package org.springframework.security.config.ldap;

import java.io.IOException;
import java.net.ServerSocket;
import org.springframework.beans.MutablePropertyValues;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.beans.factory.config.ConstructorArgumentValues;
import org.springframework.beans.factory.parsing.BeanComponentDefinition;
import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.factory.xml.BeanDefinitionParser;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.security.config.BeanIds;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
import org.springframework.security.ldap.server.ApacheDSContainer;
import org.springframework.security.ldap.server.UnboundIdContainer;
import org.springframework.util.ClassUtils;
import org.springframework.util.StringUtils;
import org.w3c.dom.Element;

/* loaded from: input_file:BOOT-INF/lib/spring-security-config-6.0.3.jar:org/springframework/security/config/ldap/LdapServerBeanDefinitionParser.class */
public class LdapServerBeanDefinitionParser implements BeanDefinitionParser {
    private static final String CONTEXT_SOURCE_CLASS = "org.springframework.security.ldap.DefaultSpringSecurityContextSource";
    private static final String ATT_URL = "url";
    private static final String ATT_PRINCIPAL = "manager-dn";
    private static final String ATT_PASSWORD = "manager-password";
    public static final String ATT_ROOT_SUFFIX = "root";
    private static final String OPT_DEFAULT_ROOT_SUFFIX = "dc=springframework,dc=org";
    public static final String ATT_LDIF_FILE = "ldif";
    private static final String OPT_DEFAULT_LDIF_FILE = "classpath*:*.ldif";
    public static final String ATT_PORT = "port";
    private static final String RANDOM_PORT = "0";
    private static final int DEFAULT_PORT = 33389;
    private static final String APACHEDS_CLASSNAME = "org.apache.directory.server.core.DefaultDirectoryService";
    private static final String UNBOUNID_CLASSNAME = "com.unboundid.ldap.listener.InMemoryDirectoryServer";
    private static final String APACHEDS_CONTAINER_CLASSNAME = "org.springframework.security.ldap.server.ApacheDSContainer";
    private static final String UNBOUNDID_CONTAINER_CLASSNAME = "org.springframework.security.ldap.server.UnboundIdContainer";
    private static final boolean unboundIdPresent;
    private static final boolean apacheDsPresent;

    /* loaded from: input_file:BOOT-INF/lib/spring-security-config-6.0.3.jar:org/springframework/security/config/ldap/LdapServerBeanDefinitionParser$EmbeddedLdapServerConfigBean.class */
    private static class EmbeddedLdapServerConfigBean implements ApplicationContextAware {
        private ApplicationContext applicationContext;

        private EmbeddedLdapServerConfigBean() {
        }

        @Override // org.springframework.context.ApplicationContextAware
        public void setApplicationContext(ApplicationContext applicationContext) {
            this.applicationContext = applicationContext;
        }

        private DefaultSpringSecurityContextSource createEmbeddedContextSource(String str) {
            return new DefaultSpringSecurityContextSource("ldap://127.0.0.1:" + getPort() + "/" + str);
        }

        private int getPort() {
            if (LdapServerBeanDefinitionParser.apacheDsPresent) {
                return ((ApacheDSContainer) this.applicationContext.getBean(ApacheDSContainer.class)).getLocalPort();
            }
            if (LdapServerBeanDefinitionParser.unboundIdPresent) {
                return ((UnboundIdContainer) this.applicationContext.getBean(UnboundIdContainer.class)).getPort();
            }
            throw new IllegalStateException("Embedded LDAP server is not provided");
        }
    }

    @Override // org.springframework.beans.factory.xml.BeanDefinitionParser
    public BeanDefinition parse(Element element, ParserContext parserContext) {
        RootBeanDefinition rootBeanDefinition;
        String attribute = element.getAttribute("url");
        if (StringUtils.hasText(attribute)) {
            rootBeanDefinition = new RootBeanDefinition();
            rootBeanDefinition.setBeanClassName(CONTEXT_SOURCE_CLASS);
            rootBeanDefinition.getConstructorArgumentValues().addIndexedArgumentValue(0, attribute);
        } else {
            rootBeanDefinition = createEmbeddedServer(element, parserContext);
        }
        rootBeanDefinition.setSource(parserContext.extractSource(element));
        String attribute2 = element.getAttribute(ATT_PRINCIPAL);
        String attribute3 = element.getAttribute(ATT_PASSWORD);
        if (StringUtils.hasText(attribute2)) {
            if (!StringUtils.hasText(attribute3)) {
                parserContext.getReaderContext().error("You must specify the manager-password if you supply a " + attribute2, element);
            }
            rootBeanDefinition.getPropertyValues().addPropertyValue("userDn", attribute2);
            rootBeanDefinition.getPropertyValues().addPropertyValue("password", attribute3);
        }
        String attribute4 = element.getAttribute("id");
        parserContext.getRegistry().registerBeanDefinition(StringUtils.hasText(attribute4) ? attribute4 : BeanIds.CONTEXT_SOURCE, rootBeanDefinition);
        return null;
    }

