package org.squashtest.tm.plugin.security.ad.ldap;

import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.FactoryBean;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.ldap.core.support.LdapContextSource;
import org.springframework.ldap.support.LdapUtils;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
import org.springframework.security.ldap.userdetails.UserDetailsContextMapper;
import org.squashtest.tm.core.foundation.lang.Assert;
import org.squashtest.tm.service.user.UserManagerService;

/* loaded from: input_file:org/squashtest/tm/plugin/security/ad/ldap/ActiveDirectoryLdapAuthenticationProviderFactoryBean.class */
public class ActiveDirectoryLdapAuthenticationProviderFactoryBean implements FactoryBean<SquashActiveDirectoryLdapAuthenticationProvider>, InitializingBean {
    private static final Logger LOGGER = LoggerFactory.getLogger(ActiveDirectoryLdapAuthenticationProviderFactoryBean.class);
    private static final String MULTI_AD_PROVIDER = "ad.ldap-multi";
    private static final String AD_PROVIDER = "ad.ldap";
    private String url;
    private String domain;
    private String userSearchBase;
    private String userSearchFilter;
    private LdapContextSource contextSource;
    private String activeAuthenticationProvider;
    private LdapAuthoritiesPopulator authoritiesPopulator;
    private Boolean convertSubErrorCodesToExceptions;
    private SquashActiveDirectoryLdapAuthenticationProvider authenticationProvider;
    private UserDetailsContextMapper userDetailsMapper;
    private AbstractActiveDirectoryLdapAuthenticationProviderFeatures features;
    private UserManagerService userManagerService;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/squashtest/tm/plugin/security/ad/ldap/ActiveDirectoryLdapAuthenticationProviderFactoryBean$NullAuthenticationProvider.class */
    public static class NullAuthenticationProvider extends SquashActiveDirectoryLdapAuthenticationProvider {
        @Override // org.squashtest.tm.plugin.security.ad.ldap.ActiveDirectoryLdapAuthenticationProvider
        public void afterPropertiesSet() {
        }

        NullAuthenticationProvider() {
            super("NullAuthenticationProvider", "NullAuthenticationProvider");
        }

        @Override // org.squashtest.tm.plugin.security.ad.ldap.SquashActiveDirectoryLdapAuthenticationProvider
        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
            return null;
        }

        public boolean supports(Class<?> cls) {
            return false;
        }
    }

    /* renamed from: getObject, reason: merged with bridge method [inline-methods] */
    public SquashActiveDirectoryLdapAuthenticationProvider m2getObject() {
        return this.authenticationProvider;
    }

    private SquashActiveDirectoryLdapAuthenticationProvider createAuthenticationProvider() {
        SquashActiveDirectoryLdapAuthenticationProvider squashActiveDirectoryLdapAuthenticationProvider = new SquashActiveDirectoryLdapAuthenticationProvider(this.domain, this.url);
        checkManagerAccount(squashActiveDirectoryLdapAuthenticationProvider);
        squashActiveDirectoryLdapAuthenticationProvider.setAuthoritiesPopulator(this.authoritiesPopulator);
        squashActiveDirectoryLdapAuthenticationProvider.setUserDetailsContextMapper(this.userDetailsMapper);
        squashActiveDirectoryLdapAuthenticationProvider.setFeatures(this.features);
        squashActiveDirectoryLdapAuthenticationProvider.setUserFinder(this.userManagerService);
        if (StringUtils.isNotBlank(this.userSearchFilter)) {
            squashActiveDirectoryLdapAuthenticationProvider.setSearchFilter(this.userSearchFilter);
        }
        if (StringUtils.isNotBlank(this.userSearchBase)) {
            squashActiveDirectoryLdapAuthenticationProvider.setSearchBase(this.userSearchBase);
        }
        if (this.convertSubErrorCodesToExceptions != null) {
            squashActiveDirectoryLdapAuthenticationProvider.setConvertSubErrorCodesToExceptions(this.convertSubErrorCodesToExceptions.booleanValue());
        }
        return squashActiveDirectoryLdapAuthenticationProvider;
    }

