package org.georchestra.gateway.security.ldap.extended;

import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import org.georchestra.ds.orgs.OrgsDao;
import org.georchestra.ds.orgs.OrgsDaoImpl;
import org.georchestra.ds.roles.RoleDao;
import org.georchestra.ds.roles.RoleDaoImpl;
import org.georchestra.ds.roles.RoleProtected;
import org.georchestra.ds.security.OrganizationMapperImpl;
import org.georchestra.ds.security.OrganizationsApiImpl;
import org.georchestra.ds.security.UserMapper;
import org.georchestra.ds.security.UserMapperImpl;
import org.georchestra.ds.security.UsersApiImpl;
import org.georchestra.ds.users.AccountDao;
import org.georchestra.ds.users.AccountDaoImpl;
import org.georchestra.ds.users.UserRule;
import org.georchestra.gateway.security.ldap.LdapConfigProperties;
import org.georchestra.gateway.security.ldap.basic.LdapAuthenticatorProviderBuilder;
import org.georchestra.security.api.OrganizationsApi;
import org.georchestra.security.api.UsersApi;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.BeanInitializationException;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.core.support.LdapContextSource;

@EnableConfigurationProperties({LdapConfigProperties.class})
@Configuration(proxyBeanMethods = false)
/* loaded from: input_file:BOOT-INF/classes/org/georchestra/gateway/security/ldap/extended/ExtendedLdapAuthenticationConfiguration.class */
public class ExtendedLdapAuthenticationConfiguration {
    private static final Logger log = LoggerFactory.getLogger("org.georchestra.gateway.security.ldap.extended");

    @Bean
    GeorchestraLdapAuthenticatedUserMapper georchestraLdapAuthenticatedUserMapper(DemultiplexingUsersApi demultiplexingUsersApi) {
        if (demultiplexingUsersApi.getTargetNames().isEmpty()) {
            return null;
        }
        return new GeorchestraLdapAuthenticatedUserMapper(demultiplexingUsersApi);
    }

    @Bean
    List<ExtendedLdapConfig> enabledExtendedLdapConfigs(LdapConfigProperties ldapConfigProperties) {
        return ldapConfigProperties.extendedEnabled();
    }

    @Bean
    List<GeorchestraLdapAuthenticationProvider> extendedLdapAuthenticationProviders(List<ExtendedLdapConfig> list) {
        return (List) list.stream().map(this::createLdapProvider).collect(Collectors.toList());
    }

    private GeorchestraLdapAuthenticationProvider createLdapProvider(ExtendedLdapConfig extendedLdapConfig) {
        log.info("Creating extended LDAP AuthenticationProvider {} at {}", extendedLdapConfig.getName(), extendedLdapConfig.getUrl());
        try {
            return new GeorchestraLdapAuthenticationProvider(extendedLdapConfig.getName(), new LdapAuthenticatorProviderBuilder().url(extendedLdapConfig.getUrl()).baseDn(extendedLdapConfig.getBaseDn()).userSearchBase(extendedLdapConfig.getUsersRdn()).userSearchFilter(extendedLdapConfig.getUsersSearchFilter()).rolesSearchBase(extendedLdapConfig.getRolesRdn()).rolesSearchFilter(extendedLdapConfig.getRolesSearchFilter()).adminDn(extendedLdapConfig.getAdminDn().orElse(null)).adminPassword(extendedLdapConfig.getAdminPassword().orElse(null)).returningAttributes(extendedLdapConfig.getReturningAttributes()).accountDao(accountsDao(ldapTemplate(extendedLdapConfig), extendedLdapConfig)).build());
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    @Bean
    DemultiplexingUsersApi demultiplexingUsersApi(List<ExtendedLdapConfig> list) {
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        for (ExtendedLdapConfig extendedLdapConfig : list) {
            try {
                LdapTemplate ldapTemplate = ldapTemplate(extendedLdapConfig);
                AccountDao accountsDao = accountsDao(ldapTemplate, extendedLdapConfig);
                UsersApi createUsersApi = createUsersApi(extendedLdapConfig, ldapTemplate, accountsDao);
                OrganizationsApi createOrgsApi = createOrgsApi(extendedLdapConfig, ldapTemplate, accountsDao);
                hashMap.put(extendedLdapConfig.getName(), createUsersApi);
                hashMap2.put(extendedLdapConfig.getName(), createOrgsApi);
            } catch (Exception e) {
                throw new BeanInitializationException("Error creating georchestra users api for ldap config " + extendedLdapConfig.getName(), e);
            }
        }
        return new DemultiplexingUsersApi(hashMap, hashMap2);
    }

