package org.geoserver.web.security.ldap;

import java.io.Serializable;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
import javax.naming.AuthenticationException;
import org.apache.wicket.Component;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.ajax.markup.html.form.AjaxCheckBox;
import org.apache.wicket.ajax.markup.html.form.AjaxSubmitLink;
import org.apache.wicket.markup.html.WebMarkupContainer;
import org.apache.wicket.markup.html.form.CheckBox;
import org.apache.wicket.markup.html.form.Form;
import org.apache.wicket.markup.html.form.FormComponentPanel;
import org.apache.wicket.markup.html.form.PasswordTextField;
import org.apache.wicket.markup.html.form.TextField;
import org.apache.wicket.model.IModel;
import org.apache.wicket.model.Model;
import org.apache.wicket.model.StringResourceModel;
import org.geoserver.security.GeoServerSecurityManager;
import org.geoserver.security.ldap.LDAPSecurityProvider;
import org.geoserver.security.ldap.LDAPSecurityServiceConfig;
import org.geoserver.security.web.auth.AuthenticationProviderPanel;
import org.geoserver.security.web.usergroup.UserGroupServiceChoice;
import org.geoserver.web.util.MapModel;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;

/* loaded from: input_file:org/geoserver/web/security/ldap/LDAPAuthProviderPanel.class */
public class LDAPAuthProviderPanel extends AuthenticationProviderPanel<LDAPSecurityServiceConfig> {
    private static final long serialVersionUID = 4772173006888418298L;

    /* loaded from: input_file:org/geoserver/web/security/ldap/LDAPAuthProviderPanel$AuthorizationPanel.class */
    abstract class AuthorizationPanel extends FormComponentPanel<HashMap<String, Object>> {
        private static final long serialVersionUID = -2021795762927385164L;

        public AuthorizationPanel(String str) {
            super(str, new Model());
        }

        public abstract void resetModel();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/geoserver/web/security/ldap/LDAPAuthProviderPanel$LDAPAuthorizationPanel.class */
    public class LDAPAuthorizationPanel extends AuthorizationPanel {
        private static final long serialVersionUID = 7541432269535150812L;

        public LDAPAuthorizationPanel(String str) {
            super(str);
            add(new Component[]{new CheckBox("bindBeforeGroupSearch")});
            add(new Component[]{new TextField("adminGroup")});
            add(new Component[]{new TextField("groupAdminGroup")});
            add(new Component[]{new TextField("groupSearchBase")});
            add(new Component[]{new TextField("groupSearchFilter")});
        }

        @Override // org.geoserver.web.security.ldap.LDAPAuthProviderPanel.AuthorizationPanel
        public void resetModel() {
            get("bindBeforeGroupSearch").setDefaultModelObject((Object) null);
            get("adminGroup").setDefaultModelObject((Object) null);
            get("groupAdminGroup").setDefaultModelObject((Object) null);
            get("groupSearchBase").setDefaultModelObject((Object) null);
            get("groupSearchFilter").setDefaultModelObject((Object) null);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/geoserver/web/security/ldap/LDAPAuthProviderPanel$TestLDAPConnectionPanel.class */
    public class TestLDAPConnectionPanel extends FormComponentPanel<HashMap<String, Object>> {
        private static final long serialVersionUID = 5433983389877706266L;

        /* JADX WARN: Type inference failed for: r4v4, types: [org.geoserver.web.security.ldap.LDAPAuthProviderPanel$TestLDAPConnectionPanel$1] */
        public TestLDAPConnectionPanel(String str) {
            super(str, new Model(new HashMap()));
            add(new Component[]{new TextField("username", new MapModel((Map) getModel().getObject(), "username"))});
            add(new Component[]{new PasswordTextField("password", new MapModel((Map) getModel().getObject(), "password")).setRequired(false)});
            add(new Component[]{new AjaxSubmitLink("test") { // from class: org.geoserver.web.security.ldap.LDAPAuthProviderPanel.TestLDAPConnectionPanel.1
                private static final long serialVersionUID = 2373404292655355758L;

