package org.apereo.cas.configuration.support;

import com.google.common.base.Throwables;
import com.mongodb.Mongo;
import com.mongodb.MongoClient;
import com.mongodb.MongoClientOptions;
import com.mongodb.MongoCredential;
import com.mongodb.ServerAddress;
import com.mongodb.WriteConcern;
import com.zaxxer.hikari.HikariDataSource;
import groovy.lang.GroovyClassLoader;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.time.Duration;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.function.Predicate;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import java.util.stream.IntStream;
import javax.sql.DataSource;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.ClassUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;
import org.apereo.cas.CipherExecutor;
import org.apereo.cas.authentication.handler.PrincipalNameTransformer;
import org.apereo.cas.configuration.model.core.authentication.PasswordEncoderProperties;
import org.apereo.cas.configuration.model.core.authentication.PrincipalAttributesProperties;
import org.apereo.cas.configuration.model.core.authentication.PrincipalTransformationProperties;
import org.apereo.cas.configuration.model.core.util.CryptographyProperties;
import org.apereo.cas.configuration.model.support.ConnectionPoolingProperties;
import org.apereo.cas.configuration.model.support.jpa.AbstractJpaProperties;
import org.apereo.cas.configuration.model.support.jpa.DatabaseProperties;
import org.apereo.cas.configuration.model.support.jpa.JpaConfigDataHolder;
import org.apereo.cas.configuration.model.support.ldap.AbstractLdapAuthenticationProperties;
import org.apereo.cas.configuration.model.support.ldap.AbstractLdapProperties;
import org.apereo.cas.configuration.model.support.mongo.AbstractMongoInstanceProperties;
import org.apereo.cas.util.cipher.DefaultTicketCipherExecutor;
import org.apereo.cas.util.cipher.NoOpCipherExecutor;
import org.apereo.cas.util.crypto.DefaultPasswordEncoder;
import org.apereo.cas.util.transforms.ConvertCasePrincipalNameTransformer;
import org.apereo.cas.util.transforms.PrefixSuffixPrincipalNameTransformer;
import org.apereo.services.persondir.IPersonAttributeDao;
import org.apereo.services.persondir.support.NamedStubPersonAttributeDao;
import org.codehaus.groovy.control.CompilerConfiguration;
import org.hibernate.cfg.AvailableSettings;
import org.ldaptive.ActivePassiveConnectionStrategy;
import org.ldaptive.BindConnectionInitializer;
import org.ldaptive.BindRequest;
import org.ldaptive.CompareRequest;
import org.ldaptive.ConnectionConfig;
import org.ldaptive.Credential;
import org.ldaptive.DefaultConnectionFactory;
import org.ldaptive.DefaultConnectionStrategy;
import org.ldaptive.DnsSrvConnectionStrategy;
import org.ldaptive.LdapAttribute;
import org.ldaptive.RandomConnectionStrategy;
import org.ldaptive.ReturnAttributes;
import org.ldaptive.RoundRobinConnectionStrategy;
import org.ldaptive.SearchExecutor;
import org.ldaptive.SearchFilter;
import org.ldaptive.SearchRequest;
import org.ldaptive.SearchScope;
import org.ldaptive.ad.extended.FastBindOperation;
import org.ldaptive.ad.handler.ObjectGuidHandler;
import org.ldaptive.ad.handler.ObjectSidHandler;
import org.ldaptive.ad.handler.PrimaryGroupIdHandler;
import org.ldaptive.ad.handler.RangeEntryHandler;
import org.ldaptive.auth.Authenticator;
import org.ldaptive.auth.EntryResolver;
import org.ldaptive.auth.FormatDnResolver;
import org.ldaptive.auth.PooledBindAuthenticationHandler;
import org.ldaptive.auth.PooledCompareAuthenticationHandler;
import org.ldaptive.auth.PooledSearchDnResolver;
import org.ldaptive.auth.PooledSearchEntryResolver;
import org.ldaptive.control.PasswordPolicyControl;
import org.ldaptive.handler.CaseChangeEntryHandler;
import org.ldaptive.handler.DnAttributeEntryHandler;
import org.ldaptive.handler.MergeAttributeEntryHandler;
import org.ldaptive.handler.RecursiveEntryHandler;
import org.ldaptive.handler.SearchEntryHandler;
import org.ldaptive.pool.BindPassivator;
import org.ldaptive.pool.BlockingConnectionPool;
import org.ldaptive.pool.ClosePassivator;
import org.ldaptive.pool.CompareValidator;
import org.ldaptive.pool.ConnectionPool;
import org.ldaptive.pool.IdlePruneStrategy;
import org.ldaptive.pool.PoolConfig;
import org.ldaptive.pool.PooledConnectionFactory;
import org.ldaptive.pool.SearchValidator;
import org.ldaptive.provider.Provider;
import org.ldaptive.referral.SearchReferralHandler;
import org.ldaptive.sasl.CramMd5Config;
import org.ldaptive.sasl.DigestMd5Config;
import org.ldaptive.sasl.ExternalConfig;
import org.ldaptive.sasl.GssApiConfig;
import org.ldaptive.sasl.SaslConfig;
import org.ldaptive.ssl.KeyStoreCredentialConfig;
import org.ldaptive.ssl.SslConfig;
import org.ldaptive.ssl.X509CredentialConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.BeanCreationException;
import org.springframework.core.io.DefaultResourceLoader;
import org.springframework.core.io.Resource;
import org.springframework.data.mongodb.core.MongoClientOptionsFactoryBean;
import org.springframework.jdbc.datasource.lookup.DataSourceLookupFailureException;
import org.springframework.jdbc.datasource.lookup.JndiDataSourceLookup;
import org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean;
import org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter;
import org.springframework.scheduling.concurrent.ThreadPoolExecutorFactoryBean;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder;
import org.springframework.security.crypto.password.StandardPasswordEncoder;
import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder;
import org.springframework.web.context.support.GroovyWebApplicationContext;
import org.thymeleaf.spring4.processor.SpringInputGeneralFieldTagProcessor;

