package net.shibboleth.idp.attribute.resolver.spring.dc.ldap.impl;

import java.time.Duration;
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.xml.namespace.QName;
import net.shibboleth.idp.admin.impl.UnlockPrivateKeys;
import net.shibboleth.idp.attribute.filter.spring.matcher.BaseAttributeValueMatcherParser;
import net.shibboleth.idp.attribute.resolver.dc.ldap.StringAttributeValueMappingStrategy;
import net.shibboleth.idp.attribute.resolver.dc.ldap.TemplatedExecutableSearchFilterBuilder;
import net.shibboleth.idp.attribute.resolver.dc.ldap.impl.ConnectionFactoryValidator;
import net.shibboleth.idp.attribute.resolver.dc.ldap.impl.LDAPDataConnector;
import net.shibboleth.idp.attribute.resolver.spring.dc.AbstractDataConnectorParser;
import net.shibboleth.idp.attribute.resolver.spring.dc.impl.CacheConfigParser;
import net.shibboleth.idp.attribute.resolver.spring.impl.AttributeResolverNamespaceHandler;
import net.shibboleth.shared.annotation.constraint.NotEmpty;
import net.shibboleth.shared.collection.CollectionSupport;
import net.shibboleth.shared.logic.Constraint;
import net.shibboleth.shared.primitive.LoggerFactory;
import net.shibboleth.shared.primitive.StringSupport;
import net.shibboleth.shared.spring.util.SpringSupport;
import net.shibboleth.shared.xml.AttributeSupport;
import net.shibboleth.shared.xml.ElementSupport;
import org.apache.hc.core5.http.HeaderElements;
import org.ldaptive.ActivePassiveConnectionStrategy;
import org.ldaptive.BindConnectionInitializer;
import org.ldaptive.ConnectionConfig;
import org.ldaptive.ConnectionStrategy;
import org.ldaptive.Credential;
import org.ldaptive.DefaultConnectionFactory;
import org.ldaptive.FilterTemplate;
import org.ldaptive.PooledConnectionFactory;
import org.ldaptive.RandomConnectionStrategy;
import org.ldaptive.RoundRobinConnectionStrategy;
import org.ldaptive.SearchConnectionValidator;
import org.ldaptive.SearchOperation;
import org.ldaptive.SearchRequest;
import org.ldaptive.SearchScope;
import org.ldaptive.handler.CaseChangeEntryHandler;
import org.ldaptive.handler.DnAttributeEntryHandler;
import org.ldaptive.handler.LdapEntryHandler;
import org.ldaptive.handler.SearchResultHandler;
import org.ldaptive.pool.IdlePruneStrategy;
import org.ldaptive.referral.FollowSearchReferralHandler;
import org.ldaptive.sasl.Mechanism;
import org.ldaptive.sasl.SaslConfig;
import org.ldaptive.ssl.AllowAnyHostnameVerifier;
import org.ldaptive.ssl.CertificateHostnameVerifier;
import org.ldaptive.ssl.SslConfig;
import org.opensaml.spring.credential.BasicX509CredentialFactoryBean;
import org.slf4j.Logger;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
import org.springframework.beans.factory.support.ManagedMap;
import org.springframework.beans.factory.xml.ParserContext;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/shib-attribute-resolver-spring-5.0.0.jar:net/shibboleth/idp/attribute/resolver/spring/dc/ldap/impl/LDAPDataConnectorParser.class */
public class LDAPDataConnectorParser extends AbstractDataConnectorParser {

    @Nonnull
    public static final QName TYPE_NAME = new QName(AttributeResolverNamespaceHandler.NAMESPACE, "LDAPDirectory");

    @Nonnull
    private final Logger log = LoggerFactory.getLogger((Class<?>) LDAPDataConnectorParser.class);

    /* loaded from: input_file:WEB-INF/lib/shib-attribute-resolver-spring-5.0.0.jar:net/shibboleth/idp/attribute/resolver/spring/dc/ldap/impl/LDAPDataConnectorParser$V2Parser.class */
    protected static class V2Parser {

        @Nonnull
        private static final Logger LOG;

        @Nonnull
        private final Element configElement;

        @Nonnull
        @NotEmpty
        private final String logPrefix;
        static final /* synthetic */ boolean $assertionsDisabled;

        public V2Parser(@Nonnull Element element, @Nonnull String str) {
            this.configElement = (Element) Constraint.isNotNull(element, "LDAPDirectory element cannot be null");
            this.logPrefix = Constraint.isNotEmpty(str, "Log prefix cannot be null or empty");
        }

