package org.apereo.cas.config;

import com.google.common.cache.CacheBuilder;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.naming.directory.SearchControls;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.principal.resolvers.InternalGroovyScriptDao;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.core.authentication.PrincipalAttributesProperties;
import org.apereo.cas.configuration.support.Beans;
import org.apereo.services.persondir.IPersonAttributeDao;
import org.apereo.services.persondir.support.CachingPersonAttributeDaoImpl;
import org.apereo.services.persondir.support.GroovyPersonAttributeDao;
import org.apereo.services.persondir.support.GrouperPersonAttributeDao;
import org.apereo.services.persondir.support.JsonBackedComplexStubPersonAttributeDao;
import org.apereo.services.persondir.support.MergingPersonAttributeDaoImpl;
import org.apereo.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao;
import org.apereo.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao;
import org.apereo.services.persondir.support.ldap.LdaptivePersonAttributeDao;
import org.apereo.services.persondir.support.merger.MultivaluedAttributeMerger;
import org.apereo.services.persondir.support.merger.NoncollidingAttributeAdder;
import org.apereo.services.persondir.support.merger.ReplacingAttributeAdder;
import org.jooq.lambda.Unchecked;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.xml.BeanDefinitionParserDelegate;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.OrderComparator;
import org.springframework.core.io.Resource;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@Configuration("casPersonDirectoryConfiguration")
/* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-5.1.6.jar:org/apereo/cas/config/CasPersonDirectoryConfiguration.class */
public class CasPersonDirectoryConfiguration {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) CasPersonDirectoryConfiguration.class);

    @Autowired
    private ApplicationContext applicationContext;

    @Autowired
    private CasConfigurationProperties casProperties;

    @ConditionalOnMissingBean(name = {"attributeRepositories"})
    @RefreshScope
    @Bean
    public List<IPersonAttributeDao> attributeRepositories() {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(ldapAttributeRepositories());
        arrayList.addAll(jdbcAttributeRepositories());
        arrayList.addAll(jsonAttributeRepositories());
        arrayList.addAll(groovyAttributeRepositories());
        arrayList.addAll(grouperAttributeRepositories());
        arrayList.addAll(stubAttributeRepositories());
        OrderComparator.sort(arrayList);
        LOGGER.debug("Final list of attribute repositories is [{}]", arrayList);
        return arrayList;
    }

    @ConditionalOnMissingBean(name = {"attributeRepository"})
    @RefreshScope
    @Bean
    public IPersonAttributeDao attributeRepository() {
        return composeMergedAndCachedAttributeRepositories(attributeRepositories());
    }

    @ConditionalOnMissingBean(name = {"jsonAttributeRepositories"})
    @RefreshScope
    @Bean
    public List<IPersonAttributeDao> jsonAttributeRepositories() {
        ArrayList arrayList = new ArrayList();
        this.casProperties.getAuthn().getAttributeRepository().getJson().forEach(Unchecked.consumer(json -> {
            Resource location = json.getConfig().getLocation();
            if (location != null) {
                JsonBackedComplexStubPersonAttributeDao jsonBackedComplexStubPersonAttributeDao = new JsonBackedComplexStubPersonAttributeDao(location);
                jsonBackedComplexStubPersonAttributeDao.setOrder(json.getOrder());
                jsonBackedComplexStubPersonAttributeDao.init();
                LOGGER.debug("Configured JSON attribute sources from [{}]", location);
                arrayList.add(jsonBackedComplexStubPersonAttributeDao);
            }
        }));
        return arrayList;
    }

    @ConditionalOnMissingBean(name = {"groovyAttributeRepositories"})
    @RefreshScope
    @Bean
    public List<IPersonAttributeDao> groovyAttributeRepositories() {
        ArrayList arrayList = new ArrayList();
        this.casProperties.getAuthn().getAttributeRepository().getGroovy().forEach(groovy2 -> {
            if (groovy2.getConfig().getLocation() != null) {
                GroovyPersonAttributeDao groovyPersonAttributeDao = new GroovyPersonAttributeDao(new InternalGroovyScriptDao(this.applicationContext, this.casProperties));
                groovyPersonAttributeDao.setCaseInsensitiveUsername(groovy2.isCaseInsensitive());
                groovyPersonAttributeDao.setOrder(groovy2.getOrder());
                LOGGER.debug("Configured Groovy attribute sources from [{}]", groovy2.getConfig().getLocation());
                arrayList.add(groovyPersonAttributeDao);
            }
        });
        return arrayList;
    }

