package com.metamatrix.platform.security.membership.spi.ldap;

import com.metamatrix.api.exception.security.InvalidUserException;
import com.metamatrix.common.log.LogManager;
import com.metamatrix.platform.PlatformPlugin;
import com.metamatrix.platform.security.membership.spi.MembershipDomain;
import com.metamatrix.platform.security.membership.spi.MembershipSourceException;
import com.metamatrix.platform.service.api.exception.ServiceStateException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import javax.naming.AuthenticationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

/* loaded from: input_file:com/metamatrix/platform/security/membership/spi/ldap/LDAPMembershipDomain.class */
public class LDAPMembershipDomain implements MembershipDomain {
    public static final String ONELEVEL_SCOPE_VALUE = "ONELEVEL_SCOPE";
    public static final String OBJECT_SCOPE_VALUE = "OBJECT_SCOPE";
    public static final String SUBTREE_SCOPE_VALUE = "SUBTREE_SCOPE";
    public static final String GROUPS_GROUP_MEMBER_ATTRIBUTE = "groups.groupMember.attribute";
    public static final String GROUPS_ROOT_CONTEXT = "groups.rootContext";
    public static final String GROUPS_SEARCH_SCOPE = "groups.searchScope";
    public static final String GROUPS_SEARCH_FILTER = "groups.searchFilter";
    public static final String GROUPS_DISPLAY_NAME_ATTRIBUTE = "groups.displayName.attribute";
    public static final String USERS_MEMBER_OF_ATTRIBUTE = "users.memberOf.attribute";
    public static final String USERS_ROOT_CONTEXT = "users.rootContext";
    public static final String USERS_SEARCH_SCOPE = "users.searchScope";
    public static final String USERS_DISPLAY_NAME_ATTRIBUTE = "users.displayName.attribute";
    public static final String USERS_SEARCH_FILTER = "users.searchFilter";
    public static final String LDAP_URL = "ldapURL";
    public static final String LDAP_ADMIN_PASSWORD = "ldapAdmin.password";
    public static final String LDAP_ADMIN_DN = "ldapAdmin.dn";
    public static final String TXN_TIMEOUT_IN_MILLIS = "txnTimeoutInMillis";
    public static final String LDAP_INITIAL_CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
    public static final String LDAP_AUTH_TYPE = "simple";
    public static final String LDAP_USER_OBJECT_TYPE = "person";
    public static final String LDAP_REFERRAL_MODE = "follow";
    public static final String DEFAULT_SEARCH_FILTER = "(objectclass=*)";
    public static final String POOL_KEY = "com.sun.jndi.ldap.connect.pool";
    public static final String TIMEOUT_KEY = "com.sun.jndi.ldap.connect.timeout";
    public static final String DEFAULT_USERS_DISPLAY_NAME_ATTRIBUTE = "uid";
    public static final String DEFAULT_GROUPS_DISPLAY_NAME_ATTRIBUTE = "cn";
    public static final String USE_POOL = "usePool";
    private String domainName;
    private String ldapURL;
    private String ldapAdminUserDN;
    private String ldapAdminUserPass;
    private String ldapTxnTimeoutInMillis;
    private String ldapUsePool;
    private boolean usePool;
    private List usersRootContexts;
    private List groupsRootContexts;
    private Hashtable adminContext = new Hashtable();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/metamatrix/platform/security/membership/spi/ldap/LDAPMembershipDomain$LdapContext.class */
    public static class LdapContext {
        String context;
        String displayAttribute;
        String memberOfAttribute;
        String searchFilter = LDAPMembershipDomain.DEFAULT_SEARCH_FILTER;
        int searchScope = 2;

        LdapContext() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/metamatrix/platform/security/membership/spi/ldap/LDAPMembershipDomain$UserEntry.class */
    public static class UserEntry {
        private String dn;
        private Set groups;

        public UserEntry(String str, Set set) {
            this.dn = str;
            this.groups = set;
        }

