringUtils.isNotBlank(github.getId()) && StringUtils.isNotBlank(github.getSecret())) {
            GitHubClient gitHubClient = new GitHubClient(github.getId(), github.getSecret());
            configureClient(gitHubClient, github);
            LOGGER.debug("Created client [{}] with identifier [{}]", gitHubClient.getName(), gitHubClient.getKey());
            collection.add(gitHubClient);
        }
    }

    protected void configureDropBoxClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.Dropbox dropbox = this.casProperties.getAuthn().getPac4j().getDropbox();
        if (dropbox.isEnabled() && StringUtils.isNotBlank(dropbox.getId()) && StringUtils.isNotBlank(dropbox.getSecret())) {
            DropBoxClient dropBoxClient = new DropBoxClient(dropbox.getId(), dropbox.getSecret());
            configureClient(dropBoxClient, dropbox);
            LOGGER.debug("Created client [{}] with identifier [{}]", dropBoxClient.getName(), dropBoxClient.getKey());
            collection.add(dropBoxClient);
        }
    }

    protected void configureOrcidClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.Orcid orcid = this.casProperties.getAuthn().getPac4j().getOrcid();
        if (orcid.isEnabled() && StringUtils.isNotBlank(orcid.getId()) && StringUtils.isNotBlank(orcid.getSecret())) {
            OrcidClient orcidClient = new OrcidClient(orcid.getId(), orcid.getSecret());
            configureClient(orcidClient, orcid);
            LOGGER.debug("Created client [{}] with identifier [{}]", orcidClient.getName(), orcidClient.getKey());
            collection.add(orcidClient);
        }
    }

    protected void configureWindowsLiveClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.WindowsLive windowsLive = this.casProperties.getAuthn().getPac4j().getWindowsLive();
        if (windowsLive.isEnabled() && StringUtils.isNotBlank(windowsLive.getId()) && StringUtils.isNotBlank(windowsLive.getSecret())) {
            WindowsLiveClient windowsLiveClient = new WindowsLiveClient(windowsLive.getId(), windowsLive.getSecret());
            configureClient(windowsLiveClient, windowsLive);
            LOGGER.debug("Created client [{}] with identifier [{}]", windowsLiveClient.getName(), windowsLiveClient.getKey());
            collection.add(windowsLiveClient);
        }
    }

    protected void configureYahooClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.Yahoo yahoo = this.casProperties.getAuthn().getPac4j().getYahoo();
        if (yahoo.isEnabled() && StringUtils.isNotBlank(yahoo.getId()) && StringUtils.isNotBlank(yahoo.getSecret())) {
            YahooClient yahooClient = new YahooClient(yahoo.getId(), yahoo.getSecret());
            configureClient(yahooClient, yahoo);
            LOGGER.debug("Created client [{}] with identifier [{}]", yahooClient.getName(), yahooClient.getKey());
            collection.add(yahooClient);
        }
    }

    protected void configureFoursquareClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.Foursquare foursquare = this.casProperties.getAuthn().getPac4j().getFoursquare();
        if (foursquare.isEnabled() && StringUtils.isNotBlank(foursquare.getId()) && StringUtils.isNotBlank(foursquare.getSecret())) {
            FoursquareClient foursquareClient = new FoursquareClient(foursquare.getId(), foursquare.getSecret());
            configureClient(foursquareClient, foursquare);
            LOGGER.debug("Created client [{}] with identifier [{}]", foursquareClient.getName(), foursquareClient.getKey());
            collection.add(foursquareClient);
        }
    }

    protected void configureGoogleClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.Google google = this.casProperties.getAuthn().getPac4j().getGoogle();
        if (google.isEnabled() && StringUtils.isNotBlank(google.getId()) && StringUtils.isNotBlank(google.getSecret())) {
            Google2Client google2Client = new Google2Client(google.getId(), google.getSecret());
            configureClient(google2Client, google);
            if (StringUtils.isNotBlank(google.getScope())) {
                google2Client.setScope(Google2Client.Google2Scope.valueOf(google.getScope().toUpperCase()));
            }
            LOGGER.debug("Created client [{}] with identifier [{}]", google2Client.getName(), google2Client.getKey());
            collection.add(google2Client);
        }
    }