/* loaded from: input_file:WEB-INF/lib/cas-server-core-configuration-5.1.7.jar:org/apereo/cas/configuration/support/Beans.class */
public final class Beans {
    public static final String LDAP_SEARCH_FILTER_DEFAULT_PARAM_NAME = "user";
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) Beans.class);

    protected Beans() {
    }

    public static DataSource newDataSource(AbstractJpaProperties abstractJpaProperties) {
        String dataSourceName = abstractJpaProperties.getDataSourceName();
        boolean isDataSourceProxy = abstractJpaProperties.isDataSourceProxy();
        if (StringUtils.isNotBlank(dataSourceName)) {
            try {
                JndiDataSourceLookup jndiDataSourceLookup = new JndiDataSourceLookup();
                jndiDataSourceLookup.setResourceRef(false);
                DataSource dataSource = jndiDataSourceLookup.getDataSource(dataSourceName);
                return !isDataSourceProxy ? dataSource : new DataSourceProxy(dataSource);
            } catch (DataSourceLookupFailureException e) {
                LOGGER.warn("Lookup of datasource [{}] failed due to {} falling back to configuration via JPA properties.", dataSourceName, e.getMessage());
            }
        }
        try {
            HikariDataSource hikariDataSource = new HikariDataSource();
            if (StringUtils.isNotBlank(abstractJpaProperties.getDriverClass())) {
                hikariDataSource.setDriverClassName(abstractJpaProperties.getDriverClass());
            }
            hikariDataSource.setJdbcUrl(abstractJpaProperties.getUrl());
            hikariDataSource.setUsername(abstractJpaProperties.getUser());
            hikariDataSource.setPassword(abstractJpaProperties.getPassword());
            hikariDataSource.setLoginTimeout(Long.valueOf(abstractJpaProperties.getPool().getMaxWait()).intValue());
            hikariDataSource.setMaximumPoolSize(abstractJpaProperties.getPool().getMaxSize());
            hikariDataSource.setMinimumIdle(abstractJpaProperties.getPool().getMinSize());
            hikariDataSource.setIdleTimeout(abstractJpaProperties.getIdleTimeout());
            hikariDataSource.setLeakDetectionThreshold(abstractJpaProperties.getLeakThreshold());
            hikariDataSource.setInitializationFailTimeout(abstractJpaProperties.isFailFast() ? 1L : 0L);
            hikariDataSource.setIsolateInternalQueries(abstractJpaProperties.isIsolateInternalQueries());
            hikariDataSource.setConnectionTestQuery(abstractJpaProperties.getHealthQuery());
            hikariDataSource.setAllowPoolSuspension(abstractJpaProperties.getPool().isSuspension());
            hikariDataSource.setAutoCommit(abstractJpaProperties.isAutocommit());
            hikariDataSource.setValidationTimeout(abstractJpaProperties.getPool().getTimeoutMillis());
            return hikariDataSource;
        } catch (Exception e2) {
            LOGGER.error("Error creating DataSource: [{}]", e2.getMessage());
            throw new IllegalArgumentException(e2);
        }
    }

    public static HibernateJpaVendorAdapter newHibernateJpaVendorAdapter(DatabaseProperties databaseProperties) {
        HibernateJpaVendorAdapter hibernateJpaVendorAdapter = new HibernateJpaVendorAdapter();
        hibernateJpaVendorAdapter.setGenerateDdl(databaseProperties.isGenDdl());
        hibernateJpaVendorAdapter.setShowSql(databaseProperties.isShowSql());
        return hibernateJpaVendorAdapter;
    }

    public static ThreadPoolExecutorFactoryBean newThreadPoolExecutorFactoryBean(ConnectionPoolingProperties connectionPoolingProperties) {
        ThreadPoolExecutorFactoryBean threadPoolExecutorFactoryBean = new ThreadPoolExecutorFactoryBean();
        threadPoolExecutorFactoryBean.setCorePoolSize(connectionPoolingProperties.getMinSize());
        threadPoolExecutorFactoryBean.setMaxPoolSize(connectionPoolingProperties.getMaxSize());
        threadPoolExecutorFactoryBean.setKeepAliveSeconds(Long.valueOf(connectionPoolingProperties.getMaxWait()).intValue());
        return threadPoolExecutorFactoryBean;
    }

    public static LocalContainerEntityManagerFactoryBean newHibernateEntityManagerFactoryBean(JpaConfigDataHolder jpaConfigDataHolder, AbstractJpaProperties abstractJpaProperties) {
        LocalContainerEntityManagerFactoryBean localContainerEntityManagerFactoryBean = new LocalContainerEntityManagerFactoryBean();
        localContainerEntityManagerFactoryBean.setJpaVendorAdapter(jpaConfigDataHolder.getJpaVendorAdapter());
        if (StringUtils.isNotBlank(jpaConfigDataHolder.getPersistenceUnitName())) {
            localContainerEntityManagerFactoryBean.setPersistenceUnitName(jpaConfigDataHolder.getPersistenceUnitName());
        }
        localContainerEntityManagerFactoryBean.setPackagesToScan(jpaConfigDataHolder.getPackagesToScan());
        localContainerEntityManagerFactoryBean.setDataSource(jpaConfigDataHolder.getDataSource());
        Properties properties = new Properties();
        properties.put(AvailableSettings.DIALECT, abstractJpaProperties.getDialect());
        properties.put(AvailableSettings.HBM2DDL_AUTO, abstractJpaProperties.getDdlAuto());
        properties.put(AvailableSettings.STATEMENT_BATCH_SIZE, Integer.valueOf(abstractJpaProperties.getBatchSize()));
        if (StringUtils.isNotBlank(abstractJpaProperties.getDefaultCatalog())) {
            properties.put(AvailableSettings.DEFAULT_CATALOG, abstractJpaProperties.getDefaultCatalog());
        }
        if (StringUtils.isNotBlank(abstractJpaProperties.getDefaultSchema())) {
            properties.put(AvailableSettings.DEFAULT_SCHEMA, abstractJpaProperties.getDefaultSchema());
        }
        properties.putAll(abstractJpaProperties.getProperties());
        localContainerEntityManagerFactoryBean.setJpaProperties(properties);
        localContainerEntityManagerFactoryBean.getJpaPropertyMap().put(AvailableSettings.ENABLE_LAZY_LOAD_NO_TRANS, Boolean.TRUE);
        return localContainerEntityManagerFactoryBean;
    }

