package com.identity4j.connector.directory;

import com.identity4j.connector.AbstractConnector;
import com.identity4j.connector.BrowseNode;
import com.identity4j.connector.BrowseableConnector;
import com.identity4j.connector.ConnectorCapability;
import com.identity4j.connector.ConnectorConfigurationParameters;
import com.identity4j.connector.directory.LdapService;
import com.identity4j.connector.exception.ConnectorException;
import com.identity4j.connector.exception.PrincipalNotFoundException;
import com.identity4j.connector.principal.Identity;
import com.identity4j.connector.principal.Role;
import com.identity4j.util.CollectionUtil;
import com.identity4j.util.StringUtil;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.StringTokenizer;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/identity4j/connector/directory/DirectoryConnector.class */
public class DirectoryConnector extends AbstractConnector implements BrowseableConnector {
    public static final String WILDCARD_SEARCH = "*";
    public static final String OBJECT_CLASS_ATTRIBUTE = "objectClass";
    private DirectoryConfiguration directoryConfiguration;
    protected static final Iterator<Identity> IDENTITY_ITERATOR = CollectionUtil.emptyIterator(Identity.class);
    protected static final Iterator<Role> ROLE_ITERATOR = CollectionUtil.emptyIterator(Role.class);
    static final Log LOG = LogFactory.getLog(DirectoryConnector.class);
    protected static Set<ConnectorCapability> capabilities = new HashSet(Arrays.asList(ConnectorCapability.passwordChange, ConnectorCapability.passwordSet, ConnectorCapability.createUser, ConnectorCapability.deleteUser, ConnectorCapability.updateUser, ConnectorCapability.hasFullName, ConnectorCapability.hasEmail, ConnectorCapability.roles, ConnectorCapability.authentication, ConnectorCapability.identities, ConnectorCapability.tracksLastPasswordChange, ConnectorCapability.tracksLastSignOnDate));

    public Set<ConnectorCapability> getCapabilities() {
        return capabilities;
    }

    public boolean isOpen() {
        try {
            LdapService.getInstance().lookupContext(this.directoryConfiguration.getBaseDn());
            return true;
        } catch (Exception e) {
            LOG.error("Problen in open connection check.", e);
            return false;
        }
    }

    public boolean isReadOnly() {
        return this.directoryConfiguration.getSecurityProtocol().equals(DirectoryConfiguration.PLAIN);
    }

    protected final DirectoryConfiguration getConfiguration() {
        return this.directoryConfiguration;
    }

    protected final boolean areCredentialsValid(Identity identity, char[] cArr) throws ConnectorException {
        try {
            return LdapService.getInstance().authenticate(((DirectoryIdentity) identity).getDn().toString(), new String(cArr));
        } catch (Exception e) {
            return false;
        }
    }

    protected void changePassword(Identity identity, char[] cArr, char[] cArr2) {
        try {
            LdapService.getInstance().setPassword(((DirectoryIdentity) identity).getDn().toString(), cArr2);
        } catch (IOException e) {
            LOG.error("Problem in changing password.", e);
        } catch (NamingException e2) {
            LOG.error("Problem in changing password.", e2);
        }
    }

    protected void setPassword(Identity identity, char[] cArr, boolean z) throws ConnectorException {
        try {
            LdapService.getInstance().setPassword(((DirectoryIdentity) identity).getDn().toString(), cArr);
        } catch (IOException e) {
            LOG.error("Problem in getting identities.", e);
        } catch (NamingException e2) {
            LOG.error("Problem in getting identities.", e2);
        }
    }

    public final Identity getIdentityByName(String str) throws PrincipalNotFoundException, ConnectorException {
        String buildIdentityFilter = buildIdentityFilter(str);
        return getPrincipal(buildIdentityFilter, getIdentities(buildIdentityFilter));
    }

    public final Iterator<Identity> allIdentities() throws ConnectorException {
        return getIdentities(buildIdentityFilter(WILDCARD_SEARCH));
    }

    public long countIdentities() throws ConnectorException {
        return -1L;
    }

    public long countRoles() throws ConnectorException {
        return -1L;
    }

    protected String buildIdentityFilter(String str) {
        return LdapService.getInstance().buildObjectClassFilter(this.directoryConfiguration.getIdentityObjectClass(), this.directoryConfiguration.getIdentityNameAttribute(), str);
    }

