package edu.internet2.middleware.grouper.ldap.ldaptive;

import edu.internet2.middleware.grouper.app.loader.GrouperLoaderConfig;
import edu.internet2.middleware.grouper.ldap.LdapConfiguration;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.morphString.Morph;
import io.netty.handler.codec.rtsp.RtspHeaders;
import java.io.IOException;
import java.time.Duration;
import java.util.Arrays;
import java.util.HashMap;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Properties;
import net.sf.ehcache.config.TerracottaConfiguration;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.text.StringSubstitutor;
import org.ldaptive.CompareConnectionValidator;
import org.ldaptive.ConnectionConfig;
import org.ldaptive.LdapURL;
import org.ldaptive.PooledConnectionFactory;
import org.ldaptive.handler.LdapEntryHandler;
import org.ldaptive.handler.SearchResultHandler;
import org.ldaptive.props.BindConnectionInitializerPropertySource;
import org.ldaptive.props.BlockingConnectionPoolPropertySource;
import org.ldaptive.props.ConnectionConfigPropertySource;
import org.ldaptive.props.PooledConnectionFactoryPropertySource;
import org.ldaptive.props.SearchConnectionValidatorPropertySource;
import org.ldaptive.props.SearchRequestPropertySource;
import org.ldaptive.props.SslConfigPropertySource;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/grouper-5.7.1.jar:edu/internet2/middleware/grouper/ldap/ldaptive/LdaptiveConfiguration.class */
public final class LdaptiveConfiguration {
    private static final Log LOG = GrouperUtil.getLog(LdaptiveConfiguration.class);
    private static final String[] ENCRYPTABLE_LDAPTIVE_PROPERTIES = {"org.ldaptive.bindCredential"};
    private static final Map<String, Config> configuration = new HashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/grouper-5.7.1.jar:edu/internet2/middleware/grouper/ldap/ldaptive/LdaptiveConfiguration$Config.class */
    public static class Config {
        private final Properties properties;
        private final LdapEntryHandler[] ldapEntryHandlers;
        private final SearchResultHandler[] searchResultHandlers;

        Config(Properties properties, LdapEntryHandler[] ldapEntryHandlerArr, SearchResultHandler[] searchResultHandlerArr) {
            this.properties = properties;
            this.ldapEntryHandlers = ldapEntryHandlerArr;
            this.searchResultHandlers = searchResultHandlerArr;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Properties getProperties() {
            return this.properties;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public LdapEntryHandler[] getLdapEntryHandlers() {
            return this.ldapEntryHandlers;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public SearchResultHandler[] getSearchResultHandlers() {
            return this.searchResultHandlers;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof Config)) {
                return false;
            }
            Config config = (Config) obj;
            return this.properties.equals(config.properties) && Arrays.equals(this.ldapEntryHandlers, config.ldapEntryHandlers) && Arrays.equals(this.searchResultHandlers, config.searchResultHandlers);
        }
    }