        @Nonnull
        public BeanDefinition createConnectionConfig(@Nonnull ParserContext parserContext) {
            String attributeValue = AttributeSupport.getAttributeValue(this.configElement, new QName("ldapURL"));
            String attributeValue2 = AttributeSupport.getAttributeValue(this.configElement, new QName("useStartTLS"));
            String attributeValue3 = AttributeSupport.getAttributeValue(this.configElement, new QName("startTLSTimeout"));
            String attributeValue4 = AttributeSupport.getAttributeValue(this.configElement, new QName("principal"));
            String attributeValue5 = AttributeSupport.getAttributeValue(this.configElement, new QName("principalCredential"));
            String attributeValue6 = AttributeSupport.getAttributeValue(this.configElement, new QName("connectTimeout"));
            String attributeValue7 = AttributeSupport.getAttributeValue(this.configElement, new QName("responseTimeout"));
            String attributeValue8 = AttributeSupport.getAttributeValue(this.configElement, new QName("autoReconnect"));
            String attributeValue9 = AttributeSupport.getAttributeValue(this.configElement, new QName("reconnectTimeout"));
            BeanDefinitionBuilder genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) ConnectionConfig.class);
            genericBeanDefinition.addPropertyValue("ldapUrl", attributeValue);
            if (attributeValue2 != null) {
                genericBeanDefinition.addPropertyValue("useStartTLS", attributeValue2);
            }
            if (attributeValue3 != null) {
                genericBeanDefinition.addPropertyValue("startTLSTimeout", attributeValue3);
            } else {
                genericBeanDefinition.addPropertyValue("startTLSTimeout", Duration.ofSeconds(3L));
            }
            if (attributeValue6 != null) {
                genericBeanDefinition.addPropertyValue("connectTimeout", attributeValue6);
            } else {
                genericBeanDefinition.addPropertyValue("connectTimeout", Duration.ofSeconds(3L));
            }
            if (attributeValue7 != null) {
                genericBeanDefinition.addPropertyValue("responseTimeout", attributeValue7);
            } else {
                genericBeanDefinition.addPropertyValue("responseTimeout", Duration.ofSeconds(3L));
            }
            if (attributeValue8 != null) {
                genericBeanDefinition.addPropertyValue("autoReconnect", attributeValue8);
            }
            if (attributeValue9 != null) {
                genericBeanDefinition.addPropertyValue("reconnectTimeout", attributeValue9);
            } else {
                genericBeanDefinition.addPropertyValue("reconnectTimeout", Duration.ofSeconds(10L));
            }
            BeanDefinitionBuilder genericBeanDefinition2 = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) SslConfig.class);
            String attributeNS = this.configElement.getAttributeNS(null, "disableHostnameVerification");
            if (attributeNS != null) {
                BeanDefinitionBuilder rootBeanDefinition = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) V2Parser.class, "buildHostnameVerifier");
                rootBeanDefinition.addConstructorArgValue(attributeNS);
                rootBeanDefinition.addConstructorArgValue(getLogPrefix());
                genericBeanDefinition2.addPropertyValue("hostnameVerifier", rootBeanDefinition.getBeanDefinition());
            }
            genericBeanDefinition2.addPropertyValue("credentialConfig", createCredentialConfig(parserContext));
            genericBeanDefinition.addPropertyValue("sslConfig", genericBeanDefinition2.getBeanDefinition());
            BeanDefinitionBuilder genericBeanDefinition3 = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) BindConnectionInitializer.class);
            if (attributeValue4 != null) {
                genericBeanDefinition3.addPropertyValue("bindDn", attributeValue4);
            }
            if (attributeValue5 != null) {
                BeanDefinitionBuilder genericBeanDefinition4 = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) Credential.class);
                genericBeanDefinition4.addConstructorArgValue(attributeValue5);
                genericBeanDefinition3.addPropertyValue("bindCredential", genericBeanDefinition4.getBeanDefinition());
            }
            BeanDefinition createSaslConfig = createSaslConfig();
            genericBeanDefinition3.addPropertyValue("bindSaslConfig", createSaslConfig);
            if (attributeValue4 != null || attributeValue5 != null || createSaslConfig != null) {
                genericBeanDefinition.addPropertyValue("connectionInitializers", genericBeanDefinition3.getBeanDefinition());
            }
            String attributeValue10 = AttributeSupport.getAttributeValue(this.configElement, new QName("connectionStrategy"));
            BeanDefinitionBuilder rootBeanDefinition2 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) V2Parser.class, "buildConnectionStrategy");
            rootBeanDefinition2.addConstructorArgValue(attributeValue10);
            genericBeanDefinition.addPropertyValue("connectionStrategy", rootBeanDefinition2.getBeanDefinition());
            return genericBeanDefinition.getBeanDefinition();
        }

