package keywhiz.auth.ldap;

import com.fasterxml.jackson.annotation.JsonTypeName;
import com.google.auto.service.AutoService;
import io.dropwizard.auth.basic.BasicCredentials;
import io.dropwizard.java8.auth.Authenticator;
import java.io.IOException;
import javax.validation.Valid;
import javax.validation.constraints.Max;
import javax.validation.constraints.Min;
import javax.validation.constraints.NotNull;
import keywhiz.api.validation.ValidX500Name;
import keywhiz.auth.User;
import keywhiz.auth.UserAuthenticatorFactory;
import keywhiz.service.config.Templates;
import org.hibernate.validator.constraints.NotEmpty;
import org.skife.jdbi.v2.DBI;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@JsonTypeName("ldap")
@AutoService(UserAuthenticatorFactory.class)
/* loaded from: input_file:keywhiz/auth/ldap/LdapAuthenticatorFactory.class */
public class LdapAuthenticatorFactory implements UserAuthenticatorFactory {

    @NotEmpty
    private String server;

    @ValidX500Name
    private String userDN;
    private String password;

    @NotNull
    @Valid
    private LdapLookupConfig lookup;
    private final Logger logger = LoggerFactory.getLogger(LdapAuthenticatorFactory.class);

    @Max(65535)
    @Min(1)
    private int port = 636;

    public String getServer() {
        return this.server;
    }

    public int getPort() {
        return this.port;
    }

    public String getUserDN() {
        return this.userDN;
    }

    @NotEmpty
    public String getPassword() {
        try {
            return Templates.evaluateTemplate(this.password);
        } catch (IOException e) {
            throw new RuntimeException("Failure resolving ldap password template", e);
        }
    }

    public LdapLookupConfig getLookup() {
        return this.lookup;
    }

    @Override // keywhiz.auth.UserAuthenticatorFactory
    public Authenticator<BasicCredentials, User> build(DBI dbi) {
        this.logger.debug("Creating LDAP authenticator");
        return new LdapAuthenticator(new LdapConnectionFactory(getServer(), getPort(), getUserDN(), getPassword()), getLookup());
    }
}