        public String getDn() {
            return this.dn;
        }

        public Set getGroups() {
            return this.groups;
        }
    }

    public void initialize(Properties properties) throws ServiceStateException {
        this.domainName = properties.getProperty("domainName");
        LogManager.logTrace("MEMBERSHIP", new StringBuffer().append("Initializing LDAP Domain: ").append(this.domainName).toString());
        this.ldapTxnTimeoutInMillis = properties.getProperty(TXN_TIMEOUT_IN_MILLIS);
        this.ldapAdminUserDN = getPropertyValue(properties, LDAP_ADMIN_DN, null);
        this.ldapAdminUserPass = getPropertyValue(properties, LDAP_ADMIN_PASSWORD, null);
        this.ldapURL = getPropertyValue(properties, LDAP_URL, null);
        this.ldapUsePool = getPropertyValue(properties, USE_POOL, null);
        this.usePool = true;
        if (this.ldapUsePool != null && this.ldapUsePool.equalsIgnoreCase(Boolean.FALSE.toString())) {
            this.usePool = false;
        }
        String bool = this.usePool ? Boolean.TRUE.toString() : Boolean.FALSE.toString();
        if (this.ldapURL == null) {
            throw new ServiceStateException(PlatformPlugin.Util.getString("LDAPMembershipDomain.Required_property", LDAP_URL));
        }
        this.usersRootContexts = buildContexts(USERS_ROOT_CONTEXT, USERS_SEARCH_FILTER, USERS_DISPLAY_NAME_ATTRIBUTE, USERS_SEARCH_SCOPE, USERS_MEMBER_OF_ATTRIBUTE, DEFAULT_USERS_DISPLAY_NAME_ATTRIBUTE, properties);
        this.groupsRootContexts = buildContexts(GROUPS_ROOT_CONTEXT, GROUPS_SEARCH_FILTER, GROUPS_DISPLAY_NAME_ATTRIBUTE, GROUPS_SEARCH_SCOPE, GROUPS_GROUP_MEMBER_ATTRIBUTE, DEFAULT_GROUPS_DISPLAY_NAME_ATTRIBUTE, properties);
        this.adminContext.put("java.naming.factory.initial", LDAP_INITIAL_CONTEXT_FACTORY);
        this.adminContext.put("java.naming.provider.url", this.ldapURL);
        this.adminContext.put("java.naming.referral", LDAP_REFERRAL_MODE);
        this.adminContext.put(POOL_KEY, bool);
        if (this.ldapAdminUserDN == null || this.ldapAdminUserPass == null) {
            LogManager.logTrace("MEMBERSHIP", new StringBuffer().append(this.domainName).append(": admin dn was blank; performing anonymous bind.").toString());
            this.adminContext.put("java.naming.security.authentication", "none");
        } else {
            LogManager.logTrace("MEMBERSHIP", new StringBuffer().append(this.domainName).append(": Username was set to:").append(this.ldapAdminUserDN).toString());
            this.adminContext.put("java.naming.security.authentication", LDAP_AUTH_TYPE);
            this.adminContext.put("java.naming.security.principal", this.ldapAdminUserDN);
            this.adminContext.put("java.naming.security.credentials", this.ldapAdminUserPass);
        }
        if (this.ldapTxnTimeoutInMillis != null) {
            this.adminContext.put(TIMEOUT_KEY, this.ldapTxnTimeoutInMillis);
        }
    }

    private List buildContexts(String str, String str2, String str3, String str4, String str5, String str6, Properties properties) throws ServiceStateException {
        String property = properties.getProperty(str, null);
        if (property == null) {
            throw new ServiceStateException(PlatformPlugin.Util.getString("LDAPMembershipDomain.Required_property", str));
        }
        String property2 = properties.getProperty(str2);
        String property3 = properties.getProperty(str4);
        String property4 = properties.getProperty(str5);
        String property5 = properties.getProperty(str3);
        String[] split = property.split("\\?");
        String[] split2 = property5 != null ? property5.split("\\?") : null;
        String[] split3 = property2 != null ? property2.split("\\?") : null;
        String[] split4 = property3 != null ? property3.split("\\?") : null;
        String[] split5 = property4 != null ? property4.split("\\?") : null;
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < split.length; i++) {
            LdapContext ldapContext = new LdapContext();
            arrayList.add(ldapContext);
            ldapContext.context = split[i];
            ldapContext.displayAttribute = getContextValue(split2, i, str6);
            ldapContext.memberOfAttribute = getContextValue(split5, i, null);
            ldapContext.searchFilter = getContextValue(split3, i, ldapContext.searchFilter);
            ldapContext.searchScope = getSearchScope(getContextValue(split4, i, null));
        }
        return arrayList;
    }