        @Nonnull
        protected BeanDefinition createCredentialConfig(@Nonnull ParserContext parserContext) {
            BeanDefinitionBuilder genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) CredentialConfigFactoryBean.class);
            List<Element> childElementsByTagNameNS = ElementSupport.getChildElementsByTagNameNS(this.configElement, AttributeResolverNamespaceHandler.NAMESPACE, "StartTLSTrustCredential");
            String trimOrNull = StringSupport.trimOrNull(AttributeSupport.getAttributeValue(this.configElement, null, "trustFile"));
            if (trimOrNull != null) {
                if (!childElementsByTagNameNS.isEmpty()) {
                    LOG.warn("{} StartTLSTrustCredential and trustFile= are incompatible.  trustFile used.", getLogPrefix());
                }
                BeanDefinitionBuilder genericBeanDefinition2 = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) BasicX509CredentialFactoryBean.class);
                genericBeanDefinition2.addPropertyValue("certificateResource", trimOrNull);
                genericBeanDefinition.addPropertyValue("trustCredential", genericBeanDefinition2.getBeanDefinition());
            } else if (!childElementsByTagNameNS.isEmpty()) {
                if (childElementsByTagNameNS.size() > 1) {
                    LOG.warn("{} Too many StartTLSTrustCredential elements in {}; only the first has been consulted", getLogPrefix(), parserContext.getReaderContext().getResource().getDescription());
                }
                Element element = childElementsByTagNameNS.get(0);
                if (!$assertionsDisabled && element == null) {
                    throw new AssertionError();
                }
                genericBeanDefinition.addPropertyValue("trustCredential", SpringSupport.parseCustomElement(element, parserContext, genericBeanDefinition, false));
            }
            List<Element> childElementsByTagNameNS2 = ElementSupport.getChildElementsByTagNameNS(this.configElement, AttributeResolverNamespaceHandler.NAMESPACE, "StartTLSAuthenticationCredential");
            String trimOrNull2 = StringSupport.trimOrNull(AttributeSupport.getAttributeValue(this.configElement, null, "authKey"));
            String trimOrNull3 = StringSupport.trimOrNull(AttributeSupport.getAttributeValue(this.configElement, null, "authCert"));
            if (trimOrNull2 != null || trimOrNull3 != null) {
                if (!childElementsByTagNameNS2.isEmpty()) {
                    LOG.warn("{} StartTLSAuthenticationCredential and authKey/authCert= are incompatible.  authCert/authKey used.", getLogPrefix());
                }
                BeanDefinitionBuilder genericBeanDefinition3 = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) BasicX509CredentialFactoryBean.class);
                genericBeanDefinition3.addPropertyValue("certificateResource", trimOrNull3);
                genericBeanDefinition3.addPropertyValue("privateKeyResource", trimOrNull2);
                genericBeanDefinition3.addPropertyValue(UnlockPrivateKeys.KEY_PASSWORD_PARAM_NAME, AttributeSupport.getAttributeValue(this.configElement, null, "authKeyPassword"));
                genericBeanDefinition.addPropertyValue("authCredential", genericBeanDefinition3.getBeanDefinition());
            } else if (!childElementsByTagNameNS2.isEmpty()) {
                if (childElementsByTagNameNS2.size() > 1) {
                    LOG.warn("{} Too many StartTLSAuthenticationCredential elements in {}; only the first has been consulted", getLogPrefix(), parserContext.getReaderContext().getResource().getDescription());
                }
                Element element2 = childElementsByTagNameNS2.get(0);
                if (!$assertionsDisabled && element2 == null) {
                    throw new AssertionError();
                }
                genericBeanDefinition.addPropertyValue("authCredential", SpringSupport.parseCustomElement(element2, parserContext, genericBeanDefinition, false));
            }
            return genericBeanDefinition.getBeanDefinition();
        }

        @Nullable
        private String getFilterText() {
            String str;
            List<Element> childElementsByTagNameNS = ElementSupport.getChildElementsByTagNameNS(this.configElement, AttributeResolverNamespaceHandler.NAMESPACE, "FilterTemplate");
            if (childElementsByTagNameNS.isEmpty()) {
                str = null;
            } else {
                if (childElementsByTagNameNS.size() > 1) {
                    LOG.warn("{} only one <FilterTemplate> can be specified; only the first has been consulted", getLogPrefix());
                }
                str = StringSupport.trimOrNull(childElementsByTagNameNS.get(0).getTextContent().trim());
            }
            return str;
        }

        @Nullable
        public String getBeanSearchBuilderID() {
            return AttributeSupport.getAttributeValue(this.configElement, null, "executableSearchBuilderRef");
        }

        @Nullable
        public String getBeanConnectionFactoryID() {
            return AttributeSupport.getAttributeValue(this.configElement, null, "connectionFactoryRef");
        }