    public static IPersonAttributeDao newStubAttributeRepository(PrincipalAttributesProperties principalAttributesProperties) {
        try {
            NamedStubPersonAttributeDao namedStubPersonAttributeDao = new NamedStubPersonAttributeDao();
            HashMap hashMap = new HashMap();
            principalAttributesProperties.getStub().getAttributes().forEach((str, str2) -> {
                hashMap.put(str, Arrays.asList(org.springframework.util.StringUtils.commaDelimitedListToStringArray(str2)));
            });
            namedStubPersonAttributeDao.setBackingMap(hashMap);
            return namedStubPersonAttributeDao;
        } catch (Exception e) {
            throw Throwables.propagate(e);
        }
    }

    public static PasswordEncoder newPasswordEncoder(PasswordEncoderProperties passwordEncoderProperties) {
        String type = passwordEncoderProperties.getType();
        if (StringUtils.isBlank(type)) {
            LOGGER.debug("No password encoder type is defined, and so none shall be created");
            return NoOpPasswordEncoder.getInstance();
        }
        if (type.contains(".")) {
            try {
                LOGGER.debug("Configuration indicates use of a custom password encoder [{}]", type);
                return (PasswordEncoder) Class.forName(type).newInstance();
            } catch (Exception e) {
                LOGGER.error("Falling back to a no-op password encoder as CAS has failed to create an instance of the custom password encoder class " + type, (Throwable) e);
                return NoOpPasswordEncoder.getInstance();
            }
        }
        switch (PasswordEncoderProperties.PasswordEncoderTypes.valueOf(type)) {
            case DEFAULT:
                LOGGER.debug("Creating default password encoder with encoding alg [{}] and character encoding [{}]", passwordEncoderProperties.getEncodingAlgorithm(), passwordEncoderProperties.getCharacterEncoding());
                return new DefaultPasswordEncoder(passwordEncoderProperties.getEncodingAlgorithm(), passwordEncoderProperties.getCharacterEncoding());
            case STANDARD:
                LOGGER.debug("Creating standard password encoder with the secret defined in the configuration");
                return new StandardPasswordEncoder(passwordEncoderProperties.getSecret());
            case BCRYPT:
                LOGGER.debug("Creating BCRYPT password encoder given the strength [{}] and secret in the configuration", Integer.valueOf(passwordEncoderProperties.getStrength()));
                if (StringUtils.isBlank(passwordEncoderProperties.getSecret())) {
                    LOGGER.debug("Creating BCRYPT encoder without secret");
                    return new BCryptPasswordEncoder(passwordEncoderProperties.getStrength());
                }
                LOGGER.debug("Creating BCRYPT encoder with secret");
                return new BCryptPasswordEncoder(passwordEncoderProperties.getStrength(), new SecureRandom(passwordEncoderProperties.getSecret().getBytes(StandardCharsets.UTF_8)));
            case SCRYPT:
                LOGGER.debug("Creating SCRYPT encoder");
                return new SCryptPasswordEncoder();
            case PBKDF2:
                if (!StringUtils.isBlank(passwordEncoderProperties.getSecret())) {
                    return new Pbkdf2PasswordEncoder(passwordEncoderProperties.getSecret(), passwordEncoderProperties.getStrength(), 256);
                }
                LOGGER.debug("Creating PBKDF2 encoder without secret");
                return new Pbkdf2PasswordEncoder();
            case NONE:
            default:
                LOGGER.debug("No password encoder shall be created given the requested encoder type [{}]", type);
                return NoOpPasswordEncoder.getInstance();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v19, types: [org.apereo.cas.authentication.handler.PrincipalNameTransformer] */
    public static PrincipalNameTransformer newPrincipalNameTransformer(PrincipalTransformationProperties principalTransformationProperties) {
        PrefixSuffixPrincipalNameTransformer prefixSuffixPrincipalNameTransformer;
        if (StringUtils.isNotBlank(principalTransformationProperties.getPrefix()) || StringUtils.isNotBlank(principalTransformationProperties.getSuffix())) {
            PrefixSuffixPrincipalNameTransformer prefixSuffixPrincipalNameTransformer2 = new PrefixSuffixPrincipalNameTransformer();
            prefixSuffixPrincipalNameTransformer2.setPrefix(principalTransformationProperties.getPrefix());
            prefixSuffixPrincipalNameTransformer2.setSuffix(principalTransformationProperties.getSuffix());
            prefixSuffixPrincipalNameTransformer = prefixSuffixPrincipalNameTransformer2;
        } else {
            prefixSuffixPrincipalNameTransformer = str -> {
                return str;
            };
        }
        switch (principalTransformationProperties.getCaseConversion()) {
            case UPPERCASE:
                ConvertCasePrincipalNameTransformer convertCasePrincipalNameTransformer = new ConvertCasePrincipalNameTransformer(prefixSuffixPrincipalNameTransformer);
                convertCasePrincipalNameTransformer.setToUpperCase(true);
                return convertCasePrincipalNameTransformer;
            case LOWERCASE:
                ConvertCasePrincipalNameTransformer convertCasePrincipalNameTransformer2 = new ConvertCasePrincipalNameTransformer(prefixSuffixPrincipalNameTransformer);
                convertCasePrincipalNameTransformer2.setToUpperCase(false);
                return convertCasePrincipalNameTransformer2;
            default:
                return prefixSuffixPrincipalNameTransformer;
        }
    }

