package edu.internet2.middleware.subject.provider;

import edu.internet2.middleware.grouper.ldap.LdapSessionUtils;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.morphString.Morph;
import edu.internet2.middleware.subject.SearchPageResult;
import edu.internet2.middleware.subject.SourceUnavailableException;
import edu.internet2.middleware.subject.Subject;
import edu.internet2.middleware.subject.SubjectCaseInsensitiveMapImpl;
import edu.internet2.middleware.subject.SubjectNotFoundException;
import edu.internet2.middleware.subject.SubjectNotUniqueException;
import edu.internet2.middleware.subject.SubjectTooManyResults;
import edu.internet2.middleware.subject.SubjectUtils;
import groovy.ui.text.GroovyFilter;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import javax.naming.AuthenticationException;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.ldaptive.provider.jndi.JndiConnection;
import org.ldaptive.provider.jndi.JndiProvider;

/* loaded from: input_file:WEB-INF/lib/grouper-4.5.3.jar:edu/internet2/middleware/subject/provider/JNDISourceAdapterLegacy.class */
public class JNDISourceAdapterLegacy extends BaseSourceAdapter {
    Hashtable<String, String> environment;
    String nameAttributeName;
    String subjectIDAttributeName;
    String descriptionAttributeName;
    String subjectTypeString;
    private Integer maxPage;
    protected Integer maxResults;
    public static boolean failOnSearchForTesting;
    private static Log log = GrouperUtil.getLog(JNDISourceAdapterLegacy.class);
    protected static HashMap<String, Integer> scopeStrings = new HashMap<>();

    @Override // edu.internet2.middleware.subject.Source
    public void loggingStart() {
        LdapSessionUtils.logStart();
    }

    @Override // edu.internet2.middleware.subject.Source
    public String loggingStop() {
        return LdapSessionUtils.logEnd();
    }

    protected static int getScope(String str) {
        Integer num = scopeStrings.get(str.toUpperCase());
        if (num == null) {
            return -1;
        }
        return num.intValue();
    }

    public JNDISourceAdapterLegacy() {
        this.environment = new Hashtable<>(11);
        this.nameAttributeName = null;
        this.subjectIDAttributeName = null;
        this.descriptionAttributeName = null;
        this.subjectTypeString = null;
    }

    public JNDISourceAdapterLegacy(String str, String str2) {
        super(str, str2);
        this.environment = new Hashtable<>(11);
        this.nameAttributeName = null;
        this.subjectIDAttributeName = null;
        this.descriptionAttributeName = null;
        this.subjectTypeString = null;
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public Subject getSubject(String str, boolean z) throws SubjectNotFoundException, SubjectNotUniqueException {
        Subject subject = null;
        Search search = getSearch("searchSubject");
        if (search == null) {
            log.error("searchType: \"searchSubject\" not defined.");
            return null;
        }
        try {
            subject = createSubject(getLdapUnique(search, str, new String[]{this.nameAttributeName, this.descriptionAttributeName, this.subjectIDAttributeName}));
        } catch (SubjectNotFoundException e) {
            if (z) {
                throw e;
            }
        }
        if (subject == null && z) {
            throw new SubjectNotFoundException("Subject " + str + " not found.");
        }
        return subject;
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public Subject getSubjectByIdentifier(String str, boolean z) throws SubjectNotFoundException, SubjectNotUniqueException {
        Subject subject = null;
        Search search = getSearch("searchSubjectByIdentifier");
        if (search == null) {
            log.error("searchType: \"searchSubjectByIdentifier\" not defined.");
            return null;
        }
        try {
            subject = createSubject(getLdapUnique(search, str, new String[]{this.nameAttributeName, this.subjectIDAttributeName, this.descriptionAttributeName}));
        } catch (SubjectNotFoundException e) {
            if (z) {
                throw e;
            }
        }
        if (subject == null && z) {
            throw new SubjectNotFoundException("Subject " + str + " not found.");
        }
        return subject;
    }

