package pro.taskana.ldap;

import java.util.List;
import javax.annotation.PostConstruct;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.core.support.AbstractContextMapper;
import org.springframework.ldap.filter.AndFilter;
import org.springframework.ldap.filter.EqualsFilter;
import org.springframework.ldap.filter.OrFilter;
import org.springframework.ldap.filter.WhitespaceWildcardsFilter;
import org.springframework.stereotype.Component;
import pro.taskana.exceptions.InvalidArgumentException;
import pro.taskana.exceptions.SystemException;
import pro.taskana.impl.util.LoggerUtils;
import pro.taskana.rest.resource.AccessIdResource;

@Component
/* loaded from: input_file:pro/taskana/ldap/LdapClient.class */
public class LdapClient {
    public static final String TASKANA_USE_LDAP_PROP_NAME = "taskana.ldap.useLdap";
    private static final Logger LOGGER = LoggerFactory.getLogger(LdapClient.class);
    private static final String CN = "cn";
    private boolean active = false;

    @Autowired
    private Environment env;

    @Autowired(required = false)
    private LdapTemplate ldapTemplate;
    private String userSearchBase;
    private String userSearchFilterName;
    private String userSearchFilterValue;
    private String userFirstnameAttribute;
    private String userLastnameAttribute;
    private String userIdAttribute;
    private String groupSearchBase;
    private String groupSearchFilterName;
    private String groupSearchFilterValue;
    private String groupNameAttribute;
    private String groupsOfUser;
    private int minSearchForLength;
    private int maxNumberOfReturnedAccessIds;
    private String message;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:pro/taskana/ldap/LdapClient$GroupContextMapper.class */
    public class GroupContextMapper extends AbstractContextMapper<AccessIdResource> {
        private GroupContextMapper() {
        }

        /* renamed from: doMapFromContext, reason: merged with bridge method [inline-methods] */
        public AccessIdResource m1doMapFromContext(DirContextOperations dirContextOperations) {
            AccessIdResource accessIdResource = new AccessIdResource();
            accessIdResource.setAccessId(dirContextOperations.getNameInNamespace());
            accessIdResource.setName(dirContextOperations.getStringAttribute(LdapClient.this.getGroupNameAttribute()));
            return accessIdResource;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:pro/taskana/ldap/LdapClient$UserContextMapper.class */
    public class UserContextMapper extends AbstractContextMapper<AccessIdResource> {
        private UserContextMapper() {
        }

        /* renamed from: doMapFromContext, reason: merged with bridge method [inline-methods] */
        public AccessIdResource m2doMapFromContext(DirContextOperations dirContextOperations) {
            AccessIdResource accessIdResource = new AccessIdResource();
            accessIdResource.setAccessId(dirContextOperations.getStringAttribute(LdapClient.this.getUserIdAttribute()));
            accessIdResource.setName(dirContextOperations.getStringAttribute(LdapClient.this.getUserLastnameAttribute()) + ", " + dirContextOperations.getStringAttribute(LdapClient.this.getUserFirstnameAttribute()));
            return accessIdResource;
        }
    }

