package com.googlecode.fascinator.authentication.ldap;

import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/googlecode/fascinator/authentication/ldap/LdapAuthenticationHandler.class */
public class LdapAuthenticationHandler {
    private Logger log;
    private Hashtable<String, String> env;
    private String baseDn;
    private String ldapRoleAttr;
    private String idAttr;
    private String baseUrl;
    private String filterPrefix;
    private String filterSuffix;
    private Map<String, List<String>> ldapRolesMap;

    public LdapAuthenticationHandler(String str, String str2) {
        this(str, str2, "objectClass", "uid");
    }

    public LdapAuthenticationHandler(String str, String str2, String str3, String str4) {
        this.log = LoggerFactory.getLogger(LdapAuthenticationHandler.class);
        this.filterPrefix = "";
        this.filterSuffix = "";
        this.baseDn = str2;
        this.idAttr = str4;
        this.ldapRoleAttr = str3;
        this.baseUrl = str;
        this.env = new Hashtable<>();
        this.env.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        this.env.put("java.naming.provider.url", str);
        this.env.put("java.naming.security.authentication", "simple");
    }

    public LdapAuthenticationHandler(String str, String str2, String str3, String str4, Map<String, List<String>> map) {
        this(str, str2, str3, str4);
        this.ldapRolesMap = map;
    }

    public LdapAuthenticationHandler(String str, String str2, String str3, String str4, String str5, String str6, Map<String, List<String>> map) {
        this(str, str2, str3, str4, map);
        this.filterPrefix = str5;
        this.filterSuffix = str6;
    }

    private boolean doAuthenticate(String str, String str2, String str3) {
        try {
            String format = str3.equals("") ? String.format("%s=%s,%s", this.idAttr, str, this.baseDn) : str3;
            this.env.put("java.naming.security.principal", format);
            this.env.put("java.naming.security.credentials", str2);
            InitialDirContext initialDirContext = new InitialDirContext(this.env);
            initialDirContext.lookup(format);
            initialDirContext.close();
            return true;
        } catch (NamingException e) {
            this.log.warn("Failed LDAP lookup", e);
            return false;
        }
    }

    public boolean authenticate(String str, String str2) {
        if (doAuthenticate(str, str2, "")) {
            return true;
        }
        return doAuthenticate(str, str2, getDN(str));
    }

    private String getDN(String str) {
        try {
            Hashtable hashtable = new Hashtable();
            hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
            hashtable.put("java.naming.provider.url", this.baseUrl);
            hashtable.put("java.naming.security.authentication", "simple");
            InitialDirContext initialDirContext = new InitialDirContext(hashtable);
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            String str2 = "(" + this.filterPrefix + this.idAttr + "=" + str + this.filterSuffix + ")";
            NamingEnumeration search = initialDirContext.search(this.baseDn, str2, searchControls);
            this.log.trace(String.format("LDAP search, baseDn: %s, filter: %s", this.baseDn, str2));
            if (!search.hasMore()) {
                search.close();
                initialDirContext.close();
                return "";
            }
            SearchResult searchResult = (SearchResult) search.next();
            search.close();
            initialDirContext.close();
            return searchResult.getNameInNamespace();
        } catch (NamingException e) {
            this.log.warn("Failed LDAP lookup", e);
            return "";
        }
    }

    private NamingEnumeration<SearchResult> performLdapSearch(String str, DirContext dirContext) throws NamingException {
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        String str2 = "(" + this.filterPrefix + this.idAttr + "=" + str + this.filterSuffix + ")";
        NamingEnumeration<SearchResult> search = dirContext.search(this.baseDn, str2, searchControls);
        this.log.trace(String.format("performing LDAP search using baseDn: %s, filter: %s", this.baseDn, str2));
        return search;
    }

    private String getAttrValue(String str, SearchResult searchResult) throws NamingException {
        return searchResult.getAttributes().get(str).toString().split(":")[1].trim();
    }

    public String getAttr(String str, String str2) {
        String str3;
        str3 = "";
        try {
            InitialDirContext initialDirContext = new InitialDirContext(this.env);
            NamingEnumeration<SearchResult> performLdapSearch = performLdapSearch(str, initialDirContext);
            str3 = performLdapSearch.hasMore() ? getAttrValue(str2, (SearchResult) performLdapSearch.next()) : "";
            performLdapSearch.close();
            initialDirContext.close();
        } catch (NamingException e) {
            this.log.warn("Failed LDAP lookup", e);
        }
        this.log.trace(String.format("getAttr search result: %s", str3));
        return str3;
    }

    public List<String> getAllAttrs(String str, String str2) {
        ArrayList arrayList = new ArrayList();
        try {
            InitialDirContext initialDirContext = new InitialDirContext(this.env);
            NamingEnumeration<SearchResult> performLdapSearch = performLdapSearch(str, initialDirContext);
            while (performLdapSearch.hasMore()) {
                arrayList.add(getAttrValue(str2, (SearchResult) performLdapSearch.next()));
            }
            performLdapSearch.close();
            initialDirContext.close();
        } catch (NamingException e) {
            this.log.warn("Failed LDAP lookup", e);
        }
        if (this.log.isTraceEnabled()) {
            this.log.trace("getAllAttrs search result: " + arrayList);
        }
        return arrayList;
    }

    public boolean testIfInObjectClass(String str, String str2) {
        try {
            Iterator<String> it = getAllAttrs(str, this.ldapRoleAttr).iterator();
            while (it.hasNext()) {
                for (String str3 : it.next().split(",")) {
                    if (str2.equals(str3.trim())) {
                        return true;
                    }
                }
            }
            return false;
        } catch (Exception e) {
            return false;
        }
    }

    public List<String> getRoles(String str) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        Iterator<String> it = getAllAttrs(str, this.ldapRoleAttr).iterator();
        while (it.hasNext()) {
            for (String str2 : it.next().split(",")) {
                List<String> list = this.ldapRolesMap.get(str2.trim());
                if (list != null) {
                    linkedHashSet.addAll(list);
                }
            }
        }
        this.log.trace(String.format("getRoles found %d roles for username: %s", Integer.valueOf(linkedHashSet.size()), str));
        return new ArrayList(linkedHashSet);
    }
}
