package com.alibaba.nacos.plugin.auth.impl;

import com.alibaba.nacos.plugin.auth.impl.authenticate.IAuthenticationManager;
import com.alibaba.nacos.plugin.auth.impl.authenticate.LdapAuthenticationManager;
import com.alibaba.nacos.plugin.auth.impl.configuration.ConditionOnLdapAuth;
import com.alibaba.nacos.plugin.auth.impl.roles.NacosRoleServiceImpl;
import com.alibaba.nacos.plugin.auth.impl.token.TokenManagerDelegate;
import com.alibaba.nacos.plugin.auth.impl.users.NacosUserDetailsServiceImpl;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.ldap.LdapAutoConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.core.support.LdapContextSource;

@Configuration(proxyBeanMethods = false)
@EnableAutoConfiguration(exclude = {LdapAutoConfiguration.class})
/* loaded from: input_file:com/alibaba/nacos/plugin/auth/impl/LdapAuthConfig.class */
public class LdapAuthConfig {

    @Value("${nacos.core.auth.ldap.url:ldap://localhost:389}")
    private String ldapUrl;

    @Value("${nacos.core.auth.ldap.basedc:dc=example,dc=org}")
    private String ldapBaseDc;

    @Value("${nacos.core.auth.ldap.timeout:3000}")
    private String ldapTimeOut;

    @Value("${nacos.core.auth.ldap.userDn:cn=admin,dc=example,dc=org}")
    private String userDn;

    @Value("${nacos.core.auth.ldap.password:password}")
    private String password;

    @Value("${nacos.core.auth.ldap.filter.prefix:uid}")
    private String filterPrefix;

    @Value("${nacos.core.auth.ldap.case.sensitive:true}")
    private boolean caseSensitive;

    @Value("${nacos.core.auth.ldap.ignore.partial.result.exception:false}")
    private boolean ignorePartialResultException;

    @Conditional({ConditionOnLdapAuth.class})
    @Bean
    public LdapTemplate ldapTemplate(LdapContextSource ldapContextSource) {
        LdapTemplate ldapTemplate = new LdapTemplate(ldapContextSource);
        ldapTemplate.setIgnorePartialResultException(this.ignorePartialResultException);
        return ldapTemplate;
    }

    @Bean
    public LdapContextSource ldapContextSource() {
        return new NacosLdapContextSource(this.ldapUrl, this.ldapBaseDc, this.userDn, this.password, this.ldapTimeOut);
    }

    @Conditional({ConditionOnLdapAuth.class})
    @Bean
    public LdapAuthenticationProvider ldapAuthenticationProvider(LdapTemplate ldapTemplate, NacosUserDetailsServiceImpl nacosUserDetailsServiceImpl, NacosRoleServiceImpl nacosRoleServiceImpl) {
        return new LdapAuthenticationProvider(ldapTemplate, nacosUserDetailsServiceImpl, nacosRoleServiceImpl, this.filterPrefix, this.caseSensitive);
    }

    @Conditional({ConditionOnLdapAuth.class})
    @Bean
    public IAuthenticationManager ldapAuthenticatoinManager(LdapTemplate ldapTemplate, NacosUserDetailsServiceImpl nacosUserDetailsServiceImpl, TokenManagerDelegate tokenManagerDelegate, NacosRoleServiceImpl nacosRoleServiceImpl) {
        return new LdapAuthenticationManager(ldapTemplate, nacosUserDetailsServiceImpl, tokenManagerDelegate, nacosRoleServiceImpl, this.filterPrefix, this.caseSensitive);
    }
}
