package co.cask.cdap.security.server;

import com.google.common.base.Objects;
import com.google.common.collect.ImmutableList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;

/* loaded from: input_file:co/cask/cdap/security/server/LDAPAuthenticationHandler.class */
public class LDAPAuthenticationHandler extends JAASAuthenticationHandler {
    private static final List<String> mandatoryConfigurables = ImmutableList.of("debug", "hostname", "port", "userBaseDn", "userRdnAttribute", "userObjectClass");
    private static final List<String> optionalConfigurables = ImmutableList.of("bindDn", "bindPassword", "useLdaps", "userIdAttribute", "userPasswordAttribute", "roleBaseDn", "roleNameAttribute", "roleMemberAttribute", "roleObjectClass");
    private static boolean ldapSSLVerifyCertificate = true;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // co.cask.cdap.security.server.AbstractAuthenticationHandler
    public Configuration getLoginModuleConfiguration() {
        return new Configuration() { // from class: co.cask.cdap.security.server.LDAPAuthenticationHandler.1
            public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
                HashMap hashMap = new HashMap();
                hashMap.put("contextFactory", "com.sun.jndi.ldap.LdapCtxFactory");
                hashMap.put("authenticationMethod", "simple");
                hashMap.put("forceBindingLogin", "true");
                LDAPAuthenticationHandler.this.copyProperties(LDAPAuthenticationHandler.this.handlerProps, hashMap, LDAPAuthenticationHandler.mandatoryConfigurables, true);
                LDAPAuthenticationHandler.this.copyProperties(LDAPAuthenticationHandler.this.handlerProps, hashMap, LDAPAuthenticationHandler.optionalConfigurables, false);
                boolean unused = LDAPAuthenticationHandler.ldapSSLVerifyCertificate = Boolean.parseBoolean((String) Objects.firstNonNull(LDAPAuthenticationHandler.this.handlerProps.get("ldapsVerifyCertificate"), "true"));
                return new AppConfigurationEntry[]{new AppConfigurationEntry(LDAPAuthenticationHandler.this.handlerProps.get("security.authentication.loginmodule.className"), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, hashMap)};
            }
        };
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void copyProperties(Map<String, String> map, Map<String, String> map2, List<String> list, boolean z) {
        for (String str : list) {
            String str2 = map.get(str);
            if (str2 != null) {
                map2.put(str, str2);
            } else if (z) {
                throw new RuntimeException(String.format("Mandatory configuration %s is not set.", str));
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean getLdapSSLVerifyCertificate() {
        return ldapSSLVerifyCertificate;
    }
}
