package com.identity4j.connector.directory;

import com.identity4j.connector.AbstractConnectorConfiguration;
import com.identity4j.connector.util.DummySSLSocketFactory;
import com.identity4j.util.MultiMap;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.naming.InvalidNameException;
import javax.naming.Name;
import javax.naming.NamingException;
import javax.naming.ldap.LdapName;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/identity4j/connector/directory/DirectoryConfiguration.class */
public class DirectoryConfiguration extends AbstractConnectorConfiguration {
    static Log LOG = LogFactory.getLog(DirectoryConfiguration.class);
    public static final String DIRECTORY_HOSTNAME = "directory.hostname";
    public static final String DIRECTORY_BACKUP_HOSTNAMES = "directory.backupHostnames";
    public static final String DIRECTORY_BASE_DN = "directory.baseDn";
    public static final String DIRECTORY_USER_OU = "directory.userOU";
    public static final String DIRECTORY_SERVICE_ACCOUNT_USERNAME = "directory.serviceAccountUsername";
    public static final String DIRECTORY_SERVICE_ACCOUNT_PASSWORD = "directory.serviceAccountPassword";
    public static final String DIRECTORY_DOMAIN = "directory.domain";
    public static final String DIRECTORY_SECURITY_PROTOCOL = "directory.protocol";
    public static final String DIRECTORY_EXCLUDES = "directory.excludes";
    public static final String DIRECTORY_INCLUDES = "directory.includes";
    public static final String DIRECTORY_ENABLE_ROLES = "directory.enableRoles";
    public static final char PORT_SEPARATOR = ':';
    public static final String COMMON_NAME = "CN=";
    public static final String SSL = "ssl";
    public static final String PLAIN = "plain";
    public static final String LDAP_PROTOCOL = "ldap://";
    public static final String LDAPS_PROTOCOL = "ldaps://";
    private final Name baseDn;
    private final Collection<Name> includes;
    private final Collection<Name> excludes;
    private final boolean enableRoles;
    String securityProtocol;

    public DirectoryConfiguration(MultiMap multiMap) {
        super(multiMap);
        this.securityProtocol = SSL;
        try {
            this.baseDn = new LdapName(multiMap.getStringOrDefault(DIRECTORY_BASE_DN, ""));
            this.includes = getNames(multiMap.getStringArrayOrDefault(DIRECTORY_INCLUDES, new String[0]));
            this.excludes = getNames(multiMap.getStringArrayOrDefault(DIRECTORY_EXCLUDES, new String[0]));
            this.includes.removeAll(this.excludes);
            this.securityProtocol = multiMap.getStringOrDefault(DIRECTORY_SECURITY_PROTOCOL, SSL);
            this.enableRoles = multiMap.getBooleanOrDefault(DIRECTORY_ENABLE_ROLES, false).booleanValue();
            if (this.includes.isEmpty()) {
                this.includes.add(this.baseDn);
            }
        } catch (NamingException e) {
            throw new Error((Throwable) e);
        }
    }

    public final String[] getControllerHosts() {
        ArrayList arrayList = new ArrayList(Arrays.asList(this.configurationParameters.getStringArrayOrFail(DIRECTORY_HOSTNAME)));
        arrayList.addAll(Arrays.asList(this.configurationParameters.getStringArrayOrFail(DIRECTORY_BACKUP_HOSTNAMES)));
        return (String[]) arrayList.toArray(new String[0]);
    }

    public final String[] getControllerHostnames() {
        ArrayList arrayList = new ArrayList();
        for (String str : getControllerHosts()) {
            arrayList.add(getControllerHostWithoutPort(str));
        }
        return (String[]) arrayList.toArray(new String[0]);
    }

    public Collection<Name> getIncludes() {
        return this.includes;
    }

    public Collection<Name> getExcludes() {
        return this.excludes;
    }

    public boolean isEnableRoles() {
        return this.enableRoles;
    }

    protected String[] buildProviderUrls(String... strArr) {
        ArrayList arrayList = new ArrayList();
        for (String str : strArr) {
            arrayList.add(str);
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static final String getControllerHostWithoutPort(String str) {
        int lastIndexOf = str.lastIndexOf(58);
        return lastIndexOf == -1 ? str : str.substring(0, lastIndexOf);
    }

    public final String getServiceAuthenticationType() {
        return this.configurationParameters.getStringOrDefault("directory.serviceAuthenticationType", "simple");
    }