    private OrganizationsApi createOrgsApi(ExtendedLdapConfig extendedLdapConfig, LdapTemplate ldapTemplate, AccountDao accountDao) throws Exception {
        OrganizationsApiImpl organizationsApiImpl = new OrganizationsApiImpl();
        OrgsDaoImpl orgsDaoImpl = new OrgsDaoImpl();
        orgsDaoImpl.setLdapTemplate(ldapTemplate);
        orgsDaoImpl.setAccountDao(accountDao);
        orgsDaoImpl.setBasePath(extendedLdapConfig.getBaseDn());
        orgsDaoImpl.setOrgSearchBaseDN(extendedLdapConfig.getOrgsRdn());
        orgsDaoImpl.setPendingOrgSearchBaseDN(extendedLdapConfig.getPendingOrgsRdn());
        organizationsApiImpl.setOrgsDao(orgsDaoImpl);
        organizationsApiImpl.setOrgMapper(new OrganizationMapperImpl());
        return organizationsApiImpl;
    }

    private UsersApi createUsersApi(ExtendedLdapConfig extendedLdapConfig, LdapTemplate ldapTemplate, AccountDao accountDao) throws Exception {
        UserMapper createUserMapper = createUserMapper(roleDao(ldapTemplate, extendedLdapConfig, accountDao));
        UserRule ldapUserRule = ldapUserRule(extendedLdapConfig);
        UsersApiImpl usersApiImpl = new UsersApiImpl();
        usersApiImpl.setAccountsDao(accountDao);
        usersApiImpl.setMapper(createUserMapper);
        usersApiImpl.setUserRule(ldapUserRule);
        return usersApiImpl;
    }

    private UserMapper createUserMapper(RoleDao roleDao) {
        UserMapperImpl userMapperImpl = new UserMapperImpl();
        userMapperImpl.setRoleDao(roleDao);
        return userMapperImpl;
    }

    private LdapTemplate ldapTemplate(ExtendedLdapConfig extendedLdapConfig) throws Exception {
        LdapContextSource ldapContextSource = new LdapContextSource();
        ldapContextSource.setUrl(extendedLdapConfig.getUrl());
        ldapContextSource.setBase(extendedLdapConfig.getBaseDn());
        ldapContextSource.afterPropertiesSet();
        LdapTemplate ldapTemplate = new LdapTemplate(ldapContextSource);
        ldapTemplate.afterPropertiesSet();
        return ldapTemplate;
    }

    private AccountDao accountsDao(LdapTemplate ldapTemplate, ExtendedLdapConfig extendedLdapConfig) {
        String baseDn = extendedLdapConfig.getBaseDn();
        String usersRdn = extendedLdapConfig.getUsersRdn();
        String rolesRdn = extendedLdapConfig.getRolesRdn();
        AccountDaoImpl accountDaoImpl = new AccountDaoImpl(ldapTemplate);
        accountDaoImpl.setBasePath(baseDn);
        accountDaoImpl.setUserSearchBaseDN(usersRdn);
        accountDaoImpl.setRoleSearchBaseDN(rolesRdn);
        if ("ou=pendingusers" != 0) {
            accountDaoImpl.setPendingUserSearchBaseDN("ou=pendingusers");
        }
        String orgsRdn = extendedLdapConfig.getOrgsRdn();
        Objects.requireNonNull(orgsRdn);
        accountDaoImpl.setOrgSearchBaseDN(orgsRdn);
        accountDaoImpl.setPendingOrgSearchBaseDN("ou=pendingorgs");
        accountDaoImpl.init();
        return accountDaoImpl;
    }

    private RoleDao roleDao(LdapTemplate ldapTemplate, ExtendedLdapConfig extendedLdapConfig, AccountDao accountDao) {
        String rolesRdn = extendedLdapConfig.getRolesRdn();
        RoleDaoImpl roleDaoImpl = new RoleDaoImpl();
        roleDaoImpl.setLdapTemplate(ldapTemplate);
        roleDaoImpl.setRoleSearchBaseDN(rolesRdn);
        roleDaoImpl.setAccountDao(accountDao);
        roleDaoImpl.setRoles(ldapProtectedRoles(extendedLdapConfig));
        return roleDaoImpl;
    }

    private OrgsDao orgsDao(LdapTemplate ldapTemplate, LdapConfigProperties.Server server) {
        OrgsDaoImpl orgsDaoImpl = new OrgsDaoImpl();
        orgsDaoImpl.setLdapTemplate(ldapTemplate);
        orgsDaoImpl.setBasePath(server.getBaseDn());
        orgsDaoImpl.setOrgSearchBaseDN(server.getOrgs().getRdn());
        orgsDaoImpl.setPendingOrgSearchBaseDN("ou=pendingorgs");
        return orgsDaoImpl;
    }

    private UserRule ldapUserRule(ExtendedLdapConfig extendedLdapConfig) {
        List emptyList = Collections.emptyList();
        UserRule userRule = new UserRule();
        userRule.setListOfprotectedUsers((String[]) emptyList.toArray(i -> {
            return new String[i];
        }));
        return userRule;
    }

    private RoleProtected ldapProtectedRoles(ExtendedLdapConfig extendedLdapConfig) {
        List of = List.of();
        RoleProtected roleProtected = new RoleProtected();
        roleProtected.setListOfprotectedRoles((String[]) of.toArray(i -> {
            return new String[i];
        }));
        return roleProtected;
    }
}