        @Nullable
        public String getBeanSearchOperationID() {
            return AttributeSupport.getAttributeValue(this.configElement, null, "searchOperationRef");
        }

        @Nonnull
        public BeanDefinition createTemplateBuilder() {
            BeanDefinitionBuilder genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) TemplatedExecutableSearchFilterBuilder.class);
            genericBeanDefinition.setInitMethodName("initialize");
            String trimOrNull = StringSupport.trimOrNull(this.configElement.getAttribute("templateEngine"));
            if (null == trimOrNull) {
                trimOrNull = "shibboleth.VelocityEngine";
            }
            genericBeanDefinition.addPropertyReference("velocityEngine", trimOrNull);
            genericBeanDefinition.addPropertyValue("templateText", getFilterText());
            return genericBeanDefinition.getBeanDefinition();
        }

        @Nonnull
        public BeanDefinition createSearchOperation() {
            String attributeValue = AttributeSupport.getAttributeValue(this.configElement, new QName("baseDN"));
            String attributeValue2 = AttributeSupport.getAttributeValue(this.configElement, new QName("searchScope"));
            String attributeValue3 = AttributeSupport.getAttributeValue(this.configElement, new QName("derefAliases"));
            String attributeValue4 = AttributeSupport.getAttributeValue(this.configElement, new QName("followReferrals"));
            String attributeValue5 = AttributeSupport.getAttributeValue(this.configElement, new QName("searchTimeLimit"));
            String attributeValue6 = AttributeSupport.getAttributeValue(this.configElement, new QName("maxResultSize"));
            String attributeValue7 = AttributeSupport.getAttributeValue(this.configElement, new QName("lowercaseAttributeNames"));
            BeanDefinitionBuilder genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) SearchRequest.class);
            if (attributeValue != null) {
                genericBeanDefinition.addPropertyValue("baseDn", attributeValue);
            }
            if (attributeValue2 != null) {
                genericBeanDefinition.addPropertyValue("searchScope", attributeValue2);
            }
            if (attributeValue3 != null) {
                genericBeanDefinition.addPropertyValue("derefAliases", attributeValue3);
            }
            BeanDefinitionBuilder genericBeanDefinition2 = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) SearchOperation.class);
            if (attributeValue4 != null) {
                BeanDefinitionBuilder rootBeanDefinition = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) V2Parser.class, "buildReferralHandlers");
                rootBeanDefinition.addConstructorArgValue(attributeValue4);
                genericBeanDefinition2.addPropertyValue("searchResultHandlers", rootBeanDefinition.getBeanDefinition());
            }
            if (attributeValue5 != null) {
                genericBeanDefinition.addPropertyValue("timeLimit", attributeValue5);
            } else {
                genericBeanDefinition.addPropertyValue("timeLimit", Duration.ofSeconds(3L));
            }
            if (attributeValue6 != null) {
                genericBeanDefinition.addPropertyValue("sizeLimit", attributeValue6);
            } else {
                genericBeanDefinition.addPropertyValue("sizeLimit", 1);
            }
            BeanDefinitionBuilder rootBeanDefinition2 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) V2Parser.class, "buildSearchEntryHandlers");
            rootBeanDefinition2.addConstructorArgValue(attributeValue7);
            genericBeanDefinition2.addPropertyValue("entryHandlers", rootBeanDefinition2.getBeanDefinition());
            List<Element> childElementsByTagNameNS = ElementSupport.getChildElementsByTagNameNS(this.configElement, AttributeResolverNamespaceHandler.NAMESPACE, "ReturnAttributes");
            if (!childElementsByTagNameNS.isEmpty()) {
                if (childElementsByTagNameNS.size() > 1) {
                    LOG.warn("{} Only one <ReturnAttributes> element can be specified; only the first has been consulted.", getLogPrefix());
                }
                Element element = childElementsByTagNameNS.get(0);
                if (!$assertionsDisabled && element == null) {
                    throw new AssertionError();
                }
                BeanDefinitionBuilder rootBeanDefinition3 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) V2Parser.class, "buildStringList");
                rootBeanDefinition3.addConstructorArgValue(ElementSupport.getElementContentAsString(element));
                genericBeanDefinition.addPropertyValue("returnAttributes", rootBeanDefinition3.getBeanDefinition());
            }
            List<Element> childElementsByTagNameNS2 = ElementSupport.getChildElementsByTagNameNS(this.configElement, AttributeResolverNamespaceHandler.NAMESPACE, "BinaryAttributes");
            if (!childElementsByTagNameNS2.isEmpty()) {
                if (childElementsByTagNameNS2.size() > 1) {
                    LOG.warn("{} Only one <BinaryAttributes> element can be specified; only the first has been consulted.", getLogPrefix());
                }
                Element element2 = childElementsByTagNameNS2.get(0);
                if (!$assertionsDisabled && element2 == null) {
                    throw new AssertionError();
                }
                BeanDefinitionBuilder rootBeanDefinition4 = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) V2Parser.class, "buildStringList");
                rootBeanDefinition4.addConstructorArgValue(ElementSupport.getElementContentAsString(element2));
                genericBeanDefinition.addPropertyValue("binaryAttributes", rootBeanDefinition4.getBeanDefinition());
            }
            genericBeanDefinition2.addPropertyValue("request", genericBeanDefinition.getBeanDefinition());
            return genericBeanDefinition2.getBeanDefinition();
        }

