package org.apache.hive.service.auth.ldap;

import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.sasl.AuthenticationException;
import org.apache.hadoop.hive.conf.HiveConf;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/hive/service/auth/ldap/UserFilterFactory.class */
public final class UserFilterFactory implements FilterFactory {

    /* loaded from: input_file:org/apache/hive/service/auth/ldap/UserFilterFactory$UserFilter.class */
    private static final class UserFilter implements Filter {
        private static final Logger LOG = LoggerFactory.getLogger(UserFilter.class);
        private final Set<String> userFilter = new HashSet();

        UserFilter(Collection<String> collection) {
            Iterator<String> it = collection.iterator();
            while (it.hasNext()) {
                this.userFilter.add(it.next().toLowerCase());
            }
        }

        @Override // org.apache.hive.service.auth.ldap.Filter
        public void apply(DirSearch dirSearch, String str) throws AuthenticationException {
            LOG.info("Authenticating user '{}' using user filter", str);
            if (this.userFilter.contains(LdapUtils.extractUserName(str).toLowerCase())) {
                return;
            }
            LOG.info("Authentication failed based on user membership");
            throw new AuthenticationException("Authentication failed: User not a member of specified list");
        }
    }

    @Override // org.apache.hive.service.auth.ldap.FilterFactory
    public Filter getInstance(HiveConf hiveConf) {
        Collection stringCollection = hiveConf.getStringCollection(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_USERFILTER.varname);
        if (stringCollection.isEmpty()) {
            return null;
        }
        return new UserFilter(stringCollection);
    }
}