    LdaptiveConfiguration() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PooledConnectionFactory createPooledConnectionFactory(String str) {
        Properties properties = getConfig(str).getProperties();
        String property = properties.getProperty("org.ldaptive.ldapUrl");
        if (!StringUtils.isBlank(property) && !new LdapURL(property).isDefaultBaseDn()) {
            throw new RuntimeException("Base DN not allowed to be configured in the ldap URL: " + property);
        }
        ConnectionConfig connectionConfig = new ConnectionConfig();
        new ConnectionConfigPropertySource(connectionConfig, properties).initialize();
        PooledConnectionFactory pooledConnectionFactory = new PooledConnectionFactory();
        pooledConnectionFactory.setConnectionConfig(connectionConfig);
        new PooledConnectionFactoryPropertySource(pooledConnectionFactory, properties).initialize();
        return pooledConnectionFactory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean hasConfig(String str) {
        boolean containsKey;
        synchronized (configuration) {
            containsKey = configuration.containsKey(str);
        }
        return containsKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Config getConfig(String str) {
        Config config;
        synchronized (configuration) {
            if (!configuration.containsKey(str)) {
                configuration.put(str, createConfig(str));
            }
            config = configuration.get(str);
        }
        return config;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void removeConfig(String str) {
        synchronized (configuration) {
            configuration.remove(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Failed to find 'out' block for switch in B:25:0x00e5. Please report as an issue. */
    /* JADX WARN: Failed to find 'out' block for switch in B:51:0x01b1. Please report as an issue. */
    public static Config createConfig(String str) {
        Properties properties = new Properties();
        String str2 = "ldap." + str + ".";
        String propertyValueString = GrouperLoaderConfig.retrieveConfig().propertyValueString(str2 + "configFileFromClasspath");
        if (!StringUtils.isBlank(propertyValueString)) {
            try {
                properties.load(GrouperUtil.computeUrl(propertyValueString, false).openStream());
            } catch (IOException e) {
                throw new RuntimeException("Error processing classpath file: " + propertyValueString, e);
            }
        }
        for (String str3 : GrouperLoaderConfig.retrieveConfig().propertyNames()) {
            if (str3.startsWith(str2)) {
                String propertyValueString2 = GrouperLoaderConfig.retrieveConfig().propertyValueString(str3, "");
                String substring = str3.substring(str2.length());
                if (propertyValueString2 == null) {
                    propertyValueString2 = "";
                }
                if ((substring.equalsIgnoreCase(RtspHeaders.Values.TIMEOUT) || substring.equalsIgnoreCase("timeLimit")) && !StringUtils.isBlank(propertyValueString2)) {
                    try {
                        propertyValueString2 = Duration.ofMillis(GrouperUtil.longValue(propertyValueString2)).toString();
                    } catch (Throwable th) {
                        LOG.debug("Error parsing: " + propertyValueString2, th);
                    }
                }
                boolean z = -1;
                switch (substring.hashCode()) {
                    case -1313911455:
                        if (substring.equals(RtspHeaders.Values.TIMEOUT)) {
                            z = 5;
                            break;
                        }
                        break;
                    case -1170646180:
                        if (substring.equals("pruneTimerPeriod")) {
                            z = 6;
                            break;
                        }
                        break;
                    case -1053008916:
                        if (substring.equals("countLimit")) {
                            z = 4;
                            break;
                        }
                        break;
                    case -668327396:
                        if (substring.equals("expirationTime")) {
                            z = 7;
                            break;
                        }
                        break;
                    case 114939:
                        if (substring.equals("tls")) {
                            z = true;
                            break;
                        }
                        break;
                    case 116079:
                        if (substring.equals("url")) {
                            z = false;
                            break;
                        }
                        break;
                    case 3433489:
                        if (substring.equals("pass")) {
                            z = 3;
                            break;
                        }
                        break;
                    case 3599307:
                        if (substring.equals("user")) {
                            z = 2;
                            break;
                        }
                        break;
                }
                switch (z) {
                    case false:
                        substring = "ldapUrl";
                        break;
                    case true:
                        substring = "useStartTLS";
                        break;
                    case true:
                        substring = "bindDn";
                        break;
                    case true:
                        substring = "bindCredential";
                        break;
                    case true:
                        substring = "sizeLimit";
                        break;
                    case true:
                        substring = "connectTimeout";
                        break;
                    case true:
                        substring = "prunePeriod";
                        break;
                    case true:
                        substring = "idleTime";
                        break;
                }
                if (ConnectionConfigPropertySource.getProperties().contains(substring)) {
                    properties.put("org.ldaptive." + substring, propertyValueString2);
                } else if (SslConfigPropertySource.getProperties().contains(substring)) {
                    properties.put("org.ldaptive." + substring, propertyValueString2);
                } else if (BindConnectionInitializerPropertySource.getProperties().contains(substring)) {
                    properties.put("org.ldaptive." + substring, propertyValueString2);
                } else if (SearchRequestPropertySource.getProperties().contains(substring)) {
                    properties.put("org.ldaptive." + substring, propertyValueString2);
                } else if (BlockingConnectionPoolPropertySource.getProperties().contains(substring)) {
                    properties.put("org.ldaptive.pool." + substring, propertyValueString2);
                } else if (SearchConnectionValidatorPropertySource.getProperties().contains(substring)) {
                    properties.put("org.ldaptive.pool." + substring, propertyValueString2);
                } else {
                    LOG.info("Unknown ldap property: " + substring + "=" + propertyValueString2);
                }
            }
        }
        addCredentialConfigProperty(str, properties);
        addSaslProperties(str, properties);
        addPruneStrategyProperty(str, properties);
        addValidatorProperty(str, properties);
        for (String str4 : ENCRYPTABLE_LDAPTIVE_PROPERTIES) {
            String decryptIfFile = Morph.decryptIfFile(properties.getProperty(str4));
            if (!StringUtils.isBlank(decryptIfFile)) {
                properties.put(str4, decryptIfFile);
            }
        }
        return new Config(properties, createEntryHandlers(str), createResultHandlers(str));
    }

