package org.cloudfoundry.identity.uaa.impl.config;

import org.cloudfoundry.identity.uaa.authorization.LdapGroupMappingAuthorizationManager;
import org.cloudfoundry.identity.uaa.provider.LdapIdentityProviderDefinition;
import org.cloudfoundry.identity.uaa.provider.ldap.LdapGroupToScopesMapper;
import org.cloudfoundry.identity.uaa.scim.ScimGroupExternalMembershipManager;
import org.cloudfoundry.identity.uaa.scim.ScimGroupProvisioning;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Condition;
import org.springframework.context.annotation.ConditionContext;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.core.type.AnnotatedTypeMetadata;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;

@Configuration
@Conditional({IfConfigured.class})
@Import({LdapGroupsConfig.class})
/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-3.9.0.jar:org/cloudfoundry/identity/uaa/impl/config/LdapGroupsMappedToScopesConfig.class */
public class LdapGroupsMappedToScopesConfig {

    /* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-3.9.0.jar:org/cloudfoundry/identity/uaa/impl/config/LdapGroupsMappedToScopesConfig$IfConfigured.class */
    public static class IfConfigured implements Condition {
        @Override // org.springframework.context.annotation.Condition
        public boolean matches(ConditionContext conditionContext, AnnotatedTypeMetadata annotatedTypeMetadata) {
            String property = conditionContext.getEnvironment().getProperty(LdapIdentityProviderDefinition.LDAP_GROUPS_FILE);
            return property != null && property.equals(LdapIdentityProviderDefinition.LDAP_GROUP_FILE_GROUPS_MAP_TO_SCOPES);
        }
    }

    @Bean
    public String configuredGroupRoleAttribute() {
        return "spring.security.ldap.dn";
    }

    @Bean
    public LdapGroupMappingAuthorizationManager ldapGroupMappingAuthorizationManager(ScimGroupExternalMembershipManager scimGroupExternalMembershipManager, ScimGroupProvisioning scimGroupProvisioning) {
        LdapGroupMappingAuthorizationManager ldapGroupMappingAuthorizationManager = new LdapGroupMappingAuthorizationManager();
        ldapGroupMappingAuthorizationManager.setExternalMembershipManager(scimGroupExternalMembershipManager);
        ldapGroupMappingAuthorizationManager.setScimGroupProvisioning(scimGroupProvisioning);
        return ldapGroupMappingAuthorizationManager;
    }

    @Bean
    public GrantedAuthoritiesMapper ldapAuthoritiesMapper(LdapGroupMappingAuthorizationManager ldapGroupMappingAuthorizationManager) {
        LdapGroupToScopesMapper ldapGroupToScopesMapper = new LdapGroupToScopesMapper();
        ldapGroupToScopesMapper.setGroupMapper(ldapGroupMappingAuthorizationManager);
        return ldapGroupToScopesMapper;
    }

    @Bean
    public String testLdapGroup() {
        return "ldap-groups-map-to-scopes.xml";
    }
}