    private SearchPageResult searchHelper(String str, boolean z) {
        NamingEnumeration ldapResults;
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        boolean z2 = false;
        Search search = getSearch("search");
        if (search == null) {
            log.error("searchType: \"search\" not defined.");
            return new SearchPageResult(false, linkedHashSet);
        }
        boolean booleanValue = SubjectUtils.booleanValue(getInitParam("throwErrorOnFindAllFailure"), true);
        try {
            ldapResults = getLdapResults(search, str, new String[]{this.nameAttributeName, this.subjectIDAttributeName, this.descriptionAttributeName}, z);
        } catch (Exception e) {
            if (e instanceof SubjectTooManyResults) {
                throw ((SubjectTooManyResults) e);
            }
            if (booleanValue) {
                throw new SourceUnavailableException(e.getMessage() + ", source: " + getId() + ", sql: " + search.getParam("sql"), e);
            }
            log.error("LDAP Naming Except: " + e.getMessage() + ", " + this.id + ", " + str, e);
        }
        if (ldapResults == null) {
            return new SearchPageResult(false, linkedHashSet);
        }
        if (failOnSearchForTesting) {
            throw new RuntimeException("failOnSearchForTesting");
        }
        while (true) {
            if (!ldapResults.hasMore()) {
                break;
            }
            linkedHashSet.add(createSubject(((SearchResult) ldapResults.next()).getAttributes()));
            if (z && this.maxPage != null && linkedHashSet.size() >= this.maxPage.intValue()) {
                z2 = true;
                break;
            }
            if (this.maxResults != null && linkedHashSet.size() >= this.maxResults.intValue()) {
                throw new SubjectTooManyResults("More results than allowed: " + this.maxResults + " for search '" + search + "'");
            }
        }
        return new SearchPageResult(z2, linkedHashSet);
    }

    private Subject createSubject(Attributes attributes) {
        String str = "";
        try {
            Attribute attribute = attributes.get(this.subjectIDAttributeName);
            if (attribute == null) {
                log.error("The LDAP attribute \"" + this.subjectIDAttributeName + "\" does not have a value. It is beging used as the Grouper special attribute \"SubjectID\".");
                return null;
            }
            String str2 = (String) attribute.get();
            Attribute attribute2 = attributes.get(this.nameAttributeName);
            if (attribute2 == null) {
                log.error("The LDAP attribute \"" + this.nameAttributeName + "\" does not have a value. It is being used as the Grouper special attribute \"name\".");
                return null;
            }
            String str3 = (String) attribute2.get();
            Attribute attribute3 = attributes.get(this.descriptionAttributeName);
            if (attribute3 == null) {
                log.error("The LDAP attribute \"" + this.descriptionAttributeName + "\" does not have a value. It is being used as the Grouper special attribute \"description\".");
            } else {
                str = (String) attribute3.get();
            }
            return new JNDISubject(str2, str3, str, getSubjectType().getName(), getId(), null);
        } catch (NamingException e) {
            throw new SourceUnavailableException("LDAP Naming Except: " + e.getMessage(), e);
        }
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public Set<Subject> search(String str) {
        return searchHelper(str, false).getResults();
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public SearchPageResult searchPage(String str) {
        return searchHelper(str, true);
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public void init() throws SourceUnavailableException {
        try {
            Properties initParams = initParams();
            setupEnvironment(initParams);
            String property = initParams.getProperty("maxResults");
            if (!StringUtils.isBlank(property)) {
                try {
                    this.maxResults = Integer.valueOf(Integer.parseInt(property));
                } catch (NumberFormatException e) {
                    throw new SourceUnavailableException("Cant parse maxResults: " + property, e);
                }
            }
            String property2 = initParams.getProperty("maxPageSize");
            if (!StringUtils.isBlank(property2)) {
                try {
                    this.maxPage = Integer.valueOf(Integer.parseInt(property2));
                } catch (NumberFormatException e2) {
                    throw new SourceUnavailableException("Cant parse maxPage: " + property2, e2);
                }
            }
        } catch (Exception e3) {
            throw new SourceUnavailableException("Unable to init JNDI source", e3);
        }
    }