    public static EntryResolver newLdaptiveSearchEntryResolver(AbstractLdapAuthenticationProperties abstractLdapAuthenticationProperties, PooledConnectionFactory pooledConnectionFactory) {
        if (StringUtils.isBlank(abstractLdapAuthenticationProperties.getBaseDn())) {
            throw new IllegalArgumentException("To create a search entry resolver, base dn cannot be empty/blank ");
        }
        if (StringUtils.isBlank(abstractLdapAuthenticationProperties.getUserFilter())) {
            throw new IllegalArgumentException("To create a search entry resolver, user filter cannot be empty/blank");
        }
        PooledSearchEntryResolver pooledSearchEntryResolver = new PooledSearchEntryResolver();
        pooledSearchEntryResolver.setBaseDn(abstractLdapAuthenticationProperties.getBaseDn());
        pooledSearchEntryResolver.setUserFilter(abstractLdapAuthenticationProperties.getUserFilter());
        pooledSearchEntryResolver.setSubtreeSearch(abstractLdapAuthenticationProperties.isSubtreeSearch());
        pooledSearchEntryResolver.setConnectionFactory(pooledConnectionFactory);
        ArrayList arrayList = new ArrayList();
        abstractLdapAuthenticationProperties.getSearchEntryHandlers().forEach(searchEntryHandlers -> {
            switch (searchEntryHandlers.getType()) {
                case CASE_CHANGE:
                    CaseChangeEntryHandler caseChangeEntryHandler = new CaseChangeEntryHandler();
                    caseChangeEntryHandler.setAttributeNameCaseChange(searchEntryHandlers.getCasChange().getAttributeNameCaseChange());
                    caseChangeEntryHandler.setAttributeNames(searchEntryHandlers.getCasChange().getAttributeNames());
                    caseChangeEntryHandler.setAttributeValueCaseChange(searchEntryHandlers.getCasChange().getAttributeValueCaseChange());
                    caseChangeEntryHandler.setDnCaseChange(searchEntryHandlers.getCasChange().getDnCaseChange());
                    arrayList.add(caseChangeEntryHandler);
                    return;
                case DN_ATTRIBUTE_ENTRY:
                    DnAttributeEntryHandler dnAttributeEntryHandler = new DnAttributeEntryHandler();
                    dnAttributeEntryHandler.setAddIfExists(searchEntryHandlers.getDnAttribute().isAddIfExists());
                    dnAttributeEntryHandler.setDnAttributeName(searchEntryHandlers.getDnAttribute().getDnAttributeName());
                    arrayList.add(dnAttributeEntryHandler);
                    return;
                case MERGE:
                    MergeAttributeEntryHandler mergeAttributeEntryHandler = new MergeAttributeEntryHandler();
                    mergeAttributeEntryHandler.setAttributeNames(searchEntryHandlers.getMergeAttribute().getAttributeNames());
                    mergeAttributeEntryHandler.setMergeAttributeName(searchEntryHandlers.getMergeAttribute().getMergeAttributeName());
                    arrayList.add(mergeAttributeEntryHandler);
                    return;
                case OBJECT_GUID:
                    arrayList.add(new ObjectGuidHandler());
                    return;
                case OBJECT_SID:
                    arrayList.add(new ObjectSidHandler());
                    return;
                case PRIMARY_GROUP:
                    PrimaryGroupIdHandler primaryGroupIdHandler = new PrimaryGroupIdHandler();
                    primaryGroupIdHandler.setBaseDn(searchEntryHandlers.getPrimaryGroupId().getBaseDn());
                    primaryGroupIdHandler.setGroupFilter(searchEntryHandlers.getPrimaryGroupId().getGroupFilter());
                    arrayList.add(primaryGroupIdHandler);
                    return;
                case RANGE_ENTRY:
                    arrayList.add(new RangeEntryHandler());
                    return;
                case RECURSIVE_ENTRY:
                    arrayList.add(new RecursiveEntryHandler(searchEntryHandlers.getRecursive().getSearchAttribute(), searchEntryHandlers.getRecursive().getMergeAttributes()));
                    return;
                default:
                    return;
            }
        });
        if (!arrayList.isEmpty()) {
            LOGGER.debug("Search entry handlers defined for the entry resolver of [{}] are [{}]", abstractLdapAuthenticationProperties.getLdapUrl(), arrayList);
            pooledSearchEntryResolver.setSearchEntryHandlers((SearchEntryHandler[]) arrayList.toArray(new SearchEntryHandler[0]));
        }
        return pooledSearchEntryResolver;
    }

    public static Map<String, String> transformPrincipalAttributesListIntoMap(List<String> list) {
        HashMap hashMap = new HashMap();
        if (list.isEmpty()) {
            LOGGER.debug("No principal attributes are defined");
        } else {
            list.forEach(str -> {
                String trim = str.trim();
                if (!trim.contains(":")) {
                    LOGGER.debug("Mapped principal attribute name [{}]", trim);
                    hashMap.put(trim, trim);
                    return;
                }
                String[] split = trim.split(":");
                String trim2 = split[0].trim();
                String trim3 = split[1].trim();
                LOGGER.debug("Mapped principal attribute name [{}] to [{}]", trim2, trim3);
                hashMap.put(trim2, trim3);
            });
        }
        return hashMap;
    }