    private RootBeanDefinition createEmbeddedServer(Element element, ParserContext parserContext) {
        Object extractSource = parserContext.extractSource(element);
        String attribute = element.getAttribute(ATT_ROOT_SUFFIX);
        if (!StringUtils.hasText(attribute)) {
            attribute = OPT_DEFAULT_ROOT_SUFFIX;
        }
        BeanDefinitionBuilder rootBeanDefinition = BeanDefinitionBuilder.rootBeanDefinition(CONTEXT_SOURCE_CLASS);
        rootBeanDefinition.addConstructorArgValue(attribute);
        rootBeanDefinition.addPropertyValue("userDn", "uid=admin,ou=system");
        rootBeanDefinition.addPropertyValue("password", "secret");
        AbstractBeanDefinition beanDefinition = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) EmbeddedLdapServerConfigBean.class).getBeanDefinition();
        String generateBeanName = parserContext.getReaderContext().generateBeanName(beanDefinition);
        parserContext.registerBeanComponent(new BeanComponentDefinition(beanDefinition, generateBeanName));
        rootBeanDefinition.setFactoryMethodOnBean("createEmbeddedContextSource", generateBeanName);
        String attribute2 = element.getAttribute("mode");
        RootBeanDefinition rootBeanDefinition2 = getRootBeanDefinition(attribute2);
        rootBeanDefinition2.setSource(extractSource);
        rootBeanDefinition2.getConstructorArgumentValues().addGenericArgumentValue(attribute);
        String attribute3 = element.getAttribute(ATT_LDIF_FILE);
        if (!StringUtils.hasText(attribute3)) {
            attribute3 = OPT_DEFAULT_LDIF_FILE;
        }
        rootBeanDefinition2.getConstructorArgumentValues().addGenericArgumentValue(attribute3);
        rootBeanDefinition2.getPropertyValues().addPropertyValue(ATT_PORT, getPort(element));
        if (parserContext.getRegistry().containsBeanDefinition(BeanIds.EMBEDDED_APACHE_DS) || parserContext.getRegistry().containsBeanDefinition(BeanIds.EMBEDDED_UNBOUNDID)) {
            parserContext.getReaderContext().error("Only one embedded server bean is allowed per application context", element);
        }
        String resolveBeanId = resolveBeanId(attribute2);
        if (resolveBeanId != null) {
            parserContext.getRegistry().registerBeanDefinition(resolveBeanId, rootBeanDefinition2);
        }
        return (RootBeanDefinition) rootBeanDefinition.getBeanDefinition();
    }

    private RootBeanDefinition getRootBeanDefinition(String str) {
        if (isApacheDsEnabled(str)) {
            return new RootBeanDefinition(APACHEDS_CONTAINER_CLASSNAME, (ConstructorArgumentValues) null, (MutablePropertyValues) null);
        }
        if (isUnboundidEnabled(str)) {
            return new RootBeanDefinition(UNBOUNDID_CONTAINER_CLASSNAME, (ConstructorArgumentValues) null, (MutablePropertyValues) null);
        }
        throw new IllegalStateException("Embedded LDAP server is not provided");
    }

    private String resolveBeanId(String str) {
        if (isApacheDsEnabled(str)) {
            return BeanIds.EMBEDDED_APACHE_DS;
        }
        if (isUnboundidEnabled(str)) {
            return BeanIds.EMBEDDED_UNBOUNDID;
        }
        return null;
    }

    private boolean isApacheDsEnabled(String str) {
        return "apacheds".equals(str) || apacheDsPresent;
    }

    private boolean isUnboundidEnabled(String str) {
        return "unboundid".equals(str) || unboundIdPresent;
    }

    private String getPort(Element element) {
        String attribute = element.getAttribute(ATT_PORT);
        return StringUtils.hasText(attribute) ? attribute : getDefaultPort();
    }

    private String getDefaultPort() {
        try {
            ServerSocket serverSocket = new ServerSocket(DEFAULT_PORT);
            try {
                String valueOf = String.valueOf(serverSocket.getLocalPort());
                serverSocket.close();
                return valueOf;
            } finally {
            }
        } catch (IOException e) {
            return "0";
        }
    }

    static {
        ClassLoader classLoader = LdapServerBeanDefinitionParser.class.getClassLoader();
        unboundIdPresent = ClassUtils.isPresent(UNBOUNID_CLASSNAME, classLoader);
        apacheDsPresent = ClassUtils.isPresent(APACHEDS_CLASSNAME, classLoader);
    }
}