        @Nullable
        Element getConnectionPoolElement() {
            List<Element> childElementsByTagNameNS = ElementSupport.getChildElementsByTagNameNS(this.configElement, AttributeResolverNamespaceHandler.NAMESPACE, "ConnectionPool");
            if (childElementsByTagNameNS.isEmpty()) {
                return null;
            }
            if (childElementsByTagNameNS.size() > 1) {
                LOG.warn("{} Only one <ConnectionPool> should be specified; only the first has been consulted.", getLogPrefix());
            }
            return childElementsByTagNameNS.get(0);
        }

        @Nullable
        public BeanDefinition createPooledConnectionFactory(@Nonnull ParserContext parserContext) {
            Element connectionPoolElement = getConnectionPoolElement();
            if (null == connectionPoolElement) {
                return null;
            }
            String attributeValue = AttributeSupport.getAttributeValue(connectionPoolElement, new QName("blockWaitTime"));
            String attributeValue2 = AttributeSupport.getAttributeValue(connectionPoolElement, new QName("expirationTime"));
            BeanDefinitionBuilder genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) PooledConnectionFactory.class);
            genericBeanDefinition.addPropertyValue("name", "resolver-pool");
            genericBeanDefinition.addPropertyValue("connectionConfig", createConnectionConfig(parserContext));
            if (attributeValue != null) {
                genericBeanDefinition.addPropertyValue("blockWaitTime", attributeValue);
            }
            if (attributeValue2 != null) {
                String attributeValue3 = AttributeSupport.getAttributeValue(connectionPoolElement, new QName("prunePeriod"));
                BeanDefinitionBuilder genericBeanDefinition2 = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) IdlePruneStrategy.class);
                if (attributeValue3 != null) {
                    genericBeanDefinition2.addConstructorArgValue(attributeValue3);
                }
                genericBeanDefinition2.addConstructorArgValue(attributeValue2);
                genericBeanDefinition.addPropertyValue("pruneStrategy", genericBeanDefinition2.getBeanDefinition());
            }
            String attributeValue4 = AttributeSupport.getAttributeValue(connectionPoolElement, new QName("minPoolSize"));
            String attributeValue5 = AttributeSupport.getAttributeValue(connectionPoolElement, new QName("maxPoolSize"));
            String attributeValue6 = AttributeSupport.getAttributeValue(connectionPoolElement, new QName("validatePeriodically"));
            String attributeValue7 = AttributeSupport.getAttributeValue(connectionPoolElement, new QName("validateOnCheckOut"));
            if (attributeValue4 == null) {
                genericBeanDefinition.addPropertyValue("minPoolSize", 0);
            } else {
                genericBeanDefinition.addPropertyValue("minPoolSize", attributeValue4);
            }
            if (attributeValue5 == null) {
                genericBeanDefinition.addPropertyValue("maxPoolSize", 3);
            } else {
                genericBeanDefinition.addPropertyValue("maxPoolSize", attributeValue5);
            }
            if (attributeValue6 != null) {
                genericBeanDefinition.addPropertyValue("validatePeriodically", attributeValue6);
            }
            if (attributeValue7 != null) {
                genericBeanDefinition.addPropertyValue("validateOnCheckOut", attributeValue7);
            }
            BeanDefinitionBuilder rootBeanDefinition = BeanDefinitionBuilder.rootBeanDefinition((Class<?>) V2Parser.class, "buildSearchValidator");
            rootBeanDefinition.addConstructorArgValue(AttributeSupport.getAttributeValue(connectionPoolElement, new QName("validateDN")));
            rootBeanDefinition.addConstructorArgValue(AttributeSupport.getAttributeValue(connectionPoolElement, new QName("validateFilter")));
            rootBeanDefinition.addConstructorArgValue(AttributeSupport.getAttributeValue(connectionPoolElement, new QName("validateTimerPeriod")));
            genericBeanDefinition.addPropertyValue("validator", rootBeanDefinition.getBeanDefinition());
            if (this.configElement.hasAttributeNS(null, AbstractDataConnectorParser.ATTR_FAIL_FAST)) {
                genericBeanDefinition.addPropertyValue(AbstractDataConnectorParser.ATTR_FAIL_FAST, StringSupport.trimOrNull(this.configElement.getAttributeNS(null, AbstractDataConnectorParser.ATTR_FAIL_FAST)));
            }
            genericBeanDefinition.setInitMethodName("initialize");
            genericBeanDefinition.setDestroyMethodName(HeaderElements.CLOSE);
            return genericBeanDefinition.getBeanDefinition();
        }

