package org.geoserver.security.ldap;

import javax.naming.directory.DirContext;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import org.springframework.ldap.NamingException;
import org.springframework.ldap.core.ContextSource;
import org.springframework.ldap.core.support.AbstractContextSource;
import org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy;
import org.springframework.ldap.core.support.LdapContextSource;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
import org.springframework.security.ldap.SpringSecurityLdapTemplate;
import org.springframework.security.ldap.authentication.SpringSecurityAuthenticationSource;

/* loaded from: input_file:WEB-INF/lib/gs-sec-ldap-2.15.1.jar:org/geoserver/security/ldap/LDAPUtils.class */
public class LDAPUtils {
    public static LdapContextSource createLdapContext(LDAPBaseSecurityServiceConfig lDAPBaseSecurityServiceConfig) {
        DefaultSpringSecurityContextSource defaultSpringSecurityContextSource = new DefaultSpringSecurityContextSource(lDAPBaseSecurityServiceConfig.getServerURL());
        defaultSpringSecurityContextSource.setCacheEnvironmentProperties(false);
        defaultSpringSecurityContextSource.setAuthenticationSource(new SpringSecurityAuthenticationSource());
        if (lDAPBaseSecurityServiceConfig.isUseTLS().booleanValue()) {
            defaultSpringSecurityContextSource.setPooled(false);
            DefaultTlsDirContextAuthenticationStrategy defaultTlsDirContextAuthenticationStrategy = new DefaultTlsDirContextAuthenticationStrategy();
            defaultTlsDirContextAuthenticationStrategy.setHostnameVerifier(new HostnameVerifier() { // from class: org.geoserver.security.ldap.LDAPUtils.1
                @Override // javax.net.ssl.HostnameVerifier
                public boolean verify(String str, SSLSession sSLSession) {
                    return true;
                }
            });
            defaultSpringSecurityContextSource.setAuthenticationStrategy(defaultTlsDirContextAuthenticationStrategy);
        }
        return defaultSpringSecurityContextSource;
    }

    public static SpringSecurityLdapTemplate getLdapTemplateInContext(final DirContext dirContext, SpringSecurityLdapTemplate springSecurityLdapTemplate) {
        SpringSecurityLdapTemplate springSecurityLdapTemplate2;
        if (dirContext == null) {
            springSecurityLdapTemplate2 = springSecurityLdapTemplate;
            ((AbstractContextSource) springSecurityLdapTemplate2.getContextSource()).setAnonymousReadOnly(true);
        } else {
            springSecurityLdapTemplate2 = new SpringSecurityLdapTemplate(new ContextSource() { // from class: org.geoserver.security.ldap.LDAPUtils.2
                @Override // org.springframework.ldap.core.ContextSource
                public DirContext getReadOnlyContext() throws NamingException {
                    return dirContext;
                }

                @Override // org.springframework.ldap.core.ContextSource
                public DirContext getReadWriteContext() throws NamingException {
                    return dirContext;
                }

                @Override // org.springframework.ldap.core.ContextSource
                public DirContext getContext(String str, String str2) throws NamingException {
                    return dirContext;
                }
            });
        }
        return springSecurityLdapTemplate2;
    }
}
