package io.quarkus.elytron.security.ldap;

import io.quarkus.elytron.security.ldap.config.AttributeMappingConfig;
import io.quarkus.elytron.security.ldap.config.DirContextConfig;
import io.quarkus.elytron.security.ldap.config.IdentityMappingConfig;
import io.quarkus.elytron.security.ldap.config.LdapSecurityRealmRuntimeConfig;
import io.quarkus.runtime.RuntimeValue;
import io.quarkus.runtime.annotations.Recorder;
import java.util.ArrayList;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wildfly.common.function.ExceptionSupplier;
import org.wildfly.security.auth.realm.CacheableSecurityRealm;
import org.wildfly.security.auth.realm.CachingSecurityRealm;
import org.wildfly.security.auth.realm.ldap.AttributeMapping;
import org.wildfly.security.auth.realm.ldap.LdapSecurityRealmBuilder;
import org.wildfly.security.auth.server.SecurityRealm;
import org.wildfly.security.cache.LRURealmIdentityCache;

@Recorder
/* loaded from: input_file:io/quarkus/elytron/security/ldap/LdapRecorder.class */
public class LdapRecorder {
    private static final Logger log = LoggerFactory.getLogger(LdapRecorder.class);
    private final RuntimeValue<LdapSecurityRealmRuntimeConfig> runtimeConfig;

    public LdapRecorder(RuntimeValue<LdapSecurityRealmRuntimeConfig> runtimeValue) {
        this.runtimeConfig = runtimeValue;
    }

    public RuntimeValue<SecurityRealm> createRealm() {
        LdapSecurityRealmRuntimeConfig ldapSecurityRealmRuntimeConfig = (LdapSecurityRealmRuntimeConfig) this.runtimeConfig.getValue();
        LdapSecurityRealmBuilder.IdentityMappingBuilder identityMapping = LdapSecurityRealmBuilder.builder().setDirContextSupplier(createDirContextSupplier(ldapSecurityRealmRuntimeConfig.dirContext())).identityMapping();
        if (ldapSecurityRealmRuntimeConfig.identityMapping().searchRecursive()) {
            identityMapping.searchRecursive();
        }
        LdapSecurityRealmBuilder build = identityMapping.map(createAttributeMappings(ldapSecurityRealmRuntimeConfig.identityMapping())).setRdnIdentifier(ldapSecurityRealmRuntimeConfig.identityMapping().rdnIdentifier()).setSearchDn(ldapSecurityRealmRuntimeConfig.identityMapping().searchBaseDn()).build();
        if (ldapSecurityRealmRuntimeConfig.directVerification()) {
            build.addDirectEvidenceVerification(false);
        }
        SecurityRealm build2 = build.build();
        if (ldapSecurityRealmRuntimeConfig.cache().enabled()) {
            if (build2 instanceof CacheableSecurityRealm) {
                build2 = new CachingSecurityRealm(build2, new LRURealmIdentityCache(ldapSecurityRealmRuntimeConfig.cache().size(), ldapSecurityRealmRuntimeConfig.cache().maxAge().toMillis()));
            } else {
                log.warn("Created LDAP realm is not cacheable. Caching of the 'SecurityRealm' won't be available. Please, report this issue.");
            }
        }
        return new RuntimeValue<>(build2);
    }

    private static ExceptionSupplier<DirContext, NamingException> createDirContextSupplier(DirContextConfig dirContextConfig) {
        QuarkusDirContextFactory quarkusDirContextFactory = new QuarkusDirContextFactory(dirContextConfig.url(), dirContextConfig.principal().orElse(null), dirContextConfig.password().orElse(null), dirContextConfig.connectTimeout(), dirContextConfig.readTimeout());
        return () -> {
            return quarkusDirContextFactory.obtainDirContext(dirContextConfig.referralMode());
        };
    }

    private static AttributeMapping[] createAttributeMappings(IdentityMappingConfig identityMappingConfig) {
        ArrayList arrayList = new ArrayList();
        for (AttributeMappingConfig attributeMappingConfig : identityMappingConfig.attributeMappings().values()) {
            arrayList.add(AttributeMapping.fromFilter(attributeMappingConfig.filter()).from(attributeMappingConfig.from()).to(attributeMappingConfig.to()).searchDn(attributeMappingConfig.filterBaseDn()).build());
        }
        return (AttributeMapping[]) arrayList.toArray(new AttributeMapping[arrayList.size()]);
    }
}
