package org.cloudfoundry.identity.uaa.authentication.manager;

import java.nio.file.ProviderNotFoundException;
import org.cloudfoundry.identity.uaa.authentication.manager.ChainedAuthenticationManager;
import org.cloudfoundry.identity.uaa.impl.config.EnvironmentPropertiesFactoryBean;
import org.cloudfoundry.identity.uaa.provider.LdapIdentityProviderDefinition;
import org.cloudfoundry.identity.uaa.scim.ScimGroupExternalMembershipManager;
import org.cloudfoundry.identity.uaa.scim.ScimGroupProvisioning;
import org.cloudfoundry.identity.uaa.util.LdapUtils;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.support.DefaultListableBeanFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.context.support.GenericApplicationContext;
import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
import org.springframework.core.env.ConfigurableEnvironment;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-3.16.0.jar:org/cloudfoundry/identity/uaa/authentication/manager/DynamicLdapAuthenticationManager.class */
public class DynamicLdapAuthenticationManager implements AuthenticationManager {
    private final LdapIdentityProviderDefinition definition;
    private ClassPathXmlApplicationContext context = null;
    private ScimGroupExternalMembershipManager scimGroupExternalMembershipManager;
    private ScimGroupProvisioning scimGroupProvisioning;
    private LdapLoginAuthenticationManager ldapLoginAuthenticationManager;
    private AuthenticationManager manager;
    private AuthenticationManager ldapManagerActual;

    public DynamicLdapAuthenticationManager(LdapIdentityProviderDefinition ldapIdentityProviderDefinition, ScimGroupExternalMembershipManager scimGroupExternalMembershipManager, ScimGroupProvisioning scimGroupProvisioning, LdapLoginAuthenticationManager ldapLoginAuthenticationManager) {
        this.definition = ldapIdentityProviderDefinition;
        this.scimGroupExternalMembershipManager = scimGroupExternalMembershipManager;
        this.scimGroupProvisioning = scimGroupProvisioning;
        this.ldapLoginAuthenticationManager = ldapLoginAuthenticationManager;
    }

    public ClassPathXmlApplicationContext getContext() {
        return this.context;
    }

    public synchronized AuthenticationManager getLdapAuthenticationManager() throws BeansException {
        if (this.definition == null) {
            return null;
        }
        if (this.manager != null) {
            return this.manager;
        }
        if (this.context == null) {
            ConfigurableEnvironment ldapConfigurationEnvironment = LdapUtils.getLdapConfigurationEnvironment(this.definition);
            DefaultListableBeanFactory defaultListableBeanFactory = new DefaultListableBeanFactory();
            defaultListableBeanFactory.registerSingleton("externalGroupMembershipManager", this.scimGroupExternalMembershipManager);
            defaultListableBeanFactory.registerSingleton("scimGroupProvisioning", this.scimGroupProvisioning);
            defaultListableBeanFactory.registerSingleton("ldapLoginAuthenticationMgr", this.ldapLoginAuthenticationManager);
            GenericApplicationContext genericApplicationContext = new GenericApplicationContext(defaultListableBeanFactory);
            genericApplicationContext.refresh();
            this.context = new ClassPathXmlApplicationContext(new String[]{"ldap-integration.xml"}, false, (ApplicationContext) genericApplicationContext);
            this.context.setEnvironment(ldapConfigurationEnvironment);
            EnvironmentPropertiesFactoryBean environmentPropertiesFactoryBean = new EnvironmentPropertiesFactoryBean();
            environmentPropertiesFactoryBean.setEnvironment(ldapConfigurationEnvironment);
            PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer = new PropertySourcesPlaceholderConfigurer();
            propertySourcesPlaceholderConfigurer.setProperties(environmentPropertiesFactoryBean.getObject());
            propertySourcesPlaceholderConfigurer.setLocalOverride(true);
            this.context.addBeanFactoryPostProcessor(propertySourcesPlaceholderConfigurer);
            this.context.refresh();
            this.ldapManagerActual = (AuthenticationManager) this.context.getBean("ldapAuthenticationManager");
            AuthenticationManager authenticationManager = (AuthenticationManager) this.context.getBean("ldapLoginAuthenticationMgr");
            ChainedAuthenticationManager chainedAuthenticationManager = new ChainedAuthenticationManager();
            chainedAuthenticationManager.setDelegates(new ChainedAuthenticationManager.AuthenticationManagerConfiguration[]{new ChainedAuthenticationManager.AuthenticationManagerConfiguration(this.ldapManagerActual, null), new ChainedAuthenticationManager.AuthenticationManagerConfiguration(authenticationManager, ChainedAuthenticationManager.IF_PREVIOUS_TRUE)});
            this.manager = chainedAuthenticationManager;
        }
        return this.manager;
    }

    public AuthenticationManager getLdapManagerActual() {
        return this.ldapManagerActual;
    }

    public LdapIdentityProviderDefinition getDefinition() {
        return this.definition;
    }

    @Override // org.springframework.security.authentication.AuthenticationManager
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        AuthenticationManager ldapAuthenticationManager = getLdapAuthenticationManager();
        if (ldapAuthenticationManager != null) {
            return ldapAuthenticationManager.authenticate(authentication);
        }
        throw new ProviderNotFoundException("LDAP provider not configured");
    }

    public void destroy() {
        ClassPathXmlApplicationContext classPathXmlApplicationContext = this.context;
        if (classPathXmlApplicationContext != null) {
            this.context = null;
            classPathXmlApplicationContext.destroy();
        }
    }
}