    protected void configureFacebookClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.Facebook facebook = this.casProperties.getAuthn().getPac4j().getFacebook();
        if (facebook.isEnabled() && StringUtils.isNotBlank(facebook.getId()) && StringUtils.isNotBlank(facebook.getSecret())) {
            FacebookClient facebookClient = new FacebookClient(facebook.getId(), facebook.getSecret());
            configureClient(facebookClient, facebook);
            if (StringUtils.isNotBlank(facebook.getScope())) {
                facebookClient.setScope(facebook.getScope());
            }
            if (StringUtils.isNotBlank(facebook.getFields())) {
                facebookClient.setFields(facebook.getFields());
            }
            LOGGER.debug("Created client [{}] with identifier [{}]", facebookClient.getName(), facebookClient.getKey());
            collection.add(facebookClient);
        }
    }

    protected void configureLinkedInClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.LinkedIn linkedIn = this.casProperties.getAuthn().getPac4j().getLinkedIn();
        if (linkedIn.isEnabled() && StringUtils.isNotBlank(linkedIn.getId()) && StringUtils.isNotBlank(linkedIn.getSecret())) {
            LinkedIn2Client linkedIn2Client = new LinkedIn2Client(linkedIn.getId(), linkedIn.getSecret());
            configureClient(linkedIn2Client, linkedIn);
            if (StringUtils.isNotBlank(linkedIn.getScope())) {
                linkedIn2Client.setScope(linkedIn.getScope());
            }
            if (StringUtils.isNotBlank(linkedIn.getFields())) {
                linkedIn2Client.setFields(linkedIn.getFields());
            }
            LOGGER.debug("Created client [{}] with identifier [{}]", linkedIn2Client.getName(), linkedIn2Client.getKey());
            collection.add(linkedIn2Client);
        }
    }

    protected void configureHiOrgServerClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.HiOrgServer hiOrgServer = this.casProperties.getAuthn().getPac4j().getHiOrgServer();
        if (hiOrgServer.isEnabled() && StringUtils.isNotBlank(hiOrgServer.getId()) && StringUtils.isNotBlank(hiOrgServer.getSecret())) {
            HiOrgServerClient hiOrgServerClient = new HiOrgServerClient(hiOrgServer.getId(), hiOrgServer.getSecret());
            configureClient(hiOrgServerClient, hiOrgServer);
            if (StringUtils.isNotBlank(hiOrgServer.getScope())) {
                hiOrgServerClient.getConfiguration().setScope(hiOrgServer.getScope());
            }
            LOGGER.debug("Created client [{}] with identifier [{}]", hiOrgServerClient.getName(), hiOrgServerClient.getKey());
            collection.add(hiOrgServerClient);
        }
    }

    protected void configureTwitterClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.Twitter twitter = this.casProperties.getAuthn().getPac4j().getTwitter();
        if (twitter.isEnabled() && StringUtils.isNotBlank(twitter.getId()) && StringUtils.isNotBlank(twitter.getSecret())) {
            TwitterClient twitterClient = new TwitterClient(twitter.getId(), twitter.getSecret(), twitter.isIncludeEmail());
            configureClient(twitterClient, twitter);
            LOGGER.debug("Created client [{}] with identifier [{}]", twitterClient.getName(), twitterClient.getKey());
            collection.add(twitterClient);
        }
    }

    protected void configureWordPressClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.Wordpress wordpress = this.casProperties.getAuthn().getPac4j().getWordpress();
        if (wordpress.isEnabled() && StringUtils.isNotBlank(wordpress.getId()) && StringUtils.isNotBlank(wordpress.getSecret())) {
            WordPressClient wordPressClient = new WordPressClient(wordpress.getId(), wordpress.getSecret());
            configureClient(wordPressClient, wordpress);
            LOGGER.debug("Created client [{}] with identifier [{}]", wordPressClient.getName(), wordPressClient.getKey());
            collection.add(wordPressClient);
        }
    }

