package org.apache.geode.security.templates;

import com.sun.jndi.ldap.LdapCtxFactory;
import java.security.Principal;
import java.util.Properties;
import javax.naming.directory.InitialDirContext;
import org.apache.geode.LogWriter;
import org.apache.geode.distributed.DistributedMember;
import org.apache.geode.internal.logging.LogService;
import org.apache.geode.security.AuthenticationFailedException;
import org.apache.geode.security.Authenticator;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:org/apache/geode/security/templates/LdapUserAuthenticator.class */
public class LdapUserAuthenticator implements Authenticator {
    private static final Logger logger = LogService.getLogger();
    public static final String LDAP_SERVER_NAME = "security-ldap-server";
    public static final String LDAP_BASEDN_NAME = "security-ldap-basedn";
    public static final String LDAP_SSL_NAME = "security-ldap-usessl";
    private String ldapServer = null;
    private String baseDomainName = null;
    private String ldapUrlScheme = null;

    public static Authenticator create() {
        return new LdapUserAuthenticator();
    }

    public void init(Properties properties, LogWriter logWriter, LogWriter logWriter2) throws AuthenticationFailedException {
        logger.info("Initializing LdapUserAuthenticator with {}", properties);
        this.ldapServer = properties.getProperty(LDAP_SERVER_NAME);
        if (this.ldapServer == null || this.ldapServer.length() == 0) {
            throw new AuthenticationFailedException("LdapUserAuthenticator: LDAP server property [security-ldap-server] not specified");
        }
        this.baseDomainName = properties.getProperty(LDAP_BASEDN_NAME);
        if (this.baseDomainName == null || this.baseDomainName.length() == 0) {
            throw new AuthenticationFailedException("LdapUserAuthenticator: LDAP base DN property [security-ldap-basedn] not specified");
        }
        String property = properties.getProperty(LDAP_SSL_NAME);
        if (property == null || !property.toLowerCase().equals("true")) {
            this.ldapUrlScheme = "ldap://";
        } else {
            this.ldapUrlScheme = "ldaps://";
        }
    }

    public Principal authenticate(Properties properties, DistributedMember distributedMember) {
        String property = properties.getProperty("security-username");
        if (property == null) {
            throw new AuthenticationFailedException("LdapUserAuthenticator: user name property [security-username] not provided");
        }
        String property2 = properties.getProperty("security-password");
        if (property2 == null) {
            property2 = "";
        }
        Properties properties2 = new Properties();
        properties2.put("java.naming.factory.initial", LdapCtxFactory.class.getName());
        properties2.put("java.naming.provider.url", this.ldapUrlScheme + this.ldapServer + '/' + this.baseDomainName);
        properties2.put("java.naming.security.principal", "uid=" + property + "," + this.baseDomainName);
        properties2.put("java.naming.security.credentials", property2);
        try {
            new InitialDirContext(properties2).close();
            return new UsernamePrincipal(property);
        } catch (Exception e) {
            throw new AuthenticationFailedException("LdapUserAuthenticator: Failure with provided username, password combination for user name: " + property, e);
        }
    }

    public void close() {
    }
}
