package org.acegisecurity.providers.ldap.populator;

import java.util.HashSet;
import java.util.Set;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.ldap.InitialDirContextFactory;
import org.acegisecurity.ldap.LdapTemplate;
import org.acegisecurity.providers.ldap.LdapAuthoritiesPopulator;
import org.acegisecurity.userdetails.ldap.LdapUserDetails;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/acegi-security-1.0.4.jar:org/acegisecurity/providers/ldap/populator/DefaultLdapAuthoritiesPopulator.class */
public class DefaultLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator {
    private static final Log logger;
    private LdapTemplate ldapTemplate;
    static Class class$org$acegisecurity$providers$ldap$populator$DefaultLdapAuthoritiesPopulator;
    private GrantedAuthority defaultRole = null;
    private InitialDirContextFactory initialDirContextFactory = null;
    private SearchControls searchControls = new SearchControls();
    private String groupRoleAttribute = "cn";
    private String groupSearchBase = null;
    private String groupSearchFilter = "(member={0})";
    private String rolePrefix = "ROLE_";
    private boolean convertToUpperCase = true;

    public DefaultLdapAuthoritiesPopulator(InitialDirContextFactory initialDirContextFactory, String str) {
        setInitialDirContextFactory(initialDirContextFactory);
        setGroupSearchBase(str);
    }

    protected Set getAdditionalRoles(LdapUserDetails ldapUserDetails) {
        return null;
    }

    @Override // org.acegisecurity.providers.ldap.LdapAuthoritiesPopulator
    public final GrantedAuthority[] getGrantedAuthorities(LdapUserDetails ldapUserDetails) {
        String dn = ldapUserDetails.getDn();
        if (logger.isDebugEnabled()) {
            logger.debug(new StringBuffer().append("Getting authorities for user ").append(dn).toString());
        }
        Set groupMembershipRoles = getGroupMembershipRoles(dn, ldapUserDetails.getUsername());
        Set groupMembershipRoles2 = getGroupMembershipRoles(dn, ldapUserDetails.getAttributes());
        if (groupMembershipRoles2 != null) {
            groupMembershipRoles.addAll(groupMembershipRoles2);
        }
        Set additionalRoles = getAdditionalRoles(ldapUserDetails);
        if (additionalRoles != null) {
            groupMembershipRoles.addAll(additionalRoles);
        }
        if (this.defaultRole != null) {
            groupMembershipRoles.add(this.defaultRole);
        }
        return (GrantedAuthority[]) groupMembershipRoles.toArray(new GrantedAuthority[groupMembershipRoles.size()]);
    }

    public Set getGroupMembershipRoles(String str, String str2) {
        HashSet hashSet = new HashSet();
        if (getGroupSearchBase() == null) {
            return hashSet;
        }
        if (logger.isDebugEnabled()) {
            logger.debug(new StringBuffer().append("Searching for roles for user '").append(str2).append("', DN = ").append("'").append(str).append("', with filter ").append(this.groupSearchFilter).append(" in search base '").append(getGroupSearchBase()).append("'").toString());
        }
        Set<String> searchForSingleAttributeValues = this.ldapTemplate.searchForSingleAttributeValues(getGroupSearchBase(), this.groupSearchFilter, new String[]{str, str2}, this.groupRoleAttribute);
        if (logger.isDebugEnabled()) {
            logger.debug(new StringBuffer().append("Roles from search: ").append(searchForSingleAttributeValues).toString());
        }
        for (String str3 : searchForSingleAttributeValues) {
            if (this.convertToUpperCase) {
                str3 = str3.toUpperCase();
            }
            hashSet.add(new GrantedAuthorityImpl(new StringBuffer().append(this.rolePrefix).append(str3).toString()));
        }
        return hashSet;
    }

    protected Set getGroupMembershipRoles(String str, Attributes attributes) {
        return new HashSet();
    }

    protected InitialDirContextFactory getInitialDirContextFactory() {
        return this.initialDirContextFactory;
    }

    private void setInitialDirContextFactory(InitialDirContextFactory initialDirContextFactory) {
        Assert.notNull(initialDirContextFactory, "InitialDirContextFactory must not be null");
        this.initialDirContextFactory = initialDirContextFactory;
        this.ldapTemplate = new LdapTemplate(initialDirContextFactory);
        this.ldapTemplate.setSearchControls(this.searchControls);
    }

    private void setGroupSearchBase(String str) {
        Assert.notNull(str, "The groupSearchBase (name to search under), must not be null.");
        this.groupSearchBase = str;
        if (str.length() == 0) {
            logger.info(new StringBuffer().append("groupSearchBase is empty. Searches will be performed from the root: ").append(getInitialDirContextFactory().getRootDn()).toString());
        }
    }

    private String getGroupSearchBase() {
        return this.groupSearchBase;
    }

    public void setConvertToUpperCase(boolean z) {
        this.convertToUpperCase = z;
    }

    public void setDefaultRole(String str) {
        Assert.notNull(str, "The defaultRole property cannot be set to null");
        this.defaultRole = new GrantedAuthorityImpl(str);
    }

    public void setGroupRoleAttribute(String str) {
        Assert.notNull(str, "groupRoleAttribute must not be null");
        this.groupRoleAttribute = str;
    }

    public void setGroupSearchFilter(String str) {
        Assert.notNull(str, "groupSearchFilter must not be null");
        this.groupSearchFilter = str;
    }

    public void setRolePrefix(String str) {
        Assert.notNull(str, "rolePrefix must not be null");
        this.rolePrefix = str;
    }

    public void setSearchSubtree(boolean z) {
        this.searchControls.setSearchScope(z ? 2 : 1);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$acegisecurity$providers$ldap$populator$DefaultLdapAuthoritiesPopulator == null) {
            cls = class$("org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator");
            class$org$acegisecurity$providers$ldap$populator$DefaultLdapAuthoritiesPopulator = cls;
        } else {
            cls = class$org$acegisecurity$providers$ldap$populator$DefaultLdapAuthoritiesPopulator;
        }
        logger = LogFactory.getLog(cls);
    }
}
