package org.cloudfoundry.identity.uaa.ldap;

import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.cloudfoundry.identity.uaa.ldap.extension.ExtendedLdapUserImpl;
import org.cloudfoundry.identity.uaa.ldap.extension.SpringSecurityLdapTemplate;
import org.springframework.ldap.core.DirContextAdapter;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.ldap.userdetails.LdapUserDetails;
import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-common-2.2.4.jar:org/cloudfoundry/identity/uaa/ldap/ExtendedLdapUserMapper.class */
public class ExtendedLdapUserMapper extends LdapUserDetailsMapper {
    private static final Log logger = LogFactory.getLog(ExtendedLdapUserMapper.class);
    public static final String SUBSTITUTE_MAIL_ATTR_NAME = "substitute-mail-attribute";
    private String mailAttributeName = "mail";
    private String mailSubstitute = null;
    private boolean mailSubstituteOverrides = false;

    @Override // org.springframework.security.ldap.userdetails.LdapUserDetailsMapper, org.springframework.security.ldap.userdetails.UserDetailsContextMapper
    public UserDetails mapUserFromContext(DirContextOperations dirContextOperations, String str, Collection<? extends GrantedAuthority> collection) {
        LdapUserDetails ldapUserDetails = (LdapUserDetails) super.mapUserFromContext(dirContextOperations, str, collection);
        DirContextAdapter dirContextAdapter = (DirContextAdapter) dirContextOperations;
        HashMap hashMap = new HashMap();
        for (String str2 : Collections.list(dirContextAdapter.getAttributes().getIDs())) {
            try {
                String[] stringAttributes = dirContextAdapter.getStringAttributes(str2);
                if (stringAttributes == null || stringAttributes.length == 0) {
                    logger.debug("No attribute value found for '" + str2 + "'");
                } else {
                    hashMap.put(str2, stringAttributes);
                }
            } catch (ArrayStoreException e) {
                logger.debug("Attribute value is not a string for '" + str2 + "'");
            }
        }
        hashMap.put(SpringSecurityLdapTemplate.DN_KEY, new String[]{dirContextAdapter.getDn().toString()});
        String configureMailAttribute = configureMailAttribute(str, hashMap);
        ExtendedLdapUserImpl extendedLdapUserImpl = new ExtendedLdapUserImpl(ldapUserDetails, hashMap);
        extendedLdapUserImpl.setMailAttributeName(configureMailAttribute);
        return extendedLdapUserImpl;
    }

    protected String configureMailAttribute(String str, Map<String, String[]> map) {
        String mailAttributeName = getMailAttributeName();
        if (getMailSubstitute() != null) {
            map.put(SUBSTITUTE_MAIL_ATTR_NAME, new String[]{substituteMail(str)});
            if (isMailSubstituteOverridesLdap() || map.get(getMailAttributeName()) == null || map.get(getMailAttributeName()).length == 0) {
                mailAttributeName = SUBSTITUTE_MAIL_ATTR_NAME;
            }
        }
        return mailAttributeName;
    }

    protected String substituteMail(String str) {
        if (getMailSubstitute() == null) {
            return null;
        }
        return getMailSubstitute().replace("{0}", str);
    }

    public String getMailAttributeName() {
        return this.mailAttributeName;
    }

    public void setMailAttributeName(String str) {
        this.mailAttributeName = str;
    }

    public String getMailSubstitute() {
        return this.mailSubstitute;
    }

    public void setMailSubstitute(String str) {
        if ("null".equals(str) || "".equals(str)) {
            str = null;
        }
        if (str != null && !str.contains("{0}")) {
            throw new IllegalArgumentException("Invalid mail substitute pattern, {0} is missing.");
        }
        this.mailSubstitute = str;
    }

    public boolean isMailSubstituteOverridesLdap() {
        return this.mailSubstituteOverrides;
    }

    public void setMailSubstituteOverridesLdap(boolean z) {
        this.mailSubstituteOverrides = z;
    }
}
