package com.nimbusds.common.ldap;

import com.nimbusds.common.config.CustomKeyStoreConfiguration;
import com.nimbusds.common.config.CustomTrustStoreConfiguration;
import com.nimbusds.common.config.DirectoryUser;
import com.nimbusds.common.config.LDAPServerConnectionPoolDetails;
import com.unboundid.ldap.sdk.LDAPConnectionOptions;
import com.unboundid.ldap.sdk.LDAPConnectionPool;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.PostConnectProcessor;
import com.unboundid.ldap.sdk.ServerSet;
import com.unboundid.ldap.sdk.SimpleBindRequest;
import com.unboundid.ldap.sdk.StartTLSPostConnectProcessor;
import java.security.GeneralSecurityException;
import javax.net.ssl.SSLSocketFactory;

/* loaded from: input_file:com/nimbusds/common/ldap/LDAPConnectionPoolFactory.class */
public class LDAPConnectionPoolFactory {
    private final LDAPServerConnectionPoolDetails ldapServer;
    private final CustomTrustStoreConfiguration customTrustStore;
    private final CustomKeyStoreConfiguration customKeyStore;
    private final DirectoryUser dirUser;

    public LDAPConnectionPoolFactory(LDAPServerConnectionPoolDetails lDAPServerConnectionPoolDetails, CustomTrustStoreConfiguration customTrustStoreConfiguration, CustomKeyStoreConfiguration customKeyStoreConfiguration, DirectoryUser directoryUser) {
        if (lDAPServerConnectionPoolDetails == null || lDAPServerConnectionPoolDetails.url.length == 0) {
            throw new IllegalArgumentException("The LDAP server details must not be null");
        }
        this.ldapServer = lDAPServerConnectionPoolDetails;
        if (customTrustStoreConfiguration == null) {
            throw new IllegalArgumentException("The custom trust store must not be null");
        }
        this.customTrustStore = customTrustStoreConfiguration;
        if (customKeyStoreConfiguration == null) {
            throw new IllegalArgumentException("The custom key store must not be null");
        }
        this.customKeyStore = customKeyStoreConfiguration;
        this.dirUser = directoryUser;
    }

    public LDAPConnectionPool createLDAPConnectionPool() throws GeneralSecurityException, LDAPException {
        SSLSocketFactory sSLSocketFactory = null;
        PostConnectProcessor postConnectProcessor = null;
        if (this.ldapServer.security.equals(LDAPConnectionSecurity.SSL)) {
            sSLSocketFactory = LDAPConnectionFactory.initSecureConnectionContext(this.customTrustStore, this.customKeyStore, this.ldapServer.trustSelfSignedCerts).createSSLSocketFactory();
        } else if (this.ldapServer.security.equals(LDAPConnectionSecurity.STARTTLS)) {
            postConnectProcessor = new StartTLSPostConnectProcessor(LDAPConnectionFactory.initSecureConnectionContext(this.customTrustStore, this.customKeyStore, this.ldapServer.trustSelfSignedCerts).createSSLContext());
        }
        LDAPConnectionOptions lDAPConnectionOptions = new LDAPConnectionOptions();
        lDAPConnectionOptions.setConnectTimeoutMillis(this.ldapServer.connectTimeout);
        lDAPConnectionOptions.setResponseTimeoutMillis(this.ldapServer.responseTimeout);
        ServerSet create = LDAPServerSetFactory.create(this.ldapServer.url, this.ldapServer.selectionAlgorithm, sSLSocketFactory, lDAPConnectionOptions);
        SimpleBindRequest simpleBindRequest = null;
        if (this.dirUser != null) {
            simpleBindRequest = new SimpleBindRequest(this.dirUser.dn, this.dirUser.password);
        }
        LDAPConnectionPool lDAPConnectionPool = new LDAPConnectionPool(create, simpleBindRequest, 0, this.ldapServer.connectionPoolSize, postConnectProcessor);
        lDAPConnectionPool.setCreateIfNecessary(true);
        lDAPConnectionPool.setMaxWaitTimeMillis(this.ldapServer.connectionPoolMaxWaitTime);
        lDAPConnectionPool.setMaxConnectionAgeMillis(this.ldapServer.connectionMaxAge);
        return lDAPConnectionPool;
    }
}