    private static void addCredentialConfigProperty(String str, Properties properties) {
        String propertyValueString = GrouperLoaderConfig.retrieveConfig().propertyValueString("ldap." + str + ".pemCaFile");
        String propertyValueString2 = GrouperLoaderConfig.retrieveConfig().propertyValueString("ldap." + str + ".pemCertFile");
        String propertyValueString3 = GrouperLoaderConfig.retrieveConfig().propertyValueString("ldap." + str + ".pemKeyFile");
        if (propertyValueString == null || propertyValueString2 == null || propertyValueString3 == null) {
            return;
        }
        properties.put("org.ldaptive.credentialConfig", String.format("edu.internet2.middleware.grouper.ldap.ldaptive.LdapPEMCredentialConfig{{caFile=%1$s}{certFile=%2$s}{keyFile=%3$s}}", propertyValueString, propertyValueString2, propertyValueString3));
    }

    private static void addSaslProperties(String str, Properties properties) {
        String propertyValueString = GrouperLoaderConfig.retrieveConfig().propertyValueString("ldap." + str + ".saslMechanism");
        if (StringUtils.isBlank(propertyValueString)) {
            return;
        }
        StringBuilder append = new StringBuilder("org.ldaptive.sasl.SaslConfig{{mechanism=").append(propertyValueString).append(StringSubstitutor.DEFAULT_VAR_END);
        String propertyValueString2 = GrouperLoaderConfig.retrieveConfig().propertyValueString("ldap." + str + ".saslRealm");
        if (!StringUtils.isBlank(propertyValueString2)) {
            append.append("{realm=").append(propertyValueString2).append(StringSubstitutor.DEFAULT_VAR_END);
        }
        String propertyValueString3 = GrouperLoaderConfig.retrieveConfig().propertyValueString("ldap." + str + ".saslAuthorizationId");
        if (!StringUtils.isBlank(propertyValueString3)) {
            append.append("{authorizationId=").append(propertyValueString3).append(StringSubstitutor.DEFAULT_VAR_END);
        }
        append.append(StringSubstitutor.DEFAULT_VAR_END);
        properties.put("org.ldaptive.bindSaslConfig", append.toString());
    }

    private static void addPruneStrategyProperty(String str, Properties properties) {
        properties.put("org.ldaptive.pool.pruneStrategy", String.format("org.ldaptive.pool.IdlePruneStrategy{{prunePeriod=%1$s}{idleTime=%2$s}}", Duration.ofMillis(GrouperLoaderConfig.retrieveConfig().propertyValueInt("ldap." + str + ".pruneTimerPeriod", TerracottaConfiguration.DEFAULT_LOCAL_KEY_CACHE_SIZE)), Duration.ofMillis(GrouperLoaderConfig.retrieveConfig().propertyValueInt("ldap." + str + ".expirationTime", 600000))));
    }

