package org.sonatype.nexus.security.ldap.realms.test.api;

import java.net.MalformedURLException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.enterprise.inject.Typed;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Provider;
import javax.inject.Singleton;
import javax.naming.NamingException;
import javax.ws.rs.Consumes;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import org.codehaus.enunciate.contract.jaxrs.ResourceMethodSignature;
import org.restlet.Context;
import org.restlet.data.Request;
import org.restlet.data.Response;
import org.restlet.data.Status;
import org.restlet.resource.ResourceException;
import org.sonatype.nexus.security.ldap.realms.api.AbstractLdapRealmPlexusResource;
import org.sonatype.nexus.security.ldap.realms.api.dto.LdapUserAndGroupConfigurationDTO;
import org.sonatype.nexus.security.ldap.realms.api.dto.LdapUserListResponse;
import org.sonatype.nexus.security.ldap.realms.api.dto.LdapUserResponseDTO;
import org.sonatype.nexus.security.ldap.realms.test.api.dto.LdapUserAndGroupConfigTestRequest;
import org.sonatype.nexus.security.ldap.realms.test.api.dto.LdapUserAndGroupConfigTestRequestDTO;
import org.sonatype.plexus.rest.resource.PathProtectionDescriptor;
import org.sonatype.plexus.rest.resource.PlexusResource;
import org.sonatype.security.ldap.dao.LdapAuthConfiguration;
import org.sonatype.security.ldap.dao.LdapConnectionTester;
import org.sonatype.security.ldap.dao.LdapDAOException;
import org.sonatype.security.ldap.dao.LdapUser;
import org.sonatype.security.ldap.realms.LdapManager;
import org.sonatype.security.ldap.realms.persist.ConfigurationValidator;
import org.sonatype.security.ldap.realms.persist.UsersGroupAuthTestLdapConfiguration;
import org.sonatype.security.ldap.realms.persist.model.CConnectionInfo;

@Path("/ldap/test_user_conf")
@Consumes({"application/xml", MediaType.APPLICATION_JSON})
@Named("LdapUserAndGroupConfigTestPlexusResource")
@Produces({"application/xml", MediaType.APPLICATION_JSON})
@Singleton
@Typed({PlexusResource.class})
/* loaded from: input_file:WEB-INF/plugin-repository/nexus-ldap-realm-plugin-2.14.20-02/nexus-ldap-realm-plugin-2.14.20-02.jar:org/sonatype/nexus/security/ldap/realms/test/api/LdapUserAndGroupConfigTestPlexusResource.class */
public class LdapUserAndGroupConfigTestPlexusResource extends AbstractLdapRealmPlexusResource {

    @Inject
    private LdapConnectionTester ldapConnectionTester;

    @Inject
    private ConfigurationValidator configurationValidator;

    @Inject
    @Named(UsersGroupAuthTestLdapConfiguration.NAME)
    private Provider<UsersGroupAuthTestLdapConfiguration> usersGroupAuthTestLdapConfigurationProvider;

    @Inject
    @Named(TestLdapManager.NAME)
    private Provider<TestLdapManager> testLdapManagerProvider;

    public LdapUserAndGroupConfigTestPlexusResource() {
        setModifiable(true);
        setReadable(false);
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    public Object getPayloadInstance() {
        return new LdapUserAndGroupConfigTestRequest();
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    public PathProtectionDescriptor getResourceProtection() {
        return new PathProtectionDescriptor(getResourceUri(), "authcBasic,perms[nexus:ldaptestuserconf]");
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    public String getResourceUri() {
        return "/ldap/test_user_conf";
    }

    @Override // org.sonatype.plexus.rest.resource.AbstractPlexusResource, org.sonatype.plexus.rest.resource.PlexusResource
    @ResourceMethodSignature(input = LdapUserAndGroupConfigTestRequest.class, output = LdapUserListResponse.class)
    @PUT
    public Object put(Context context, Request request, Response response, Object obj) throws ResourceException {
        LdapUserAndGroupConfigTestRequestDTO data = ((LdapUserAndGroupConfigTestRequest) obj).getData();
        handleValidationResponse(this.configurationValidator.validateConnectionInfo(null, getConnectionInfo(data)));
        handleValidationResponse(this.configurationValidator.validateUserAndGroupAuthConfiguration(null, restToLdapModel(data)));
        LdapUserListResponse ldapUserListResponse = new LdapUserListResponse();
        try {
            ldapUserListResponse.setLdapUserRoleMappings(getPopulatedDTOs(convertToAuthConfig(data), getConnectionInfo(data), data.getUserLimitCount() != 0 ? data.getUserLimitCount() : 20));
            return ldapUserListResponse;
        } catch (Exception e) {
            throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "LDAP Realm is not configured correctly: " + e.getMessage(), e);
        }
    }