    protected Iterator<Identity> getIdentities(String str) {
        try {
            return LdapService.getInstance().search(str, this.directoryConfiguration.getMaxPageSize(), new LdapService.ResultMapper<Identity>() { // from class: com.identity4j.connector.directory.DirectoryConnector.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // com.identity4j.connector.directory.LdapService.ResultMapper
                public Identity apply(SearchResult searchResult) throws NamingException {
                    return DirectoryConnector.this.mapIdentity(searchResult);
                }
            });
        } catch (IOException e) {
            LOG.error("Problem in getting identities.", e);
            return IDENTITY_ITERATOR;
        } catch (NamingException e2) {
            LOG.error("Problem in getting identities.", e2);
            return IDENTITY_ITERATOR;
        }
    }

    protected Identity mapIdentity(SearchResult searchResult) throws NamingException {
        return new DirectoryIdentity(StringUtil.nonNull(searchResult.getAttributes().get(this.directoryConfiguration.getIdentityGuidAttribute()).get().toString()), StringUtil.nonNull(searchResult.getAttributes().get(this.directoryConfiguration.getIdentityNameAttribute()).get().toString()), new LdapName(StringUtil.nonNull(searchResult.getAttributes().get("distinguishedName").get().toString())));
    }

    public final Role getRoleByName(String str) throws PrincipalNotFoundException, ConnectorException {
        if (!getConfiguration().isEnableRoles()) {
            throw new PrincipalNotFoundException("Roles are not enabled");
        }
        String buildRoleFilter = buildRoleFilter(str, false);
        return getPrincipal(buildRoleFilter, getRoles(buildRoleFilter));
    }

    public final Iterator<Role> allRoles() throws ConnectorException {
        return !getConfiguration().isEnableRoles() ? ROLE_ITERATOR : getRoles(buildRoleFilter(WILDCARD_SEARCH, true));
    }

    private String buildRoleFilter(String str, boolean z) {
        return LdapService.getInstance().buildObjectClassFilter(this.directoryConfiguration.getRoleObjectClass(), this.directoryConfiguration.getRoleNameAttribute(), str);
    }

    protected Iterator<Role> getRoles() {
        return getRoles(buildRoleFilter(WILDCARD_SEARCH, true));
    }

    protected Iterator<Role> getRoles(String str) {
        try {
            return LdapService.getInstance().search(str, this.directoryConfiguration.getMaxPageSize(), new LdapService.ResultMapper<Role>() { // from class: com.identity4j.connector.directory.DirectoryConnector.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // com.identity4j.connector.directory.LdapService.ResultMapper
                public Role apply(SearchResult searchResult) throws NamingException {
                    return DirectoryConnector.this.mapRole(searchResult);
                }
            });
        } catch (IOException e) {
            LOG.error("Problem in getting roles.", e);
            return ROLE_ITERATOR;
        } catch (NamingException e2) {
            LOG.error("Problem in getting roles.", e2);
            return ROLE_ITERATOR;
        }
    }

    protected Role mapRole(SearchResult searchResult) throws NamingException {
        return new DirectoryRole(StringUtil.nonNull(searchResult.getAttributes().get(this.directoryConfiguration.getRoleGuidAttribute()).get().toString()), StringUtil.nonNull(searchResult.getAttributes().get(this.directoryConfiguration.getRoleNameAttribute()).get().toString()), new LdapName(StringUtil.nonNull(searchResult.getAttributes().get("distinguishedName").get().toString())));
    }

    protected SearchControls configureSearchControls(SearchControls searchControls) {
        searchControls.setSearchScope(2);
        searchControls.setReturningObjFlag(true);
        return searchControls;
    }

    protected SearchControls configureRoleSearchControls(SearchControls searchControls) {
        searchControls.setSearchScope(2);
        searchControls.setReturningObjFlag(true);
        return searchControls;
    }

    protected final String getAttributeValue(Name name, String str) {
        try {
            Attributes lookupContext = LdapService.getInstance().lookupContext(name);
            if (lookupContext.get(str) != null) {
                return lookupContext.get(str).get().toString();
            }
            return null;
        } catch (NamingException e) {
            LOG.error("Problem in getting attribute value.", e);
            return null;
        } catch (IOException e2) {
            LOG.error("Problem in getting attribute value.", e2);
            return null;
        }
    }

    protected final String getByteValue(String str, Attributes attributes) {
        try {
            byte[] bArr = (byte[]) attributes.get(str).get();
            if (bArr == null) {
                throw new IllegalArgumentException(String.valueOf(str) + " cannot be null");
            }
            return StringUtil.convertByteToString(bArr);
        } catch (NamingException e) {
            throw new ConnectorException(e);
        }
    }