    protected void configureBitBucketClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.Bitbucket bitbucket = this.casProperties.getAuthn().getPac4j().getBitbucket();
        if (bitbucket.isEnabled() && StringUtils.isNotBlank(bitbucket.getId()) && StringUtils.isNotBlank(bitbucket.getSecret())) {
            BitbucketClient bitbucketClient = new BitbucketClient(bitbucket.getId(), bitbucket.getSecret());
            configureClient(bitbucketClient, bitbucket);
            LOGGER.debug("Created client [{}] with identifier [{}]", bitbucketClient.getName(), bitbucketClient.getKey());
            collection.add(bitbucketClient);
        }
    }

    protected void configurePayPalClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties.Paypal paypal = this.casProperties.getAuthn().getPac4j().getPaypal();
        if (paypal.isEnabled() && StringUtils.isNotBlank(paypal.getId()) && StringUtils.isNotBlank(paypal.getSecret())) {
            PayPalClient payPalClient = new PayPalClient(paypal.getId(), paypal.getSecret());
            configureClient(payPalClient, paypal);
            LOGGER.debug("Created client [{}] with identifier [{}]", payPalClient.getName(), payPalClient.getKey());
            collection.add(payPalClient);
        }
    }

    protected void configureCasClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties pac4j = this.casProperties.getAuthn().getPac4j();
        AtomicInteger atomicInteger = new AtomicInteger();
        pac4j.getCas().stream().filter(pac4jCasClientProperties -> {
            return pac4jCasClientProperties.isEnabled() && StringUtils.isNotBlank(pac4jCasClientProperties.getLoginUrl());
        }).forEach(pac4jCasClientProperties2 -> {
            CasConfiguration casConfiguration = new CasConfiguration(pac4jCasClientProperties2.getLoginUrl(), CasProtocol.valueOf(pac4jCasClientProperties2.getProtocol()));
            casConfiguration.setPrefixUrl(StringUtils.appendIfMissing(StringUtils.remove(pac4jCasClientProperties2.getLoginUrl(), "/login"), "/", new CharSequence[0]));
            CasClient casClient = new CasClient(casConfiguration);
            if (StringUtils.isBlank(pac4jCasClientProperties2.getClientName())) {
                casClient.setName(casClient.getClass().getSimpleName() + atomicInteger.intValue());
            }
            casClient.setCallbackUrlResolver(new PathParameterCallbackUrlResolver());
            configureClient(casClient, pac4jCasClientProperties2);
            atomicInteger.incrementAndGet();
            LOGGER.debug("Created client [{}]", casClient);
            collection.add(casClient);
        });
    }

