package org.wildfly.security.auth.realm.ldap;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.ldap.LdapName;
import org.wildfly.common.Assert;
import org.wildfly.common.function.ExceptionSupplier;
import org.wildfly.security._private.ElytronMessages;
import org.wildfly.security.auth.realm.ldap.LdapSecurityRealm;
import org.wildfly.security.auth.server.ModifiableSecurityRealm;
import org.wildfly.security.auth.server.NameRewriter;

/* loaded from: input_file:org/wildfly/security/auth/realm/ldap/LdapSecurityRealmBuilder.class */
public class LdapSecurityRealmBuilder {
    private static final int DEFAULT_SEARCH_TIME_LIMIT = 10000;
    private ExceptionSupplier<DirContext, NamingException> dirContextSupplier;
    private LdapSecurityRealm.IdentityMapping identityMapping;
    private boolean built = false;
    private NameRewriter nameRewriter = NameRewriter.IDENTITY_REWRITER;
    private int pageSize = 50;
    private List<CredentialLoader> credentialLoaders = new ArrayList();
    private List<CredentialPersister> credentialPersisters = new ArrayList();
    private List<EvidenceVerifier> evidenceVerifiers = new ArrayList();

    /* loaded from: input_file:org/wildfly/security/auth/realm/ldap/LdapSecurityRealmBuilder$IdentityMappingBuilder.class */
    public class IdentityMappingBuilder {
        private String nameAttribute;
        private String iteratorFilter;
        private boolean built = false;
        private String searchDn = null;
        private boolean searchRecursive = false;
        private int searchTimeLimit = LdapSecurityRealmBuilder.DEFAULT_SEARCH_TIME_LIMIT;
        private List<AttributeMapping> attributes = new ArrayList();
        private LdapName newIdentityParent = null;
        private Attributes newIdentityAttributes = null;

        public IdentityMappingBuilder() {
        }

        public IdentityMappingBuilder setSearchDn(String str) {
            assertNotBuilt();
            this.searchDn = str;
            return this;
        }

        public IdentityMappingBuilder searchRecursive() {
            assertNotBuilt();
            this.searchRecursive = true;
            return this;
        }

        public IdentityMappingBuilder setSearchTimeLimit(int i) {
            assertNotBuilt();
            this.searchTimeLimit = i;
            return this;
        }

        public IdentityMappingBuilder setRdnIdentifier(String str) {
            assertNotBuilt();
            this.nameAttribute = str;
            return this;
        }

        public IdentityMappingBuilder setNewIdentityParent(LdapName ldapName) {
            assertNotBuilt();
            this.newIdentityParent = ldapName;
            return this;
        }

        public IdentityMappingBuilder setNewIdentityAttributes(Attributes attributes) {
            assertNotBuilt();
            this.newIdentityAttributes = attributes;
            return this;
        }

        public IdentityMappingBuilder setIteratorFilter(String str) {
            assertNotBuilt();
            this.iteratorFilter = str;
            return this;
        }

        public IdentityMappingBuilder map(AttributeMapping... attributeMappingArr) {
            assertNotBuilt();
            this.attributes.addAll(Arrays.asList(attributeMappingArr));
            return this;
        }

        public LdapSecurityRealmBuilder build() {
            assertNotBuilt();
            this.built = true;
            return LdapSecurityRealmBuilder.this.setIdentityMapping(new LdapSecurityRealm.IdentityMapping(this.searchDn, this.searchRecursive, this.searchTimeLimit, this.nameAttribute, this.attributes, this.newIdentityParent, this.newIdentityAttributes, this.iteratorFilter));
        }

        private void assertNotBuilt() {
            if (this.built) {
                throw ElytronMessages.log.builderAlreadyBuilt();
            }
            LdapSecurityRealmBuilder.this.assertNotBuilt();
        }
    }

    /* loaded from: input_file:org/wildfly/security/auth/realm/ldap/LdapSecurityRealmBuilder$OtpCredentialLoaderBuilder.class */
    public class OtpCredentialLoaderBuilder {
        private boolean built = false;
        private String otpAlgorithmAttribute = null;
        private String otpHashAttribute = null;
        private String otpSeedAttribute = null;
        private String otpSequenceAttribute = null;

        public OtpCredentialLoaderBuilder() {
        }

        public OtpCredentialLoaderBuilder setOtpAlgorithmAttribute(String str) {
            assertNotBuilt();
            this.otpAlgorithmAttribute = str;
            return this;
        }

        public OtpCredentialLoaderBuilder setOtpHashAttribute(String str) {
            assertNotBuilt();
            this.otpHashAttribute = str;
            return this;
        }

        public OtpCredentialLoaderBuilder setOtpSeedAttribute(String str) {
            assertNotBuilt();
            this.otpSeedAttribute = str;
            return this;
        }

        public OtpCredentialLoaderBuilder setOtpSequenceAttribute(String str) {
            assertNotBuilt();
            this.otpSequenceAttribute = str;
            return this;
        }

        public LdapSecurityRealmBuilder build() {
            assertNotBuilt();
            OtpCredentialLoader otpCredentialLoader = new OtpCredentialLoader(this.otpAlgorithmAttribute, this.otpHashAttribute, this.otpSeedAttribute, this.otpSequenceAttribute);
            LdapSecurityRealmBuilder.this.addCredentialLoader(otpCredentialLoader);
            LdapSecurityRealmBuilder.this.addCredentialPersister(otpCredentialLoader);
            return LdapSecurityRealmBuilder.this;
        }

        private void assertNotBuilt() {
            if (this.built) {
                throw ElytronMessages.log.builderAlreadyBuilt();
            }
            LdapSecurityRealmBuilder.this.assertNotBuilt();
        }
    }