    @ConditionalOnMissingBean(name = {"grouperAttributeRepositories"})
    @RefreshScope
    @Bean
    public List<IPersonAttributeDao> grouperAttributeRepositories() {
        ArrayList arrayList = new ArrayList();
        PrincipalAttributesProperties.Grouper grouper = this.casProperties.getAuthn().getAttributeRepository().getGrouper();
        if (grouper.isEnabled()) {
            GrouperPersonAttributeDao grouperPersonAttributeDao = new GrouperPersonAttributeDao();
            grouperPersonAttributeDao.setOrder(grouper.getOrder());
            LOGGER.debug("Configured Grouper attribute source");
            arrayList.add(grouperPersonAttributeDao);
        }
        return arrayList;
    }

    @ConditionalOnMissingBean(name = {"stubAttributeRepositories"})
    @RefreshScope
    @Bean
    public List<IPersonAttributeDao> stubAttributeRepositories() {
        ArrayList arrayList = new ArrayList();
        Map<String, String> attributes = this.casProperties.getAuthn().getAttributeRepository().getStub().getAttributes();
        if (!attributes.isEmpty() && arrayList.isEmpty()) {
            LOGGER.info("Found and added static attributes [{}] to the list of candidate attribute repositories", attributes.keySet());
            arrayList.add(Beans.newStubAttributeRepository(this.casProperties.getAuthn().getAttributeRepository()));
        }
        return arrayList;
    }

    @ConditionalOnMissingBean(name = {"jdbcAttributeRepositories"})
    @RefreshScope
    @Bean
    public List<IPersonAttributeDao> jdbcAttributeRepositories() {
        ArrayList arrayList = new ArrayList();
        this.casProperties.getAuthn().getAttributeRepository().getJdbc().forEach(jdbc -> {
            MultiRowJdbcPersonAttributeDao multiRowJdbcPersonAttributeDao;
            if (StringUtils.isNotBlank(jdbc.getSql()) && StringUtils.isNotBlank(jdbc.getUrl())) {
                if (jdbc.isSingleRow()) {
                    LOGGER.debug("Configured single-row JDBC attribute repository for [{}]", jdbc.getUrl());
                    multiRowJdbcPersonAttributeDao = new SingleRowJdbcPersonAttributeDao(Beans.newDataSource(jdbc), jdbc.getSql());
                } else {
                    LOGGER.debug("Configured multi-row JDBC attribute repository for [{}]", jdbc.getUrl());
                    multiRowJdbcPersonAttributeDao = new MultiRowJdbcPersonAttributeDao(Beans.newDataSource(jdbc), jdbc.getSql());
                    LOGGER.debug("Configured multi-row JDBC column mappings for [{}] are [{}]", jdbc.getUrl(), jdbc.getColumnMappings());
                    multiRowJdbcPersonAttributeDao.setNameValueColumnMappings(jdbc.getColumnMappings());
                }
                multiRowJdbcPersonAttributeDao.setQueryAttributeMapping(Collections.singletonMap("username", jdbc.getUsername()));
                Map<String, String> attributes = jdbc.getAttributes();
                if (attributes != null && !attributes.isEmpty()) {
                    LOGGER.debug("Configured result attribute mapping for [{}] to be [{}]", jdbc.getUrl(), jdbc.getAttributes());
                    multiRowJdbcPersonAttributeDao.setResultAttributeMapping(attributes);
                }
                multiRowJdbcPersonAttributeDao.setRequireAllQueryAttributes(jdbc.isRequireAllAttributes());
                multiRowJdbcPersonAttributeDao.setUsernameCaseCanonicalizationMode(jdbc.getCaseCanonicalization());
                multiRowJdbcPersonAttributeDao.setDefaultCaseCanonicalizationMode(jdbc.getCaseCanonicalization());
                multiRowJdbcPersonAttributeDao.setQueryType(jdbc.getQueryType());
                multiRowJdbcPersonAttributeDao.setOrder(jdbc.getOrder());
                arrayList.add(multiRowJdbcPersonAttributeDao);
            }
        });
        return arrayList;
    }

