package org.ikasan.security.service.authentication;

import org.apache.log4j.Logger;
import org.ikasan.security.dao.constants.SecurityConstants;
import org.ikasan.security.model.AuthenticationMethod;
import org.ikasan.security.service.SecurityService;
import org.ikasan.security.service.UserService;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
import org.springframework.security.ldap.authentication.BindAuthenticator;
import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;

/* loaded from: input_file:WEB-INF/lib/ikasan-security-1.4.2.jar:org/ikasan/security/service/authentication/AuthenticationProviderFactoryImpl.class */
public class AuthenticationProviderFactoryImpl implements AuthenticationProviderFactory<AuthenticationMethod> {
    private static Logger logger = Logger.getLogger(AuthenticationProviderFactoryImpl.class);
    private UserService userService;
    private SecurityService securityService;

    public AuthenticationProviderFactoryImpl(UserService userService, SecurityService securityService) {
        this.userService = userService;
        if (this.userService == null) {
            throw new IllegalArgumentException("userService cannot be null!");
        }
        this.securityService = securityService;
        if (this.securityService == null) {
            throw new IllegalArgumentException("securityService cannot be null!");
        }
    }

    @Override // org.ikasan.security.service.authentication.AuthenticationProviderFactory
    public AuthenticationProvider getAuthenticationProvider(AuthenticationMethod authenticationMethod) {
        LdapLocalAuthenticationProvider createLocalAuthenticationProvider;
        if (authenticationMethod == null || authenticationMethod.getMethod().equals(SecurityConstants.AUTH_METHOD_LOCAL)) {
            createLocalAuthenticationProvider = createLocalAuthenticationProvider();
        } else if (authenticationMethod.getMethod().equals(SecurityConstants.AUTH_METHOD_LDAP)) {
            try {
                createLocalAuthenticationProvider = createLdapAuthenticationProvider(authenticationMethod);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        } else {
            if (!authenticationMethod.getMethod().equals(SecurityConstants.AUTH_METHOD_LDAP_LOCAL)) {
                throw new IllegalArgumentException("authMethod not supported: " + authenticationMethod.getMethod());
            }
            try {
                createLocalAuthenticationProvider = createLdapLocalAuthenticationProvider(authenticationMethod);
            } catch (Exception e2) {
                throw new RuntimeException(e2);
            }
        }
        return createLocalAuthenticationProvider;
    }

    @Override // org.ikasan.security.service.authentication.AuthenticationProviderFactory
    public AuthenticationProvider getLocalAuthenticationProvider() {
        return createLocalAuthenticationProvider();
    }

    @Override // org.ikasan.security.service.authentication.AuthenticationProviderFactory
    public void testAuthenticationConnection(AuthenticationMethod authenticationMethod) throws Exception {
        if (authenticationMethod == null || authenticationMethod.getMethod().equals(SecurityConstants.AUTH_METHOD_LOCAL)) {
            return;
        }
        if (authenticationMethod.getMethod().equals(SecurityConstants.AUTH_METHOD_LDAP)) {
            testLdapConnection(authenticationMethod);
        } else {
            if (!authenticationMethod.getMethod().equals(SecurityConstants.AUTH_METHOD_LDAP_LOCAL)) {
                throw new IllegalArgumentException("authMethod not supported: " + authenticationMethod.getMethod());
            }
            testLdapConnection(authenticationMethod);
        }
    }

    private String testLdapConnection(AuthenticationMethod authenticationMethod) throws Exception {
        DefaultSpringSecurityContextSource defaultSpringSecurityContextSource = new DefaultSpringSecurityContextSource(authenticationMethod.getLdapServerUrl().trim());
        defaultSpringSecurityContextSource.setUserDn(authenticationMethod.getLdapBindUserDn().trim());
        defaultSpringSecurityContextSource.setPassword(authenticationMethod.getLdapBindUserPassword().trim());
        defaultSpringSecurityContextSource.afterPropertiesSet();
        defaultSpringSecurityContextSource.getReadOnlyContext().lookup(authenticationMethod.getLdapBindUserDn());
        return defaultSpringSecurityContextSource.getBaseLdapPathAsString();
    }

    private LdapAuthenticationProvider createLdapAuthenticationProvider(AuthenticationMethod authenticationMethod) throws Exception {
        DefaultSpringSecurityContextSource defaultSpringSecurityContextSource = new DefaultSpringSecurityContextSource(authenticationMethod.getLdapServerUrl().trim());
        defaultSpringSecurityContextSource.setUserDn(authenticationMethod.getLdapBindUserDn().trim());
        defaultSpringSecurityContextSource.setPassword(authenticationMethod.getLdapBindUserPassword().trim());
        defaultSpringSecurityContextSource.afterPropertiesSet();
        FilterBasedLdapUserSearch filterBasedLdapUserSearch = new FilterBasedLdapUserSearch(authenticationMethod.getLdapUserSearchBaseDn().trim(), authenticationMethod.getLdapUserSearchFilter().trim(), defaultSpringSecurityContextSource);
        BindAuthenticator bindAuthenticator = new BindAuthenticator(defaultSpringSecurityContextSource);
        bindAuthenticator.setUserSearch(filterBasedLdapUserSearch);
        return new LdapAuthenticationProvider(bindAuthenticator, this.securityService, this.userService);
    }

    private LdapLocalAuthenticationProvider createLdapLocalAuthenticationProvider(AuthenticationMethod authenticationMethod) throws Exception {
        DefaultSpringSecurityContextSource defaultSpringSecurityContextSource = new DefaultSpringSecurityContextSource(authenticationMethod.getLdapServerUrl().trim());
        defaultSpringSecurityContextSource.setUserDn(authenticationMethod.getLdapBindUserDn().trim());
        defaultSpringSecurityContextSource.setPassword(authenticationMethod.getLdapBindUserPassword().trim());
        defaultSpringSecurityContextSource.afterPropertiesSet();
        FilterBasedLdapUserSearch filterBasedLdapUserSearch = new FilterBasedLdapUserSearch(authenticationMethod.getLdapUserSearchBaseDn().trim(), authenticationMethod.getLdapUserSearchFilter().trim(), defaultSpringSecurityContextSource);
        BindAuthenticator bindAuthenticator = new BindAuthenticator(defaultSpringSecurityContextSource);
        bindAuthenticator.setUserSearch(filterBasedLdapUserSearch);
        return new LdapLocalAuthenticationProvider(bindAuthenticator, this.securityService, this.userService);
    }

    private LocalAuthenticationProvider createLocalAuthenticationProvider() {
        return new LocalAuthenticationProvider(this.securityService, this.userService);
    }
}