    protected void configureSamlClient(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties pac4j = this.casProperties.getAuthn().getPac4j();
        AtomicInteger atomicInteger = new AtomicInteger();
        pac4j.getSaml().stream().filter(pac4jSamlClientProperties -> {
            return pac4jSamlClientProperties.isEnabled() && StringUtils.isNotBlank(pac4jSamlClientProperties.getKeystorePath()) && StringUtils.isNotBlank(pac4jSamlClientProperties.getIdentityProviderMetadataPath()) && StringUtils.isNotBlank(pac4jSamlClientProperties.getServiceProviderEntityId()) && StringUtils.isNotBlank(pac4jSamlClientProperties.getServiceProviderMetadataPath());
        }).forEach(pac4jSamlClientProperties2 -> {
            SAML2Configuration sAML2Configuration = new SAML2Configuration(pac4jSamlClientProperties2.getKeystorePath(), pac4jSamlClientProperties2.getKeystorePassword(), pac4jSamlClientProperties2.getPrivateKeyPassword(), pac4jSamlClientProperties2.getIdentityProviderMetadataPath());
            sAML2Configuration.setForceKeystoreGeneration(pac4jSamlClientProperties2.isForceKeystoreGeneration());
            sAML2Configuration.setCertificateNameToAppend((String) StringUtils.defaultIfBlank(pac4jSamlClientProperties2.getCertificateNameToAppend(), pac4jSamlClientProperties2.getClientName()));
            sAML2Configuration.setMaximumAuthenticationLifetime(pac4jSamlClientProperties2.getMaximumAuthenticationLifetime());
            sAML2Configuration.setServiceProviderEntityId(pac4jSamlClientProperties2.getServiceProviderEntityId());
            sAML2Configuration.setServiceProviderMetadataPath(pac4jSamlClientProperties2.getServiceProviderMetadataPath());
            sAML2Configuration.setAuthnRequestBindingType(pac4jSamlClientProperties2.getDestinationBinding());
            sAML2Configuration.setForceAuth(pac4jSamlClientProperties2.isForceAuth());
            sAML2Configuration.setPassive(pac4jSamlClientProperties2.isPassive());
            sAML2Configuration.setSignMetadata(pac4jSamlClientProperties2.isSignServiceProviderMetadata());
            sAML2Configuration.setAuthnRequestSigned(pac4jSamlClientProperties2.isSignAuthnRequest());
            sAML2Configuration.setSpLogoutRequestSigned(pac4jSamlClientProperties2.isSignServiceProviderLogoutRequest());
            sAML2Configuration.setAcceptedSkew(pac4jSamlClientProperties2.getAcceptedSkew());
            if (StringUtils.isNotBlank(pac4jSamlClientProperties2.getPrincipalIdAttribute())) {
                sAML2Configuration.setAttributeAsId(pac4jSamlClientProperties2.getPrincipalIdAttribute());
            }
            sAML2Configuration.setWantsAssertionsSigned(pac4jSamlClientProperties2.isWantsAssertionsSigned());
            sAML2Configuration.setUseNameQualifier(pac4jSamlClientProperties2.isUseNameQualifier());
            sAML2Configuration.setAttributeConsumingServiceIndex(pac4jSamlClientProperties2.getAttributeConsumingServiceIndex());
            if (pac4jSamlClientProperties2.getAssertionConsumerServiceIndex() >= 0) {
                sAML2Configuration.setAssertionConsumerServiceIndex(pac4jSamlClientProperties2.getAssertionConsumerServiceIndex());
            }
            if (!pac4jSamlClientProperties2.getAuthnContextClassRef().isEmpty()) {
                sAML2Configuration.setComparisonType(pac4jSamlClientProperties2.getAuthnContextComparisonType().toUpperCase());
                sAML2Configuration.setAuthnContextClassRefs(pac4jSamlClientProperties2.getAuthnContextClassRef());
            }
            if (StringUtils.isNotBlank(pac4jSamlClientProperties2.getKeystoreAlias())) {
                sAML2Configuration.setKeystoreAlias(pac4jSamlClientProperties2.getKeystoreAlias());
            }
            if (StringUtils.isNotBlank(pac4jSamlClientProperties2.getNameIdPolicyFormat())) {
                sAML2Configuration.setNameIdPolicyFormat(pac4jSamlClientProperties2.getNameIdPolicyFormat());
            }
            if (!pac4jSamlClientProperties2.getRequestedAttributes().isEmpty()) {
                pac4jSamlClientProperties2.getRequestedAttributes().stream().map(serviceProviderRequestedAttribute -> {
                    return new SAML2ServiceProvicerRequestedAttribute(serviceProviderRequestedAttribute.getName(), serviceProviderRequestedAttribute.getFriendlyName(), serviceProviderRequestedAttribute.getNameFormat(), serviceProviderRequestedAttribute.isRequired());
                }).forEach(sAML2ServiceProvicerRequestedAttribute -> {
                    sAML2Configuration.getRequestedServiceProviderAttributes().add(sAML2ServiceProvicerRequestedAttribute);
                });
            }
            if (!pac4jSamlClientProperties2.getBlackListedSignatureSigningAlgorithms().isEmpty()) {
                sAML2Configuration.setBlackListedSignatureSigningAlgorithms(pac4jSamlClientProperties2.getBlackListedSignatureSigningAlgorithms());
            }
            if (!pac4jSamlClientProperties2.getSignatureAlgorithms().isEmpty()) {
                sAML2Configuration.setSignatureAlgorithms(pac4jSamlClientProperties2.getSignatureAlgorithms());
            }
            if (!pac4jSamlClientProperties2.getSignatureReferenceDigestMethods().isEmpty()) {
                sAML2Configuration.setSignatureReferenceDigestMethods(pac4jSamlClientProperties2.getSignatureReferenceDigestMethods());
            }
            if (!StringUtils.isNotBlank(pac4jSamlClientProperties2.getSignatureCanonicalizationAlgorithm())) {
                sAML2Configuration.setSignatureCanonicalizationAlgorithm(pac4jSamlClientProperties2.getSignatureCanonicalizationAlgorithm());
            }
            List mappedAttributes = pac4jSamlClientProperties2.getMappedAttributes();
            if (!mappedAttributes.isEmpty()) {
                sAML2Configuration.setMappedAttributes((Map) mappedAttributes.stream().collect(Collectors.toMap((v0) -> {
                    return v0.getName();
                }, (v0) -> {
                    return v0.getMappedTo();
                })));
            }
            SAML2Client sAML2Client = new SAML2Client(sAML2Configuration);
            if (StringUtils.isBlank(pac4jSamlClientProperties2.getClientName())) {
                sAML2Client.setName(sAML2Client.getClass().getSimpleName() + atomicInteger.intValue());
            }
            configureClient(sAML2Client, pac4jSamlClientProperties2);
            atomicInteger.incrementAndGet();
            LOGGER.debug("Created delegated client [{}]", sAML2Client);
            collection.add(sAML2Client);
        });
    }

