package org.springframework.xd.dirt.server.security;

import java.util.Collection;
import java.util.Collections;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;
import org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

@ConfigurationProperties(prefix = "xd.security.authentication.ldap")
@Configuration
@ConditionalOnProperty({"xd.security.authentication.ldap.enabled"})
/* loaded from: input_file:org/springframework/xd/dirt/server/security/LdapAuthenticationConfiguration.class */
public class LdapAuthenticationConfiguration extends GlobalAuthenticationConfigurerAdapter {
    private String url;
    private String userDnPattern;
    private String managerDn;
    private String managerPassword;
    private String userSearchFilter;
    private String userSearchBase = "";
    private String groupSearchFilter = "";
    private String groupSearchBase = "";
    private String groupRoleAttribute = "cn";

    public String getUrl() {
        return this.url;
    }

    public void setUrl(String str) {
        this.url = str;
    }

    public String getUserDnPattern() {
        return this.userDnPattern;
    }

    public void setUserDnPattern(String str) {
        this.userDnPattern = str;
    }

    public String getManagerDn() {
        return this.managerDn;
    }

    public void setManagerDn(String str) {
        this.managerDn = str;
    }

    public String getManagerPassword() {
        return this.managerPassword;
    }

    public void setManagerPassword(String str) {
        this.managerPassword = str;
    }

    public String getUserSearchBase() {
        return this.userSearchBase;
    }

    public void setUserSearchBase(String str) {
        this.userSearchBase = str;
    }

    public String getUserSearchFilter() {
        return this.userSearchFilter;
    }

    public void setUserSearchFilter(String str) {
        this.userSearchFilter = str;
    }

    public String getGroupSearchFilter() {
        return this.groupSearchFilter;
    }

    public void setGroupSearchFilter(String str) {
        this.groupSearchFilter = str;
    }

    public String getGroupSearchBase() {
        return this.groupSearchBase;
    }

    public void setGroupSearchBase(String str) {
        this.groupSearchBase = str;
    }

    public String getGroupRoleAttribute() {
        return this.groupRoleAttribute;
    }

    public void setGroupRoleAttribute(String str) {
        this.groupRoleAttribute = str;
    }

    public void init(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        LdapAuthenticationProviderConfigurer ldapAuthentication = authenticationManagerBuilder.ldapAuthentication();
        Assert.hasText(this.url, "'url' must not be empty");
        Assert.isTrue(StringUtils.isEmpty(this.userDnPattern) ^ StringUtils.isEmpty(this.userSearchFilter), "exactly one of 'userDnPattern' or 'userSearch' must be provided");
        ldapAuthentication.contextSource().url(this.url).managerDn(this.managerDn).managerPassword(this.managerPassword);
        if (!StringUtils.isEmpty(this.userDnPattern)) {
            ldapAuthentication.userDnPatterns(new String[]{this.userDnPattern});
        }
        if (!StringUtils.isEmpty(this.userSearchFilter)) {
            ldapAuthentication.userSearchBase(this.userSearchBase).userSearchFilter(this.userSearchFilter);
        }
        if (StringUtils.isEmpty(this.groupSearchFilter)) {
            ldapAuthentication.ldapAuthoritiesPopulator(new LdapAuthoritiesPopulator() { // from class: org.springframework.xd.dirt.server.security.LdapAuthenticationConfiguration.1
                public Collection<? extends GrantedAuthority> getGrantedAuthorities(DirContextOperations dirContextOperations, String str) {
                    return Collections.singleton(new SimpleGrantedAuthority("ROLE_ADMIN"));
                }
            });
        } else {
            ldapAuthentication.groupSearchBase(this.groupSearchBase).groupSearchFilter(this.groupSearchFilter).groupRoleAttribute(this.groupRoleAttribute);
        }
    }
}
