package com.erudika.para.server.security;

import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
import org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider;
import org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper;

/* loaded from: input_file:com/erudika/para/server/security/LDAPAuthenticationProvider.class */
public class LDAPAuthenticationProvider implements AuthenticationProvider {
    public Authentication authenticate(Authentication authentication) {
        LdapAuthenticationProvider activeDirectoryLdapAuthenticationProvider;
        LDAPAuthentication lDAPAuthentication = (LDAPAuthentication) authentication;
        if (lDAPAuthentication == null || !supports(authentication.getClass())) {
            throw new AuthenticationServiceException("Unsupported authentication type.");
        }
        Map<String, String> ldapSettings = lDAPAuthentication.getLdapSettings();
        if (ldapSettings.isEmpty()) {
            throw new AuthenticationServiceException("LDAP configuration is missing.");
        }
        String str = ldapSettings.get("security.ldap.active_directory_domain");
        String str2 = ldapSettings.get("security.ldap.ad_mode_enabled");
        String str3 = ldapSettings.get("security.ldap.server_url");
        String str4 = ldapSettings.get("security.ldap.user_search_filter");
        if (str2.equals("true") || !StringUtils.isBlank(str)) {
            String name = lDAPAuthentication.getName();
            if (!str.isEmpty()) {
                name = StringUtils.substringBefore(name, "@");
            }
            authentication = new LDAPAuthentication(name, lDAPAuthentication.getCredentials());
            String str5 = ldapSettings.get("security.ldap.base_dn");
            activeDirectoryLdapAuthenticationProvider = StringUtils.isBlank(str5) ? new ActiveDirectoryLdapAuthenticationProvider(str, str3) : new ActiveDirectoryLdapAuthenticationProvider(str, str3, str5);
            ((ActiveDirectoryLdapAuthenticationProvider) activeDirectoryLdapAuthenticationProvider).setConvertSubErrorCodesToExceptions(true);
            if (!StringUtils.isBlank(str4)) {
                ((ActiveDirectoryLdapAuthenticationProvider) activeDirectoryLdapAuthenticationProvider).setSearchFilter(str4);
            }
        } else {
            activeDirectoryLdapAuthenticationProvider = new LdapAuthenticationProvider(new LDAPAuthenticator(ldapSettings));
        }
        activeDirectoryLdapAuthenticationProvider.setUserDetailsContextMapper(new InetOrgPersonContextMapper());
        return activeDirectoryLdapAuthenticationProvider.authenticate(authentication);
    }

    public boolean supports(Class<?> cls) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }
}
