package com.agapsys.web.toolkit.services;

import com.agapsys.web.toolkit.AbstractApplication;
import com.agapsys.web.toolkit.Service;
import java.util.Collections;
import java.util.Hashtable;
import java.util.LinkedList;
import java.util.List;
import javax.naming.AuthenticationException;
import javax.naming.AuthenticationNotSupportedException;
import javax.naming.CommunicationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

/* loaded from: input_file:com/agapsys/web/toolkit/services/LdapService.class */
public class LdapService extends Service {
    private static final String PROPERTY_PREFIX = LdapService.class.getName();
    public static final String KEY_LDAP_URL = PROPERTY_PREFIX + ".url";
    public static final String KEY_SEARCH_BASE_DN = PROPERTY_PREFIX + ".baseDn";
    public static final String KEY_SEARCH_PATTERN = PROPERTY_PREFIX + ".searchPattern";
    public static final String KEY_SEARCH_USER_DN = PROPERTY_PREFIX + ".searchUserDn";
    public static final String KEY_SEARCH_USER_PASSWORD = PROPERTY_PREFIX + ".searchUserPassword";
    private static final String DEFAULT_LDAP_URL = "ldaps://ldap.server:9876";
    private static final String DEFAULT_SEARCH_BASE_DN = "ou=users,dc=ldap,dc=server";
    private static final String DEFAULT_SEARCH_PATTERN = "(&(objectClass=uidObject)(uid=%s))";
    private static final String DEFAULT_SEARCH_USER_DN = "cn=admin,dc=ldap,dc=sever";
    private static final String DEFAULT_SEARCH_USER_PASSWORD = "password";
    private String ldapUrl;
    private String searchBaseDn;
    private String searchPattern;
    private String searchUserDn;
    private char[] searchUserPassword;

    /* loaded from: input_file:com/agapsys/web/toolkit/services/LdapService$LdapAttribute.class */
    public static class LdapAttribute {
        private final String name;
        private final List<String> values;
        private final List<String> unmodifiableValues;

        private LdapAttribute(Attribute attribute) throws NamingException {
            this.values = new LinkedList();
            this.unmodifiableValues = Collections.unmodifiableList(this.values);
            this.name = attribute.getID();
            NamingEnumeration all = attribute.getAll();
            while (all.hasMoreElements()) {
                Object next = all.next();
                if (next instanceof String) {
                    this.values.add(next.toString());
                }
            }
        }

        public String getName() {
            return this.name;
        }

        public List<String> getValues() {
            return this.unmodifiableValues;
        }

        public String toString() {
            return String.format("%s: %s", getName(), getValues().toString());
        }
    }

    /* loaded from: input_file:com/agapsys/web/toolkit/services/LdapService$LdapException.class */
    public static class LdapException extends Exception {
        private final LdapExceptionType exceptionType;

        /* loaded from: input_file:com/agapsys/web/toolkit/services/LdapService$LdapException$LdapExceptionType.class */
        public enum LdapExceptionType {
            INVALID_CREDENTIALS,
            AUTHENTICATION_NOT_SUPPORTED,
            COMMUNICATION_FAILURE,
            NAMING_ERROR
        }

        private LdapException(LdapExceptionType ldapExceptionType, String str, Throwable th) {
            super(str, th);
            this.exceptionType = ldapExceptionType;
        }

        private LdapException(LdapExceptionType ldapExceptionType, Throwable th) {
            super(th);
            this.exceptionType = ldapExceptionType;
        }

        public LdapExceptionType getExceptionType() {
            return this.exceptionType;
        }
    }

    /* loaded from: input_file:com/agapsys/web/toolkit/services/LdapService$LdapUser.class */
    public static class LdapUser {
        private final String dn;
        private final List<LdapAttribute> attributes;
        private final List<LdapAttribute> unmodifiableAttributes;

        private LdapUser(String str, Attributes attributes) throws NamingException {
            this.attributes = new LinkedList();
            this.unmodifiableAttributes = Collections.unmodifiableList(this.attributes);
            this.dn = str;
            NamingEnumeration all = attributes.getAll();
            while (all.hasMoreElements()) {
                this.attributes.add(new LdapAttribute((Attribute) all.next()));
            }
        }

        public String getDn() {
            return this.dn;
        }

        public List<LdapAttribute> getAttributes() {
            return this.unmodifiableAttributes;
        }
    }