    public static ConnectionConfig newLdaptiveConnectionConfig(AbstractLdapProperties abstractLdapProperties) {
        SaslConfig gssApiConfig;
        if (StringUtils.isBlank(abstractLdapProperties.getLdapUrl())) {
            throw new IllegalArgumentException("LDAP url cannot be empty/blank");
        }
        LOGGER.debug("Creating LDAP connection configuration for [{}]", abstractLdapProperties.getLdapUrl());
        ConnectionConfig connectionConfig = new ConnectionConfig();
        String ldapUrl = abstractLdapProperties.getLdapUrl().contains(" ") ? abstractLdapProperties.getLdapUrl() : (String) Arrays.stream(abstractLdapProperties.getLdapUrl().split(",")).collect(Collectors.joining(" "));
        LOGGER.debug("Transformed LDAP urls from [{}] to [{}]", abstractLdapProperties.getLdapUrl(), ldapUrl);
        connectionConfig.setLdapUrl(ldapUrl);
        connectionConfig.setUseSSL(abstractLdapProperties.isUseSsl());
        connectionConfig.setUseStartTLS(abstractLdapProperties.isUseStartTls());
        connectionConfig.setConnectTimeout(newDuration(abstractLdapProperties.getConnectTimeout()));
        connectionConfig.setResponseTimeout(newDuration(abstractLdapProperties.getResponseTimeout()));
        if (StringUtils.isNotBlank(abstractLdapProperties.getConnectionStrategy())) {
            switch (AbstractLdapProperties.LdapConnectionStrategy.valueOf(abstractLdapProperties.getConnectionStrategy())) {
                case RANDOM:
                    connectionConfig.setConnectionStrategy(new RandomConnectionStrategy());
                    break;
                case DNS_SRV:
                    connectionConfig.setConnectionStrategy(new DnsSrvConnectionStrategy());
                    break;
                case ACTIVE_PASSIVE:
                    connectionConfig.setConnectionStrategy(new ActivePassiveConnectionStrategy());
                    break;
                case ROUND_ROBIN:
                    connectionConfig.setConnectionStrategy(new RoundRobinConnectionStrategy());
                    break;
                case DEFAULT:
                default:
                    connectionConfig.setConnectionStrategy(new DefaultConnectionStrategy());
                    break;
            }
        }
        if (abstractLdapProperties.getTrustCertificates() != null) {
            LOGGER.debug("Creating LDAP SSL configuration via trust certificates [{}]", abstractLdapProperties.getTrustCertificates());
            X509CredentialConfig x509CredentialConfig = new X509CredentialConfig();
            x509CredentialConfig.setTrustCertificates(abstractLdapProperties.getTrustCertificates());
            connectionConfig.setSslConfig(new SslConfig(x509CredentialConfig));
        } else if (abstractLdapProperties.getKeystore() != null) {
            LOGGER.debug("Creating LDAP SSL configuration via keystore [{}]", abstractLdapProperties.getKeystore());
            KeyStoreCredentialConfig keyStoreCredentialConfig = new KeyStoreCredentialConfig();
            keyStoreCredentialConfig.setKeyStore(abstractLdapProperties.getKeystore());
            keyStoreCredentialConfig.setKeyStorePassword(abstractLdapProperties.getKeystorePassword());
            keyStoreCredentialConfig.setKeyStoreType(abstractLdapProperties.getKeystoreType());
            connectionConfig.setSslConfig(new SslConfig(keyStoreCredentialConfig));
        } else {
            LOGGER.debug("Creating LDAP SSL configuration via the native JVM truststore");
            connectionConfig.setSslConfig(new SslConfig());
        }
        if (abstractLdapProperties.getSaslMechanism() != null) {
            LOGGER.debug("Creating LDAP SASL mechanism via [{}]", abstractLdapProperties.getSaslMechanism());
            BindConnectionInitializer bindConnectionInitializer = new BindConnectionInitializer();
            switch (abstractLdapProperties.getSaslMechanism()) {
                case DIGEST_MD5:
                    gssApiConfig = new DigestMd5Config();
                    ((DigestMd5Config) gssApiConfig).setRealm(abstractLdapProperties.getSaslRealm());
                    break;
                case CRAM_MD5:
                    gssApiConfig = new CramMd5Config();
                    break;
                case EXTERNAL:
                    gssApiConfig = new ExternalConfig();
                    break;
                case GSSAPI:
                    gssApiConfig = new GssApiConfig();
                    ((GssApiConfig) gssApiConfig).setRealm(abstractLdapProperties.getSaslRealm());
                    break;
                default:
                    throw new IllegalArgumentException("Unknown SASL mechanism " + abstractLdapProperties.getSaslMechanism().name());
            }
            gssApiConfig.setAuthorizationId(abstractLdapProperties.getSaslAuthorizationId());
            gssApiConfig.setMutualAuthentication(abstractLdapProperties.getSaslMutualAuth());
            gssApiConfig.setQualityOfProtection(abstractLdapProperties.getSaslQualityOfProtection());
            gssApiConfig.setSecurityStrength(abstractLdapProperties.getSaslSecurityStrength());
            bindConnectionInitializer.setBindSaslConfig(gssApiConfig);
            connectionConfig.setConnectionInitializer(bindConnectionInitializer);
        } else if (StringUtils.equals(abstractLdapProperties.getBindCredential(), "*") && StringUtils.equals(abstractLdapProperties.getBindDn(), "*")) {
            LOGGER.debug("Creating LDAP fast-bind connection initializer");
            connectionConfig.setConnectionInitializer(new FastBindOperation.FastBindConnectionInitializer());
        } else if (StringUtils.isNotBlank(abstractLdapProperties.getBindDn()) && StringUtils.isNotBlank(abstractLdapProperties.getBindCredential())) {
            LOGGER.debug("Creating LDAP bind connection initializer via [{}]", abstractLdapProperties.getBindDn());
            connectionConfig.setConnectionInitializer(new BindConnectionInitializer(abstractLdapProperties.getBindDn(), new Credential(abstractLdapProperties.getBindCredential())));
        }
        return connectionConfig;
    }

    public static PoolConfig newLdaptivePoolConfig(AbstractLdapProperties abstractLdapProperties) {
        LOGGER.debug("Creating LDAP connection pool configuration for [{}]", abstractLdapProperties.getLdapUrl());
        PoolConfig poolConfig = new PoolConfig();
        poolConfig.setMinPoolSize(abstractLdapProperties.getMinPoolSize());
        poolConfig.setMaxPoolSize(abstractLdapProperties.getMaxPoolSize());
        poolConfig.setValidateOnCheckOut(abstractLdapProperties.isValidateOnCheckout());
        poolConfig.setValidatePeriodically(abstractLdapProperties.isValidatePeriodically());
        poolConfig.setValidatePeriod(newDuration(abstractLdapProperties.getValidatePeriod()));
        poolConfig.setValidateTimeout(newDuration(abstractLdapProperties.getValidateTimeout()));
        return poolConfig;
    }

    public static DefaultConnectionFactory newLdaptiveConnectionFactory(AbstractLdapProperties abstractLdapProperties) {
        LOGGER.debug("Creating LDAP connection factory for [{}]", abstractLdapProperties.getLdapUrl());
        DefaultConnectionFactory defaultConnectionFactory = new DefaultConnectionFactory(newLdaptiveConnectionConfig(abstractLdapProperties));
        if (abstractLdapProperties.getProviderClass() != null) {
            try {
                defaultConnectionFactory.setProvider((Provider) Provider.class.cast(ClassUtils.getClass(abstractLdapProperties.getProviderClass()).newInstance()));
            } catch (Exception e) {
                LOGGER.error(e.getMessage(), (Throwable) e);
            }
        }
        return defaultConnectionFactory;
    }