    protected void setupEnvironment(Properties properties) throws SourceUnavailableException {
        this.environment.put("java.naming.factory.initial", properties.getProperty("INITIAL_CONTEXT_FACTORY"));
        this.environment.put("java.naming.provider.url", properties.getProperty("PROVIDER_URL"));
        this.environment.put(JndiConnection.AUTHENTICATION, properties.getProperty("SECURITY_AUTHENTICATION"));
        if (properties.getProperty("SECURITY_PRINCIPAL") != null) {
            this.environment.put("java.naming.security.principal", properties.getProperty("SECURITY_PRINCIPAL"));
        }
        String decryptIfFile = Morph.decryptIfFile(properties.getProperty("SECURITY_CREDENTIALS"));
        if (decryptIfFile != null) {
            this.environment.put("java.naming.security.credentials", decryptIfFile);
        }
        if (properties.getProperty("SECURITY_PROTOCOL") != null) {
            this.environment.put(JndiProvider.PROTOCOL, properties.getProperty("SECURITY_PROTOCOL"));
        }
        Context context = null;
        try {
            try {
                log.debug("Creating Directory Context");
                context = new InitialDirContext(this.environment);
                if (context != null) {
                    try {
                        context.close();
                    } catch (NamingException e) {
                    }
                }
                log.info("Success in connecting to LDAP");
                this.nameAttributeName = properties.getProperty("Name_AttributeType");
                if (this.nameAttributeName == null) {
                    log.error("Name_AttributeType not defined");
                }
                this.subjectIDAttributeName = properties.getProperty("SubjectID_AttributeType");
                if (this.subjectIDAttributeName == null) {
                    log.error("SubjectID_AttributeType not defined");
                }
                this.descriptionAttributeName = properties.getProperty("Description_AttributeType");
                if (this.descriptionAttributeName == null) {
                    log.error("Description_AttributeType not defined");
                }
            } catch (Throwable th) {
                if (context != null) {
                    try {
                        context.close();
                    } catch (NamingException e2) {
                    }
                }
                throw th;
            }
        } catch (AuthenticationException e3) {
            log.error("Error with Authentication " + e3.getMessage(), e3);
            throw new SourceUnavailableException("Error with Authentication ", e3);
        } catch (NamingException e4) {
            log.error("Naming Error " + e4.getMessage(), e4);
            throw new SourceUnavailableException("Naming Error", e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map loadAttributes(SubjectImpl subjectImpl) {
        String[] strArr;
        SubjectCaseInsensitiveMapImpl subjectCaseInsensitiveMapImpl = new SubjectCaseInsensitiveMapImpl();
        Search search = getSearch("searchSubject");
        if (search == null) {
            log.error("searchType: \"search\" not defined.");
            return subjectCaseInsensitiveMapImpl;
        }
        Set attributes = getAttributes();
        if (attributes.size() == 0) {
            strArr = null;
        } else {
            strArr = new String[attributes.size()];
            int i = 0;
            Iterator it = attributes.iterator();
            while (it.hasNext()) {
                int i2 = i;
                i++;
                strArr[i2] = (String) it.next();
            }
        }
        try {
            NamingEnumeration all = getLdapUnique(search, subjectImpl.getId(), strArr).getAll();
            while (all.hasMore()) {
                Attribute attribute = (Attribute) all.next();
                String id = attribute.getID();
                HashSet hashSet = new HashSet();
                NamingEnumeration all2 = attribute.getAll();
                while (all2.hasMore()) {
                    hashSet.add(all2.next().toString());
                }
                subjectCaseInsensitiveMapImpl.put(id, hashSet);
            }
            subjectImpl.setAttributes(subjectCaseInsensitiveMapImpl);
            return subjectCaseInsensitiveMapImpl;
        } catch (NamingException e) {
            throw new SourceUnavailableException("LDAP Naming Except: " + e.getMessage(), e);
        }
    }

    protected NamingEnumeration getLdapResults(Search search, String str, String[] strArr) {
        return getLdapResults(search, str, strArr, false);
    }

