package sernet.gs.server.security;

import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.ldap.LdapAuthenticator;

/* loaded from: input_file:sernet/gs/server/security/LdapAuthenticationProvider.class */
public class LdapAuthenticationProvider implements org.springframework.security.providers.AuthenticationProvider {
    private LdapAuthenticator authenticator;
    public static final String ROLES_ATTRIBUTE = "attribute_roles";

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        DirContextOperations authenticate = this.authenticator.authenticate(authentication);
        LdapUserToken ldapUserToken = new LdapUserToken(authentication, "ROLE_LDAPUSER");
        for (Object obj : authenticate.getObjectAttributes(ROLES_ATTRIBUTE)) {
            ldapUserToken.addAuthority((String) obj);
        }
        return ldapUserToken;
    }

    public boolean supports(Class cls) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }

    public LdapAuthenticator getAuthenticator() {
        return this.authenticator;
    }

    public void setAuthenticator(LdapAuthenticator ldapAuthenticator) {
        this.authenticator = ldapAuthenticator;
    }
}