    private static void addValidatorProperty(String str, Properties properties) {
        String propertyValueString = GrouperLoaderConfig.retrieveConfig().propertyValueString("ldap." + str + ".validator", "SearchConnectionValidator");
        properties.put("org.ldaptive.pool.validator", (StringUtils.equalsIgnoreCase(propertyValueString, CompareConnectionValidator.class.getSimpleName()) || StringUtils.equalsIgnoreCase(propertyValueString, "CompareLdapValidator")) ? String.format("edu.internet2.middleware.grouper.ldap.ldaptive.LdaptiveConnectionValidator{{validatePeriod=%1$s}{dn=%2$s}{name=%3$s}{value=%4$s}}", Duration.ofMillis(GrouperLoaderConfig.retrieveConfig().propertyValueInt("ldap." + str + ".validateTimerPeriod", 1800000)), GrouperLoaderConfig.retrieveConfig().propertyValueStringRequired("ldap." + str + ".validatorCompareDn"), GrouperLoaderConfig.retrieveConfig().propertyValueStringRequired("ldap." + str + ".validatorCompareAttribute"), GrouperLoaderConfig.retrieveConfig().propertyValueStringRequired("ldap." + str + ".validatorCompareValue")) : String.format("org.ldaptive.SearchConnectionValidator{{validatePeriod=%1$s}}", Duration.ofMillis(GrouperLoaderConfig.retrieveConfig().propertyValueInt("ldap." + str + ".validateTimerPeriod", 1800000))));
        if (Boolean.parseBoolean(properties.getProperty("org.ldaptive.pool.validateOnCheckIn", "false")) || Boolean.parseBoolean(properties.getProperty("org.ldaptive.pool.validateOnCheckOut", "false")) || Boolean.parseBoolean(properties.getProperty("org.ldaptive.pool.validatePeriodically", "false"))) {
            return;
        }
        properties.put("org.ldaptive.pool.validatePeriodically", "true");
    }

    private static LdapEntryHandler[] createEntryHandlers(String str) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        String propertyValueString = GrouperLoaderConfig.retrieveConfig().propertyValueString("ldap." + str + ".searchResultHandlers");
        if (!StringUtils.isBlank(propertyValueString)) {
            String[] splitTrim = GrouperUtil.splitTrim(propertyValueString, ",");
            int length = splitTrim.length;
            for (int i = 0; i < length; i++) {
                String str2 = splitTrim[i];
                if (str2.equals("edu.internet2.middleware.grouper.ldap.handler.RangeSearchResultHandler")) {
                    str2 = "";
                } else if (str2.equals("edu.vt.middleware.ldap.handler.EntryDnSearchResultHandler")) {
                    str2 = "org.ldaptive.handler.DnAttributeEntryHandler";
                }
                if (!StringUtils.isBlank(str2)) {
                    try {
                        linkedHashSet.add((LdapEntryHandler) GrouperUtil.newInstance(GrouperUtil.forName(str2)));
                    } catch (ClassCastException e) {
                        LOG.debug("Ignoring ldap entry handler of incorrect type: " + str2, e);
                    }
                }
            }
        }
        if (linkedHashSet.isEmpty()) {
            return null;
        }
        return (LdapEntryHandler[]) linkedHashSet.toArray(i2 -> {
            return new LdapEntryHandler[i2];
        });
    }

    private static SearchResultHandler[] createResultHandlers(String str) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        boolean isActiveDirectory = LdapConfiguration.getConfig(str).isActiveDirectory();
        String propertyValueString = GrouperLoaderConfig.retrieveConfig().propertyValueString("ldap." + str + ".searchResultHandlers");
        if (StringUtils.isEmpty(propertyValueString) && isActiveDirectory) {
            propertyValueString = "edu.internet2.middleware.grouper.ldap.ldaptive.GrouperRangeEntryHandler";
        }
        if (!StringUtils.isBlank(propertyValueString)) {
            String[] splitTrim = GrouperUtil.splitTrim(propertyValueString, ",");
            int length = splitTrim.length;
            for (int i = 0; i < length; i++) {
                String str2 = splitTrim[i];
                if (str2.equals("edu.internet2.middleware.grouper.ldap.handler.RangeSearchResultHandler")) {
                    str2 = "edu.internet2.middleware.grouper.ldap.ldaptive.GrouperRangeEntryHandler";
                } else if (str2.equals("edu.vt.middleware.ldap.handler.EntryDnSearchResultHandler")) {
                    str2 = "";
                }
                if (!StringUtils.isBlank(str2)) {
                    try {
                        linkedHashSet.add((SearchResultHandler) GrouperUtil.newInstance(GrouperUtil.forName(str2)));
                    } catch (ClassCastException e) {
                        LOG.debug("Ignoring search result handler of incorrect type: " + str2, e);
                    }
                }
            }
        }
        if (linkedHashSet.isEmpty()) {
            return null;
        }
        return (SearchResultHandler[]) linkedHashSet.toArray(i2 -> {
            return new SearchResultHandler[i2];
        });
    }
}