    private static String getContextValue(String[] strArr, int i, String str) {
        String str2 = null;
        if (strArr != null) {
            if (strArr.length > i) {
                str2 = strArr[i];
            } else if (strArr.length == 1) {
                str2 = strArr[0];
            }
        }
        if (str2 == null || str2.trim().length() == 0) {
            str2 = str;
        }
        return str2;
    }

    private static String getPropertyValue(Properties properties, String str, String str2) {
        String property = properties.getProperty(str);
        return (property == null || property.trim().length() == 0) ? str2 : property.trim();
    }

    private int getSearchScope(String str) {
        if (str == null) {
            return 2;
        }
        if (str.equals(OBJECT_SCOPE_VALUE)) {
            return 0;
        }
        return str.equals(ONELEVEL_SCOPE_VALUE) ? 1 : 2;
    }

    public void shutdown() throws ServiceStateException {
        LogManager.logTrace("MEMBERSHIP", new StringBuffer().append(this.domainName).append(": shutdown()").toString());
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:15:0x00f3
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    public com.metamatrix.platform.security.membership.service.SuccessfulAuthenticationToken authenticateUser(java.lang.String r7, com.metamatrix.platform.security.api.Credentials r8, java.io.Serializable r9, java.lang.String r10) throws com.metamatrix.api.exception.security.UnsupportedCredentialException, com.metamatrix.api.exception.security.InvalidUserException, com.metamatrix.api.exception.security.LogonException, com.metamatrix.platform.security.membership.spi.MembershipSourceException {
        /*
            Method dump skipped, instructions count: 297
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.metamatrix.platform.security.membership.spi.ldap.LDAPMembershipDomain.authenticateUser(java.lang.String, com.metamatrix.platform.security.api.Credentials, java.io.Serializable, java.lang.String):com.metamatrix.platform.security.membership.service.SuccessfulAuthenticationToken");
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:6:0x004a
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    public java.util.Set getGroupNames() throws com.metamatrix.platform.security.membership.spi.MembershipSourceException {
        /*
            r7 = this;
            java.lang.String r0 = "MEMBERSHIP"
            r1 = 2
            java.lang.Object[] r1 = new java.lang.Object[r1]
            r2 = r1
            r3 = 0
            r4 = r7
            java.lang.String r4 = r4.domainName
            r2[r3] = r4
            r2 = r1
            r3 = 1
            java.lang.String r4 = " getGroupNames() called"
            r2[r3] = r4
            com.metamatrix.common.log.LogManager.logTrace(r0, r1)
            r0 = 0
            r8 = r0
            r0 = r7
            javax.naming.directory.DirContext r0 = r0.getAdminContext()     // Catch: java.lang.Throwable -> L35
            r8 = r0
            java.util.HashSet r0 = new java.util.HashSet     // Catch: java.lang.Throwable -> L35
            r1 = r0
            r2 = r7
            r3 = r8
            r4 = 0
            r5 = 0
            java.util.Map r2 = r2.getGroupNames(r3, r4, r5)     // Catch: java.lang.Throwable -> L35
            java.util.Collection r2 = r2.values()     // Catch: java.lang.Throwable -> L35
            r1.<init>(r2)     // Catch: java.lang.Throwable -> L35
            r9 = r0
            r0 = jsr -> L3b
        L33:
            r1 = r9
            return r1
        L35:
            r10 = move-exception
            r0 = jsr -> L3b
        L39:
            r1 = r10
            throw r1
        L3b:
            r11 = r0
            r0 = r8
            if (r0 == 0) goto L69
            r0 = r8
            r0.close()     // Catch: javax.naming.NamingException -> L4a
            goto L69
        L4a:
            r12 = move-exception
            java.lang.String r0 = "MEMBERSHIP"
            r1 = r12
            java.lang.StringBuffer r2 = new java.lang.StringBuffer
            r3 = r2
            r3.<init>()
            r3 = r7
            java.lang.String r3 = r3.domainName
            java.lang.StringBuffer r2 = r2.append(r3)
            java.lang.String r3 = ": error closing context"
            java.lang.StringBuffer r2 = r2.append(r3)
            java.lang.String r2 = r2.toString()
            com.metamatrix.common.log.LogManager.logTrace(r0, r1, r2)
        L69:
            ret r11
        */
        throw new UnsupportedOperationException("Method not decompiled: com.metamatrix.platform.security.membership.spi.ldap.LDAPMembershipDomain.getGroupNames():java.util.Set");
    }