                protected void onSubmit(AjaxRequestTarget ajaxRequestTarget, Form<?> form) {
                    TestLDAPConnectionPanel.this.get("username").processInput();
                    TestLDAPConnectionPanel.this.get("password").processInput();
                    LDAPAuthProviderPanel.this.get("serverURL").processInput();
                    LDAPAuthProviderPanel.this.get("useTLS").processInput();
                    LDAPAuthProviderPanel.this.get("userDnPattern").processInput();
                    LDAPAuthProviderPanel.this.get("userFilter").processInput();
                    LDAPAuthProviderPanel.this.get("userFormat").processInput();
                    doTest((LDAPSecurityServiceConfig) getForm().getModelObject(), (String) TestLDAPConnectionPanel.this.get("username").getConvertedInput(), (String) TestLDAPConnectionPanel.this.get("password").getConvertedInput());
                    ajaxRequestTarget.add(new Component[]{getPage().get("topFeedback")});
                }

                void doTest(LDAPSecurityServiceConfig lDAPSecurityServiceConfig, String str2, String str3) {
                    try {
                        if (lDAPSecurityServiceConfig.getUserDnPattern() == null && lDAPSecurityServiceConfig.getUserFilter() == null) {
                            error("Neither user dn pattern or user filter specified");
                            return;
                        }
                        LDAPSecurityProvider lDAPSecurityProvider = new LDAPSecurityProvider(LDAPAuthProviderPanel.this.getSecurityManager());
                        Authentication authenticate = lDAPSecurityProvider.createAuthenticationProvider(lDAPSecurityServiceConfig).authenticate(new UsernamePasswordAuthenticationToken(str2, str3));
                        if (authenticate == null || !authenticate.isAuthenticated()) {
                            throw new AuthenticationException("Cannot authenticate " + str2);
                        }
                        lDAPSecurityProvider.destroy((GeoServerSecurityManager) null);
                        info((Serializable) new StringResourceModel(LDAPAuthProviderPanel.class.getSimpleName() + ".connectionSuccessful").getObject());
                    } catch (Exception e) {
                        error(e);
                        LDAPAuthProviderPanel.LOGGER.log(Level.WARNING, e.getMessage(), (Throwable) e);
                    }
                }
            }.setDefaultFormProcessing(false)});
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/geoserver/web/security/ldap/LDAPAuthProviderPanel$UserGroupAuthorizationPanel.class */
    public class UserGroupAuthorizationPanel extends AuthorizationPanel {
        private static final long serialVersionUID = 2464048864034610244L;

        public UserGroupAuthorizationPanel(String str) {
            super(str);
            add(new Component[]{new UserGroupServiceChoice("userGroupServiceName")});
        }

        @Override // org.geoserver.web.security.ldap.LDAPAuthProviderPanel.AuthorizationPanel
        public void resetModel() {
            get("userGroupServiceName").setDefaultModelObject((Object) null);
        }
    }

    public LDAPAuthProviderPanel(String str, IModel<LDAPSecurityServiceConfig> iModel) {
        super(str, iModel);
        add(new Component[]{new TextField("serverURL").setRequired(true)});
        add(new Component[]{new CheckBox("useTLS")});
        add(new Component[]{new TextField("userDnPattern")});
        add(new Component[]{new TextField("userFilter")});
        add(new Component[]{new TextField("userFormat")});
        boolean z = ((LDAPSecurityServiceConfig) iModel.getObject()).getUserGroupServiceName() == null;
        add(new Component[]{new AjaxCheckBox("useLdapAuthorization", new Model(Boolean.valueOf(z))) { // from class: org.geoserver.web.security.ldap.LDAPAuthProviderPanel.1
            private static final long serialVersionUID = 2060279075143716273L;

            protected void onUpdate(AjaxRequestTarget ajaxRequestTarget) {
                Component component = (WebMarkupContainer) LDAPAuthProviderPanel.this.get("authorizationPanelContainer");
                component.get("authorizationPanel").resetModel();
                component.remove("authorizationPanel");
                component.add(new Component[]{LDAPAuthProviderPanel.this.createAuthorizationPanel("authorizationPanel", ((Boolean) getModelObject()).booleanValue())});
                ajaxRequestTarget.add(new Component[]{component});
            }
        }});
        add(new Component[]{new WebMarkupContainer("authorizationPanelContainer").add(new Component[]{createAuthorizationPanel("authorizationPanel", z)}).setOutputMarkupId(true)});
        add(new Component[]{new TestLDAPConnectionPanel("testCx")});
    }

    AuthorizationPanel createAuthorizationPanel(String str, boolean z) {
        return z ? new LDAPAuthorizationPanel(str) : new UserGroupAuthorizationPanel(str);
    }
}
