package com.hazelcast.webmonitor.security.spi.impl;

import com.hazelcast.webmonitor.model.LdapUser;
import com.hazelcast.webmonitor.security.spi.SecurityProvider;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.ldap.core.DirContextAdapter;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.ldap.userdetails.LdapUserDetails;
import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;
import org.springframework.security.ldap.userdetails.UserDetailsContextMapper;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/classes/com/hazelcast/webmonitor/security/spi/impl/LdapUserDetailsContextMapper.class
 */
/* loaded from: input_file:com/hazelcast/webmonitor/security/spi/impl/LdapUserDetailsContextMapper.class */
public class LdapUserDetailsContextMapper implements UserDetailsContextMapper {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) LdapUserDetailsContextMapper.class);
    private final LdapUserDetailsMapper ldapUserDetailsMapper = new LdapUserDetailsMapper();
    private final String[] adminGroups;
    private final String[] userGroups;
    private final String[] readonlyUserGroups;
    private final String[] metricsOnlyUserGroups;

    public LdapUserDetailsContextMapper(GroupsToRolesMappingConfig groupsToRolesMappingConfig) {
        this.ldapUserDetailsMapper.setRolePrefix("");
        this.adminGroups = groupsToRolesMappingConfig.getAdminGroups();
        this.userGroups = groupsToRolesMappingConfig.getUserGroups();
        this.readonlyUserGroups = groupsToRolesMappingConfig.getReadonlyUserGroups();
        this.metricsOnlyUserGroups = groupsToRolesMappingConfig.getMetricsOnlyGroups();
    }

    @Override // org.springframework.security.ldap.userdetails.UserDetailsContextMapper
    public UserDetails mapUserFromContext(DirContextOperations dirContextOperations, String str, Collection<? extends GrantedAuthority> collection) {
        LOGGER.debug("Mapping user [" + str + "] from LDAP context");
        LdapUserDetails ldapUserDetails = (LdapUserDetails) this.ldapUserDetailsMapper.mapUserFromContext(dirContextOperations, str, collection);
        return LdapUser.create(ldapUserDetails, mapAuthorities(ldapUserDetails.getAuthorities()));
    }

    @Override // org.springframework.security.ldap.userdetails.UserDetailsContextMapper
    public void mapUserToContext(UserDetails userDetails, DirContextAdapter dirContextAdapter) {
        throw new UnsupportedOperationException("Saving user to LDAP server is not supported!");
    }

    private List<GrantedAuthority> mapAuthorities(Collection<? extends GrantedAuthority> collection) {
        return containsAnyGroup(collection, this.adminGroups) ? Collections.singletonList(SecurityProvider.ADMIN_AUTHORITY) : containsAnyGroup(collection, this.userGroups) ? Collections.singletonList(SecurityProvider.USER_AUTHORITY) : containsAnyGroup(collection, this.readonlyUserGroups) ? Collections.singletonList(SecurityProvider.READONLY_USER_AUTHORITY) : containsAnyGroup(collection, this.metricsOnlyUserGroups) ? Collections.singletonList(SecurityProvider.METRICS_ONLY_AUTHORITY) : Collections.emptyList();
    }

    private boolean containsAnyGroup(Collection<? extends GrantedAuthority> collection, String[] strArr) {
        for (String str : strArr) {
            Iterator<? extends GrantedAuthority> it = collection.iterator();
            while (it.hasNext()) {
                if (str.equalsIgnoreCase(it.next().getAuthority())) {
                    return true;
                }
            }
        }
        return false;
    }
}