    /* JADX WARN: Finally extract failed */
    protected NamingEnumeration getLdapResults(Search search, String str, String[] strArr, boolean z) {
        if (StringUtils.equals("search", search.getSearchType())) {
            str = new SubjectStatusProcessor(str, getSubjectStatusConfig()).processSearch().getStrippedQuery();
        }
        DirContext dirContext = null;
        String param = search.getParam("filter");
        if (param == null) {
            log.error("Search filter not found for search type:  " + search.getSearchType());
            return null;
        }
        String replaceAll = param.replaceAll("%TERM%", escapeSearchFilter(str));
        String param2 = search.getParam("base");
        if (param2 == null) {
            param2 = "";
            log.error("Search base not found for:  " + search.getSearchType() + ". Using base \"\" ");
        }
        int i = -1;
        String param3 = search.getParam("scope");
        if (param3 != null) {
            i = getScope(param3);
        }
        if (i == -1) {
            i = 2;
            log.error("Search scope not found for: " + search.getSearchType() + ". Using scope SUBTREE_SCOPE.");
        }
        log.debug("searchType: " + search.getSearchType() + " filter: " + replaceAll + " base: " + param2 + " scope: " + param3);
        try {
            try {
                try {
                    dirContext = new InitialDirContext(this.environment);
                    SearchControls searchControls = new SearchControls();
                    if ((z && this.maxPage != null) || this.maxResults != null) {
                        int intValue = (!z || this.maxPage == null) ? -1 : this.maxPage.intValue() + 1;
                        if (intValue == -1) {
                            intValue = this.maxResults.intValue() + 1;
                        } else if (this.maxResults != null) {
                            intValue = Math.min(intValue, this.maxResults.intValue() + 1);
                        }
                        searchControls.setCountLimit(intValue);
                    }
                    searchControls.setSearchScope(i);
                    searchControls.setReturningAttributes(strArr);
                    NamingEnumeration search2 = dirContext.search(param2, replaceAll, searchControls);
                    if (dirContext != null) {
                        try {
                            dirContext.close();
                        } catch (NamingException e) {
                        }
                    }
                    return search2;
                } catch (Throwable th) {
                    if (dirContext != null) {
                        try {
                            dirContext.close();
                        } catch (NamingException e2) {
                        }
                    }
                    throw th;
                }
            } catch (AuthenticationException e3) {
                throw new SourceUnavailableException("Ldap Authentication Exception: " + e3.getMessage(), e3);
            }
        } catch (NamingException e4) {
            throw new SourceUnavailableException("Ldap NamingException: " + e4.getMessage(), e4);
        }
    }

    protected Attributes getLdapUnique(Search search, String str, String[] strArr) throws SubjectNotFoundException, SubjectNotUniqueException {
        NamingEnumeration ldapResults = getLdapResults(search, str, strArr);
        if (ldapResults != null) {
            try {
                if (ldapResults.hasMore()) {
                    Attributes attributes = ((SearchResult) ldapResults.next()).getAttributes();
                    if (ldapResults.hasMore()) {
                        throw new SubjectNotUniqueException("Search is not unique:" + ((SearchResult) ldapResults.next()).getName() + "\n");
                    }
                    return attributes;
                }
            } catch (NamingException e) {
                throw new SourceUnavailableException("Ldap NamingException: " + e.getMessage(), e);
            }
        }
        throw new SubjectNotFoundException("No results: " + search.getSearchType() + " filter:" + search.getParam("filter") + " searchValue: " + str);
    }

    protected String escapeSearchFilter(String str) {
        return new String(str).replaceAll("\\\\", "\\\\5c").replaceAll(GroovyFilter.LEFT_PARENS, "\\\\28").replaceAll("\\)", "\\\\29").replaceAll("\\" + Character.toString((char) 0), "\\\\00");
    }

    @Override // edu.internet2.middleware.subject.Source
    public void checkConfig() {
    }

    @Override // edu.internet2.middleware.subject.Source
    public String printConfig() {
        Properties initParams = initParams();
        return "subject.properties jndi source id:   " + getId() + ": " + (initParams.getProperty("SECURITY_PRINCIPAL") + "@" + initParams.getProperty("PROVIDER_URL"));
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    @Deprecated
    public Subject getSubject(String str) throws SubjectNotFoundException, SubjectNotUniqueException {
        return getSubject(str, true);
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    @Deprecated
    public Subject getSubjectByIdentifier(String str) throws SubjectNotFoundException, SubjectNotUniqueException {
        return getSubjectByIdentifier(str, true);
    }

    public Integer getMaxPage() {
        return this.maxPage;
    }

    static {
        scopeStrings.put("OBJECT_SCOPE", new Integer(0));
        scopeStrings.put("ONELEVEL_SCOPE", new Integer(1));
        scopeStrings.put("SUBTREE_SCOPE", new Integer(2));
        failOnSearchForTesting = false;
    }
}