    private CConnectionInfo getConnectionInfo(LdapUserAndGroupConfigTestRequestDTO ldapUserAndGroupConfigTestRequestDTO) {
        CConnectionInfo cConnectionInfo = new CConnectionInfo();
        cConnectionInfo.setAuthScheme(ldapUserAndGroupConfigTestRequestDTO.getAuthScheme());
        cConnectionInfo.setHost(ldapUserAndGroupConfigTestRequestDTO.getHost());
        cConnectionInfo.setPort(ldapUserAndGroupConfigTestRequestDTO.getPort());
        cConnectionInfo.setProtocol(ldapUserAndGroupConfigTestRequestDTO.getProtocol());
        cConnectionInfo.setSearchBase(ldapUserAndGroupConfigTestRequestDTO.getSearchBase());
        cConnectionInfo.setSystemUsername(ldapUserAndGroupConfigTestRequestDTO.getSystemUsername());
        cConnectionInfo.setSystemPassword(ldapUserAndGroupConfigTestRequestDTO.getSystemPassword());
        cConnectionInfo.setRealm(ldapUserAndGroupConfigTestRequestDTO.getRealm());
        return cConnectionInfo;
    }

    private LdapAuthConfiguration convertToAuthConfig(LdapUserAndGroupConfigurationDTO ldapUserAndGroupConfigurationDTO) {
        LdapAuthConfiguration ldapAuthConfiguration = new LdapAuthConfiguration();
        ldapAuthConfiguration.setGroupMemberFormat(ldapUserAndGroupConfigurationDTO.getGroupMemberFormat());
        ldapAuthConfiguration.setGroupObjectClass(ldapUserAndGroupConfigurationDTO.getGroupObjectClass());
        ldapAuthConfiguration.setGroupBaseDn(ldapUserAndGroupConfigurationDTO.getGroupBaseDn());
        ldapAuthConfiguration.setGroupIdAttribute(ldapUserAndGroupConfigurationDTO.getGroupIdAttribute());
        ldapAuthConfiguration.setGroupMemberAttribute(ldapUserAndGroupConfigurationDTO.getGroupMemberAttribute());
        ldapAuthConfiguration.setUserObjectClass(ldapUserAndGroupConfigurationDTO.getUserObjectClass());
        ldapAuthConfiguration.setUserBaseDn(ldapUserAndGroupConfigurationDTO.getUserBaseDn());
        ldapAuthConfiguration.setUserIdAttribute(ldapUserAndGroupConfigurationDTO.getUserIdAttribute());
        ldapAuthConfiguration.setPasswordAttribute(ldapUserAndGroupConfigurationDTO.getUserPasswordAttribute());
        ldapAuthConfiguration.setUserRealNameAttribute(ldapUserAndGroupConfigurationDTO.getUserRealNameAttribute());
        ldapAuthConfiguration.setEmailAddressAttribute(ldapUserAndGroupConfigurationDTO.getEmailAddressAttribute());
        ldapAuthConfiguration.setLdapGroupsAsRoles(ldapUserAndGroupConfigurationDTO.isLdapGroupsAsRoles());
        ldapAuthConfiguration.setUserSubtree(ldapUserAndGroupConfigurationDTO.isUserSubtree());
        ldapAuthConfiguration.setGroupSubtree(ldapUserAndGroupConfigurationDTO.isGroupSubtree());
        ldapAuthConfiguration.setUserMemberOfAttribute(ldapUserAndGroupConfigurationDTO.getUserMemberOfAttribute());
        ldapAuthConfiguration.setLdapFilter(ldapUserAndGroupConfigurationDTO.getLdapFilter());
        return ldapAuthConfiguration;
    }

    protected LdapManager getLdapManager(LdapAuthConfiguration ldapAuthConfiguration, CConnectionInfo cConnectionInfo) throws ResourceException {
        UsersGroupAuthTestLdapConfiguration usersGroupAuthTestLdapConfiguration = this.usersGroupAuthTestLdapConfigurationProvider.get();
        usersGroupAuthTestLdapConfiguration.setLdapAuthConfiguration(ldapAuthConfiguration);
        usersGroupAuthTestLdapConfiguration.setConnectionInfo(cConnectionInfo);
        TestLdapManager testLdapManager = this.testLdapManagerProvider.get();
        testLdapManager.setLdapConfiguration(usersGroupAuthTestLdapConfiguration);
        return testLdapManager;
    }

    private List<LdapUserResponseDTO> getPopulatedDTOs(LdapAuthConfiguration ldapAuthConfiguration, CConnectionInfo cConnectionInfo, int i) throws LdapDAOException, MalformedURLException, NamingException {
        ArrayList arrayList = new ArrayList();
        Iterator<LdapUser> it = this.ldapConnectionTester.testUserAndGroupMapping(buildDefaultLdapContextFactory(cConnectionInfo), ldapAuthConfiguration, i).iterator();
        while (it.hasNext()) {
            arrayList.add(getPopulatedUser(it.next()));
        }
        return arrayList;
    }

    private LdapUserResponseDTO getPopulatedUser(LdapUser ldapUser) {
        LdapUserResponseDTO ldapUserResponseDTO = new LdapUserResponseDTO();
        ldapUserResponseDTO.setUserId(ldapUser.getUsername());
        ldapUserResponseDTO.setEmail(ldapUser.getEmail());
        ldapUserResponseDTO.setName(ldapUser.getRealName());
        Iterator<String> it = ldapUser.getMembership().iterator();
        while (it.hasNext()) {
            ldapUserResponseDTO.addRole(it.next());
        }
        return ldapUserResponseDTO;
    }
}