    @ConditionalOnMissingBean(name = {"ldapAttributeRepositories"})
    @RefreshScope
    @Bean
    public List<IPersonAttributeDao> ldapAttributeRepositories() {
        ArrayList arrayList = new ArrayList();
        this.casProperties.getAuthn().getAttributeRepository().getLdap().forEach(ldap -> {
            if (StringUtils.isNotBlank(ldap.getBaseDn()) && StringUtils.isNotBlank(ldap.getLdapUrl())) {
                LdaptivePersonAttributeDao ldaptivePersonAttributeDao = new LdaptivePersonAttributeDao();
                LOGGER.debug("Configured LDAP attribute source for [{}] and baseDn [{}]", ldap.getLdapUrl(), ldap.getBaseDn());
                ldaptivePersonAttributeDao.setConnectionFactory(Beans.newLdaptivePooledConnectionFactory(ldap));
                ldaptivePersonAttributeDao.setBaseDN(ldap.getBaseDn());
                LOGGER.debug("LDAP attributes are fetched from [{}] via filter [{}]", ldap.getLdapUrl(), ldap.getUserFilter());
                ldaptivePersonAttributeDao.setSearchFilter(ldap.getUserFilter());
                SearchControls searchControls = new SearchControls();
                if (ldap.getAttributes() == null || ldap.getAttributes().isEmpty()) {
                    LOGGER.debug("Retrieving all attributes as no explicit attribute mappings are defined for [{}]", ldap.getLdapUrl());
                    searchControls.setReturningAttributes((String[]) null);
                } else {
                    LOGGER.debug("Configured result attribute mapping for [{}] to be [{}]", ldap.getLdapUrl(), ldap.getAttributes());
                    ldaptivePersonAttributeDao.setResultAttributeMapping(ldap.getAttributes());
                    searchControls.setReturningAttributes((String[]) ldap.getAttributes().keySet().toArray(new String[ldap.getAttributes().keySet().size()]));
                }
                if (ldap.isSubtreeSearch()) {
                    LOGGER.debug("Configured subtree searching for [{}]", ldap.getLdapUrl());
                    searchControls.setSearchScope(2);
                }
                searchControls.setDerefLinkFlag(true);
                ldaptivePersonAttributeDao.setSearchControls(searchControls);
                ldaptivePersonAttributeDao.setOrder(ldap.getOrder());
                LOGGER.debug("Initializing LDAP attribute source for [{}]", ldap.getLdapUrl());
                ldaptivePersonAttributeDao.initialize();
                arrayList.add(ldaptivePersonAttributeDao);
            }
        });
        return arrayList;
    }

    private IPersonAttributeDao composeMergedAndCachedAttributeRepositories(List<IPersonAttributeDao> list) {
        MergingPersonAttributeDaoImpl mergingPersonAttributeDaoImpl = new MergingPersonAttributeDaoImpl();
        String str = (String) StringUtils.defaultIfBlank(this.casProperties.getAuthn().getAttributeRepository().getMerger(), "replace".trim());
        LOGGER.debug("Configured merging strategy for attribute sources is [{}]", str);
        String lowerCase = str.toLowerCase();
        boolean z = -1;
        switch (lowerCase.hashCode()) {
            case 96417:
                if (lowerCase.equals("add")) {
                    z = true;
                    break;
                }
                break;
            case 103785528:
                if (lowerCase.equals(BeanDefinitionParserDelegate.MERGE_ATTRIBUTE)) {
                    z = false;
                    break;
                }
                break;
            case 1094496948:
                if (lowerCase.equals("replace")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                mergingPersonAttributeDaoImpl.setMerger(new MultivaluedAttributeMerger());
                break;
            case true:
                mergingPersonAttributeDaoImpl.setMerger(new NoncollidingAttributeAdder());
                break;
            case true:
            default:
                mergingPersonAttributeDaoImpl.setMerger(new ReplacingAttributeAdder());
                break;
        }
        CachingPersonAttributeDaoImpl cachingPersonAttributeDaoImpl = new CachingPersonAttributeDaoImpl();
        cachingPersonAttributeDaoImpl.setCacheNullResults(false);
        cachingPersonAttributeDaoImpl.setUserInfoCache(CacheBuilder.newBuilder().concurrencyLevel(2).weakKeys().maximumSize(this.casProperties.getAuthn().getAttributeRepository().getMaximumCacheSize()).expireAfterWrite(this.casProperties.getAuthn().getAttributeRepository().getExpireInMinutes(), TimeUnit.MINUTES).build().asMap());
        mergingPersonAttributeDaoImpl.setPersonAttributeDaos(list);
        cachingPersonAttributeDaoImpl.setCachedPersonAttributesDao(mergingPersonAttributeDaoImpl);
        if (list.isEmpty()) {
            LOGGER.debug("No attribute repository sources are available/defined to merge together.");
        } else {
            LOGGER.debug("Configured attribute repository sources to merge together: [{}]", list);
            LOGGER.debug("Configured cache expiration policy for merging attribute sources to be [{}] minute(s)", Integer.valueOf(this.casProperties.getAuthn().getAttributeRepository().getExpireInMinutes()));
        }
        return cachingPersonAttributeDaoImpl;
    }
}