    public static ConnectionPool newLdaptiveBlockingConnectionPool(AbstractLdapProperties abstractLdapProperties) {
        DefaultConnectionFactory newLdaptiveConnectionFactory = newLdaptiveConnectionFactory(abstractLdapProperties);
        PoolConfig newLdaptivePoolConfig = newLdaptivePoolConfig(abstractLdapProperties);
        BlockingConnectionPool blockingConnectionPool = new BlockingConnectionPool(newLdaptivePoolConfig, newLdaptiveConnectionFactory);
        blockingConnectionPool.setBlockWaitTime(newDuration(abstractLdapProperties.getBlockWaitTime()));
        blockingConnectionPool.setPoolConfig(newLdaptivePoolConfig);
        IdlePruneStrategy idlePruneStrategy = new IdlePruneStrategy();
        idlePruneStrategy.setIdleTime(newDuration(abstractLdapProperties.getIdleTime()));
        idlePruneStrategy.setPrunePeriod(newDuration(abstractLdapProperties.getPrunePeriod()));
        blockingConnectionPool.setPruneStrategy(idlePruneStrategy);
        String lowerCase = abstractLdapProperties.getValidator().getType().trim().toLowerCase();
        boolean z = -1;
        switch (lowerCase.hashCode()) {
            case -906336856:
                if (lowerCase.equals(SpringInputGeneralFieldTagProcessor.SEARCH_INPUT_TYPE_ATTR_VALUE)) {
                    z = 2;
                    break;
                }
                break;
            case 3387192:
                if (lowerCase.equals("none")) {
                    z = true;
                    break;
                }
                break;
            case 950484197:
                if (lowerCase.equals("compare")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                CompareRequest compareRequest = new CompareRequest();
                compareRequest.setDn(abstractLdapProperties.getValidator().getDn());
                compareRequest.setAttribute(new LdapAttribute(abstractLdapProperties.getValidator().getAttributeName(), (String[]) abstractLdapProperties.getValidator().getAttributeValues().toArray(new String[0])));
                compareRequest.setReferralHandler(new SearchReferralHandler());
                blockingConnectionPool.setValidator(new CompareValidator(compareRequest));
                break;
            case true:
                LOGGER.debug("No validator is configured for the LDAP connection pool of [{}]", abstractLdapProperties.getLdapUrl());
                break;
            case true:
            default:
                SearchRequest searchRequest = new SearchRequest();
                searchRequest.setBaseDn(abstractLdapProperties.getValidator().getBaseDn());
                searchRequest.setSearchFilter(new SearchFilter(abstractLdapProperties.getValidator().getSearchFilter()));
                searchRequest.setReturnAttributes(ReturnAttributes.NONE.value());
                searchRequest.setSearchScope(abstractLdapProperties.getValidator().getScope());
                searchRequest.setSizeLimit(1L);
                searchRequest.setReferralHandler(new SearchReferralHandler());
                blockingConnectionPool.setValidator(new SearchValidator(searchRequest));
                break;
        }
        blockingConnectionPool.setFailFastInitialize(abstractLdapProperties.isFailFast());
        if (StringUtils.isNotBlank(abstractLdapProperties.getPoolPassivator())) {
            switch (AbstractLdapProperties.LdapConnectionPoolPassivator.valueOf(abstractLdapProperties.getPoolPassivator().toUpperCase())) {
                case CLOSE:
                    blockingConnectionPool.setPassivator(new ClosePassivator());
                    LOGGER.debug("Created [{}] passivator for [{}]", abstractLdapProperties.getPoolPassivator(), abstractLdapProperties.getLdapUrl());
                    break;
                case BIND:
                    if (!StringUtils.isNotBlank(abstractLdapProperties.getBindDn()) || !StringUtils.isNoneBlank(abstractLdapProperties.getBindCredential())) {
                        LOGGER.warn("No [{}] passivator could be created for [{}] given bind credentials are not specified", abstractLdapProperties.getPoolPassivator(), abstractLdapProperties.getLdapUrl());
                        break;
                    } else {
                        BindRequest bindRequest = new BindRequest();
                        bindRequest.setDn(abstractLdapProperties.getBindDn());
                        bindRequest.setCredential(new Credential(abstractLdapProperties.getBindCredential()));
                        blockingConnectionPool.setPassivator(new BindPassivator(bindRequest));
                        LOGGER.debug("Created [{}] passivator for [{}]", abstractLdapProperties.getPoolPassivator(), abstractLdapProperties.getLdapUrl());
                        break;
                    }
                    break;
            }
        }
        LOGGER.debug("Initializing ldap connection pool for [{}] and bindDn [{}]", abstractLdapProperties.getLdapUrl(), abstractLdapProperties.getBindDn());
        blockingConnectionPool.initialize();
        return blockingConnectionPool;
    }

    public static Predicate<org.apereo.cas.authentication.Credential> newCredentialSelectionPredicate(String str) {
        Resource resource;
        try {
            return StringUtils.isBlank(str) ? credential -> {
                return true;
            } : (!str.endsWith(GroovyWebApplicationContext.DEFAULT_CONFIG_LOCATION_SUFFIX) || (resource = new DefaultResourceLoader().getResource(str)) == null) ? (Predicate) ClassUtils.getClass(str).newInstance() : (Predicate) new GroovyClassLoader(Beans.class.getClassLoader(), new CompilerConfiguration(), true).parseClass(IOUtils.toString(resource.getInputStream(), StandardCharsets.UTF_8)).newInstance();
        } catch (Exception e) {
            Predicate<String> asPredicate = Pattern.compile(str).asPredicate();
            return credential2 -> {
                return asPredicate.test(credential2.getId());
            };
        }
    }

    public static PooledConnectionFactory newLdaptivePooledConnectionFactory(AbstractLdapProperties abstractLdapProperties) {
        return new PooledConnectionFactory(newLdaptiveBlockingConnectionPool(abstractLdapProperties));
    }

    public static Duration newDuration(String str) {
        try {
            return NumberUtils.isCreatable(str) ? Duration.ofSeconds(Long.valueOf(str).longValue()) : Duration.parse(str);
        } catch (Exception e) {
            throw Throwables.propagate(e);
        }
    }

    public static CipherExecutor newTicketRegistryCipherExecutor(CryptographyProperties cryptographyProperties) {
        return newTicketRegistryCipherExecutor(cryptographyProperties, false);
    }