    protected void configureOAuth20Client(Collection<IndirectClient> collection) {
        Pac4jDelegatedAuthenticationProperties pac4j = this.casProperties.getAuthn().getPac4j();
        AtomicInteger atomicInteger = new AtomicInteger();
        pac4j.getOauth2().stream().filter(pac4jOAuth20ClientProperties -> {
            return pac4jOAuth20ClientProperties.isEnabled() && StringUtils.isNotBlank(pac4jOAuth20ClientProperties.getId()) && StringUtils.isNotBlank(pac4jOAuth20ClientProperties.getSecret());
        }).forEach(pac4jOAuth20ClientProperties2 -> {
            GenericOAuth20Client genericOAuth20Client = new GenericOAuth20Client();
            genericOAuth20Client.setKey(pac4jOAuth20ClientProperties2.getId());
            genericOAuth20Client.setSecret(pac4jOAuth20ClientProperties2.getSecret());
            genericOAuth20Client.setProfileAttrs(pac4jOAuth20ClientProperties2.getProfileAttrs());
            genericOAuth20Client.setProfileNodePath(pac4jOAuth20ClientProperties2.getProfilePath());
            genericOAuth20Client.setProfileUrl(pac4jOAuth20ClientProperties2.getProfileUrl());
            genericOAuth20Client.setProfileVerb(Verb.valueOf(pac4jOAuth20ClientProperties2.getProfileVerb().toUpperCase()));
            genericOAuth20Client.setTokenUrl(pac4jOAuth20ClientProperties2.getTokenUrl());
            genericOAuth20Client.setAuthUrl(pac4jOAuth20ClientProperties2.getAuthUrl());
            genericOAuth20Client.setCustomParams(pac4jOAuth20ClientProperties2.getCustomParams());
            if (StringUtils.isBlank(pac4jOAuth20ClientProperties2.getClientName())) {
                genericOAuth20Client.setName(genericOAuth20Client.getClass().getSimpleName() + atomicInteger.intValue());
            }
            genericOAuth20Client.setCallbackUrlResolver(new PathParameterCallbackUrlResolver());
            configureClient(genericOAuth20Client, pac4jOAuth20ClientProperties2);
            atomicInteger.incrementAndGet();
            LOGGER.debug("Created client [{}]", genericOAuth20Client);
            collection.add(genericOAuth20Client);
        });
    }

