package org.springframework.security.config.ldap;

import org.springframework.beans.BeanMetadataElement;
import org.springframework.beans.MutablePropertyValues;
import org.springframework.beans.factory.config.ConstructorArgumentValues;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
import org.springframework.beans.factory.support.BeanDefinitionRegistry;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.security.config.BeanIds;
import org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser;
import org.springframework.util.StringUtils;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/spring-security-config-4.2.2.RELEASE.jar:org/springframework/security/config/ldap/LdapUserServiceBeanDefinitionParser.class */
public class LdapUserServiceBeanDefinitionParser extends AbstractUserDetailsServiceBeanDefinitionParser {
    public static final String ATT_SERVER = "server-ref";
    public static final String ATT_USER_SEARCH_FILTER = "user-search-filter";
    public static final String ATT_USER_SEARCH_BASE = "user-search-base";
    public static final String DEF_USER_SEARCH_BASE = "";
    public static final String ATT_GROUP_SEARCH_FILTER = "group-search-filter";
    public static final String ATT_GROUP_SEARCH_BASE = "group-search-base";
    public static final String ATT_GROUP_ROLE_ATTRIBUTE = "group-role-attribute";
    public static final String DEF_GROUP_SEARCH_FILTER = "(uniqueMember={0})";
    public static final String DEF_GROUP_SEARCH_BASE = "";
    static final String ATT_ROLE_PREFIX = "role-prefix";
    static final String ATT_USER_CLASS = "user-details-class";
    static final String ATT_USER_CONTEXT_MAPPER_REF = "user-context-mapper-ref";
    static final String OPT_PERSON = "person";
    static final String OPT_INETORGPERSON = "inetOrgPerson";
    public static final String LDAP_SEARCH_CLASS = "org.springframework.security.ldap.search.FilterBasedLdapUserSearch";
    public static final String PERSON_MAPPER_CLASS = "org.springframework.security.ldap.userdetails.PersonContextMapper";
    public static final String INET_ORG_PERSON_MAPPER_CLASS = "org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper";
    public static final String LDAP_USER_MAPPER_CLASS = "org.springframework.security.ldap.userdetails.LdapUserDetailsMapper";
    public static final String LDAP_AUTHORITIES_POPULATOR_CLASS = "org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator";

    @Override // org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
    protected String getBeanClassName(Element element) {
        return "org.springframework.security.ldap.userdetails.LdapUserDetailsService";
    }

    @Override // org.springframework.security.config.authentication.AbstractUserDetailsServiceBeanDefinitionParser
    protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder beanDefinitionBuilder) {
        if (!StringUtils.hasText(element.getAttribute(ATT_USER_SEARCH_FILTER))) {
            parserContext.getReaderContext().error("User search filter must be supplied", element);
        }
        beanDefinitionBuilder.addConstructorArgValue(parseSearchBean(element, parserContext));
        beanDefinitionBuilder.getRawBeanDefinition().setSource(parserContext.extractSource(element));
        beanDefinitionBuilder.addConstructorArgValue(parseAuthoritiesPopulator(element, parserContext));
        beanDefinitionBuilder.addPropertyValue("userDetailsMapper", parseUserDetailsClassOrUserMapperRef(element, parserContext));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static RootBeanDefinition parseSearchBean(Element element, ParserContext parserContext) {
        String attribute = element.getAttribute(ATT_USER_SEARCH_FILTER);
        String attribute2 = element.getAttribute(ATT_USER_SEARCH_BASE);
        Object extractSource = parserContext.extractSource(element);
        if (!StringUtils.hasText(attribute2)) {
            attribute2 = "";
        } else if (!StringUtils.hasText(attribute)) {
            parserContext.getReaderContext().error("user-search-base cannot be used without a user-search-filter", extractSource);
        }
        if (!StringUtils.hasText(attribute)) {
            return null;
        }
        BeanDefinitionBuilder rootBeanDefinition = BeanDefinitionBuilder.rootBeanDefinition(LDAP_SEARCH_CLASS);
        rootBeanDefinition.getRawBeanDefinition().setSource(extractSource);
        rootBeanDefinition.addConstructorArgValue(attribute2);
        rootBeanDefinition.addConstructorArgValue(attribute);
        rootBeanDefinition.addConstructorArgValue(parseServerReference(element, parserContext));
        return (RootBeanDefinition) rootBeanDefinition.getBeanDefinition();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static RuntimeBeanReference parseServerReference(Element element, ParserContext parserContext) {
        String attribute = element.getAttribute(ATT_SERVER);
        boolean z = false;
        if (!StringUtils.hasText(attribute)) {
            attribute = BeanIds.CONTEXT_SOURCE;
            z = true;
        }
        RuntimeBeanReference runtimeBeanReference = new RuntimeBeanReference(attribute);
        runtimeBeanReference.setSource(parserContext.extractSource(element));
        registerPostProcessorIfNecessary(parserContext.getRegistry(), z);
        return runtimeBeanReference;
    }

