package org.flowable.app.conf;

import javax.sql.DataSource;
import org.flowable.engine.common.impl.util.DefaultClockImpl;
import org.flowable.engine.common.runtime.Clock;
import org.flowable.idm.api.IdmIdentityService;
import org.flowable.idm.api.IdmManagementService;
import org.flowable.idm.engine.IdmEngine;
import org.flowable.idm.engine.IdmEngineConfiguration;
import org.flowable.idm.spring.SpringIdmEngineConfiguration;
import org.flowable.idm.spring.authentication.SpringEncoder;
import org.flowable.ldap.LDAPConfiguration;
import org.flowable.ldap.LDAPGroupCache;
import org.flowable.ldap.LDAPIdentityServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import org.springframework.core.env.Environment;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.transaction.PlatformTransactionManager;

@Configuration
@ComponentScan(basePackages = {"org.flowable.idm.extension.conf", "org.flowable.idm.extension.bean"})
/* loaded from: input_file:org/flowable/app/conf/FlowableIdmEngineConfiguration.class */
public class FlowableIdmEngineConfiguration {

    @Autowired
    protected DataSource dataSource;

    @Autowired
    protected PlatformTransactionManager transactionManager;

    @Autowired(required = false)
    protected LDAPGroupCache.LDAPGroupCacheListener groupCacheListener;

    @Autowired
    protected Environment environment;

    @Bean(name = {"idmEngine"})
    public IdmEngine idmEngine() {
        return idmEngineConfiguration().buildIdmEngine();
    }

    @Bean(name = {"idmEngineConfiguration"})
    public IdmEngineConfiguration idmEngineConfiguration() {
        SpringIdmEngineConfiguration springIdmEngineConfiguration = new SpringIdmEngineConfiguration();
        springIdmEngineConfiguration.setDataSource(this.dataSource);
        springIdmEngineConfiguration.setDatabaseSchemaUpdate("true");
        springIdmEngineConfiguration.setTransactionManager(this.transactionManager);
        if (((Boolean) this.environment.getProperty("ldap.enabled", Boolean.class, false)).booleanValue()) {
            initializeLdap(springIdmEngineConfiguration);
        } else {
            springIdmEngineConfiguration.setPasswordEncoder(new SpringEncoder(passwordEncoder()));
        }
        return springIdmEngineConfiguration;
    }

    protected void initializeLdap(SpringIdmEngineConfiguration springIdmEngineConfiguration) {
        LDAPConfiguration lDAPConfiguration = new LDAPConfiguration();
        lDAPConfiguration.setServer(this.environment.getRequiredProperty("ldap.server"));
        lDAPConfiguration.setPort(((Integer) this.environment.getRequiredProperty("ldap.port", Integer.class)).intValue());
        lDAPConfiguration.setUser(this.environment.getRequiredProperty("ldap.user"));
        lDAPConfiguration.setPassword(this.environment.getRequiredProperty("ldap.password"));
        lDAPConfiguration.setBaseDn(this.environment.getRequiredProperty("ldap.basedn"));
        lDAPConfiguration.setQueryUserByUserId(this.environment.getRequiredProperty("ldap.query.userbyid"));
        lDAPConfiguration.setQueryUserByFullNameLike(this.environment.getRequiredProperty("ldap.query.userbyname"));
        lDAPConfiguration.setQueryAllUsers(this.environment.getRequiredProperty("ldap.query.userall"));
        lDAPConfiguration.setQueryGroupsForUser(this.environment.getRequiredProperty("ldap.query.groupsforuser"));
        lDAPConfiguration.setQueryAllGroups(this.environment.getRequiredProperty("ldap.query.groupall"));
        lDAPConfiguration.setUserIdAttribute(this.environment.getRequiredProperty("ldap.attribute.userid"));
        lDAPConfiguration.setUserFirstNameAttribute(this.environment.getRequiredProperty("ldap.attribute.firstname"));
        lDAPConfiguration.setUserLastNameAttribute(this.environment.getRequiredProperty("ldap.attribute.lastname"));
        lDAPConfiguration.setUserEmailAttribute(this.environment.getRequiredProperty("ldap.attribute.email"));
        lDAPConfiguration.setGroupIdAttribute(this.environment.getRequiredProperty("ldap.attribute.groupid"));
        lDAPConfiguration.setGroupNameAttribute(this.environment.getRequiredProperty("ldap.attribute.groupname"));
        lDAPConfiguration.setGroupCacheSize(((Integer) this.environment.getRequiredProperty("ldap.cache.groupsize", Integer.class)).intValue());
        lDAPConfiguration.setGroupCacheExpirationTime(((Long) this.environment.getRequiredProperty("ldap.cache.groupexpiration", Long.class)).longValue());
        LDAPGroupCache lDAPGroupCache = null;
        if (lDAPConfiguration.getGroupCacheSize() > 0) {
            lDAPGroupCache = new LDAPGroupCache(lDAPConfiguration.getGroupCacheSize(), lDAPConfiguration.getGroupCacheExpirationTime(), new DefaultClockImpl());
            if (this.groupCacheListener != null) {
                lDAPGroupCache.setLdapCacheListener(this.groupCacheListener);
            }
        }
        springIdmEngineConfiguration.setIdmIdentityService(new LDAPIdentityServiceImpl(lDAPConfiguration, lDAPGroupCache));
    }

    @DependsOn({"idmEngine"})
    @Bean(name = {"clock"})
    public Clock getClock() {
        return idmEngineConfiguration().getClock();
    }

    @Bean
    public IdmIdentityService idmIdentityService() {
        return idmEngine().getIdmIdentityService();
    }

    @Bean
    public IdmManagementService idmManagementService() {
        return idmEngine().getIdmManagementService();
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return "spring_bcrypt".equalsIgnoreCase((String) this.environment.getProperty("security.passwordencoder", String.class, "")) ? new BCryptPasswordEncoder() : NoOpPasswordEncoder.getInstance();
    }
}