    protected void configureOidcClient(Collection<IndirectClient> collection) {
        this.casProperties.getAuthn().getPac4j().getOidc().forEach(pac4jOidcClientProperties -> {
            OidcClient oidcClientFrom = getOidcClientFrom(pac4jOidcClientProperties);
            if (oidcClientFrom != null) {
                LOGGER.debug("Created client [{}]", oidcClientFrom);
                collection.add(oidcClientFrom);
            }
        });
    }

    private OidcClient getOidcClientFrom(Pac4jOidcClientProperties pac4jOidcClientProperties) {
        if (pac4jOidcClientProperties.getAzure().isEnabled() && StringUtils.isNotBlank(pac4jOidcClientProperties.getAzure().getId())) {
            LOGGER.debug("Building OpenID Connect client for Azure AD...");
            AzureAdOidcConfiguration oidcConfigurationForClient = getOidcConfigurationForClient(pac4jOidcClientProperties.getAzure(), AzureAdOidcConfiguration.class);
            oidcConfigurationForClient.setTenant(pac4jOidcClientProperties.getAzure().getTenant());
            AzureAdClient azureAdClient = new AzureAdClient(new AzureAdOidcConfiguration(oidcConfigurationForClient));
            configureClient(azureAdClient, pac4jOidcClientProperties.getAzure());
            return azureAdClient;
        }
        if (pac4jOidcClientProperties.getGoogle().isEnabled() && StringUtils.isNotBlank(pac4jOidcClientProperties.getGoogle().getId())) {
            LOGGER.debug("Building OpenID Connect client for Google...");
            GoogleOidcClient googleOidcClient = new GoogleOidcClient(getOidcConfigurationForClient(pac4jOidcClientProperties.getGoogle(), OidcConfiguration.class));
            configureClient(googleOidcClient, pac4jOidcClientProperties.getGoogle());
            return googleOidcClient;
        }
        if (pac4jOidcClientProperties.getKeycloak().isEnabled() && StringUtils.isNotBlank(pac4jOidcClientProperties.getKeycloak().getId())) {
            LOGGER.debug("Building OpenID Connect client for KeyCloak...");
            KeycloakOidcConfiguration oidcConfigurationForClient2 = getOidcConfigurationForClient(pac4jOidcClientProperties.getKeycloak(), KeycloakOidcConfiguration.class);
            oidcConfigurationForClient2.setRealm(pac4jOidcClientProperties.getKeycloak().getRealm());
            oidcConfigurationForClient2.setBaseUri(pac4jOidcClientProperties.getKeycloak().getBaseUri());
            KeycloakOidcClient keycloakOidcClient = new KeycloakOidcClient(oidcConfigurationForClient2);
            configureClient(keycloakOidcClient, pac4jOidcClientProperties.getKeycloak());
            return keycloakOidcClient;
        }
        if (!pac4jOidcClientProperties.getGeneric().isEnabled()) {
            return null;
        }
        LOGGER.debug("Building generic OpenID Connect client...");
        OidcClient oidcClient = new OidcClient(getOidcConfigurationForClient(pac4jOidcClientProperties.getGeneric(), OidcConfiguration.class));
        oidcClient.setCallbackUrlResolver(new PathParameterCallbackUrlResolver());
        configureClient(oidcClient, pac4jOidcClientProperties.getGeneric());
        return oidcClient;
    }