    public static CipherExecutor newTicketRegistryCipherExecutor(CryptographyProperties cryptographyProperties, boolean z) {
        if ((StringUtils.isNotBlank(cryptographyProperties.getEncryption().getKey()) && StringUtils.isNotBlank(cryptographyProperties.getEncryption().getKey())) || z) {
            return new DefaultTicketCipherExecutor(cryptographyProperties.getEncryption().getKey(), cryptographyProperties.getSigning().getKey(), cryptographyProperties.getAlg(), cryptographyProperties.getSigning().getKeySize(), cryptographyProperties.getEncryption().getKeySize());
        }
        LOGGER.debug("Ticket registry encryption/signing is turned off. This MAY NOT be safe in a clustered production environment. Consider using other choices to handle encryption, signing and verification of ticket registry tickets, and verify the chosen ticket registry does support this behavior.");
        return NoOpCipherExecutor.getInstance();
    }

    public static SearchRequest newLdaptiveSearchRequest(String str, SearchFilter searchFilter, String[] strArr, String[] strArr2) {
        SearchRequest searchRequest = new SearchRequest(str, searchFilter);
        searchRequest.setBinaryAttributes(strArr);
        searchRequest.setReturnAttributes(strArr2);
        searchRequest.setSearchScope(SearchScope.SUBTREE);
        return searchRequest;
    }

    public static SearchRequest newLdaptiveSearchRequest(String str, SearchFilter searchFilter) {
        return newLdaptiveSearchRequest(str, searchFilter, ReturnAttributes.ALL_USER.value(), ReturnAttributes.ALL_USER.value());
    }

    public static SearchFilter newLdaptiveSearchFilter(String str) {
        return newLdaptiveSearchFilter(str, Collections.emptyList());
    }

    public static SearchFilter newLdaptiveSearchFilter(String str, List<String> list) {
        return newLdaptiveSearchFilter(str, "user", list);
    }

    public static SearchFilter newLdaptiveSearchFilter(String str, String str2, List<String> list) {
        SearchFilter searchFilter = new SearchFilter();
        searchFilter.setFilter(str);
        if (list != null) {
            IntStream.range(0, list.size()).forEach(i -> {
                if (searchFilter.getFilter().contains("{" + i + '}')) {
                    searchFilter.setParameter(i, list.get(i));
                } else {
                    searchFilter.setParameter(str2, list.get(i));
                }
            });
        }
        LOGGER.debug("Constructed LDAP search filter [{}]", searchFilter.format());
        return searchFilter;
    }

    public static SearchExecutor newLdaptiveSearchExecutor(String str, String str2, List<String> list) {
        return newLdaptiveSearchExecutor(str, str2, list, ReturnAttributes.ALL.value());
    }

    public static SearchExecutor newLdaptiveSearchExecutor(String str, String str2, List<String> list, List<String> list2) {
        return newLdaptiveSearchExecutor(str, str2, list, (String[]) list2.toArray(new String[0]));
    }

    public static SearchExecutor newLdaptiveSearchExecutor(String str, String str2, List<String> list, String[] strArr) {
        SearchExecutor searchExecutor = new SearchExecutor();
        searchExecutor.setBaseDn(str);
        searchExecutor.setSearchFilter(newLdaptiveSearchFilter(str2, list));
        searchExecutor.setReturnAttributes(strArr);
        searchExecutor.setSearchScope(SearchScope.SUBTREE);
        return searchExecutor;
    }

    public static SearchExecutor newLdaptiveSearchExecutor(String str, String str2) {
        return newLdaptiveSearchExecutor(str, str2, Collections.emptyList());
    }

    public static MongoClientOptionsFactoryBean newMongoDbClientOptionsFactoryBean(AbstractMongoInstanceProperties abstractMongoInstanceProperties) {
        try {
            MongoClientOptionsFactoryBean mongoClientOptionsFactoryBean = new MongoClientOptionsFactoryBean();
            mongoClientOptionsFactoryBean.setWriteConcern(WriteConcern.valueOf(abstractMongoInstanceProperties.getWriteConcern()));
            mongoClientOptionsFactoryBean.setHeartbeatConnectTimeout(Long.valueOf(abstractMongoInstanceProperties.getTimeout()).intValue());
            mongoClientOptionsFactoryBean.setHeartbeatSocketTimeout(Long.valueOf(abstractMongoInstanceProperties.getTimeout()).intValue());
            mongoClientOptionsFactoryBean.setMaxConnectionLifeTime(abstractMongoInstanceProperties.getConns().getLifetime());
            mongoClientOptionsFactoryBean.setSocketKeepAlive(abstractMongoInstanceProperties.isSocketKeepAlive());
            mongoClientOptionsFactoryBean.setMaxConnectionIdleTime(Long.valueOf(abstractMongoInstanceProperties.getIdleTimeout()).intValue());
            mongoClientOptionsFactoryBean.setConnectionsPerHost(abstractMongoInstanceProperties.getConns().getPerHost());
            mongoClientOptionsFactoryBean.setSocketTimeout(Long.valueOf(abstractMongoInstanceProperties.getTimeout()).intValue());
            mongoClientOptionsFactoryBean.setConnectTimeout(Long.valueOf(abstractMongoInstanceProperties.getTimeout()).intValue());
            mongoClientOptionsFactoryBean.afterPropertiesSet();
            return mongoClientOptionsFactoryBean;
        } catch (Exception e) {
            throw new BeanCreationException(e.getMessage(), e);
        }
    }

    public static MongoClientOptions newMongoDbClientOptions(AbstractMongoInstanceProperties abstractMongoInstanceProperties) {
        try {
            return newMongoDbClientOptionsFactoryBean(abstractMongoInstanceProperties).getObject2();
        } catch (Exception e) {
            throw new BeanCreationException(e.getMessage(), e);
        }
    }

    public static Mongo newMongoDbClient(AbstractMongoInstanceProperties abstractMongoInstanceProperties) {
        return new MongoClient(new ServerAddress(abstractMongoInstanceProperties.getHost(), abstractMongoInstanceProperties.getPort()), (List<MongoCredential>) Collections.singletonList(MongoCredential.createCredential(abstractMongoInstanceProperties.getUserId(), abstractMongoInstanceProperties.getDatabaseName(), abstractMongoInstanceProperties.getPassword().toCharArray())), newMongoDbClientOptions(abstractMongoInstanceProperties));
    }