        @Nullable
        protected BeanDefinition createSaslConfig() {
            List<Element> childElementsByTagNameNS = ElementSupport.getChildElementsByTagNameNS(this.configElement, AttributeResolverNamespaceHandler.NAMESPACE, "SASLConfig");
            if (childElementsByTagNameNS.isEmpty()) {
                return null;
            }
            if (childElementsByTagNameNS.size() > 1) {
                LOG.warn("{} Only one <SASLConfig> element can be specified; only the first has been consulted.", getLogPrefix());
            }
            Element element = childElementsByTagNameNS.get(0);
            if (!$assertionsDisabled && element == null) {
                throw new AssertionError();
            }
            String attributeValue = AttributeSupport.getAttributeValue(element, new QName("mechanism"));
            String attributeValue2 = AttributeSupport.getAttributeValue(element, new QName("authorizationId"));
            String attributeValue3 = AttributeSupport.getAttributeValue(element, new QName("realm"));
            List<Element> childElementsByTagNameNS2 = ElementSupport.getChildElementsByTagNameNS(element, AttributeResolverNamespaceHandler.NAMESPACE, "SASLProperty");
            BeanDefinitionBuilder genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) SaslConfig.class);
            genericBeanDefinition.addPropertyValue("mechanism", attributeValue);
            if (attributeValue2 != null) {
                genericBeanDefinition.addPropertyValue("authorizationId", attributeValue2);
            }
            if (attributeValue3 != null) {
                genericBeanDefinition.addPropertyValue("realm", attributeValue3);
            }
            if (!childElementsByTagNameNS2.isEmpty()) {
                for (Element element2 : childElementsByTagNameNS2) {
                    if (!$assertionsDisabled && element2 == null) {
                        throw new AssertionError();
                    }
                    String attributeValue4 = AttributeSupport.getAttributeValue(element2, null, "name");
                    String attributeValue5 = AttributeSupport.getAttributeValue(element2, null, "value");
                    if ("javax.security.sasl.qop".equals(attributeValue4) && attributeValue5 != null) {
                        String[] split = attributeValue5.split(",");
                        String[] strArr = new String[split.length];
                        for (int i = 0; i < split.length; i++) {
                            if ("auth".equalsIgnoreCase(split[i].trim())) {
                                strArr[i] = "AUTH";
                            } else if ("auth-int".equalsIgnoreCase(split[i].trim())) {
                                strArr[i] = "AUTH_INT";
                            } else if ("auth-conf".equalsIgnoreCase(split[i].trim())) {
                                strArr[i] = "AUTH_CONF";
                            } else {
                                strArr[i] = split[i].trim();
                            }
                        }
                        genericBeanDefinition.addPropertyValue("qualityOfProtection", strArr);
                    } else if ("javax.security.sasl.strength".equals(attributeValue4) && attributeValue5 != null) {
                        String[] split2 = attributeValue5.split(",");
                        String[] strArr2 = new String[split2.length];
                        for (int i2 = 0; i2 < split2.length; i2++) {
                            strArr2[i2] = split2[i2].trim();
                        }
                        genericBeanDefinition.addPropertyValue("securityStrength", strArr2);
                    } else if ("javax.security.sasl.server.authentication".equals(attributeValue4)) {
                        genericBeanDefinition.addPropertyValue("mutualAuthentication", attributeValue5);
                    }
                }
            }
            return genericBeanDefinition.getBeanDefinition();
        }

