package org.springframework.security.providers.ldap;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.ldap.NamingException;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationServiceException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.SpringSecurityMessageSource;
import org.springframework.security.ldap.LdapAuthoritiesPopulator;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.ldap.LdapUserDetailsMapper;
import org.springframework.security.userdetails.ldap.UserDetailsContextMapper;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0.1.jar:org/springframework/security/providers/ldap/LdapAuthenticationProvider.class */
public class LdapAuthenticationProvider implements AuthenticationProvider {
    private static final Log logger;
    private LdapAuthenticator authenticator;
    private LdapAuthoritiesPopulator authoritiesPopulator;
    static Class class$org$springframework$security$providers$ldap$LdapAuthenticationProvider;
    static Class class$org$springframework$security$providers$UsernamePasswordAuthenticationToken;
    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
    private UserDetailsContextMapper userDetailsContextMapper = new LdapUserDetailsMapper();
    private boolean useAuthenticationRequestCredentials = true;

    /* renamed from: org.springframework.security.providers.ldap.LdapAuthenticationProvider$1, reason: invalid class name */
    /* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0.1.jar:org/springframework/security/providers/ldap/LdapAuthenticationProvider$1.class */
    static class AnonymousClass1 {
    }

    /* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0.1.jar:org/springframework/security/providers/ldap/LdapAuthenticationProvider$NullAuthoritiesPopulator.class */
    private static class NullAuthoritiesPopulator implements LdapAuthoritiesPopulator {
        private NullAuthoritiesPopulator() {
        }

        @Override // org.springframework.security.ldap.LdapAuthoritiesPopulator
        public GrantedAuthority[] getGrantedAuthorities(DirContextOperations dirContextOperations, String str) {
            return new GrantedAuthority[0];
        }

        NullAuthoritiesPopulator(AnonymousClass1 anonymousClass1) {
            this();
        }
    }

    public LdapAuthenticationProvider(LdapAuthenticator ldapAuthenticator, LdapAuthoritiesPopulator ldapAuthoritiesPopulator) {
        setAuthenticator(ldapAuthenticator);
        setAuthoritiesPopulator(ldapAuthoritiesPopulator);
    }

    public LdapAuthenticationProvider(LdapAuthenticator ldapAuthenticator) {
        setAuthenticator(ldapAuthenticator);
        setAuthoritiesPopulator(new NullAuthoritiesPopulator(null));
    }

    private void setAuthenticator(LdapAuthenticator ldapAuthenticator) {
        Assert.notNull(ldapAuthenticator, "An LdapAuthenticator must be supplied");
        this.authenticator = ldapAuthenticator;
    }

    private LdapAuthenticator getAuthenticator() {
        return this.authenticator;
    }

    private void setAuthoritiesPopulator(LdapAuthoritiesPopulator ldapAuthoritiesPopulator) {
        Assert.notNull(ldapAuthoritiesPopulator, "An LdapAuthoritiesPopulator must be supplied");
        this.authoritiesPopulator = ldapAuthoritiesPopulator;
    }

    protected LdapAuthoritiesPopulator getAuthoritiesPopulator() {
        return this.authoritiesPopulator;
    }

    public void setUserDetailsContextMapper(UserDetailsContextMapper userDetailsContextMapper) {
        Assert.notNull(userDetailsContextMapper, "UserDetailsContextMapper must not be null");
        this.userDetailsContextMapper = userDetailsContextMapper;
    }

    protected UserDetailsContextMapper getUserDetailsContextMapper() {
        return this.userDetailsContextMapper;
    }

    public void setUseAuthenticationRequestCredentials(boolean z) {
        this.useAuthenticationRequestCredentials = z;
    }

    @Override // org.springframework.security.providers.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        Class cls;
        if (class$org$springframework$security$providers$UsernamePasswordAuthenticationToken == null) {
            cls = class$("org.springframework.security.providers.UsernamePasswordAuthenticationToken");
            class$org$springframework$security$providers$UsernamePasswordAuthenticationToken = cls;
        } else {
            cls = class$org$springframework$security$providers$UsernamePasswordAuthenticationToken;
        }
        Assert.isInstanceOf(cls, authentication, this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports", "Only UsernamePasswordAuthenticationToken is supported"));
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = (UsernamePasswordAuthenticationToken) authentication;
        String name = usernamePasswordAuthenticationToken.getName();
        if (!StringUtils.hasLength(name)) {
            throw new BadCredentialsException(this.messages.getMessage("LdapAuthenticationProvider.emptyUsername", "Empty Username"));
        }
        String str = (String) authentication.getCredentials();
        Assert.notNull(str, "Null password was supplied in authentication token");
        if (str.length() == 0) {
            logger.debug(new StringBuffer().append("Rejecting empty password for user ").append(name).toString());
            throw new BadCredentialsException(this.messages.getMessage("LdapAuthenticationProvider.emptyPassword", "Empty Password"));
        }
        try {
            DirContextOperations authenticate = getAuthenticator().authenticate(authentication);
            return createSuccessfulAuthentication(usernamePasswordAuthenticationToken, this.userDetailsContextMapper.mapUserFromContext(authenticate, name, loadUserAuthorities(authenticate, name, str)));
        } catch (NamingException e) {
            throw new AuthenticationServiceException(e.getMessage(), e);
        }
    }

    protected GrantedAuthority[] loadUserAuthorities(DirContextOperations dirContextOperations, String str, String str2) {
        return getAuthoritiesPopulator().getGrantedAuthorities(dirContextOperations, str);
    }

    protected Authentication createSuccessfulAuthentication(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken, UserDetails userDetails) {
        return new UsernamePasswordAuthenticationToken(userDetails, this.useAuthenticationRequestCredentials ? usernamePasswordAuthenticationToken.getCredentials() : userDetails.getPassword(), userDetails.getAuthorities());
    }

    @Override // org.springframework.security.providers.AuthenticationProvider
    public boolean supports(Class cls) {
        Class cls2;
        if (class$org$springframework$security$providers$UsernamePasswordAuthenticationToken == null) {
            cls2 = class$("org.springframework.security.providers.UsernamePasswordAuthenticationToken");
            class$org$springframework$security$providers$UsernamePasswordAuthenticationToken = cls2;
        } else {
            cls2 = class$org$springframework$security$providers$UsernamePasswordAuthenticationToken;
        }
        return cls2.isAssignableFrom(cls);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$springframework$security$providers$ldap$LdapAuthenticationProvider == null) {
            cls = class$("org.springframework.security.providers.ldap.LdapAuthenticationProvider");
            class$org$springframework$security$providers$ldap$LdapAuthenticationProvider = cls;
        } else {
            cls = class$org$springframework$security$providers$ldap$LdapAuthenticationProvider;
        }
        logger = LogFactory.getLog(cls);
    }
}
