package org.elasticsearch.shield.authc;

import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.elasticsearch.common.inject.multibindings.MapBinder;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.shield.authc.Realm;
import org.elasticsearch.shield.authc.activedirectory.ActiveDirectoryRealm;
import org.elasticsearch.shield.authc.esnative.ESNativeRealm;
import org.elasticsearch.shield.authc.esusers.FileRealm;
import org.elasticsearch.shield.authc.ldap.LdapRealm;
import org.elasticsearch.shield.authc.pki.PkiRealm;
import org.elasticsearch.shield.support.AbstractShieldModule;

/* loaded from: input_file:org/elasticsearch/shield/authc/AuthenticationModule.class */
public class AuthenticationModule extends AbstractShieldModule.Node {
    static final List<String> INTERNAL_REALM_TYPES = Arrays.asList(ESNativeRealm.TYPE, FileRealm.TYPE, ActiveDirectoryRealm.TYPE, LdapRealm.TYPE, PkiRealm.TYPE);
    private final Map<String, Class<? extends Realm.Factory<? extends Realm<? extends AuthenticationToken>>>> customRealms;
    private Class<? extends AuthenticationFailureHandler> authcFailureHandler;

    public AuthenticationModule(Settings settings) {
        super(settings);
        this.customRealms = new HashMap();
        this.authcFailureHandler = null;
    }

    @Override // org.elasticsearch.shield.support.AbstractShieldModule.Node
    protected void configureNode() {
        MapBinder newMapBinder = MapBinder.newMapBinder(binder(), String.class, Realm.Factory.class);
        newMapBinder.addBinding(FileRealm.TYPE).to(FileRealm.Factory.class).asEagerSingleton();
        newMapBinder.addBinding(FileRealm.OLD_TYPE).to(FileRealm.Factory.class).asEagerSingleton();
        newMapBinder.addBinding(ESNativeRealm.TYPE).to(ESNativeRealm.Factory.class).asEagerSingleton();
        newMapBinder.addBinding(ActiveDirectoryRealm.TYPE).to(ActiveDirectoryRealm.Factory.class).asEagerSingleton();
        newMapBinder.addBinding(LdapRealm.TYPE).to(LdapRealm.Factory.class).asEagerSingleton();
        newMapBinder.addBinding(PkiRealm.TYPE).to(PkiRealm.Factory.class).asEagerSingleton();
        for (Map.Entry<String, Class<? extends Realm.Factory<? extends Realm<? extends AuthenticationToken>>>> entry : this.customRealms.entrySet()) {
            newMapBinder.addBinding(entry.getKey()).to(entry.getValue()).asEagerSingleton();
        }
        bind(Realms.class).asEagerSingleton();
        bind(AnonymousService.class).asEagerSingleton();
        if (this.authcFailureHandler == null) {
            bind(AuthenticationFailureHandler.class).to(DefaultAuthenticationFailureHandler.class).asEagerSingleton();
        } else {
            bind(AuthenticationFailureHandler.class).to(this.authcFailureHandler).asEagerSingleton();
        }
        bind(AuthenticationService.class).to(InternalAuthenticationService.class).asEagerSingleton();
    }

    public void addCustomRealm(String str, Class<? extends Realm.Factory<? extends Realm<? extends AuthenticationToken>>> cls) {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("type must not be null or empty");
        }
        if (cls == null) {
            throw new IllegalArgumentException("realm factory class cannot be null");
        }
        if (INTERNAL_REALM_TYPES.contains(str)) {
            throw new IllegalArgumentException("cannot redefine the type [" + str + "] with custom realm [" + cls.getName() + "]");
        }
        this.customRealms.put(str, cls);
    }

    public void setAuthenticationFailureHandler(Class<? extends AuthenticationFailureHandler> cls) {
        this.authcFailureHandler = cls;
    }
}
