package org.infinispan.server.configuration.security;

import java.util.Objects;
import java.util.Properties;
import java.util.function.Supplier;
import org.infinispan.commons.configuration.BuiltBy;
import org.infinispan.commons.configuration.attributes.AttributeDefinition;
import org.infinispan.commons.configuration.attributes.AttributeSet;
import org.infinispan.commons.configuration.attributes.ConfigurationElement;
import org.infinispan.server.configuration.Attribute;
import org.infinispan.server.configuration.Element;
import org.infinispan.server.configuration.ServerConfigurationSerializer;
import org.infinispan.server.security.ServerSecurityRealm;
import org.wildfly.security.auth.realm.ldap.DirContextFactory;
import org.wildfly.security.auth.realm.ldap.LdapSecurityRealmBuilder;
import org.wildfly.security.auth.realm.ldap.SimpleDirContextFactoryBuilder;
import org.wildfly.security.auth.server.NameRewriter;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.auth.server.SecurityRealm;
import org.wildfly.security.credential.source.CredentialSource;

@BuiltBy(LdapRealmConfigurationBuilder.class)
/* loaded from: input_file:org/infinispan/server/configuration/security/LdapRealmConfiguration.class */
public class LdapRealmConfiguration extends ConfigurationElement<LdapRealmConfiguration> implements RealmProvider {
    static final AttributeDefinition<Supplier<CredentialSource>> CREDENTIAL = AttributeDefinition.builder(Attribute.CREDENTIAL, (Object) null, char[].class).serializer(ServerConfigurationSerializer.CREDENTIAL).immutable().build();
    static final AttributeDefinition<Boolean> DIRECT_EVIDENCE_VERIFICATION = AttributeDefinition.builder(Attribute.DIRECT_VERIFICATION, (Object) null, Boolean.class).immutable().build();
    static final AttributeDefinition<String> NAME = AttributeDefinition.builder(Attribute.NAME, "ldap", String.class).immutable().build();
    static final AttributeDefinition<NameRewriter> NAME_REWRITER = AttributeDefinition.builder(Element.NAME_REWRITER, (Object) null, NameRewriter.class).autoPersist(false).immutable().build();
    static final AttributeDefinition<String> PRINCIPAL = AttributeDefinition.builder(Attribute.PRINCIPAL, (Object) null, String.class).immutable().build();
    static final AttributeDefinition<Integer> PAGE_SIZE = AttributeDefinition.builder(Attribute.PAGE_SIZE, 50, Integer.class).immutable().build();
    static final AttributeDefinition<String> URL = AttributeDefinition.builder(Attribute.URL, (Object) null, String.class).immutable().build();
    static final AttributeDefinition<Integer> CONNECTION_TIMEOUT = AttributeDefinition.builder(Attribute.CONNECTION_TIMEOUT, 5000, Integer.class).immutable().build();
    static final AttributeDefinition<Integer> READ_TIMEOUT = AttributeDefinition.builder(Attribute.READ_TIMEOUT, 60000, Integer.class).immutable().build();
    static final AttributeDefinition<Boolean> CONNECTION_POOLING = AttributeDefinition.builder(Attribute.CONNECTION_POOLING, false, Boolean.class).immutable().build();
    static final AttributeDefinition<DirContextFactory.ReferralMode> REFERRAL_MODE = AttributeDefinition.builder(Attribute.REFERRAL_MODE, DirContextFactory.ReferralMode.IGNORE, DirContextFactory.ReferralMode.class).immutable().build();
    static final AttributeDefinition<String> CLIENT_SSL_CONTEXT = AttributeDefinition.builder(Attribute.CLIENT_SSL_CONTEXT, (Object) null, String.class).immutable().build();
    private final LdapIdentityMappingConfiguration identityMapping;

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AttributeSet attributeDefinitionSet() {
        return new AttributeSet(LdapRealmConfiguration.class, new AttributeDefinition[]{DIRECT_EVIDENCE_VERIFICATION, NAME, NAME_REWRITER, PRINCIPAL, PAGE_SIZE, URL, CONNECTION_TIMEOUT, READ_TIMEOUT, CONNECTION_POOLING, REFERRAL_MODE, CLIENT_SSL_CONTEXT, CREDENTIAL});
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public LdapRealmConfiguration(AttributeSet attributeSet, LdapIdentityMappingConfiguration ldapIdentityMappingConfiguration) {
        super(Element.LDAP_REALM, attributeSet, new ConfigurationElement[0]);
        this.identityMapping = ldapIdentityMappingConfiguration;
    }

    public LdapIdentityMappingConfiguration identityMapping() {
        return this.identityMapping;
    }

    @Override // org.infinispan.server.configuration.security.RealmProvider
    public String name() {
        return (String) this.attributes.attribute(NAME).get();
    }

    public NameRewriter nameRewriter() {
        return (NameRewriter) this.attributes.attribute(NAME_REWRITER).get();
    }

    @Override // org.infinispan.server.configuration.security.RealmProvider
    public SecurityRealm build(SecurityConfiguration securityConfiguration, RealmConfiguration realmConfiguration, SecurityDomain.Builder builder, Properties properties) {
        LdapSecurityRealmBuilder builder2 = LdapSecurityRealmBuilder.builder();
        org.infinispan.commons.configuration.attributes.Attribute attribute = this.attributes.attribute(DIRECT_EVIDENCE_VERIFICATION);
        Objects.requireNonNull(builder2);
        attribute.apply((v1) -> {
            r1.addDirectEvidenceVerification(v1);
        });
        builder2.setPageSize(((Integer) this.attributes.attribute(PAGE_SIZE).get()).intValue());
        this.identityMapping.build(builder2, realmConfiguration);
        Properties properties2 = new Properties();
        properties2.setProperty("com.sun.jndi.ldap.connect.pool", ((Boolean) this.attributes.attribute(CONNECTION_POOLING).get()).toString());
        SimpleDirContextFactoryBuilder builder3 = SimpleDirContextFactoryBuilder.builder();
        builder3.setProviderUrl((String) this.attributes.attribute(URL).get());
        builder3.setSecurityPrincipal((String) this.attributes.attribute(PRINCIPAL).get());
        builder3.setCredentialSource((CredentialSource) ((Supplier) this.attributes.attribute(CREDENTIAL).get()).get());
        builder3.setConnectTimeout(((Integer) this.attributes.attribute(CONNECTION_TIMEOUT).get()).intValue()).setReadTimeout(((Integer) this.attributes.attribute(READ_TIMEOUT).get()).intValue());
        builder3.setConnectionProperties(properties2);
        this.attributes.attribute(CLIENT_SSL_CONTEXT).apply(str -> {
            builder3.setSocketFactory(securityConfiguration.realms().getRealm(str).clientSSLContext().getSocketFactory());
        });
        DirContextFactory build = builder3.build();
        builder2.setDirContextSupplier(() -> {
            return build.obtainDirContext((DirContextFactory.ReferralMode) this.attributes.attribute(REFERRAL_MODE).get());
        });
        if (this.attributes.attribute(NAME_REWRITER).isModified()) {
            builder2.setNameRewriter((NameRewriter) this.attributes.attribute(NAME_REWRITER).get());
        }
        realmConfiguration.addFeature(ServerSecurityRealm.Feature.PASSWORD_PLAIN);
        return builder2.build();
    }
}