    @PostConstruct
    private void init() {
        String minSearchForLengthAsString = getMinSearchForLengthAsString();
        if (minSearchForLengthAsString == null || minSearchForLengthAsString.isEmpty()) {
            this.minSearchForLength = 3;
        } else {
            this.minSearchForLength = Integer.parseInt(minSearchForLengthAsString);
        }
        String maxNumberOfReturnedAccessIdsAsString = getMaxNumberOfReturnedAccessIdsAsString();
        if (maxNumberOfReturnedAccessIdsAsString == null || maxNumberOfReturnedAccessIdsAsString.isEmpty()) {
            this.maxNumberOfReturnedAccessIds = 50;
        } else {
            this.maxNumberOfReturnedAccessIds = Integer.parseInt(maxNumberOfReturnedAccessIdsAsString);
        }
        if (useLdap()) {
            this.userSearchBase = getUserSearchBase();
            this.userSearchFilterName = getUserSearchFilterName();
            this.userSearchFilterValue = getUserSearchFilterValue();
            this.userFirstnameAttribute = getUserFirstnameAttribute();
            this.userLastnameAttribute = getUserLastnameAttribute();
            this.userIdAttribute = getUserIdAttribute();
            this.groupSearchBase = getGroupSearchBase();
            this.groupSearchFilterName = getGroupSearchFilterName();
            this.groupSearchFilterValue = getGroupSearchFilterValue();
            this.groupNameAttribute = getGroupNameAttribute();
            this.groupsOfUser = getGroupsOfUser();
            this.ldapTemplate.setDefaultCountLimit(this.maxNumberOfReturnedAccessIds);
            this.message = "taskana.ldap.useLdap is set to true, but";
            if (this.userSearchBase == null) {
                this.message += " taskana.ldap.userSearchBase is not configured.";
            }
            if (this.userSearchFilterName == null) {
                this.message += " taskana.ldap.userSearchFilterName is not configured.";
            }
            if (this.userSearchFilterValue == null) {
                this.message += " taskana.ldap.userSearchFilterValue is not configured.";
            }
            if (this.userFirstnameAttribute == null) {
                this.message += " taskana.ldap.userFirstnameAttribute is not configured.";
            }
            if (this.userLastnameAttribute == null) {
                this.message += " taskana.ldap.userLastnameAttribute is not configured.";
            }
            if (this.userIdAttribute == null) {
                this.message += " taskana.ldap.userIdAttribute is not configured.";
            }
            if (this.groupSearchBase == null) {
                this.message += " taskana.ldap.groupSearchBase is not configured.";
            }
            if (this.groupSearchFilterName == null) {
                this.message += " taskana.ldap.groupSearchFilterName is not configured.";
            }
            if (this.groupSearchFilterValue == null) {
                this.message += " taskana.ldap.groupSearchFilterValue is not configured.";
            }
            if (this.groupNameAttribute == null) {
                this.message += " taskana.ldap.groupNameAttribute is not configured.";
            }
            if (this.groupsOfUser == null) {
                this.message += " taskana.ldap.groupsOfUser is not configured.";
            }
            if (!this.message.equals("taskana.ldap.useLdap is set to true, but")) {
                throw new SystemException(this.message);
            }
            this.active = true;
        }
    }

    public List<AccessIdResource> searchUsersAndGroups(String str) throws InvalidArgumentException {
        LOGGER.debug("entry to searchUsersAndGroups(name = {})", str);
        if (!this.active) {
            throw new SystemException("LdapClient was called but is not active due to missing configuration: " + this.message);
        }
        testMinSearchForLength(str);
        List<AccessIdResource> searchUsersByName = searchUsersByName(str);
        searchUsersByName.addAll(searchGroupsByName(str));
        searchUsersByName.sort((accessIdResource, accessIdResource2) -> {
            return accessIdResource.getAccessId().compareToIgnoreCase(accessIdResource2.getAccessId());
        });
        List<AccessIdResource> subList = searchUsersByName.subList(0, Math.min(searchUsersByName.size(), this.maxNumberOfReturnedAccessIds));
        LOGGER.debug("exit from searchUsersAndGroups(name = {}). Returning {} users and groups: {}", new Object[]{str, Integer.valueOf(searchUsersByName.size()), LoggerUtils.listToString(subList)});
        return subList;
    }

    public List<AccessIdResource> searchUsersByName(String str) throws InvalidArgumentException {
        LOGGER.debug("entry to searchUsersByName(name = {}).", str);
        if (!this.active) {
            throw new SystemException("LdapClient was called but is not active due to missing configuration: " + this.message);
        }
        testMinSearchForLength(str);
        AndFilter andFilter = new AndFilter();
        andFilter.and(new EqualsFilter(getUserSearchFilterName(), getUserSearchFilterValue()));
        OrFilter orFilter = new OrFilter();
        orFilter.or(new WhitespaceWildcardsFilter(getUserFirstnameAttribute(), str));
        orFilter.or(new WhitespaceWildcardsFilter(getUserLastnameAttribute(), str));
        orFilter.or(new WhitespaceWildcardsFilter(getUserIdAttribute(), str));
        andFilter.and(orFilter);
        List<AccessIdResource> search = this.ldapTemplate.search(getUserSearchBase(), andFilter.encode(), 2, new String[]{getUserFirstnameAttribute(), getUserLastnameAttribute(), getUserIdAttribute()}, new UserContextMapper());
        LOGGER.debug("exit from searchUsersByName. Retrieved the following users: {}.", LoggerUtils.listToString(search));
        return search;
    }

