package com.erudika.para.server.security;

import com.erudika.para.core.utils.Utils;
import java.util.Arrays;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
import org.springframework.security.ldap.authentication.AbstractLdapAuthenticator;
import org.springframework.security.ldap.authentication.BindAuthenticator;
import org.springframework.security.ldap.authentication.LdapAuthenticator;
import org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator;
import org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource;
import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;

/* loaded from: input_file:BOOT-INF/lib/para-server-1.46.1.jar:com/erudika/para/server/security/LDAPAuthenticator.class */
public final class LDAPAuthenticator implements LdapAuthenticator {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) LDAPAuthenticator.class);
    private AbstractLdapAuthenticator authenticator;

    public LDAPAuthenticator(Map<String, String> map) {
        this.authenticator = null;
        if (map == null || !map.containsKey("security.ldap.server_url")) {
            return;
        }
        String str = map.get("security.ldap.server_url");
        String str2 = map.get("security.ldap.base_dn");
        String noSpaces = Utils.noSpaces(map.get("security.ldap.bind_dn"), "%20");
        String str3 = map.get("security.ldap.bind_pass");
        String str4 = map.get("security.ldap.user_search_base");
        String str5 = map.get("security.ldap.user_search_filter");
        String str6 = map.get("security.ldap.user_dn_pattern");
        String str7 = map.get("security.ldap.password_attribute");
        boolean containsKey = map.containsKey("security.ldap.compare_passwords");
        DefaultSpringSecurityContextSource defaultSpringSecurityContextSource = new DefaultSpringSecurityContextSource(Arrays.asList(str), str2);
        defaultSpringSecurityContextSource.setAuthenticationSource(new SpringSecurityAuthenticationSource());
        defaultSpringSecurityContextSource.setCacheEnvironmentProperties(false);
        if (!noSpaces.isEmpty()) {
            defaultSpringSecurityContextSource.setUserDn(noSpaces);
        }
        if (!str3.isEmpty()) {
            defaultSpringSecurityContextSource.setPassword(str3);
        }
        FilterBasedLdapUserSearch filterBasedLdapUserSearch = new FilterBasedLdapUserSearch(str4, str5, defaultSpringSecurityContextSource);
        if (!containsKey) {
            BindAuthenticator bindAuthenticator = new BindAuthenticator(defaultSpringSecurityContextSource);
            bindAuthenticator.setUserDnPatterns(getUserDnPatterns(str6));
            bindAuthenticator.setUserSearch(filterBasedLdapUserSearch);
            this.authenticator = bindAuthenticator;
            return;
        }
        PasswordComparisonAuthenticator passwordComparisonAuthenticator = new PasswordComparisonAuthenticator(defaultSpringSecurityContextSource);
        passwordComparisonAuthenticator.setPasswordAttributeName(str7);
        passwordComparisonAuthenticator.setUserDnPatterns(getUserDnPatterns(str6));
        passwordComparisonAuthenticator.setUserSearch(filterBasedLdapUserSearch);
        this.authenticator = passwordComparisonAuthenticator;
    }

    @Override // org.springframework.security.ldap.authentication.LdapAuthenticator
    public DirContextOperations authenticate(Authentication authentication) {
        try {
            if (this.authenticator != null) {
                return this.authenticator.authenticate(authentication);
            }
        } catch (Exception e) {
            logger.warn("Failed to authenticate user with LDAP server: {}", e.getMessage());
        }
        throw new AuthenticationServiceException("LDAP user not found.");
    }

    private String[] getUserDnPatterns(String str) {
        return StringUtils.isBlank(str) ? new String[]{""} : str.contains("|") ? str.split("\\|") : new String[]{str};
    }
}