    private static void registerPostProcessorIfNecessary(BeanDefinitionRegistry beanDefinitionRegistry, boolean z) {
        if (beanDefinitionRegistry.containsBeanDefinition(BeanIds.CONTEXT_SOURCE_SETTING_POST_PROCESSOR)) {
            if (z) {
                beanDefinitionRegistry.getBeanDefinition(BeanIds.CONTEXT_SOURCE_SETTING_POST_PROCESSOR).getPropertyValues().addPropertyValue("defaultNameRequired", Boolean.valueOf(z));
            }
        } else {
            BeanDefinitionBuilder rootBeanDefinition = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) ContextSourceSettingPostProcessor.class);
            rootBeanDefinition.addPropertyValue("defaultNameRequired", Boolean.valueOf(z));
            beanDefinitionRegistry.registerBeanDefinition(BeanIds.CONTEXT_SOURCE_SETTING_POST_PROCESSOR, rootBeanDefinition.getBeanDefinition());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static BeanMetadataElement parseUserDetailsClassOrUserMapperRef(Element element, ParserContext parserContext) {
        String attribute = element.getAttribute(ATT_USER_CLASS);
        String attribute2 = element.getAttribute(ATT_USER_CONTEXT_MAPPER_REF);
        if (StringUtils.hasText(attribute) && StringUtils.hasText(attribute2)) {
            parserContext.getReaderContext().error("Attributes user-details-class and user-context-mapper-ref cannot be used together.", parserContext.extractSource(element));
        }
        if (StringUtils.hasText(attribute2)) {
            return new RuntimeBeanReference(attribute2);
        }
        RootBeanDefinition rootBeanDefinition = OPT_PERSON.equals(attribute) ? new RootBeanDefinition(PERSON_MAPPER_CLASS, (ConstructorArgumentValues) null, (MutablePropertyValues) null) : OPT_INETORGPERSON.equals(attribute) ? new RootBeanDefinition(INET_ORG_PERSON_MAPPER_CLASS, (ConstructorArgumentValues) null, (MutablePropertyValues) null) : new RootBeanDefinition(LDAP_USER_MAPPER_CLASS, (ConstructorArgumentValues) null, (MutablePropertyValues) null);
        rootBeanDefinition.setSource(parserContext.extractSource(element));
        return rootBeanDefinition;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static RootBeanDefinition parseAuthoritiesPopulator(Element element, ParserContext parserContext) {
        String attribute = element.getAttribute(ATT_GROUP_SEARCH_FILTER);
        String attribute2 = element.getAttribute(ATT_GROUP_SEARCH_BASE);
        String attribute3 = element.getAttribute(ATT_GROUP_ROLE_ATTRIBUTE);
        String attribute4 = element.getAttribute(ATT_ROLE_PREFIX);
        if (!StringUtils.hasText(attribute)) {
            attribute = DEF_GROUP_SEARCH_FILTER;
        }
        if (!StringUtils.hasText(attribute2)) {
            attribute2 = "";
        }
        BeanDefinitionBuilder rootBeanDefinition = BeanDefinitionBuilder.rootBeanDefinition(LDAP_AUTHORITIES_POPULATOR_CLASS);
        rootBeanDefinition.getRawBeanDefinition().setSource(parserContext.extractSource(element));
        rootBeanDefinition.addConstructorArgValue(parseServerReference(element, parserContext));
        rootBeanDefinition.addConstructorArgValue(attribute2);
        rootBeanDefinition.addPropertyValue("groupSearchFilter", attribute);
        rootBeanDefinition.addPropertyValue("searchSubtree", Boolean.TRUE);
        if (StringUtils.hasText(attribute4)) {
            if ("none".equals(attribute4)) {
                attribute4 = "";
            }
            rootBeanDefinition.addPropertyValue("rolePrefix", attribute4);
        }
        if (StringUtils.hasLength(attribute3)) {
            rootBeanDefinition.addPropertyValue("groupRoleAttribute", attribute3);
        }
        return (RootBeanDefinition) rootBeanDefinition.getBeanDefinition();
    }
}