    public final boolean requiresServiceAuthentication() {
        return !"none".equals(getServiceAuthenticationType());
    }

    public final String getSecurityProtocol() {
        return this.securityProtocol;
    }

    public final boolean isFollowReferrals() {
        return this.configurationParameters.getBooleanOrDefault("directory.followReferrals", Boolean.FALSE.booleanValue()).booleanValue();
    }

    public final String getInitialContextFactory() {
        return this.configurationParameters.getStringOrDefault("directory.initialContextFactory", "com.sun.jndi.ldap.LdapCtxFactory");
    }

    public final int getTimeout() {
        return this.configurationParameters.getIntegerOrDefault("directory.timeout", 30).intValue() * 1000;
    }

    public int getMaxPageSize() {
        return this.configurationParameters.getIntegerOrDefault("directory.maxPageSize", 1000).intValue();
    }

    public final String getVersion() {
        return this.configurationParameters.getStringOrDefault("directory.version", "3");
    }

    public final Name getBaseDn() {
        return this.baseDn;
    }

    private Collection<Name> getNames(String... strArr) throws InvalidNameException {
        ArrayList arrayList = new ArrayList();
        for (String str : strArr) {
            arrayList.add(new LdapName(str).addAll(0, getBaseDn()));
        }
        return arrayList;
    }

    public final String getServiceAccountDn() {
        return this.configurationParameters.getStringOrFail(DIRECTORY_SERVICE_ACCOUNT_USERNAME);
    }

    public final String getServiceAccountPassword() {
        return this.configurationParameters.getStringOrFail(DIRECTORY_SERVICE_ACCOUNT_PASSWORD);
    }

    public final String getIdentityObjectClass() {
        return this.configurationParameters.getStringOrFail("directory.identityObjectClass");
    }

    public final String getIdentityNameAttribute() {
        return this.configurationParameters.getStringOrFail("directory.identityNameAttribute");
    }

    public final String getIdentityGuidAttribute() {
        return this.configurationParameters.getStringOrFail("directory.identityGuidAttribute");
    }

    public final String getIdentityPasswordAttribute() {
        return this.configurationParameters.getStringOrFail("directory.identityPasswordAttribute");
    }

    public final String getIdentityPasswordEncoding() {
        return this.configurationParameters.getStringOrFail("directory.identityPasswordEncoding");
    }

    public final String getRoleObjectClass() {
        return this.configurationParameters.getStringOrFail("directory.roleObjectClass");
    }

    public final String getRoleNameAttribute() {
        return this.configurationParameters.getStringOrFail("directory.roleNameAttribute");
    }

    public final String getRoleGuidAttribute() {
        return this.configurationParameters.getStringOrFail("directory.roleGuidAttribute");
    }

    public final Map<String, String> getConnectorConfigurationParameters() {
        HashMap hashMap = new HashMap();
        hashMap.put("java.naming.factory.initial", getInitialContextFactory());
        ArrayList arrayList = new ArrayList();
        int i = 0;
        for (String str : getControllerHosts()) {
            i++;
            int indexOf = str.indexOf(58);
            if (indexOf > -1) {
                switch (Integer.parseInt(str.substring(indexOf + 1))) {
                    case 389:
                    case 3268:
                        if (i <= 1 || !this.securityProtocol.equals(SSL)) {
                            if (LOG.isWarnEnabled() && this.securityProtocol.equals(SSL)) {
                                LOG.warn("Switching to PLAIN security protocol");
                            }
                            this.securityProtocol = PLAIN;
                            arrayList.add(str);
                            break;
                        } else if (LOG.isWarnEnabled()) {
                            LOG.warn("Multiple controller hosts with different protocols [PLAIN,SSL] are not allowed");
                            break;
                        } else {
                            break;
                        }
                    case 636:
                    case 3269:
                        if (this.securityProtocol.equals(PLAIN)) {
                            if (LOG.isWarnEnabled()) {
                                LOG.warn("Multiple controller hosts with different protocols [PLAIN,SSL] are not allowed");
                                break;
                            } else {
                                break;
                            }
                        } else {
                            this.securityProtocol = SSL;
                            arrayList.add(str);
                            break;
                        }
                    default:
                        if (LOG.isWarnEnabled()) {
                            LOG.warn("Unexpected LDAP port in controller host " + str);
                        }
                        arrayList.add(str);
                        break;
                }
            }
        }
        this.configurationParameters.set(DIRECTORY_SECURITY_PROTOCOL, new String[]{this.securityProtocol});
        hashMap.put("java.naming.provider.url", buildProviderUrl(getSecurityProtocol().equalsIgnoreCase(SSL), (String[]) arrayList.toArray(new String[0])));
        hashMap.put("java.naming.security.protocol", this.securityProtocol);
        hashMap.put("java.naming.security.authentication", getServiceAuthenticationType());
        if (SSL.equals(getSecurityProtocol())) {
            hashMap.put("java.naming.ldap.factory.socket", DummySSLSocketFactory.class.getName());
        }
        if (isFollowReferrals()) {
            hashMap.put("java.naming.referral", "follow");
        }
        hashMap.put("com.sun.jndi.ldap.connect.timeout", String.valueOf(getTimeout()));
        hashMap.put("java.naming.ldap.version", getVersion());
        hashMap.put("com.sun.jndi.ldap.connect.pool", "true");
        hashMap.put("javax.security.sasl.qop", "auth-conf,auth-int,auth");
        hashMap.putAll(getInitialConfigurationParameters());
        return hashMap;
    }

