package org.squashtest.tm.plugin.security.ad.ldap;

import javax.inject.Inject;
import javax.inject.Named;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configuration.GlobalAuthenticationConfigurerAdapter;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
import org.squashtest.tm.api.security.authentication.ConditionalOnAuthProviderProperty;
import org.squashtest.tm.plugin.security.ad.ldap.ActiveDirectoryLdapAuthenticationProperties;
import org.squashtest.tm.plugin.security.ad.ldap.licensevalidator.com.license4j.LicenseText;
import org.squashtest.tm.service.internal.security.SquashUserDetailsManager;
import org.squashtest.tm.service.user.UserManagerService;

@ConditionalOnAuthProviderProperty("ad.ldap")
@EnableConfigurationProperties({ActiveDirectoryLdapAuthenticationProperties.class})
@Configuration
/* loaded from: input_file:org/squashtest/tm/plugin/security/ad/ldap/ActiveDirectoryLdapSecurityConfig.class */
public class ActiveDirectoryLdapSecurityConfig {

    @Inject
    private ActiveDirectoryLdapAuthenticationProperties authenticationProperties;

    @Inject
    @Named("squashtest.core.security.JdbcUserDetailsManager")
    @Lazy
    private SquashUserDetailsManager userDetailsManager;

    @Inject
    @Named("caseAwareUserDetailsMapper.ad.ldap")
    private CaseAwareUserDetailsMapper userDetailsMapper;

    @Inject
    @Lazy
    private UserManagerService userManagerService;

    @ConditionalOnAuthProviderProperty("ad.ldap")
    @Configuration
    @Order(LicenseText.TYPE_FLOATING_LICENSE_FILE)
    /* loaded from: input_file:org/squashtest/tm/plugin/security/ad/ldap/ActiveDirectoryLdapSecurityConfig$ActiveDirectoryLdapAuthenticationConfig.class */
    public static class ActiveDirectoryLdapAuthenticationConfig extends GlobalAuthenticationConfigurerAdapter {

        @Inject
        @Named("authenticationProvider.ad.ldap")
        private SquashActiveDirectoryLdapAuthenticationProvider authenticationProvider;

        public void init(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
            authenticationManagerBuilder.authenticationProvider(this.authenticationProvider);
            authenticationManagerBuilder.eraseCredentials(false);
        }
    }

    @Bean(name = {"authenticationProvider.ad.ldap"})
    public ActiveDirectoryLdapAuthenticationProviderFactoryBean activeDirectoryLdapAuthenticationProvider() {
        ActiveDirectoryLdapAuthenticationProviderFactoryBean activeDirectoryLdapAuthenticationProviderFactoryBean = new ActiveDirectoryLdapAuthenticationProviderFactoryBean();
        activeDirectoryLdapAuthenticationProviderFactoryBean.setActiveAuthenticationProvider("ad.ldap");
        activeDirectoryLdapAuthenticationProviderFactoryBean.setContextSource(ldapContextSource());
        ActiveDirectoryLdapAuthenticationProperties.User user = this.authenticationProperties.getUser();
        ActiveDirectoryLdapAuthenticationProperties.Server server = this.authenticationProperties.getServer();
        activeDirectoryLdapAuthenticationProviderFactoryBean.setUserSearchBase(user.getSearchBase());
        activeDirectoryLdapAuthenticationProviderFactoryBean.setUserSearchFilter(user.getSearchFilter());
        activeDirectoryLdapAuthenticationProviderFactoryBean.setUrl(server.getUrl());
        activeDirectoryLdapAuthenticationProviderFactoryBean.setDomain(server.getDomain());
        activeDirectoryLdapAuthenticationProviderFactoryBean.setAuthoritiesPopulator(new UserDetailsServiceActiveDirectoryLdapAuthoritiesPopulator(this.userDetailsManager));
        activeDirectoryLdapAuthenticationProviderFactoryBean.setUserDetailsMapper(this.userDetailsMapper);
        activeDirectoryLdapAuthenticationProviderFactoryBean.setFeatures(activeDirectoryLdapAuthenticationProviderFeatures());
        activeDirectoryLdapAuthenticationProviderFactoryBean.setUserManagerService(this.userManagerService);
        return activeDirectoryLdapAuthenticationProviderFactoryBean;
    }

    @Bean(name = {"contextSource.ad.ldap"})
    public DefaultSpringSecurityContextSource ldapContextSource() {
        ActiveDirectoryLdapAuthenticationProperties.Server server = this.authenticationProperties.getServer();
        DefaultSpringSecurityContextSource defaultSpringSecurityContextSource = new DefaultSpringSecurityContextSource(server.getUrl());
        defaultSpringSecurityContextSource.setUserDn(server.getManagerDn());
        defaultSpringSecurityContextSource.setPassword(server.getManagerPassword());
        return defaultSpringSecurityContextSource;
    }

    @Bean
    public ActiveDirectoryLdapAuthenticationProviderFeatures activeDirectoryLdapAuthenticationProviderFeatures() {
        return ActiveDirectoryLdapAuthenticationProviderFeatures.INSTANCE;
    }
}