    private static <T extends OidcConfiguration> T getOidcConfigurationForClient(BasePac4jOidcClientProperties basePac4jOidcClientProperties, Class<T> cls) {
        T newInstance = cls.getDeclaredConstructor(new Class[0]).newInstance(new Object[0]);
        if (StringUtils.isNotBlank(basePac4jOidcClientProperties.getScope())) {
            newInstance.setScope(basePac4jOidcClientProperties.getScope());
        }
        newInstance.setUseNonce(basePac4jOidcClientProperties.isUseNonce());
        newInstance.setSecret(basePac4jOidcClientProperties.getSecret());
        newInstance.setClientId(basePac4jOidcClientProperties.getId());
        newInstance.setReadTimeout((int) Beans.newDuration(basePac4jOidcClientProperties.getReadTimeout()).toMillis());
        newInstance.setConnectTimeout((int) Beans.newDuration(basePac4jOidcClientProperties.getConnectTimeout()).toMillis());
        if (StringUtils.isNotBlank(basePac4jOidcClientProperties.getPreferredJwsAlgorithm())) {
            newInstance.setPreferredJwsAlgorithm(JWSAlgorithm.parse(basePac4jOidcClientProperties.getPreferredJwsAlgorithm().toUpperCase()));
        }
        newInstance.setMaxClockSkew(basePac4jOidcClientProperties.getMaxClockSkew());
        newInstance.setDiscoveryURI(basePac4jOidcClientProperties.getDiscoveryUri());
        newInstance.setCustomParams(basePac4jOidcClientProperties.getCustomParams());
        newInstance.setLogoutUrl(basePac4jOidcClientProperties.getLogoutUrl());
        newInstance.setExpireSessionWithToken(basePac4jOidcClientProperties.isExpireSessionWithToken());
        if (StringUtils.isNotBlank(basePac4jOidcClientProperties.getTokenExpirationAdvance())) {
            newInstance.setTokenExpirationAdvance((int) Beans.newDuration(basePac4jOidcClientProperties.getTokenExpirationAdvance()).toSeconds());
        }
        if (StringUtils.isNotBlank(basePac4jOidcClientProperties.getResponseMode())) {
            newInstance.setResponseMode(basePac4jOidcClientProperties.getResponseMode());
        }
        if (StringUtils.isNotBlank(basePac4jOidcClientProperties.getResponseType())) {
            newInstance.setResponseType(basePac4jOidcClientProperties.getResponseType());
        }
        return newInstance;
    }

    protected void configureClient(IndirectClient indirectClient, Pac4jBaseClientProperties pac4jBaseClientProperties) {
        String clientName = pac4jBaseClientProperties.getClientName();
        if (StringUtils.isNotBlank(clientName)) {
            indirectClient.setName(clientName);
        } else {
            String simpleName = indirectClient.getClass().getSimpleName();
            String concat = simpleName.concat(RandomUtils.randomNumeric(2));
            indirectClient.setName(concat);
            LOGGER.warn("Client name for [{}] is set to a generated value of [{}]. Consider defining an explicit name for the delegated provider", simpleName, concat);
        }
        Map customProperties = indirectClient.getCustomProperties();
        customProperties.put("autoRedirect", Boolean.valueOf(pac4jBaseClientProperties.isAutoRedirect()));
        if (StringUtils.isNotBlank(pac4jBaseClientProperties.getPrincipalAttributeId())) {
            customProperties.put("principalAttributeId", pac4jBaseClientProperties.getPrincipalAttributeId());
        }
        indirectClient.setCallbackUrl(this.casProperties.getServer().getLoginUrl());
        if (this.casProperties.getAuthn().getPac4j().isLazyInit()) {
            return;
        }
        indirectClient.init();
    }

    public Set<IndirectClient> build() {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        configureCasClient(linkedHashSet);
        configureFacebookClient(linkedHashSet);
        configureOidcClient(linkedHashSet);
        configureOAuth20Client(linkedHashSet);
        configureSamlClient(linkedHashSet);
        configureTwitterClient(linkedHashSet);
        configureDropBoxClient(linkedHashSet);
        configureFoursquareClient(linkedHashSet);
        configureGitHubClient(linkedHashSet);
        configureGoogleClient(linkedHashSet);
        configureWindowsLiveClient(linkedHashSet);
        configureYahooClient(linkedHashSet);
        configureLinkedInClient(linkedHashSet);
        configurePayPalClient(linkedHashSet);
        configureWordPressClient(linkedHashSet);
        configureBitBucketClient(linkedHashSet);
        configureOrcidClient(linkedHashSet);
        configureHiOrgServerClient(linkedHashSet);
        return linkedHashSet;
    }

    @Generated
    public DelegatedClientFactory(CasConfigurationProperties casConfigurationProperties) {
        this.casProperties = casConfigurationProperties;
    }

    @Generated
    public CasConfigurationProperties getCasProperties() {
        return this.casProperties;
    }
}