    public String[] getProviderURLList() {
        ArrayList arrayList = new ArrayList();
        boolean equalsIgnoreCase = getSecurityProtocol().equalsIgnoreCase(SSL);
        for (String str : getControllerHosts()) {
            arrayList.add(buildProviderUrl(equalsIgnoreCase, str));
        }
        return (String[]) arrayList.toArray(new String[0]);
    }

    public String buildProviderUrl(boolean z, String... strArr) {
        StringBuilder sb = new StringBuilder();
        for (String str : buildProviderUrls(strArr)) {
            int indexOf = str.indexOf(58);
            if (indexOf > -1) {
                switch (Integer.parseInt(str.substring(indexOf + 1))) {
                    case 389:
                    case 3268:
                        sb.append(LDAP_PROTOCOL).append(str).append(" ");
                        break;
                    case 636:
                    case 3269:
                        sb.append(LDAPS_PROTOCOL).append(str).append(" ");
                        break;
                    default:
                        LOG.warn("Unexpected LDAP port in controller host " + str);
                        sb.append(z ? LDAPS_PROTOCOL : LDAP_PROTOCOL).append(str).append(" ");
                        break;
                }
            } else {
                sb.append(z ? LDAPS_PROTOCOL : LDAP_PROTOCOL).append(str).append(" ");
            }
        }
        return sb.toString().trim();
    }

    protected Map<String, String> getInitialConfigurationParameters() {
        return Collections.emptyMap();
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer(super/*java.lang.Object*/.toString());
        stringBuffer.append("[ControllerHost='" + getControllerHosts());
        stringBuffer.append("', ServiceAuthenticationType='" + getServiceAuthenticationType());
        stringBuffer.append("', SecurityProtocol='" + getSecurityProtocol());
        stringBuffer.append("', InitialContextFactory='" + getInitialContextFactory());
        stringBuffer.append("', Timeout='" + getTimeout());
        stringBuffer.append("', Version='" + getVersion());
        stringBuffer.append("', BaseDn='" + getBaseDn());
        stringBuffer.append("', ServiceAccountUsername='" + getServiceAccountDn());
        stringBuffer.append("', ServiceAccountPassword='********");
        stringBuffer.append("', IdentityObjectClass='" + getIdentityObjectClass());
        stringBuffer.append("', IdentityNameAttribute='" + getIdentityNameAttribute());
        stringBuffer.append("', IdentityGuidAttribute='" + getIdentityGuidAttribute());
        stringBuffer.append("', IdentityPasswordAttribute='" + getIdentityPasswordAttribute());
        stringBuffer.append("', IdentityPasswordEncoding='" + getIdentityPasswordEncoding());
        stringBuffer.append("', RoleObjectClass='" + getRoleObjectClass());
        stringBuffer.append("', RoleNameAttribute='" + getRoleNameAttribute());
        stringBuffer.append("', RoleGuidAttribute='" + getRoleGuidAttribute()).append("']");
        return stringBuffer.toString();
    }

    public String getUsernameHint() {
        return getServiceAccountDn();
    }

    public String getHostnameHint() {
        return this.configurationParameters.getStringOrNull(DIRECTORY_HOSTNAME);
    }
}