    public List<AccessIdResource> searchGroupsByName(String str) throws InvalidArgumentException {
        LOGGER.debug("entry to searchGroupsByName(name = {}).", str);
        if (!this.active) {
            throw new SystemException("LdapClient was called but is not active due to missing configuration: " + this.message);
        }
        testMinSearchForLength(str);
        AndFilter andFilter = new AndFilter();
        andFilter.and(new EqualsFilter(getGroupSearchFilterName(), getGroupSearchFilterValue()));
        OrFilter orFilter = new OrFilter();
        orFilter.or(new WhitespaceWildcardsFilter(getGroupNameAttribute(), str));
        if (!CN.equals(this.groupNameAttribute)) {
            orFilter.or(new WhitespaceWildcardsFilter(CN, str));
        }
        andFilter.and(orFilter);
        List<AccessIdResource> search = this.ldapTemplate.search(getGroupSearchBase(), andFilter.encode(), 2, CN.equals(this.groupNameAttribute) ? new String[]{CN} : new String[]{getGroupNameAttribute(), CN}, new GroupContextMapper());
        LOGGER.debug("Exit from searchGroupsByName. Retrieved the following groups: {}", LoggerUtils.listToString(search));
        return search;
    }

    public List<AccessIdResource> searchGroupsofUsersIsMember(String str) throws InvalidArgumentException {
        LOGGER.debug("entry to searchGroupsofUsersIsMember(name = {}).", str);
        if (!this.active) {
            throw new SystemException("LdapClient was called but is not active due to missing configuration: " + this.message);
        }
        testMinSearchForLength(str);
        AndFilter andFilter = new AndFilter();
        andFilter.and(new WhitespaceWildcardsFilter(getGroupNameAttribute(), ""));
        andFilter.and(new EqualsFilter(getGroupsOfUser(), str));
        List<AccessIdResource> search = this.ldapTemplate.search(getGroupSearchBase(), andFilter.encode(), 2, new String[]{getUserIdAttribute(), getGroupNameAttribute()}, new GroupContextMapper());
        LOGGER.debug("exit from searchGroupsofUsersIsMember. Retrieved the following users: {}.", LoggerUtils.listToString(search));
        return search;
    }

    private void testMinSearchForLength(String str) throws InvalidArgumentException {
        if (str == null || str.length() < this.minSearchForLength) {
            throw new InvalidArgumentException("searchFor string " + str + " is too short. Minimum Length = " + getMinSearchForLength());
        }
    }

    public boolean useLdap() {
        String property = this.env.getProperty(TASKANA_USE_LDAP_PROP_NAME);
        if (property == null || property.isEmpty()) {
            return false;
        }
        return Boolean.parseBoolean(property);
    }

    public String getUserSearchBase() {
        return this.env.getProperty("taskana.ldap.userSearchBase");
    }

    public String getUserSearchFilterName() {
        return this.env.getProperty("taskana.ldap.userSearchFilterName");
    }

    public String getUserSearchFilterValue() {
        return this.env.getProperty("taskana.ldap.userSearchFilterValue");
    }

    public String getUserFirstnameAttribute() {
        return this.env.getProperty("taskana.ldap.userFirstnameAttribute");
    }

    public String getUserLastnameAttribute() {
        return this.env.getProperty("taskana.ldap.userLastnameAttribute");
    }

    public String getUserIdAttribute() {
        return this.env.getProperty("taskana.ldap.userIdAttribute");
    }

    public String getGroupSearchBase() {
        return this.env.getProperty("taskana.ldap.groupSearchBase");
    }

    public String getGroupSearchFilterName() {
        return this.env.getProperty("taskana.ldap.groupSearchFilterName");
    }

    public String getGroupSearchFilterValue() {
        return this.env.getProperty("taskana.ldap.groupSearchFilterValue");
    }

    public String getGroupNameAttribute() {
        return this.env.getProperty("taskana.ldap.groupNameAttribute");
    }

    public String getMinSearchForLengthAsString() {
        return this.env.getProperty("taskana.ldap.minSearchForLength");
    }

    public int getMinSearchForLength() {
        return this.minSearchForLength;
    }

    public String getMaxNumberOfReturnedAccessIdsAsString() {
        return this.env.getProperty("taskana.ldap.maxNumberOfReturnedAccessIds");
    }

    public int getMaxNumberOfReturnedAccessIds() {
        return this.maxNumberOfReturnedAccessIds;
    }

    public String getGroupsOfUser() {
        return this.env.getProperty("taskana.ldap.groupsOfUser");
    }

    public boolean isGroup(String str) {
        return str.contains(getGroupSearchBase());
    }
}