        @Nullable
        public BeanDefinition createMappingStrategy() {
            BeanDefinitionBuilder genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) StringAttributeValueMappingStrategy.class);
            List<Element> childElementsByTagNameNS = ElementSupport.getChildElementsByTagNameNS(this.configElement, AttributeResolverNamespaceHandler.NAMESPACE, "Column");
            if (!childElementsByTagNameNS.isEmpty()) {
                ManagedMap managedMap = new ManagedMap();
                for (Element element : childElementsByTagNameNS) {
                    if (!$assertionsDisabled && element == null) {
                        throw new AssertionError();
                    }
                    String attributeValue = AttributeSupport.getAttributeValue(element, null, "columnName");
                    String attributeValue2 = AttributeSupport.getAttributeValue(element, null, BaseAttributeValueMatcherParser.ATTRIBUTE_ID);
                    if (attributeValue != null && attributeValue2 != null) {
                        managedMap.put(attributeValue, attributeValue2);
                    }
                }
                genericBeanDefinition.addPropertyValue("resultRenamingMap", managedMap);
            }
            String attributeValue3 = AttributeSupport.getAttributeValue(this.configElement, new QName("noResultIsError"));
            if (attributeValue3 != null) {
                genericBeanDefinition.addPropertyValue("noResultAnError", SpringSupport.getStringValueAsBoolean(attributeValue3));
            }
            String attributeValue4 = AttributeSupport.getAttributeValue(this.configElement, new QName("multipleResultsIsError"));
            if (attributeValue4 != null) {
                genericBeanDefinition.addPropertyValue("multipleResultsAnError", attributeValue4);
            }
            return genericBeanDefinition.getBeanDefinition();
        }

        @Nullable
        public BeanDefinition createValidator() {
            BeanDefinitionBuilder genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) ConnectionFactoryValidator.class);
            genericBeanDefinition.addPropertyValue("throwValidateError", false);
            return genericBeanDefinition.getBeanDefinition();
        }

        @Nullable
        public BeanDefinition createCache(@Nonnull ParserContext parserContext) {
            return new CacheConfigParser(this.configElement).createCache();
        }

        @Nonnull
        String getLogPrefix() {
            return this.logPrefix;
        }

        @Nonnull
        public static List<String> buildStringList(@Nonnull String str) {
            return StringSupport.stringToList(str, " \n\r\t,");
        }

        @Nullable
        public static SearchConnectionValidator buildSearchValidator(@Nullable String str, @Nullable String str2, @Nullable String str3) {
            SearchRequest searchRequest = new SearchRequest();
            searchRequest.setReturnAttributes("1.1");
            searchRequest.setSearchScope(SearchScope.OBJECT);
            searchRequest.setSizeLimit(1);
            if (str != null) {
                searchRequest.setBaseDn(str);
            } else {
                searchRequest.setBaseDn("");
            }
            FilterTemplate filterTemplate = new FilterTemplate();
            if (str2 != null) {
                filterTemplate.setFilter(str2);
            } else {
                filterTemplate.setFilter("(objectClass=*)");
            }
            searchRequest.setFilter(filterTemplate);
            SearchConnectionValidator searchConnectionValidator = new SearchConnectionValidator();
            if (str3 != null) {
                searchConnectionValidator.setValidatePeriod(Duration.parse(str3));
            }
            searchConnectionValidator.setSearchRequest(searchRequest);
            return searchConnectionValidator;
        }

        @Nullable
        public static CertificateHostnameVerifier buildHostnameVerifier(@Nullable String str, @Nullable String str2) {
            if (str == null || !Boolean.valueOf(str).booleanValue()) {
                return null;
            }
            LoggerFactory.getLogger((Class<?>) LDAPDataConnectorParser.class).warn("{} TLS server certificate name checking is disabled!", str2);
            return new AllowAnyHostnameVerifier();
        }

        @Nonnull
        public static List<LdapEntryHandler> buildSearchEntryHandlers(@Nullable String str) {
            ArrayList arrayList = new ArrayList();
            arrayList.add(new DnAttributeEntryHandler());
            if (Boolean.valueOf(str).booleanValue()) {
                CaseChangeEntryHandler caseChangeEntryHandler = new CaseChangeEntryHandler();
                caseChangeEntryHandler.setAttributeNameCaseChange(CaseChangeEntryHandler.CaseChange.LOWER);
                arrayList.add(caseChangeEntryHandler);
            }
            return arrayList;
        }

        @Nullable
        public static List<SearchResultHandler> buildReferralHandlers(@Nullable String str) {
            if (str == null || !Boolean.valueOf(str).booleanValue()) {
                return null;
            }
            return CollectionSupport.singletonList(new FollowSearchReferralHandler());
        }

        @Nonnull
        public static SaslConfig buildSaslConfig(@Nonnull String str) {
            SaslConfig saslConfig = new SaslConfig();
            saslConfig.setMechanism(Mechanism.valueOf(str));
            return saslConfig;
        }

