package org.fabric3.security.spring.factory;

import java.util.ArrayList;
import java.util.List;
import org.fabric3.datasource.spi.DataSourceRegistry;
import org.fabric3.security.spring.config.AuthenticationManagerConfiguration;
import org.fabric3.security.spring.config.AuthenticationProviderConfiguration;
import org.fabric3.security.spring.config.JdbcProviderConfiguration;
import org.fabric3.security.spring.config.LdapProviderConfiguration;
import org.fabric3.security.spring.config.LdapServerConfiguration;
import org.oasisopen.sca.annotation.Reference;
import org.springframework.ldap.core.support.BaseLdapPathContextSource;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.authentication.encoding.Md4PasswordEncoder;
import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
import org.springframework.security.authentication.encoding.PasswordEncoder;
import org.springframework.security.authentication.encoding.PlaintextPasswordEncoder;
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
import org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
import org.springframework.security.ldap.authentication.BindAuthenticator;
import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
import org.springframework.security.ldap.authentication.LdapAuthenticator;
import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;
import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator;
import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;

/* loaded from: input_file:org/fabric3/security/spring/factory/AuthenticationProviderFactoryImpl.class */
public class AuthenticationProviderFactoryImpl implements AuthenticationProviderFactory {
    private DataSourceRegistry registry;

    @Reference
    public void setRegistry(DataSourceRegistry dataSourceRegistry) {
        this.registry = dataSourceRegistry;
    }

    @Override // org.fabric3.security.spring.factory.AuthenticationProviderFactory
    public List<AuthenticationProvider> create(AuthenticationManagerConfiguration authenticationManagerConfiguration) {
        ArrayList arrayList = new ArrayList();
        LdapServerConfiguration ldapServerConfiguration = authenticationManagerConfiguration.getLdapServerConfiguration();
        BaseLdapPathContextSource createContextSource = ldapServerConfiguration != null ? createContextSource(ldapServerConfiguration) : null;
        for (AuthenticationProviderConfiguration authenticationProviderConfiguration : authenticationManagerConfiguration.getProviderConfigurations()) {
            if (authenticationProviderConfiguration instanceof JdbcProviderConfiguration) {
                arrayList.add(createJdbcProvider(authenticationProviderConfiguration));
            } else if (authenticationProviderConfiguration instanceof LdapProviderConfiguration) {
                arrayList.add(createLdapProvider(createContextSource, (LdapProviderConfiguration) authenticationProviderConfiguration));
            }
        }
        return arrayList;
    }

    private AuthenticationProvider createLdapProvider(BaseLdapPathContextSource baseLdapPathContextSource, LdapProviderConfiguration ldapProviderConfiguration) {
        return new LdapAuthenticationProvider(createAuthenticator(ldapProviderConfiguration, baseLdapPathContextSource), createPopulator(baseLdapPathContextSource, ldapProviderConfiguration));
    }

    private AuthenticationProvider createJdbcProvider(AuthenticationProviderConfiguration authenticationProviderConfiguration) {
        JdbcProviderConfiguration jdbcProviderConfiguration = (JdbcProviderConfiguration) authenticationProviderConfiguration;
        DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
        PasswordEncoder createPasswordEncoder = createPasswordEncoder(jdbcProviderConfiguration);
        if (createPasswordEncoder != null) {
            daoAuthenticationProvider.setPasswordEncoder(createPasswordEncoder);
        }
        JdbcDaoImpl jdbcDaoImpl = new JdbcDaoImpl();
        jdbcDaoImpl.setDataSource(new DataSourceWrapper(jdbcProviderConfiguration.getDataSourceName(), this.registry));
        daoAuthenticationProvider.setUserDetailsService(jdbcDaoImpl);
        return daoAuthenticationProvider;
    }

    private PasswordEncoder createPasswordEncoder(JdbcProviderConfiguration jdbcProviderConfiguration) {
        String passwordEncoder = jdbcProviderConfiguration.getPasswordEncoder();
        if (passwordEncoder == null) {
            return null;
        }
        boolean isUseBase64 = jdbcProviderConfiguration.isUseBase64();
        if ("plaintext".equals(passwordEncoder)) {
            return new PlaintextPasswordEncoder();
        }
        if ("sha".equals(passwordEncoder)) {
            ShaPasswordEncoder shaPasswordEncoder = new ShaPasswordEncoder();
            shaPasswordEncoder.setEncodeHashAsBase64(isUseBase64);
            return shaPasswordEncoder;
        }
        if ("sha-256".equals(passwordEncoder)) {
            ShaPasswordEncoder shaPasswordEncoder2 = new ShaPasswordEncoder(256);
            shaPasswordEncoder2.setEncodeHashAsBase64(isUseBase64);
            return shaPasswordEncoder2;
        }
        if ("md4".equals(passwordEncoder)) {
            Md4PasswordEncoder md4PasswordEncoder = new Md4PasswordEncoder();
            md4PasswordEncoder.setEncodeHashAsBase64(isUseBase64);
            return md4PasswordEncoder;
        }
        if (!"md5".equals(passwordEncoder)) {
            throw new AssertionError("Unknown encoder type:" + passwordEncoder);
        }
        Md5PasswordEncoder md5PasswordEncoder = new Md5PasswordEncoder();
        md5PasswordEncoder.setEncodeHashAsBase64(isUseBase64);
        return md5PasswordEncoder;
    }

    private LdapAuthenticator createAuthenticator(LdapProviderConfiguration ldapProviderConfiguration, BaseLdapPathContextSource baseLdapPathContextSource) {
        BindAuthenticator bindAuthenticator = new BindAuthenticator(baseLdapPathContextSource);
        String[] dnPattern = ldapProviderConfiguration.getDnPattern();
        if (dnPattern != null) {
            bindAuthenticator.setUserDnPatterns(dnPattern);
        } else {
            bindAuthenticator.setUserSearch(new FilterBasedLdapUserSearch(ldapProviderConfiguration.getUserSearchBase(), ldapProviderConfiguration.getUserSearchFilter(), baseLdapPathContextSource));
        }
        return bindAuthenticator;
    }

    private LdapAuthoritiesPopulator createPopulator(BaseLdapPathContextSource baseLdapPathContextSource, LdapProviderConfiguration ldapProviderConfiguration) {
        String groupSearchBase = ldapProviderConfiguration.getGroupSearchBase();
        String groupSearchFilter = ldapProviderConfiguration.getGroupSearchFilter();
        String groupRoleAttribute = ldapProviderConfiguration.getGroupRoleAttribute();
        DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(baseLdapPathContextSource, groupSearchBase);
        defaultLdapAuthoritiesPopulator.setGroupSearchFilter(groupSearchFilter);
        defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(groupRoleAttribute);
        return defaultLdapAuthoritiesPopulator;
    }

    private BaseLdapPathContextSource createContextSource(LdapServerConfiguration ldapServerConfiguration) {
        DefaultSpringSecurityContextSource defaultSpringSecurityContextSource = new DefaultSpringSecurityContextSource(ldapServerConfiguration.getServerLocation());
        defaultSpringSecurityContextSource.setUserDn(ldapServerConfiguration.getManagerDN());
        defaultSpringSecurityContextSource.setPassword(ldapServerConfiguration.getManagerPassword());
        try {
            defaultSpringSecurityContextSource.afterPropertiesSet();
        } catch (Exception e) {
            e.printStackTrace();
        }
        return defaultSpringSecurityContextSource;
    }
}