    private DirContext getAdminContext() throws MembershipSourceException {
        try {
            return new InitialDirContext((Hashtable) this.adminContext.clone());
        } catch (AuthenticationException e) {
            throw new MembershipSourceException(e, PlatformPlugin.Util.getString("LDAPMembershipDomain.Admin_credentials", this.domainName));
        } catch (NamingException e2) {
            throw new MembershipSourceException(e2);
        }
    }

    public Set getGroupNamesForUser(String str) throws InvalidUserException, MembershipSourceException {
        LogManager.logTrace("MEMBERSHIP", new Object[]{this.domainName, "getGroupNamesForUser", str});
        return str.length() == 0 ? Collections.EMPTY_SET : getUserEntry(str, true).getGroups();
    }

    public static final String escapeLDAPSearchFilter(String str) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case 0:
                    stringBuffer.append("\\00");
                    break;
                case '(':
                    stringBuffer.append("\\28");
                    break;
                case ')':
                    stringBuffer.append("\\29");
                    break;
                case '*':
                    stringBuffer.append("\\2a");
                    break;
                case '\\':
                    stringBuffer.append("\\5c");
                    break;
                default:
                    stringBuffer.append(charAt);
                    break;
            }
        }
        return stringBuffer.toString();
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:45:0x02e0
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private com.metamatrix.platform.security.membership.spi.ldap.LDAPMembershipDomain.UserEntry getUserEntry(java.lang.String r7, boolean r8) throws com.metamatrix.platform.security.membership.spi.MembershipSourceException, com.metamatrix.api.exception.security.InvalidUserException {
        /*
            Method dump skipped, instructions count: 814
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.metamatrix.platform.security.membership.spi.ldap.LDAPMembershipDomain.getUserEntry(java.lang.String, boolean):com.metamatrix.platform.security.membership.spi.ldap.LDAPMembershipDomain$UserEntry");
    }

    private Map getGroupNames(DirContext dirContext, String str, boolean z) throws MembershipSourceException {
        Attribute attribute;
        String str2;
        LogManager.logTrace("MEMBERSHIP", new Object[]{this.domainName, "getGroupNames", str, "mustMatchDn", String.valueOf(z)});
        HashMap hashMap = new HashMap();
        for (int i = 0; i < this.groupsRootContexts.size(); i++) {
            try {
                LdapContext ldapContext = (LdapContext) this.groupsRootContexts.get(i);
                String str3 = ldapContext.context;
                SearchControls searchControls = new SearchControls();
                searchControls.setSearchScope(ldapContext.searchScope);
                searchControls.setReturningAttributes(new String[]{ldapContext.displayAttribute});
                String str4 = ldapContext.searchFilter;
                if (str != null && ldapContext.memberOfAttribute != null) {
                    str4 = new StringBuffer().append("(&(").append(ldapContext.memberOfAttribute).append("=").append(str).append(")").append(str4).append(")").toString();
                } else if (z) {
                    LogManager.logTrace("MEMBERSHIP", new Object[]{this.domainName, "skipping group context"});
                }
                LogManager.logTrace("MEMBERSHIP", new Object[]{this.domainName, "searching group context", str3, "with filter", str4, "and search scope", String.valueOf(ldapContext.searchScope)});
                NamingEnumeration search = dirContext.search(str3, str4, searchControls);
                LogManager.logTrace("MEMBERSHIP", new Object[]{this.domainName, "Parsing through groups search results."});
                while (search.hasMore()) {
                    SearchResult searchResult = (SearchResult) search.next();
                    String stringBuffer = new StringBuffer().append(searchResult.getName()).append(',').append(str3).toString();
                    if (stringBuffer.charAt(0) == ',') {
                        stringBuffer = stringBuffer.substring(1);
                    }
                    Attributes attributes = searchResult.getAttributes();
                    if (attributes != null && (attribute = attributes.get(ldapContext.displayAttribute)) != null && (str2 = (String) attribute.get()) != null) {
                        hashMap.put(stringBuffer, str2);
                        LogManager.logTrace("MEMBERSHIP", new Object[]{this.domainName, "Found groupDN", stringBuffer, "with display name", str2});
                    }
                }
            } catch (NamingException e) {
                throw new MembershipSourceException(e);
            }
        }
        return hashMap;
    }
}
