package com.identity4j.connector.directory;

import com.identity4j.connector.exception.ConnectorException;
import com.identity4j.connector.exception.PasswordChangeRequiredException;
import com.identity4j.util.crypt.impl.DefaultEncoderManager;
import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.PagedResultsControl;
import javax.naming.ldap.PagedResultsResponseControl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/identity4j/connector/directory/LdapService.class */
public class LdapService {
    static final Log LOG = LogFactory.getLog(LdapService.class);
    private DirectoryConfiguration configuration;
    private Hashtable<String, String> env;

    /* loaded from: input_file:com/identity4j/connector/directory/LdapService$Block.class */
    public interface Block<T> {
        T apply(LdapContext ldapContext) throws NamingException, IOException;
    }

    /* loaded from: input_file:com/identity4j/connector/directory/LdapService$LazyHolder.class */
    private static class LazyHolder {
        private static final LdapService INSTANCE = new LdapService(null);

        private LazyHolder() {
        }
    }

    /* loaded from: input_file:com/identity4j/connector/directory/LdapService$ResultMapper.class */
    public interface ResultMapper<T> {
        T apply(SearchResult searchResult) throws NamingException;
    }

    private LdapService() {
        this.env = new Hashtable<>();
    }

    public static LdapService getInstance() {
        return LazyHolder.INSTANCE;
    }

    public void init(DirectoryConfiguration directoryConfiguration) {
        LazyHolder.INSTANCE.configuration = directoryConfiguration;
    }

    public void openConnection() throws NamingException, IOException {
        checkLDAPHost();
        this.env.put("java.naming.security.principal", this.configuration.getServiceAccountDn());
        this.env.put("java.naming.security.credentials", this.configuration.getServiceAccountPassword());
        this.env.putAll(this.configuration.getConnectorConfigurationParameters());
        this.env.put("java.naming.provider.url", this.configuration.buildProviderUrl(this.configuration.getSecurityProtocol().equalsIgnoreCase(DirectoryConfiguration.SSL), this.configuration.getControllerHosts()));
        lookupContext(this.configuration.getBaseDn());
    }

    public LdapContext getConnection() throws NamingException {
        return new InitialLdapContext(this.env, (Control[]) null);
    }

    public void close(DirContext dirContext) {
        if (dirContext != null) {
            try {
                dirContext.close();
            } catch (NamingException e) {
                throw new ConnectorException("Problem in closing " + e.getMessage(), e);
            }
        }
    }

    public DirContext getConnection(String str, String str2) throws NamingException, IOException {
        Hashtable hashtable = new Hashtable(this.configuration.getConnectorConfigurationParameters());
        hashtable.put("java.naming.provider.url", this.configuration.buildProviderUrl(this.configuration.getSecurityProtocol().equalsIgnoreCase(DirectoryConfiguration.SSL), this.configuration.getControllerHosts()));
        hashtable.put("java.naming.security.principal", str);
        hashtable.put("java.naming.security.credentials", str2);
        return new InitialDirContext(hashtable);
    }

    public boolean authenticate(String str, String str2) throws IOException {
        try {
            getConnection(str, str2);
            return true;
        } catch (NamingException e) {
            if ("773".equals(new DirectoryExceptionParser(e).getData())) {
                throw new PasswordChangeRequiredException();
            }
            return false;
        }
    }

    public void setPassword(final String str, final char[] cArr) throws NamingException, IOException {
        _(new Block<Void>() { // from class: com.identity4j.connector.directory.LdapService.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.identity4j.connector.directory.LdapService.Block
            public Void apply(LdapContext ldapContext) throws NamingException {
                ldapContext.modifyAttributes(str, new ModificationItem[]{new ModificationItem(2, new BasicAttribute(LdapService.this.configuration.getIdentityPasswordAttribute(), DefaultEncoderManager.getInstance().encode(cArr, LdapService.this.configuration.getIdentityPasswordEncoding(), "UTF-8", (byte[]) null, (byte[]) null)))});
                return null;
            }
        });
    }

    public void setPassword(final String str, final byte[] bArr) throws NamingException, IOException {
        _(new Block<Void>() { // from class: com.identity4j.connector.directory.LdapService.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.identity4j.connector.directory.LdapService.Block
            public Void apply(LdapContext ldapContext) throws NamingException {
                ldapContext.modifyAttributes(str, new ModificationItem[]{new ModificationItem(2, new BasicAttribute(LdapService.this.configuration.getIdentityPasswordAttribute(), bArr))});
                return null;
            }
        });
    }

    public SearchControls getSearchControls() {
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        return searchControls;
    }

    public void unbind(final Name name) throws NamingException, IOException {
        _(new Block<Void>() { // from class: com.identity4j.connector.directory.LdapService.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.identity4j.connector.directory.LdapService.Block
            public Void apply(LdapContext ldapContext) throws NamingException, IOException {
                ldapContext.unbind(name);
                return null;
            }
        });
    }

    public void update(final Name name, final ModificationItem... modificationItemArr) throws NamingException, IOException {
        _(new Block<Void>() { // from class: com.identity4j.connector.directory.LdapService.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.identity4j.connector.directory.LdapService.Block
            public Void apply(LdapContext ldapContext) throws NamingException, IOException {
                ldapContext.modifyAttributes(name, modificationItemArr);
                return null;
            }
        });
    }