        @Nonnull
        public static ConnectionStrategy buildConnectionStrategy(@Nullable String str) {
            if (str == null) {
                return new ActivePassiveConnectionStrategy();
            }
            boolean z = -1;
            switch (str.hashCode()) {
                case -1884956477:
                    if (str.equals("RANDOM")) {
                        z = true;
                        break;
                    }
                    break;
                case -1456716935:
                    if (str.equals("ROUND_ROBIN")) {
                        z = false;
                        break;
                    }
                    break;
                case 1348447950:
                    if (str.equals("ACTIVE_PASSIVE")) {
                        z = 2;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    return new RoundRobinConnectionStrategy();
                case true:
                    return new RandomConnectionStrategy();
                case true:
                    return new ActivePassiveConnectionStrategy();
                default:
                    LOG.warn("Unexpected connectionStrategy {}", str);
                    return new ActivePassiveConnectionStrategy();
            }
        }

        static {
            $assertionsDisabled = !LDAPDataConnectorParser.class.desiredAssertionStatus();
            LOG = LoggerFactory.getLogger((Class<?>) V2Parser.class);
        }
    }

    @Override // org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser
    @Nullable
    protected Class<LDAPDataConnector> getBeanClass(@Nonnull Element element) {
        return LDAPDataConnector.class;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.idp.attribute.resolver.spring.dc.AbstractDataConnectorParser, net.shibboleth.idp.attribute.resolver.spring.BaseResolverPluginParser, org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser
    public void doParse(@Nonnull Element element, @Nonnull ParserContext parserContext, @Nonnull BeanDefinitionBuilder beanDefinitionBuilder) {
        super.doParse(element, parserContext, beanDefinitionBuilder);
        this.log.debug("{} Parsing XML configuration {}", getLogPrefix(), element);
        if (element.hasAttributeNS(null, AbstractDataConnectorParser.ATTR_FAIL_FAST)) {
            beanDefinitionBuilder.addPropertyValue(AbstractDataConnectorParser.ATTR_FAIL_FAST, StringSupport.trimOrNull(element.getAttributeNS(null, AbstractDataConnectorParser.ATTR_FAIL_FAST)));
        }
        V2Parser v2Parser = new V2Parser(element, getLogPrefix());
        String beanSearchBuilderID = v2Parser.getBeanSearchBuilderID();
        if (beanSearchBuilderID != null) {
            beanDefinitionBuilder.addPropertyReference("executableSearchBuilder", beanSearchBuilderID);
        } else {
            BeanDefinition createTemplateBuilder = v2Parser.createTemplateBuilder();
            if (createTemplateBuilder != null) {
                beanDefinitionBuilder.addPropertyValue("executableSearchBuilder", createTemplateBuilder);
            }
        }
        String beanConnectionFactoryID = v2Parser.getBeanConnectionFactoryID();
        if (beanConnectionFactoryID != null) {
            beanDefinitionBuilder.addPropertyReference("connectionFactory", beanConnectionFactoryID);
        } else {
            BeanDefinitionBuilder genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) DefaultConnectionFactory.class);
            genericBeanDefinition.addConstructorArgValue(v2Parser.createConnectionConfig(parserContext));
            BeanDefinition createPooledConnectionFactory = v2Parser.createPooledConnectionFactory(parserContext);
            if (createPooledConnectionFactory != null) {
                beanDefinitionBuilder.addPropertyValue("connectionFactory", createPooledConnectionFactory);
            } else {
                beanDefinitionBuilder.addPropertyValue("connectionFactory", genericBeanDefinition.getBeanDefinition());
            }
        }
        String beanSearchOperationID = v2Parser.getBeanSearchOperationID();
        if (beanSearchOperationID != null) {
            beanDefinitionBuilder.addPropertyReference("searchOperation", beanSearchOperationID);
        } else {
            beanDefinitionBuilder.addPropertyValue("searchOperation", v2Parser.createSearchOperation());
        }
        String attributeValue = AttributeSupport.getAttributeValue(element, new QName("mappingStrategyRef"));
        if (attributeValue != null) {
            beanDefinitionBuilder.addPropertyReference("mappingStrategy", attributeValue);
        } else {
            BeanDefinition createMappingStrategy = v2Parser.createMappingStrategy();
            if (createMappingStrategy != null) {
                beanDefinitionBuilder.addPropertyValue("mappingStrategy", createMappingStrategy);
            }
        }
        String attributeValue2 = AttributeSupport.getAttributeValue(element, new QName("validatorRef"));
        if (attributeValue2 != null) {
            beanDefinitionBuilder.addPropertyReference("validator", attributeValue2);
        } else {
            beanDefinitionBuilder.addPropertyValue("validator", v2Parser.createValidator());
        }
        String beanResultCacheID = CacheConfigParser.getBeanResultCacheID(element);
        if (null != beanResultCacheID) {
            beanDefinitionBuilder.addPropertyReference("resultsCache", beanResultCacheID);
        } else {
            beanDefinitionBuilder.addPropertyValue("resultsCache", v2Parser.createCache(parserContext));
        }
        beanDefinitionBuilder.setInitMethodName("initialize");
        beanDefinitionBuilder.setDestroyMethodName("destroy");
    }
}