    /* loaded from: input_file:org/wildfly/security/auth/realm/ldap/LdapSecurityRealmBuilder$UserPasswordCredentialLoaderBuilder.class */
    public class UserPasswordCredentialLoaderBuilder {
        private boolean built = false;
        private String userPasswordAttribute = "userPassword";
        private boolean enablePersistence = false;
        private boolean enableVerification = true;

        public UserPasswordCredentialLoaderBuilder() {
        }

        public UserPasswordCredentialLoaderBuilder setUserPasswordAttribute(String str) {
            assertNotBuilt();
            this.userPasswordAttribute = str;
            return this;
        }

        public UserPasswordCredentialLoaderBuilder enablePersistence() {
            assertNotBuilt();
            this.enablePersistence = true;
            return this;
        }

        public UserPasswordCredentialLoaderBuilder disableVerification() {
            assertNotBuilt();
            this.enableVerification = false;
            return this;
        }

        public LdapSecurityRealmBuilder build() {
            assertNotBuilt();
            this.built = true;
            UserPasswordCredentialLoader userPasswordCredentialLoader = new UserPasswordCredentialLoader(this.userPasswordAttribute);
            LdapSecurityRealmBuilder.this.addCredentialLoader(userPasswordCredentialLoader);
            if (this.enablePersistence) {
                LdapSecurityRealmBuilder.this.addCredentialPersister(userPasswordCredentialLoader);
            }
            if (this.enableVerification) {
                LdapSecurityRealmBuilder.this.addEvidenceVerifier(userPasswordCredentialLoader.toEvidenceVerifier());
            }
            return LdapSecurityRealmBuilder.this;
        }

        private void assertNotBuilt() {
            if (this.built) {
                throw ElytronMessages.log.builderAlreadyBuilt();
            }
            LdapSecurityRealmBuilder.this.assertNotBuilt();
        }
    }

    private LdapSecurityRealmBuilder() {
    }

    public static LdapSecurityRealmBuilder builder() {
        return new LdapSecurityRealmBuilder();
    }

    public LdapSecurityRealmBuilder setDirContextSupplier(ExceptionSupplier<DirContext, NamingException> exceptionSupplier) {
        assertNotBuilt();
        this.dirContextSupplier = exceptionSupplier;
        return this;
    }

    public LdapSecurityRealmBuilder setNameRewriter(NameRewriter nameRewriter) {
        Assert.checkNotNullParam("nameRewriter", nameRewriter);
        assertNotBuilt();
        this.nameRewriter = nameRewriter;
        return this;
    }

    public LdapSecurityRealmBuilder setPageSize(int i) {
        this.pageSize = i;
        return this;
    }

    public IdentityMappingBuilder identityMapping() {
        assertNotBuilt();
        return new IdentityMappingBuilder();
    }

    LdapSecurityRealmBuilder setIdentityMapping(LdapSecurityRealm.IdentityMapping identityMapping) {
        this.identityMapping = identityMapping;
        return this;
    }

    public UserPasswordCredentialLoaderBuilder userPasswordCredentialLoader() {
        assertNotBuilt();
        return new UserPasswordCredentialLoaderBuilder();
    }

    public OtpCredentialLoaderBuilder otpCredentialLoader() {
        assertNotBuilt();
        return new OtpCredentialLoaderBuilder();
    }

    LdapSecurityRealmBuilder addCredentialLoader(CredentialLoader credentialLoader) {
        this.credentialLoaders.add(credentialLoader);
        return this;
    }

    LdapSecurityRealmBuilder addCredentialPersister(CredentialPersister credentialPersister) {
        this.credentialPersisters.add(credentialPersister);
        return this;
    }

    LdapSecurityRealmBuilder addEvidenceVerifier(EvidenceVerifier evidenceVerifier) {
        this.evidenceVerifiers.add(evidenceVerifier);
        return this;
    }

    public LdapSecurityRealmBuilder addDirectEvidenceVerification() {
        assertNotBuilt();
        return addEvidenceVerifier(DirectEvidenceVerifier.getInstance());
    }

    public ModifiableSecurityRealm build() {
        assertNotBuilt();
        if (this.dirContextSupplier == null) {
            throw ElytronMessages.log.noDirContextSupplierSet();
        }
        if (this.identityMapping == null) {
            throw ElytronMessages.log.noPrincipalMappingDefinition();
        }
        this.built = true;
        return new LdapSecurityRealm(this.dirContextSupplier, this.nameRewriter, this.identityMapping, this.credentialLoaders, this.credentialPersisters, this.evidenceVerifiers, this.pageSize);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void assertNotBuilt() {
        if (this.built) {
            throw ElytronMessages.log.builderAlreadyBuilt();
        }
    }
}