    public static Authenticator newLdaptiveAuthenticator(AbstractLdapAuthenticationProperties abstractLdapAuthenticationProperties) {
        switch (abstractLdapAuthenticationProperties.getType()) {
            case AD:
                LOGGER.debug("Creating active directory authenticator for [{}]", abstractLdapAuthenticationProperties.getLdapUrl());
                return getActiveDirectoryAuthenticator(abstractLdapAuthenticationProperties);
            case DIRECT:
                LOGGER.debug("Creating direct-bind authenticator for [{}]", abstractLdapAuthenticationProperties.getLdapUrl());
                return getDirectBindAuthenticator(abstractLdapAuthenticationProperties);
            case AUTHENTICATED:
                LOGGER.debug("Creating authenticated authenticator for [{}]", abstractLdapAuthenticationProperties.getLdapUrl());
                return getAuthenticatedOrAnonSearchAuthenticator(abstractLdapAuthenticationProperties);
            default:
                LOGGER.debug("Creating anonymous authenticator for [{}]", abstractLdapAuthenticationProperties.getLdapUrl());
                return getAuthenticatedOrAnonSearchAuthenticator(abstractLdapAuthenticationProperties);
        }
    }

    private static Authenticator getAuthenticatedOrAnonSearchAuthenticator(AbstractLdapAuthenticationProperties abstractLdapAuthenticationProperties) {
        if (StringUtils.isBlank(abstractLdapAuthenticationProperties.getBaseDn())) {
            throw new IllegalArgumentException("Base dn cannot be empty/blank for authenticated/anonymous authentication");
        }
        if (StringUtils.isBlank(abstractLdapAuthenticationProperties.getUserFilter())) {
            throw new IllegalArgumentException("User filter cannot be empty/blank for authenticated/anonymous authentication");
        }
        PooledConnectionFactory newLdaptivePooledConnectionFactory = newLdaptivePooledConnectionFactory(abstractLdapAuthenticationProperties);
        PooledSearchDnResolver pooledSearchDnResolver = new PooledSearchDnResolver();
        pooledSearchDnResolver.setBaseDn(abstractLdapAuthenticationProperties.getBaseDn());
        pooledSearchDnResolver.setSubtreeSearch(abstractLdapAuthenticationProperties.isSubtreeSearch());
        pooledSearchDnResolver.setAllowMultipleDns(abstractLdapAuthenticationProperties.isAllowMultipleDns());
        pooledSearchDnResolver.setConnectionFactory(newLdaptivePooledConnectionFactory);
        pooledSearchDnResolver.setUserFilter(abstractLdapAuthenticationProperties.getUserFilter());
        Authenticator authenticator = StringUtils.isBlank(abstractLdapAuthenticationProperties.getPrincipalAttributePassword()) ? new Authenticator(pooledSearchDnResolver, getPooledBindAuthenticationHandler(abstractLdapAuthenticationProperties, newLdaptivePooledConnectionFactory(abstractLdapAuthenticationProperties))) : new Authenticator(pooledSearchDnResolver, getPooledCompareAuthenticationHandler(abstractLdapAuthenticationProperties, newLdaptivePooledConnectionFactory(abstractLdapAuthenticationProperties)));
        if (abstractLdapAuthenticationProperties.isEnhanceWithEntryResolver()) {
            authenticator.setEntryResolver(newLdaptiveSearchEntryResolver(abstractLdapAuthenticationProperties, newLdaptivePooledConnectionFactory(abstractLdapAuthenticationProperties)));
        }
        return authenticator;
    }

    private static Authenticator getDirectBindAuthenticator(AbstractLdapAuthenticationProperties abstractLdapAuthenticationProperties) {
        if (StringUtils.isBlank(abstractLdapAuthenticationProperties.getDnFormat())) {
            throw new IllegalArgumentException("Dn format cannot be empty/blank for direct bind authentication");
        }
        Authenticator authenticator = new Authenticator(new FormatDnResolver(abstractLdapAuthenticationProperties.getDnFormat()), getPooledBindAuthenticationHandler(abstractLdapAuthenticationProperties, newLdaptivePooledConnectionFactory(abstractLdapAuthenticationProperties)));
        if (abstractLdapAuthenticationProperties.isEnhanceWithEntryResolver()) {
            authenticator.setEntryResolver(newLdaptiveSearchEntryResolver(abstractLdapAuthenticationProperties, newLdaptivePooledConnectionFactory(abstractLdapAuthenticationProperties)));
        }
        return authenticator;
    }

    private static Authenticator getActiveDirectoryAuthenticator(AbstractLdapAuthenticationProperties abstractLdapAuthenticationProperties) {
        if (StringUtils.isBlank(abstractLdapAuthenticationProperties.getDnFormat())) {
            throw new IllegalArgumentException("Dn format cannot be empty/blank for active directory authentication");
        }
        Authenticator authenticator = new Authenticator(new FormatDnResolver(abstractLdapAuthenticationProperties.getDnFormat()), getPooledBindAuthenticationHandler(abstractLdapAuthenticationProperties, newLdaptivePooledConnectionFactory(abstractLdapAuthenticationProperties)));
        if (abstractLdapAuthenticationProperties.isEnhanceWithEntryResolver()) {
            authenticator.setEntryResolver(newLdaptiveSearchEntryResolver(abstractLdapAuthenticationProperties, newLdaptivePooledConnectionFactory(abstractLdapAuthenticationProperties)));
        }
        return authenticator;
    }

    private static PooledBindAuthenticationHandler getPooledBindAuthenticationHandler(AbstractLdapAuthenticationProperties abstractLdapAuthenticationProperties, PooledConnectionFactory pooledConnectionFactory) {
        PooledBindAuthenticationHandler pooledBindAuthenticationHandler = new PooledBindAuthenticationHandler(pooledConnectionFactory);
        pooledBindAuthenticationHandler.setAuthenticationControls(new PasswordPolicyControl());
        return pooledBindAuthenticationHandler;
    }

    private static PooledCompareAuthenticationHandler getPooledCompareAuthenticationHandler(AbstractLdapAuthenticationProperties abstractLdapAuthenticationProperties, PooledConnectionFactory pooledConnectionFactory) {
        PooledCompareAuthenticationHandler pooledCompareAuthenticationHandler = new PooledCompareAuthenticationHandler(pooledConnectionFactory);
        pooledCompareAuthenticationHandler.setPasswordAttribute(abstractLdapAuthenticationProperties.getPrincipalAttributePassword());
        return pooledCompareAuthenticationHandler;
    }
}
