package eu.dnetlib.enabling.ui.server.auth;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.ldap.core.DirContextAdapter;
import org.springframework.ldap.core.simple.ParameterizedContextMapper;
import org.springframework.ldap.core.simple.SimpleLdapTemplate;

/* loaded from: input_file:eu/dnetlib/enabling/ui/server/auth/AuthenticationManagerLDAP.class */
public class AuthenticationManagerLDAP implements AuthenticationManager {
    private static final Log log = LogFactory.getLog(AuthenticationManagerLDAP.class);
    private SimpleLdapTemplate ldapTemplate;
    private String baseDN;
    private String filter;
    private String ldapOrgAttribute = "o";

    @Override // eu.dnetlib.enabling.ui.server.auth.AuthenticationManager
    public Principal authenticate(String str, String str2) {
        if (!this.ldapTemplate.authenticate("", makeFilter(str), str2)) {
            log.debug("Cannot authenticate user " + str);
            return null;
        }
        log.debug("User " + str + " authenticated");
        String userContext = getUserContext(str);
        ExtendedPrincipal extendedPrincipal = new ExtendedPrincipal(str, null);
        extendedPrincipal.addProperty(this.ldapOrgAttribute, userContext);
        return extendedPrincipal;
    }

    @Override // eu.dnetlib.enabling.ui.server.auth.AuthenticationManager
    public boolean authorize(Principal principal) {
        log.debug("authorizing " + this + ": " + principal);
        if (principal == null) {
            return false;
        }
        log.warn("authorizing user " + principal.getUserName());
        if (principal.getUserName() == null || principal.getUserName().isEmpty()) {
            return false;
        }
        return userExists(principal.getUserName());
    }

    @Override // eu.dnetlib.enabling.ui.server.auth.AuthenticationManager
    public boolean authorize(Principal principal, String str, String str2) {
        log.debug("authorizing " + this + ": " + principal + " for resource: " + str);
        if (!authorize(principal)) {
            return false;
        }
        log.warn("authorizing " + this + ": " + principal.getUserName() + " for resource: " + str);
        if (principal instanceof ExtendedPrincipal) {
            return ((ExtendedPrincipal) principal).getProperties().get(this.ldapOrgAttribute).equalsIgnoreCase(str);
        }
        return false;
    }

    private String makeFilter(String str) {
        return this.filter.replace("%s", str);
    }

    private boolean userExists(String str) {
        return ((Boolean) this.ldapTemplate.lookup("cn=" + str + "," + this.baseDN, new ParameterizedContextMapper<Boolean>() { // from class: eu.dnetlib.enabling.ui.server.auth.AuthenticationManagerLDAP.1
            /* renamed from: mapFromContext, reason: merged with bridge method [inline-methods] */
            public Boolean m8mapFromContext(Object obj) {
                return Boolean.valueOf(((DirContextAdapter) obj).attributeExists("uid"));
            }
        })).booleanValue();
    }

    private String getUserContext(String str) {
        return (String) this.ldapTemplate.lookup("cn=" + str + "," + this.baseDN, new ParameterizedContextMapper<String>() { // from class: eu.dnetlib.enabling.ui.server.auth.AuthenticationManagerLDAP.2
            /* renamed from: mapFromContext, reason: merged with bridge method [inline-methods] */
            public String m9mapFromContext(Object obj) {
                return ((DirContextAdapter) obj).getStringAttribute(AuthenticationManagerLDAP.this.ldapOrgAttribute);
            }
        });
    }

    public SimpleLdapTemplate getLdapTemplate() {
        return this.ldapTemplate;
    }

    @Required
    public void setLdapTemplate(SimpleLdapTemplate simpleLdapTemplate) {
        this.ldapTemplate = simpleLdapTemplate;
    }

    public String getBaseDN() {
        return this.baseDN;
    }

    @Required
    public void setBaseDN(String str) {
        this.baseDN = str;
    }

    public String getFilter() {
        return this.filter;
    }

    @Required
    public void setFilter(String str) {
        this.filter = str;
    }

    public String getLdapContextAttribute() {
        return this.ldapOrgAttribute;
    }

    public void setLdapContextAttribute(String str) {
        this.ldapOrgAttribute = str;
    }
}
