package org.georchestra.gateway.security.ldap;

import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.georchestra.gateway.security.ServerHttpSecurityCustomizer;
import org.georchestra.gateway.security.ldap.basic.BasicLdapAuthenticationConfiguration;
import org.georchestra.gateway.security.ldap.basic.BasicLdapAuthenticationProvider;
import org.georchestra.gateway.security.ldap.extended.ExtendedLdapAuthenticationConfiguration;
import org.georchestra.gateway.security.ldap.extended.GeorchestraLdapAuthenticationProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.authentication.ReactiveAuthenticationManagerAdapter;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.authentication.AuthenticationWebFilter;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;

@EnableConfigurationProperties({LdapConfigProperties.class})
@Configuration(proxyBeanMethods = true)
@Import({BasicLdapAuthenticationConfiguration.class, ExtendedLdapAuthenticationConfiguration.class})
/* loaded from: input_file:BOOT-INF/classes/org/georchestra/gateway/security/ldap/LdapAuthenticationConfiguration.class */
public class LdapAuthenticationConfiguration {
    private static final Logger log = LoggerFactory.getLogger("org.georchestra.gateway.security.ldap");

    /* loaded from: input_file:BOOT-INF/classes/org/georchestra/gateway/security/ldap/LdapAuthenticationConfiguration$LDAPAuthenticationCustomizer.class */
    public static final class LDAPAuthenticationCustomizer implements ServerHttpSecurityCustomizer {
        @Override // org.springframework.security.config.Customizer
        public void customize(ServerHttpSecurity serverHttpSecurity) {
            LdapAuthenticationConfiguration.log.info("Enabling HTTP Basic authentication support for LDAP");
            serverHttpSecurity.httpBasic().and().formLogin();
        }
    }

    @Bean
    public ServerHttpSecurityCustomizer ldapHttpBasicLoginFormEnablerExtension() {
        return new LDAPAuthenticationCustomizer();
    }

    @Bean
    public AuthenticationWebFilter ldapAuthenticationWebFilter(ReactiveAuthenticationManager reactiveAuthenticationManager) {
        AuthenticationWebFilter authenticationWebFilter = new AuthenticationWebFilter(reactiveAuthenticationManager);
        authenticationWebFilter.setRequiresAuthenticationMatcher(ServerWebExchangeMatchers.pathMatchers("/auth/login"));
        return authenticationWebFilter;
    }

    @Bean
    public ReactiveAuthenticationManager ldapAuthenticationManager(List<BasicLdapAuthenticationProvider> list, List<GeorchestraLdapAuthenticationProvider> list2) {
        Stream concat = Stream.concat(list.stream(), list2.stream());
        Class<AuthenticationProvider> cls = AuthenticationProvider.class;
        Objects.requireNonNull(AuthenticationProvider.class);
        List list3 = (List) concat.map((v1) -> {
            return r1.cast(v1);
        }).collect(Collectors.toList());
        if (list3.isEmpty()) {
            return null;
        }
        return new ReactiveAuthenticationManagerAdapter(new ProviderManager((List<AuthenticationProvider>) list3));
    }
}
