package de.sep.sesam.restapi.authentication;

import de.sep.sesam.model.Credentials;
import de.sep.sesam.model.type.AuthenticationType;
import de.sep.sesam.model.type.UserOrigin;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider;
import org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider;

/* loaded from: input_file:de/sep/sesam/restapi/authentication/ActiveDirectoryCredentialsLogin.class */
public class ActiveDirectoryCredentialsLogin extends AbstractExternalCredentialsLogin {
    static final /* synthetic */ boolean $assertionsDisabled;

    public ActiveDirectoryCredentialsLogin(Credentials credentials) {
        super(credentials);
    }

    @Override // de.sep.sesam.restapi.authentication.AbstractCredentialsLogin
    public String getCredentialsType() {
        return UserOrigin.AD.name();
    }

    @Override // de.sep.sesam.restapi.authentication.AbstractExternalCredentialsLogin
    protected UserOrigin getCredentialsOrigin() {
        return UserOrigin.AD;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // de.sep.sesam.restapi.authentication.AbstractCredentialsLogin
    public AuthenticationType getAuthenticationType() {
        return AuthenticationType.AD;
    }

    @Override // de.sep.sesam.restapi.authentication.AbstractCredentialsLogin
    public AbstractLdapAuthenticationProvider createAuthenticationProvider(Credentials credentials) {
        if (!$assertionsDisabled && credentials == null) {
            throw new AssertionError();
        }
        String path = credentials.getPath();
        String hostname = credentials.getHostname();
        String publicKey = credentials.getPublicKey();
        String storeName = credentials.getStoreName();
        String osAccessName = credentials.getOsAccessName();
        String restoreSecret = restoreSecret(credentials.getSecret());
        if (StringUtils.isBlank(path)) {
            return null;
        }
        ActiveDirectoryLdapAuthenticationProvider activeDirectoryLdapAuthenticationProvider = StringUtils.isBlank(publicKey) ? new ActiveDirectoryLdapAuthenticationProvider(hostname, path) : new ActiveDirectoryLdapAuthenticationProvider(hostname, path, publicKey);
        activeDirectoryLdapAuthenticationProvider.setUseAuthenticationRequestCredentials(true);
        activeDirectoryLdapAuthenticationProvider.setConvertSubErrorCodesToExceptions(true);
        if (StringUtils.isNotBlank(storeName)) {
            activeDirectoryLdapAuthenticationProvider.setSearchFilter(storeName);
        }
        setContextSource(SecurityContextSourceDataProvider.builder().withUrl(path).withBase(publicKey).withDomain(hostname).withUser(osAccessName).withPassword(restoreSecret).build());
        return activeDirectoryLdapAuthenticationProvider;
    }

    @Override // de.sep.sesam.restapi.authentication.AbstractExternalCredentialsLogin
    protected String getAuthenticationProviderDetailsMessage() {
        StringBuilder sb = new StringBuilder("Trying active directory authentication source with '");
        Credentials credentials = getCredentials();
        if (credentials != null) {
            sb.append("URL: ");
            sb.append(credentials.getPath());
            sb.append(", Domain: ");
            sb.append(StringUtils.isNotBlank(credentials.getHostname()) ? credentials.getHostname() : "-");
            sb.append(", User search base DN: ");
            sb.append(StringUtils.isNotBlank(credentials.getPublicKey()) ? credentials.getPublicKey() : "-");
            sb.append(", Search filter: ");
            sb.append(StringUtils.isNotBlank(credentials.getStoreName()) ? credentials.getStoreName() : "-");
        } else {
            sb.append("null");
        }
        sb.append("'.");
        return sb.toString();
    }

    static {
        $assertionsDisabled = !ActiveDirectoryCredentialsLogin.class.desiredAssertionStatus();
    }
}