    protected void onOpen(ConnectorConfigurationParameters connectorConfigurationParameters) {
        this.directoryConfiguration = (DirectoryConfiguration) connectorConfigurationParameters;
        try {
            LdapService.getInstance().init(this.directoryConfiguration);
            LdapService.getInstance().openConnection();
            LOG.info("Looking up " + this.directoryConfiguration.getBaseDn());
        } catch (Exception e) {
            LOG.error("Problem in opening connector.", e);
        } catch (NamingException e2) {
            DirectoryExceptionParser directoryExceptionParser = new DirectoryExceptionParser(e2);
            String message = directoryExceptionParser.getMessage();
            int code = directoryExceptionParser.getCode();
            String reason = directoryExceptionParser.getReason();
            if (code == 1 && reason.equals("000020D6")) {
                throw new ConnectorException("Connected OK, but the initial directory could not be read. Is your Base DN correct?");
            }
            LOG.error("Connected OK, but an error occurred retrieving information from the directory server (operationsErrror). " + message, e2);
            throw new ConnectorException("Failed to connect. " + message + ". Please see the logs for more detail.");
        }
    }

    protected String getReason(NamingException namingException) {
        int indexOf;
        String message = getMessage(namingException);
        if (StringUtil.isNullOrEmpty(message) || (indexOf = message.indexOf("LDAP: error code ")) == -1) {
            return "Unknown reason";
        }
        StringTokenizer stringTokenizer = new StringTokenizer(message.substring(indexOf + "LDAP: error code ".length()));
        stringTokenizer.nextToken();
        stringTokenizer.nextToken();
        String nextToken = stringTokenizer.nextToken();
        while (true) {
            String str = nextToken;
            if (!str.endsWith(":")) {
                return str;
            }
            nextToken = str.substring(0, str.length() - 1);
        }
    }

    protected int getCode(NamingException namingException) {
        int indexOf;
        String message = getMessage(namingException);
        if (StringUtil.isNullOrEmpty(message) || (indexOf = message.indexOf("LDAP: error code ")) == -1) {
            return 0;
        }
        return Integer.parseInt(new StringTokenizer(message.substring(indexOf + "LDAP: error code ".length())).nextToken());
    }

    protected String getMessage(NamingException namingException) {
        String explanation = namingException.getExplanation();
        if (StringUtil.isNullOrEmpty(explanation)) {
            return StringUtil.isNullOrEmpty(namingException.getMessage()) ? "No actual error message supplied." : namingException.getMessage();
        }
        if (explanation.startsWith("[")) {
            explanation = explanation.substring(1);
        }
        if (explanation.endsWith("]")) {
            explanation = explanation.substring(0, explanation.length() - 1);
        }
        return explanation;
    }

    public Role createRole(Role role) throws ConnectorException {
        throw new UnsupportedOperationException("Role maintenance is not yet supported");
    }

    public void deleteRole(String str) throws ConnectorException {
        throw new UnsupportedOperationException("Role maintenance is not yet supported");
    }

    public void updateRole(Role role) throws ConnectorException {
        throw new UnsupportedOperationException("Role maintenance is not yet supported");
    }

    public Iterator<BrowseNode> getBrowseableNodes(BrowseNode browseNode) {
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(0);
        searchControls.setReturningObjFlag(true);
        try {
            Iterator search = LdapService.getInstance().search(new LdapName(browseNode.toString()), "(objectclass=*)", this.directoryConfiguration.getMaxPageSize(), new LdapService.ResultMapper<List<BrowseNode>>() { // from class: com.identity4j.connector.directory.DirectoryConnector.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // com.identity4j.connector.directory.LdapService.ResultMapper
                public List<BrowseNode> apply(SearchResult searchResult) throws NamingException {
                    Attribute attribute = searchResult.getAttributes().get("namingContexts");
                    if (attribute == null) {
                        return Collections.emptyList();
                    }
                    NamingEnumeration all = attribute.getAll();
                    ArrayList arrayList = new ArrayList();
                    while (all.hasMore()) {
                        final String str = (String) all.next();
                        arrayList.add(new BrowseNode() { // from class: com.identity4j.connector.directory.DirectoryConnector.3.1
                            public boolean isLeaf() {
                                return false;
                            }

                            public String toString() {
                                return str;
                            }
                        });
                    }
                    return arrayList;
                }
            });
            return search.hasNext() ? ((List) search.next()).iterator() : new ArrayList().iterator();
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        } catch (NamingException e2) {
            e2.printStackTrace();
            return null;
        }
    }
}