    private void checkManagerAccount(SquashActiveDirectoryLdapAuthenticationProvider squashActiveDirectoryLdapAuthenticationProvider) {
        String str = String.valueOf(this.url) + "/" + squashActiveDirectoryLdapAuthenticationProvider.rootDnFromDomain(this.domain);
        String userDn = this.contextSource.getUserDn();
        String password = this.contextSource.getPassword();
        if (org.apache.commons.lang3.StringUtils.isNotBlank(userDn) || org.apache.commons.lang3.StringUtils.isNotBlank(password)) {
            LOGGER.debug("Bind authentication in url: " + str);
            LdapUtils.closeContext(squashActiveDirectoryLdapAuthenticationProvider.bindAsUser(userDn, password));
        } else {
            LOGGER.debug("Anonymous authentication in url: " + str);
        }
        LOGGER.info("plugin AD enabled");
    }

    public Class<?> getObjectType() {
        return LdapAuthenticationProvider.class;
    }

    public boolean isSingleton() {
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setUserSearchBase(String str) {
        this.userSearchBase = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setUserSearchFilter(String str) {
        this.userSearchFilter = str;
    }

    public void afterPropertiesSet() throws Exception {
        if (this.userDetailsMapper == null) {
            LOGGER.warn("No UserDetailsMapper was configured. This may be a programming error.");
        }
        if (MULTI_AD_PROVIDER.equals(this.activeAuthenticationProvider) || AD_PROVIDER.equals(this.activeAuthenticationProvider)) {
            LOGGER.info("Active auth provider is '{}', this factory will produce an Active Directory LDAP auth provider.", this.activeAuthenticationProvider);
            initializeActiveDirectoryAuthenticationProvider();
        } else {
            LOGGER.info("Active auth provider is '{}', this factory will produce an Active Directory null auth provider.", this.activeAuthenticationProvider);
            initializeNullAuthenticationProvider();
        }
        this.authenticationProvider.afterPropertiesSet();
    }

    private void initializeActiveDirectoryAuthenticationProvider() throws Exception {
        Assert.propertyNotBlank(this.url, "AD server url should not be blank.");
        Assert.propertyNotNull(this.contextSource, "AD server contextSource should not be null.");
        Assert.propertyNotNull(this.authoritiesPopulator, "AD server authoritiesPopulator should not be null.");
        LOGGER.debug("Checking ActiveDirectoryLdapAuthenticationManagerFactoryBean configuration");
        LOGGER.debug("Configured server url : {}", this.url);
        LOGGER.debug("Configured domain name : {}", this.domain);
        LOGGER.debug("Configured user search base : {}", this.userSearchBase);
        LOGGER.debug("Configured user search filter : {}", this.userSearchFilter);
        this.authenticationProvider = createAuthenticationProvider();
    }

    private void initializeNullAuthenticationProvider() {
        this.authenticationProvider = new NullAuthenticationProvider();
    }

    public void setActiveAuthenticationProvider(String str) {
        this.activeAuthenticationProvider = str;
    }

    public void setAuthoritiesPopulator(LdapAuthoritiesPopulator ldapAuthoritiesPopulator) {
        this.authoritiesPopulator = ldapAuthoritiesPopulator;
    }

    public void setConvertSubErrorCodesToExceptions(Boolean bool) {
        this.convertSubErrorCodesToExceptions = bool;
    }

    public void setDomain(String str) {
        this.domain = str;
    }

    public void setUrl(String str) {
        this.url = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setUserDetailsMapper(UserDetailsContextMapper userDetailsContextMapper) {
        this.userDetailsMapper = userDetailsContextMapper;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setFeatures(AbstractActiveDirectoryLdapAuthenticationProviderFeatures abstractActiveDirectoryLdapAuthenticationProviderFeatures) {
        this.features = abstractActiveDirectoryLdapAuthenticationProviderFeatures;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setUserManagerService(UserManagerService userManagerService) {
        this.userManagerService = userManagerService;
    }

    public void setContextSource(LdapContextSource ldapContextSource) {
        this.contextSource = ldapContextSource;
    }

    public String getUrl() {
        return this.url;
    }
}
