package org.apereo.cas.impl.account;

import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Consumer;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import lombok.Generated;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.api.PasswordlessAuthenticationRequest;
import org.apereo.cas.api.PasswordlessUserAccount;
import org.apereo.cas.api.PasswordlessUserAccountStore;
import org.apereo.cas.configuration.model.support.passwordless.account.PasswordlessAuthenticationLdapAccountsProperties;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.LdapConnectionFactory;
import org.apereo.cas.util.LdapUtils;
import org.apereo.cas.util.LoggingUtils;
import org.apereo.cas.util.RegexUtils;
import org.ldaptive.FilterTemplate;
import org.ldaptive.LdapEntry;
import org.ldaptive.SearchResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apereo/cas/impl/account/LdapPasswordlessUserAccountStore.class */
public class LdapPasswordlessUserAccountStore implements PasswordlessUserAccountStore {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(LdapPasswordlessUserAccountStore.class);
    private final LdapConnectionFactory connectionFactory;
    private final PasswordlessAuthenticationLdapAccountsProperties ldapProperties;

    public Optional<PasswordlessUserAccount> findUser(PasswordlessAuthenticationRequest passwordlessAuthenticationRequest) {
        try {
            FilterTemplate newLdaptiveSearchFilter = LdapUtils.newLdaptiveSearchFilter(this.ldapProperties.getSearchFilter(), "user", CollectionUtils.wrap(passwordlessAuthenticationRequest.getUsername()));
            LOGGER.debug("Constructed LDAP filter [{}] to locate passwordless account", newLdaptiveSearchFilter);
            SearchResponse executeSearchOperation = this.connectionFactory.executeSearchOperation(this.ldapProperties.getBaseDn(), newLdaptiveSearchFilter, this.ldapProperties.getPageSize());
            LOGGER.debug("LDAP response for passwordless account is [{}]", executeSearchOperation);
            if (LdapUtils.containsResultEntry(executeSearchOperation)) {
                LdapEntry entry = executeSearchOperation.getEntry();
                PasswordlessUserAccount.PasswordlessUserAccountBuilder name = PasswordlessUserAccount.builder().username(passwordlessAuthenticationRequest.getUsername()).name(passwordlessAuthenticationRequest.getUsername());
                PasswordlessAuthenticationLdapAccountsProperties passwordlessAuthenticationLdapAccountsProperties = this.ldapProperties;
                Objects.requireNonNull(passwordlessAuthenticationLdapAccountsProperties);
                Supplier<String> supplier = passwordlessAuthenticationLdapAccountsProperties::getUsernameAttribute;
                Objects.requireNonNull(name);
                setAttribute(entry, supplier, name::username);
                PasswordlessAuthenticationLdapAccountsProperties passwordlessAuthenticationLdapAccountsProperties2 = this.ldapProperties;
                Objects.requireNonNull(passwordlessAuthenticationLdapAccountsProperties2);
                Supplier<String> supplier2 = passwordlessAuthenticationLdapAccountsProperties2::getNameAttribute;
                Objects.requireNonNull(name);
                setAttribute(entry, supplier2, name::name);
                PasswordlessAuthenticationLdapAccountsProperties passwordlessAuthenticationLdapAccountsProperties3 = this.ldapProperties;
                Objects.requireNonNull(passwordlessAuthenticationLdapAccountsProperties3);
                Supplier<String> supplier3 = passwordlessAuthenticationLdapAccountsProperties3::getEmailAttribute;
                Objects.requireNonNull(name);
                setAttribute(entry, supplier3, name::email);
                PasswordlessAuthenticationLdapAccountsProperties passwordlessAuthenticationLdapAccountsProperties4 = this.ldapProperties;
                Objects.requireNonNull(passwordlessAuthenticationLdapAccountsProperties4);
                Supplier<String> supplier4 = passwordlessAuthenticationLdapAccountsProperties4::getPhoneAttribute;
                Objects.requireNonNull(name);
                setAttribute(entry, supplier4, name::phone);
                PasswordlessAuthenticationLdapAccountsProperties passwordlessAuthenticationLdapAccountsProperties5 = this.ldapProperties;
                Objects.requireNonNull(passwordlessAuthenticationLdapAccountsProperties5);
                setAttribute(entry, passwordlessAuthenticationLdapAccountsProperties5::getRequestPasswordAttribute, str -> {
                    name.requestPassword(BooleanUtils.toBoolean(str));
                });
                PasswordlessUserAccount build = name.attributes((LinkedHashMap) entry.getAttributes().stream().collect(Collectors.toMap((v0) -> {
                    return v0.getName();
                }, ldapAttribute -> {
                    return new ArrayList(ldapAttribute.getStringValues());
                }, (list, list2) -> {
                    return list2;
                }, () -> {
                    return new LinkedHashMap(entry.getAttributes().size());
                }))).build();
                LOGGER.debug("Final passwordless account is [{}]", build);
                if (!StringUtils.isNotBlank(this.ldapProperties.getRequiredAttribute()) || !StringUtils.isNotBlank(this.ldapProperties.getRequiredAttributeValue()) || !((List) build.getAttributes().getOrDefault(this.ldapProperties.getRequiredAttribute(), List.of())).stream().noneMatch(str2 -> {
                    return RegexUtils.find(this.ldapProperties.getRequiredAttributeValue(), str2);
                })) {
                    return Optional.of(build);
                }
                LOGGER.warn("Passwordless account [{}] does not have the required attribute [{}] with value pattern [{}]", new Object[]{build, this.ldapProperties.getRequiredAttribute(), this.ldapProperties.getRequiredAttributeValue()});
                return Optional.empty();
            }
        } catch (Exception e) {
            LoggingUtils.error(LOGGER, e);
        }
        return Optional.empty();
    }

    protected void setAttribute(LdapEntry ldapEntry, Supplier<String> supplier, Consumer<String> consumer) {
        String str = supplier.get();
        if (ldapEntry.getAttribute(str) != null) {
            consumer.accept(ldapEntry.getAttribute(str).getStringValue());
        }
    }

    @Generated
    public LdapPasswordlessUserAccountStore(LdapConnectionFactory ldapConnectionFactory, PasswordlessAuthenticationLdapAccountsProperties passwordlessAuthenticationLdapAccountsProperties) {
        this.connectionFactory = ldapConnectionFactory;
        this.ldapProperties = passwordlessAuthenticationLdapAccountsProperties;
    }
}
