package org.ldaptive;

import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import org.ldaptive.AbstractConnectionStrategy;
import org.ldaptive.dn.Dn;
import org.ldaptive.dns.DNSContextFactory;
import org.ldaptive.dns.DNSDomainFunction;
import org.ldaptive.dns.DefaultDNSContextFactory;
import org.ldaptive.dns.SRVDNSResolver;
import org.ldaptive.dns.SRVRecord;

/* loaded from: input_file:WEB-INF/lib/ldaptive-2.2.1-SNAPSHOT.jar:org/ldaptive/DnsSrvConnectionStrategy.class */
public class DnsSrvConnectionStrategy extends AbstractConnectionStrategy {
    protected static final Duration DEFAULT_TTL = Duration.ofHours(6);
    private final DNSContextFactory dnsContextFactory;
    private final Duration srvTtl;
    private final boolean useSSL;
    private String ldapUrls;
    private Map<SRVDNSResolver, String> dnsResolvers;
    private Instant expirationTime;

    public DnsSrvConnectionStrategy() {
        this(DEFAULT_TTL);
    }

    public DnsSrvConnectionStrategy(Duration duration) {
        this(null, duration);
    }

    public DnsSrvConnectionStrategy(DNSContextFactory dNSContextFactory) {
        this(dNSContextFactory, DEFAULT_TTL);
    }

    public DnsSrvConnectionStrategy(DNSContextFactory dNSContextFactory, Duration duration) {
        this(dNSContextFactory, duration, false);
    }

    public DnsSrvConnectionStrategy(DNSContextFactory dNSContextFactory, Duration duration, boolean z) {
        this.dnsContextFactory = dNSContextFactory;
        this.srvTtl = duration;
        this.useSSL = z;
    }

    @Override // org.ldaptive.AbstractConnectionStrategy, org.ldaptive.ConnectionStrategy
    public void populate(String str, LdapURLSet ldapURLSet) {
        this.ldapUrls = str;
        ldapURLSet.populate((List) readSrvRecords(this.ldapUrls).stream().map(sRVRecord -> {
            LdapURL ldapURL = sRVRecord.getLdapURL();
            ldapURL.setRetryMetadata(new LdapURLRetryMetadata(this));
            return ldapURL;
        }).collect(Collectors.toList()));
    }

    protected Set<SRVRecord> readSrvRecords(String str) {
        if (str == null) {
            this.dnsResolvers = Collections.singletonMap(new SRVDNSResolver((DNSContextFactory) Objects.requireNonNullElseGet(this.dnsContextFactory, () -> {
                return new DefaultDNSContextFactory(new String[0]);
            }), this.useSSL), null);
        } else if (str.contains(" ")) {
            this.dnsResolvers = new HashMap();
            for (String str2 : str.split(" ")) {
                String[] parseUrl = parseUrl(str2);
                this.dnsResolvers.put(new SRVDNSResolver((DNSContextFactory) Objects.requireNonNullElseGet(this.dnsContextFactory, () -> {
                    return new DefaultDNSContextFactory(parseUrl[0]);
                }), this.useSSL), parseUrl[1]);
            }
        } else {
            String[] parseUrl2 = parseUrl(str);
            this.dnsResolvers = Collections.singletonMap(new SRVDNSResolver((DNSContextFactory) Objects.requireNonNullElseGet(this.dnsContextFactory, () -> {
                return new DefaultDNSContextFactory(parseUrl2[0]);
            }), this.useSSL), parseUrl2[1]);
        }
        Set<SRVRecord> retrieveDNSRecords = retrieveDNSRecords();
        if (retrieveDNSRecords.isEmpty()) {
            this.logger.error("No SRV records found using {}", this.dnsResolvers);
            this.expirationTime = Instant.now();
        } else {
            this.expirationTime = Instant.now().plus((TemporalAmount) this.srvTtl);
        }
        return retrieveDNSRecords;
    }

    protected String[] parseUrl(String str) {
        try {
            LdapURL ldapURL = new LdapURL(str);
            if (ldapURL.getBaseDn() == null || ldapURL.getBaseDn().isEmpty()) {
                throw new IllegalArgumentException("LDAP URL " + str + " must contain a base DN");
            }
            String apply = new DNSDomainFunction().apply(new Dn(ldapURL.getBaseDn()));
            if (apply.isEmpty()) {
                throw new IllegalArgumentException("Base DN " + ldapURL.getBaseDn() + " could not be converted to a domain");
            }
            return new String[]{null, "_ldap._tcp.".concat(apply)};
        } catch (Exception e) {
            return parseDnsUrl(str);
        }
    }

    protected String[] parseDnsUrl(String str) {
        return !str.contains("?") ? new String[]{str, null} : str.split("\\?");
    }

    @Override // java.lang.Iterable
    public synchronized Iterator<LdapURL> iterator() {
        if (!isInitialized()) {
            throw new IllegalStateException("Strategy is not initialized");
        }
        if (Instant.now().isAfter(this.expirationTime)) {
            populate(this.ldapUrls, this.ldapURLSet);
        }
        return new AbstractConnectionStrategy.DefaultLdapURLIterator(this.ldapURLSet.getUrls());
    }

    protected Set<SRVRecord> retrieveDNSRecords() {
        for (Map.Entry<SRVDNSResolver, String> entry : this.dnsResolvers.entrySet()) {
            try {
                Set<SRVRecord> resolve = entry.getKey().resolve(entry.getValue());
                if (resolve != null && !resolve.isEmpty()) {
                    return resolve;
                }
            } catch (Exception e) {
                this.logger.error("Could not resolve SRV record {} using {}", entry.getValue(), entry.getKey(), e);
            }
        }
        return Collections.emptySet();
    }

    @Override // org.ldaptive.ConnectionStrategy
    public DnsSrvConnectionStrategy newInstance() {
        DnsSrvConnectionStrategy dnsSrvConnectionStrategy = new DnsSrvConnectionStrategy(this.dnsContextFactory, this.srvTtl, this.useSSL);
        dnsSrvConnectionStrategy.setRetryCondition(getRetryCondition());
        return dnsSrvConnectionStrategy;
    }
}
