package org.springframework.security.ldap;

import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.StringTokenizer;
import net.sf.json.util.JSONUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.ldap.core.support.AbstractContextSource;
import org.springframework.ldap.core.support.LdapContextSource;
import org.springframework.ldap.core.support.SimpleDirContextAuthenticationStrategy;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/spring-security-ldap-3.2.1.RELEASE.jar:org/springframework/security/ldap/DefaultSpringSecurityContextSource.class */
public class DefaultSpringSecurityContextSource extends LdapContextSource {
    protected final Log logger;
    private String rootDn;

    public DefaultSpringSecurityContextSource(String str) {
        this.logger = LogFactory.getLog(getClass());
        Assert.hasLength(str, "An LDAP connection URL must be supplied.");
        StringTokenizer stringTokenizer = new StringTokenizer(str);
        ArrayList arrayList = new ArrayList();
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            String parseRootDnFromUrl = LdapUtils.parseRootDnFromUrl(nextToken);
            arrayList.add(nextToken.substring(0, nextToken.lastIndexOf(parseRootDnFromUrl)));
            this.logger.info(" URL '" + nextToken + "', root DN is '" + parseRootDnFromUrl + JSONUtils.SINGLE_QUOTE);
            if (this.rootDn == null) {
                this.rootDn = parseRootDnFromUrl;
            } else if (!this.rootDn.equals(parseRootDnFromUrl)) {
                throw new IllegalArgumentException("Root DNs must be the same when using multiple URLs");
            }
        }
        setUrls((String[]) arrayList.toArray(new String[arrayList.size()]));
        setBase(this.rootDn);
        setPooled(true);
        setAuthenticationStrategy(new SimpleDirContextAuthenticationStrategy() { // from class: org.springframework.security.ldap.DefaultSpringSecurityContextSource.1
            @Override // org.springframework.ldap.core.support.SimpleDirContextAuthenticationStrategy, org.springframework.ldap.core.support.DirContextAuthenticationStrategy
            public void setupEnvironment(Hashtable hashtable, String str2, String str3) {
                super.setupEnvironment(hashtable, str2, str3);
                if (DefaultSpringSecurityContextSource.this.userDn.equals(str2) || !hashtable.containsKey(AbstractContextSource.SUN_LDAP_POOLING_FLAG)) {
                    return;
                }
                DefaultSpringSecurityContextSource.this.logger.debug("Removing pooling flag for user " + str2);
                hashtable.remove(AbstractContextSource.SUN_LDAP_POOLING_FLAG);
            }
        });
    }

    public DefaultSpringSecurityContextSource(List<String> list, String str) {
        this(buildProviderUrl(list, str));
    }

    private static String buildProviderUrl(List<String> list, String str) {
        Assert.notNull(str, "The Base DN for the LDAP server must not be null.");
        Assert.notEmpty(list, "At least one LDAP server URL must be provided.");
        String trim = str.trim();
        StringBuilder sb = new StringBuilder();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            String trim2 = it.next().trim();
            if (!"".equals(trim2)) {
                sb.append(trim2);
                if (!trim2.endsWith("/")) {
                    sb.append("/");
                }
                sb.append(trim);
                sb.append(" ");
            }
        }
        return sb.toString();
    }
}
