package org.cloudfoundry.identity.uaa.provider.ldap;

import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.cloudfoundry.identity.uaa.provider.LdapIdentityProviderDefinition;
import org.cloudfoundry.identity.uaa.provider.ldap.extension.ExtendedLdapUserImpl;
import org.springframework.ldap.core.DirContextAdapter;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.ldap.userdetails.LdapUserDetails;
import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-3.1.0.jar:org/cloudfoundry/identity/uaa/provider/ldap/ExtendedLdapUserMapper.class */
public class ExtendedLdapUserMapper extends LdapUserDetailsMapper {
    private static final Log logger = LogFactory.getLog(ExtendedLdapUserMapper.class);
    public static final String SUBSTITUTE_MAIL_ATTR_NAME = "substitute-mail-attribute";
    private String givenNameAttributeName;
    private String familyNameAttributeName;
    private String phoneNumberAttributeName;
    private String mailAttributeName = LdapIdentityProviderDefinition.MAIL;
    private String mailSubstitute = null;
    private boolean mailSubstituteOverrides = false;

    @Override // org.springframework.security.ldap.userdetails.LdapUserDetailsMapper, org.springframework.security.ldap.userdetails.UserDetailsContextMapper
    public UserDetails mapUserFromContext(DirContextOperations dirContextOperations, String str, Collection<? extends GrantedAuthority> collection) {
        LdapUserDetails ldapUserDetails = (LdapUserDetails) super.mapUserFromContext(dirContextOperations, str, collection);
        DirContextAdapter dirContextAdapter = (DirContextAdapter) dirContextOperations;
        HashMap hashMap = new HashMap();
        for (String str2 : Collections.list(dirContextAdapter.getAttributes().getIDs())) {
            try {
                Object[] objectAttributes = dirContextAdapter.getObjectAttributes(str2);
                String[] strArr = new String[objectAttributes != null ? objectAttributes.length : 0];
                for (int i = 0; i < strArr.length; i++) {
                    if (objectAttributes[i] != null) {
                        if (objectAttributes[i].getClass().isAssignableFrom(String.class)) {
                            strArr[i] = (String) objectAttributes[i];
                        } else if (objectAttributes[i] instanceof byte[]) {
                            strArr[i] = new String((byte[]) objectAttributes[i]);
                        } else {
                            strArr[i] = objectAttributes[i].toString();
                        }
                    }
                }
                if (strArr == null || strArr.length == 0) {
                    logger.debug("No attribute value found for '" + str2 + "'");
                } else {
                    hashMap.put(str2, strArr);
                }
            } catch (ArrayStoreException e) {
                logger.debug("Attribute value is not a string for '" + str2 + "'");
            }
        }
        hashMap.put("spring.security.ldap.dn", new String[]{dirContextAdapter.getDn().toString()});
        String configureMailAttribute = configureMailAttribute(str, hashMap);
        ExtendedLdapUserImpl extendedLdapUserImpl = new ExtendedLdapUserImpl(ldapUserDetails, hashMap);
        extendedLdapUserImpl.setMailAttributeName(configureMailAttribute);
        extendedLdapUserImpl.setGivenNameAttributeName(this.givenNameAttributeName);
        extendedLdapUserImpl.setFamilyNameAttributeName(this.familyNameAttributeName);
        extendedLdapUserImpl.setPhoneNumberAttributeName(this.phoneNumberAttributeName);
        return extendedLdapUserImpl;
    }

    protected String configureMailAttribute(String str, Map<String, String[]> map) {
        String mailAttributeName = getMailAttributeName();
        if (getMailSubstitute() != null) {
            map.put(SUBSTITUTE_MAIL_ATTR_NAME, new String[]{substituteMail(str)});
            if (isMailSubstituteOverridesLdap() || map.get(getMailAttributeName()) == null || map.get(getMailAttributeName()).length == 0) {
                mailAttributeName = SUBSTITUTE_MAIL_ATTR_NAME;
            }
        }
        return mailAttributeName;
    }

    protected String substituteMail(String str) {
        if (getMailSubstitute() == null) {
            return null;
        }
        return getMailSubstitute().replace("{0}", str);
    }

    public String getMailAttributeName() {
        return this.mailAttributeName;
    }

    public void setMailAttributeName(String str) {
        this.mailAttributeName = str;
    }

    public String getPhoneNumberAttributeName() {
        return this.phoneNumberAttributeName;
    }

    public void setPhoneNumberAttributeName(String str) {
        this.phoneNumberAttributeName = str;
    }

    public String getGivenNameAttributeName() {
        return this.givenNameAttributeName;
    }

    public void setGivenNameAttributeName(String str) {
        this.givenNameAttributeName = str;
    }

    public String getFamilyNameAttributeName() {
        return this.familyNameAttributeName;
    }

    public void setFamilyNameAttributeName(String str) {
        this.familyNameAttributeName = str;
    }

    public String getMailSubstitute() {
        return this.mailSubstitute;
    }

    public void setMailSubstitute(String str) {
        if ("null".equals(str) || "".equals(str)) {
            str = null;
        }
        if (str != null && !str.contains("{0}")) {
            throw new IllegalArgumentException("Invalid mail substitute pattern, {0} is missing.");
        }
        this.mailSubstitute = str;
    }

    public boolean isMailSubstituteOverridesLdap() {
        return this.mailSubstituteOverrides;
    }

    public void setMailSubstituteOverridesLdap(boolean z) {
        this.mailSubstituteOverrides = z;
    }
}