    public void bind(final Name name, final Attribute... attributeArr) throws NamingException, IOException {
        _(new Block<Void>() { // from class: com.identity4j.connector.directory.LdapService.5
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.identity4j.connector.directory.LdapService.Block
            public Void apply(LdapContext ldapContext) throws NamingException, IOException {
                BasicAttributes basicAttributes = new BasicAttributes();
                for (Attribute attribute : attributeArr) {
                    basicAttributes.put(attribute);
                }
                ldapContext.bind(name, (Object) null, basicAttributes);
                return null;
            }
        });
    }

    public <T> Iterator<T> search(final String str, final ResultMapper<T> resultMapper) throws NamingException, IOException {
        return (Iterator) _(new Block<Iterator<T>>() { // from class: com.identity4j.connector.directory.LdapService.6
            @Override // com.identity4j.connector.directory.LdapService.Block
            public Iterator<T> apply(LdapContext ldapContext) throws NamingException {
                NamingEnumeration search = ldapContext.search(LdapService.this.configuration.getBaseDn(), str, LdapService.this.getSearchControls());
                ArrayList arrayList = new ArrayList();
                if (search.hasMoreElements()) {
                    arrayList.add(resultMapper.apply((SearchResult) search.nextElement()));
                }
                return arrayList.iterator();
            }
        });
    }

    public <T> Iterator<T> search(String str, int i, ResultMapper<T> resultMapper) throws NamingException, IOException {
        return search(this.configuration.getBaseDn(), str, i, resultMapper);
    }

    public <T> Iterator<T> search(final Name name, final String str, final int i, final ResultMapper<T> resultMapper) throws NamingException, IOException {
        return (Iterator) _(new Block<Iterator<T>>() { // from class: com.identity4j.connector.directory.LdapService.7
            @Override // com.identity4j.connector.directory.LdapService.Block
            public Iterator<T> apply(LdapContext ldapContext) throws NamingException, IOException {
                byte[] bArr = null;
                ldapContext.setRequestControls(new Control[]{new PagedResultsControl(i, false)});
                ArrayList arrayList = new ArrayList();
                do {
                    NamingEnumeration search = ldapContext.search(name, str, LdapService.this.getSearchControls());
                    while (search != null && search.hasMore()) {
                        arrayList.add(resultMapper.apply((SearchResult) search.next()));
                    }
                    PagedResultsResponseControl[] responseControls = ldapContext.getResponseControls();
                    if (responseControls != null) {
                        for (int i2 = 0; i2 < responseControls.length; i2++) {
                            if (responseControls[i2] instanceof PagedResultsResponseControl) {
                                PagedResultsResponseControl pagedResultsResponseControl = responseControls[i2];
                                int resultSize = pagedResultsResponseControl.getResultSize();
                                if (resultSize != 0) {
                                    LdapService.LOG.info("EOP (total : " + resultSize + ") *****************\n");
                                } else {
                                    LdapService.LOG.info("EOP (total: unknown) ***************\n");
                                }
                                bArr = pagedResultsResponseControl.getCookie();
                            }
                        }
                    } else {
                        LdapService.LOG.info("No controls were sent from the server");
                    }
                    ldapContext.setRequestControls(new Control[]{new PagedResultsControl(i, bArr, true)});
                } while (bArr != null);
                return arrayList.iterator();
            }
        });
    }

    public Attributes lookupContext(final Name name) throws NamingException, IOException {
        return (Attributes) _(new Block<Attributes>() { // from class: com.identity4j.connector.directory.LdapService.8
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.identity4j.connector.directory.LdapService.Block
            public Attributes apply(LdapContext ldapContext) throws NamingException {
                return ((LdapContext) ldapContext.lookup(name)).getAttributes("");
            }
        });
    }

    public final String buildObjectClassFilter(String str, String str2, String str3) {
        return String.format("(&(objectClass=%s)(%s=%s))", str, str2, str3);
    }

    protected void checkLDAPHost() {
        for (String str : this.configuration.getControllerHosts()) {
            String controllerHostWithoutPort = DirectoryConfiguration.getControllerHostWithoutPort(str);
            if (controllerHostWithoutPort.matches("\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\b")) {
                try {
                    if (InetAddress.getByName(controllerHostWithoutPort).getHostName().equals(controllerHostWithoutPort)) {
                        throw new IllegalStateException("LDAP controller host address " + str + " is not resolvable by a reverse DNS lookup. Please check your DNS configuration.");
                        break;
                    }
                    continue;
                } catch (UnknownHostException e) {
                }
            }
        }
    }

    private <T> T _(Block<T> block) throws NamingException, IOException {
        LdapContext ldapContext = null;
        try {
            ldapContext = getConnection();
            T apply = block.apply(ldapContext);
            close(ldapContext);
            return apply;
        } catch (Throwable th) {
            close(ldapContext);
            throw th;
        }
    }

    /* synthetic */ LdapService(LdapService ldapService) {
        this();
    }
}
