package org.apereo.cas.config;

import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.core.web.security.AdminPagesSecurityProperties;
import org.apereo.cas.configuration.model.support.ldap.LdapAuthorizationProperties;
import org.apereo.cas.web.security.CasJdbcUserDetailsManagerConfigurer;
import org.apereo.cas.web.security.CasLdapUserDetailsManagerConfigurer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.jaas.JaasAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("casWebApplicationSpringSecurityConfiguration")
/* loaded from: input_file:org/apereo/cas/config/CasWebApplicationSpringSecurityConfiguration.class */
public class CasWebApplicationSpringSecurityConfiguration extends GlobalAuthenticationConfigurerAdapter {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(CasWebApplicationSpringSecurityConfiguration.class);

    @Autowired
    private CasConfigurationProperties casProperties;

    public void init(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        if (StringUtils.isNotBlank(this.casProperties.getAdminPagesSecurity().getJdbc().getQuery())) {
            authenticationManagerBuilder.apply(new CasJdbcUserDetailsManagerConfigurer(this.casProperties.getAdminPagesSecurity()));
        }
        if (isLdapAuthorizationActive()) {
            authenticationManagerBuilder.apply(new CasLdapUserDetailsManagerConfigurer(this.casProperties.getAdminPagesSecurity()));
        }
        AdminPagesSecurityProperties.Jaas jaas = this.casProperties.getAdminPagesSecurity().getJaas();
        if (jaas.getLoginConfig() != null) {
            JaasAuthenticationProvider jaasAuthenticationProvider = new JaasAuthenticationProvider();
            jaasAuthenticationProvider.setLoginConfig(jaas.getLoginConfig());
            jaasAuthenticationProvider.setLoginContextName(jaas.getLoginContextName());
            jaasAuthenticationProvider.setRefreshConfigurationOnStartup(jaas.isRefreshConfigurationOnStartup());
            authenticationManagerBuilder.authenticationProvider(jaasAuthenticationProvider);
        }
    }

    private boolean isLdapAuthorizationActive() {
        AdminPagesSecurityProperties.Ldap ldap = this.casProperties.getAdminPagesSecurity().getLdap();
        LdapAuthorizationProperties ldapAuthz = ldap.getLdapAuthz();
        return StringUtils.isNotBlank(ldap.getBaseDn()) && StringUtils.isNotBlank(ldap.getLdapUrl()) && StringUtils.isNotBlank(ldap.getSearchFilter()) && (StringUtils.isNotBlank(ldapAuthz.getRoleAttribute()) || StringUtils.isNotBlank(ldapAuthz.getGroupAttribute()));
    }
}
