package de.otto.edison.authentication;

import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.LDAPInterface;
import com.unboundid.ldap.sdk.SearchRequest;
import com.unboundid.ldap.sdk.SearchScope;
import de.otto.edison.authentication.configuration.LdapProperties;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequestWrapper;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;

/* loaded from: input_file:de/otto/edison/authentication/LdapRoleCheckingRequest.class */
class LdapRoleCheckingRequest extends HttpServletRequestWrapper {
    private static final String CN = "cn";
    private final LDAPInterface ldapInterface;
    private final String userDN;
    private final String roleBaseDN;
    private final List<String> userRoles;

    public LdapRoleCheckingRequest(HttpServletRequest httpServletRequest, LDAPInterface lDAPInterface, String str, LdapProperties ldapProperties) throws LDAPException {
        super(httpServletRequest);
        this.ldapInterface = lDAPInterface;
        this.userDN = str;
        this.roleBaseDN = ldapProperties.getRoleBaseDn();
        this.userRoles = getRoles();
    }

    public boolean isUserInRole(String str) {
        return this.userRoles.contains(str);
    }

    List<String> getRoles() throws LDAPException {
        return (List) this.ldapInterface.search(new SearchRequest(this.roleBaseDN, SearchScope.ONE, "(uniqueMember=" + this.userDN + ")", new String[]{CN})).getSearchEntries().stream().flatMap(searchResultEntry -> {
            return Arrays.stream(searchResultEntry.getAttributeValues("CN"));
        }).collect(Collectors.toList());
    }
}
