package org.squashtest.tm.plugin.security.ldap;

import jakarta.inject.Inject;
import jakarta.inject.Named;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configuration.GlobalAuthenticationConfigurerAdapter;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
import org.squashtest.tm.api.security.authentication.ConditionalOnAuthProviderProperty;
import org.squashtest.tm.plugin.security.ldap.licensevalidator.com.license4j.LicenseText;
import org.squashtest.tm.service.internal.security.SquashUserDetailsManager;
import org.squashtest.tm.service.user.UserManagerService;

@ConditionalOnAuthProviderProperty("ldap")
@EnableConfigurationProperties({LdapAuthenticationProperties.class})
@Configuration
/* loaded from: input_file:org/squashtest/tm/plugin/security/ldap/LdapSecurityConfig.class */
public class LdapSecurityConfig {

    @Inject
    private LdapAuthenticationProperties authenticationProperties;

    @Inject
    @Named("squashtest.core.security.JdbcUserDetailsManager")
    @Lazy
    private SquashUserDetailsManager userDetailsManager;

    @Inject
    @Named("caseAwareUserDetailsMapper.ldap")
    private CaseAwareUserDetailsMapper userDetailsMapper;

    @Inject
    @Lazy
    private UserManagerService userManagerService;

    @ConditionalOnAuthProviderProperty("ldap")
    @Configuration
    @Order(LicenseText.TYPE_FLOATING_LICENSE_FILE)
    /* loaded from: input_file:org/squashtest/tm/plugin/security/ldap/LdapSecurityConfig$LdapAuthenticationConfig.class */
    public static class LdapAuthenticationConfig extends GlobalAuthenticationConfigurerAdapter {

        @Inject
        @Named("authenticationProvider.ldap")
        private SquashLdapAuthenticationProvider ldapAuthenticationProvider;

        public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
            authenticationManagerBuilder.authenticationProvider(this.ldapAuthenticationProvider);
            authenticationManagerBuilder.eraseCredentials(false);
        }
    }

    @Bean(name = {"contextSource.ldap"})
    public DefaultSpringSecurityContextSource ldapContextSource() {
        DefaultSpringSecurityContextSource defaultSpringSecurityContextSource = new DefaultSpringSecurityContextSource(this.authenticationProperties.getServer().getUrl());
        defaultSpringSecurityContextSource.setUserDn(this.authenticationProperties.getServer().getManagerDn());
        defaultSpringSecurityContextSource.setPassword(this.authenticationProperties.getServer().getManagerPassword());
        return defaultSpringSecurityContextSource;
    }

    @Bean(name = {"authenticationProvider.ldap"})
    public LdapAuthenticationProviderFactoryBean ldapAuthenticationProvider() {
        LdapAuthenticationProviderFactoryBean ldapAuthenticationProviderFactoryBean = new LdapAuthenticationProviderFactoryBean();
        ldapAuthenticationProviderFactoryBean.setActiveAuthenticationProvider("ldap");
        ldapAuthenticationProviderFactoryBean.setContextSource(ldapContextSource());
        ldapAuthenticationProviderFactoryBean.setUserDnPatterns(this.authenticationProperties.getUser().getDnPatterns());
        ldapAuthenticationProviderFactoryBean.setUserSearchBase(this.authenticationProperties.getUser().getSearchBase());
        ldapAuthenticationProviderFactoryBean.setUserSearchFilter(this.authenticationProperties.getUser().getSearchFilter());
        ldapAuthenticationProviderFactoryBean.setFetchUserAttributes(this.authenticationProperties.getUser().isFetchAttributes());
        ldapAuthenticationProviderFactoryBean.setAuthoritiesPopulator(new UserDetailsServiceLdapAuthoritiesPopulator(this.userDetailsManager));
        ldapAuthenticationProviderFactoryBean.setUserDetailsMapper(this.userDetailsMapper);
        ldapAuthenticationProviderFactoryBean.setFeatures(ldapAuthenticationProviderFeatures());
        ldapAuthenticationProviderFactoryBean.setUserManagerService(this.userManagerService);
        return ldapAuthenticationProviderFactoryBean;
    }

    @Bean
    public LdapAuthenticationProviderFeatures ldapAuthenticationProviderFeatures() {
        return LdapAuthenticationProviderFeatures.INSTANCE;
    }
}