    public LdapService() {
        __reset();
    }

    private void __reset() {
        this.ldapUrl = null;
        this.searchBaseDn = null;
        this.searchPattern = null;
        this.searchUserDn = null;
        this.searchUserPassword = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.agapsys.web.toolkit.Service
    public void onStart() {
        super.onStart();
        synchronized (this) {
            __reset();
            AbstractApplication application = getApplication();
            this.ldapUrl = application.getProperty(KEY_LDAP_URL, DEFAULT_LDAP_URL);
            this.searchBaseDn = application.getProperty(KEY_SEARCH_BASE_DN, DEFAULT_SEARCH_BASE_DN);
            this.searchPattern = application.getProperty(KEY_SEARCH_PATTERN, DEFAULT_SEARCH_PATTERN);
            this.searchUserDn = application.getProperty(KEY_SEARCH_USER_DN, DEFAULT_SEARCH_USER_DN);
            this.searchUserPassword = application.getProperty(KEY_SEARCH_USER_PASSWORD, "password").toCharArray();
        }
    }

    public String getLdapUrl() {
        String str;
        synchronized (this) {
            str = this.ldapUrl;
        }
        return str;
    }

    public String getSearchBaseDn() {
        String str;
        synchronized (this) {
            str = this.searchBaseDn;
        }
        return str;
    }

    public String getSearchPattern() {
        String str;
        synchronized (this) {
            str = this.searchPattern;
        }
        return str;
    }

    public String getSearchUserDn() {
        String str;
        synchronized (this) {
            str = this.searchUserDn;
        }
        return str;
    }

    protected char[] getSearchUserPassword() {
        char[] cArr;
        synchronized (this) {
            cArr = this.searchUserPassword;
        }
        return cArr;
    }

    private DirContext __getContext(String str, String str2, char[] cArr) throws LdapException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.provider.url", str);
        hashtable.put("java.naming.security.principal", str2);
        hashtable.put("java.naming.security.credentials", cArr);
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.factory.url.pkgs", "com.sun.jndi.url");
        hashtable.put("java.naming.referral", "ignore");
        hashtable.put("java.naming.security.authentication", "simple");
        try {
            return new InitialDirContext(hashtable);
        } catch (AuthenticationException e) {
            throw new LdapException(LdapException.LdapExceptionType.INVALID_CREDENTIALS, String.format("Invalid credentials for %s", str2), e);
        } catch (AuthenticationNotSupportedException e2) {
            throw new LdapException(LdapException.LdapExceptionType.AUTHENTICATION_NOT_SUPPORTED, "Authentication not supported", e2);
        } catch (NamingException e3) {
            throw new LdapException(LdapException.LdapExceptionType.NAMING_ERROR, (Throwable) e3);
        } catch (CommunicationException e4) {
            throw new LdapException(LdapException.LdapExceptionType.COMMUNICATION_FAILURE, "Communication failure", e4);
        }
    }

    private SearchResult __searchUser(DirContext dirContext, String str, String str2, String str3) throws LdapException {
        try {
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            NamingEnumeration search = dirContext.search(str, String.format(str2, str3), searchControls);
            if (search.hasMoreElements()) {
                return (SearchResult) search.next();
            }
            return null;
        } catch (NamingException e) {
            throw new LdapException(LdapException.LdapExceptionType.NAMING_ERROR, (Throwable) e);
        }
    }

    private LdapUser __getUser(String str, char[] cArr) throws LdapException, NamingException {
        boolean z;
        String str2 = null;
        DirContext __getContext = __getContext(getLdapUrl(), getSearchUserDn(), getSearchUserPassword());
        SearchResult __searchUser = __searchUser(__getContext, getSearchBaseDn(), getSearchPattern(), str);
        if (__searchUser != null) {
            str2 = __searchUser.getNameInNamespace();
            z = true;
        } else {
            z = false;
        }
        __getContext.close();
        DirContext dirContext = null;
        try {
            if (!z) {
                return null;
            }
            try {
                dirContext = __getContext(getLdapUrl(), str2, cArr);
                LdapUser ldapUser = new LdapUser(str2, dirContext.getAttributes(str2));
                if (dirContext != null) {
                    dirContext.close();
                }
                return ldapUser;
            } catch (LdapException e) {
                if (e.getExceptionType() != LdapException.LdapExceptionType.INVALID_CREDENTIALS) {
                    throw e;
                }
                if (dirContext != null) {
                    dirContext.close();
                }
                return null;
            }
        } catch (Throwable th) {
            if (dirContext != null) {
                dirContext.close();
            }
            throw th;
        }
    }

    public LdapUser getUser(String str, char[] cArr) throws LdapException {
        LdapUser __getUser;
        synchronized (this) {
            if (!isRunning()) {
                throw new IllegalStateException("Service is not running");
            }
            try {
                __getUser = __getUser(str, cArr);
            } catch (NamingException e) {
                throw new LdapException(LdapException.LdapExceptionType.NAMING_ERROR, (Throwable) e);
            }
        }
        return __getUser;
    }
}
