package org.broadleafcommerce.common.security.ldap;

import java.util.Collection;
import java.util.HashSet;
import java.util.Map;
import org.broadleafcommerce.common.security.BroadleafExternalAuthenticationUserDetails;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;

/* loaded from: input_file:org/broadleafcommerce/common/security/ldap/BroadleafActiveDirectoryUserDetailsMapper.class */
public class BroadleafActiveDirectoryUserDetailsMapper extends LdapUserDetailsMapper {
    protected boolean useEmailAddressAsUsername = true;
    protected boolean additiveRoleNameSubstitutions = false;
    protected Map<String, String[]> roleNameSubstitutions;

    public UserDetails mapUserFromContext(DirContextOperations dirContextOperations, String str, Collection<? extends GrantedAuthority> collection) {
        HashSet hashSet = new HashSet();
        if (this.roleNameSubstitutions == null || this.roleNameSubstitutions.isEmpty()) {
            hashSet.addAll(collection);
        } else {
            for (GrantedAuthority grantedAuthority : collection) {
                if (this.roleNameSubstitutions.containsKey(grantedAuthority.getAuthority())) {
                    for (String str2 : this.roleNameSubstitutions.get(grantedAuthority.getAuthority())) {
                        hashSet.add(new SimpleGrantedAuthority(str2.trim()));
                    }
                    if (this.additiveRoleNameSubstitutions) {
                        hashSet.add(grantedAuthority);
                    }
                } else {
                    hashSet.add(grantedAuthority);
                }
            }
        }
        String str3 = (String) dirContextOperations.getObjectAttribute("mail");
        UserDetails userDetails = null;
        if (this.useEmailAddressAsUsername && str3 != null) {
            userDetails = super.mapUserFromContext(dirContextOperations, str3, hashSet);
        }
        if (userDetails == null) {
            userDetails = super.mapUserFromContext(dirContextOperations, str, hashSet);
        }
        String password = userDetails.getPassword();
        if (password == null) {
            password = userDetails.getUsername();
        }
        BroadleafExternalAuthenticationUserDetails broadleafExternalAuthenticationUserDetails = new BroadleafExternalAuthenticationUserDetails(userDetails.getUsername(), password, userDetails.getAuthorities());
        broadleafExternalAuthenticationUserDetails.setFirstName((String) dirContextOperations.getObjectAttribute("givenName"));
        broadleafExternalAuthenticationUserDetails.setLastName((String) dirContextOperations.getObjectAttribute("sn"));
        broadleafExternalAuthenticationUserDetails.setEmail(str3);
        return broadleafExternalAuthenticationUserDetails;
    }

    public void setUseEmailAddressAsUsername(boolean z) {
        this.useEmailAddressAsUsername = z;
    }

    public void setRoleNameSubstitutions(Map<String, String[]> map) {
        this.roleNameSubstitutions = map;
    }

    public void setAdditiveRoleNameSubstitutions(boolean z) {
        this.additiveRoleNameSubstitutions = z;
    }
}
