package edu.internet2.middleware.subject.provider;

import edu.internet2.middleware.grouper.app.loader.LoaderJobBean;
import edu.internet2.middleware.grouper.ldap.LdapAttribute;
import edu.internet2.middleware.grouper.ldap.LdapEntry;
import edu.internet2.middleware.grouper.ldap.LdapSearchScope;
import edu.internet2.middleware.grouper.ldap.LdapSessionUtils;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.grouperClient.util.GrouperClientUtils;
import edu.internet2.middleware.subject.SearchPageResult;
import edu.internet2.middleware.subject.SourceUnavailableException;
import edu.internet2.middleware.subject.Subject;
import edu.internet2.middleware.subject.SubjectCaseInsensitiveMapImpl;
import edu.internet2.middleware.subject.SubjectNotFoundException;
import edu.internet2.middleware.subject.SubjectNotUniqueException;
import edu.internet2.middleware.subject.SubjectTooManyResults;
import edu.internet2.middleware.subject.SubjectUtils;
import groovy.ui.text.GroovyFilter;
import java.lang.reflect.Array;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.TreeSet;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;

/* loaded from: input_file:WEB-INF/lib/grouper-5.7.1.jar:edu/internet2/middleware/subject/provider/LdapSourceAdapter.class */
public class LdapSourceAdapter extends BaseSourceAdapter {
    private static Log log = GrouperUtil.getLog(LdapSourceAdapter.class);
    private Properties props;
    protected String subjectIDAttributeName;
    protected boolean subjectIDFormatToLowerCase;
    private String ldapServerId;
    private boolean multipleResults;
    private String[] allAttributeNames;
    private boolean throwErrorOnFindAllFailure;
    private Integer maxResults;
    private boolean errorOnMaxResults;
    private Integer maxPage;

    @Override // edu.internet2.middleware.subject.Source
    public void loggingStart() {
        LdapSessionUtils.logStart();
    }

    @Override // edu.internet2.middleware.subject.Source
    public String loggingStop() {
        return LdapSessionUtils.logEnd();
    }

    public LdapSourceAdapter() {
        this.subjectIDAttributeName = null;
        this.subjectIDFormatToLowerCase = false;
        this.ldapServerId = null;
        this.multipleResults = false;
        this.errorOnMaxResults = true;
    }

    public LdapSourceAdapter(String str, String str2) {
        super(str, str2);
        this.subjectIDAttributeName = null;
        this.subjectIDFormatToLowerCase = false;
        this.ldapServerId = null;
        this.multipleResults = false;
        this.errorOnMaxResults = true;
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public void init() {
        log.debug("ldap source init");
        this.props = initParams();
        this.ldapServerId = getNeededProperty(this.props, LoaderJobBean.FIELD_LDAP_SERVER_ID);
        this.nameAttributeName = getNeededProperty(this.props, "Name_AttributeType");
        this.subjectIDAttributeName = getNeededProperty(this.props, "SubjectID_AttributeType");
        this.descriptionAttributeName = getNeededProperty(this.props, "Description_AttributeType");
        this.subjectIDAttributeName = convertSubjectAttributeToSourceAttribute(this.subjectIDAttributeName);
        this.descriptionAttributeName = convertSubjectAttributeToSourceAttribute(this.descriptionAttributeName);
        this.nameAttributeName = convertSubjectAttributeToSourceAttribute(this.nameAttributeName);
        this.subjectIDFormatToLowerCase = SubjectUtils.booleanValue(this.props.getProperty("SubjectID_formatToLowerCase"), false);
        String property = this.props.getProperty("Multiple_Results");
        if (property != null && (property.equalsIgnoreCase("yes") || property.equalsIgnoreCase("true"))) {
            this.multipleResults = true;
        }
        Set attributes = getAttributes();
        if (isEditable()) {
            this.allAttributeNames = (String[]) GrouperUtil.toArray(attributes, String.class);
        } else {
            this.allAttributeNames = new String[3 + attributes.size()];
            this.allAttributeNames[0] = this.nameAttributeName;
            this.allAttributeNames[1] = this.subjectIDAttributeName;
            this.allAttributeNames[2] = this.descriptionAttributeName;
            int i = 0;
            Iterator it = attributes.iterator();
            while (it.hasNext()) {
                int i2 = i;
                i++;
                this.allAttributeNames[3 + i2] = (String) it.next();
            }
        }
        Map nonNull = SubjectUtils.nonNull(BaseSourceAdapter.virtualAttributesForSourceLegacy(this));
        Set set = SubjectUtils.toSet(this.allAttributeNames);
        set.removeAll(nonNull.keySet());
        this.allAttributeNames = (String[]) toArray(set, String.class);
        this.throwErrorOnFindAllFailure = SubjectUtils.booleanValue(getInitParam("throwErrorOnFindAllFailure"), true);
        String property2 = this.props.getProperty("maxPageSize");
        if (!StringUtils.isBlank(property2)) {
            try {
                this.maxPage = Integer.valueOf(Integer.parseInt(property2));
            } catch (NumberFormatException e) {
                throw new SourceUnavailableException("Cant parse maxPage: " + property2, e);
            }
        }
        String property3 = this.props.getProperty("maxResults");
        if (!StringUtils.isBlank(property3)) {
            try {
                this.maxResults = Integer.valueOf(Integer.parseInt(property3));
            } catch (NumberFormatException e2) {
                throw new SourceUnavailableException("Cant parse maxResults: " + property3, e2);
            }
        }
        String property4 = this.props.getProperty("errorOnMaxResults");
        if (StringUtils.isBlank(property4)) {
            return;
        }
        this.errorOnMaxResults = SubjectUtils.booleanValue(property4, true);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static <T> T[] toArray(Collection collection, Class<T> cls) {
        if (collection == 0 || collection.size() == 0) {
            return null;
        }
        return (T[]) collection.toArray((Object[]) Array.newInstance((Class<?>) cls, collection.size()));
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public Subject getSubject(String str, boolean z) throws SubjectNotFoundException, SubjectNotUniqueException {
        Subject subject = null;
        Search search = getSearch("searchSubject");
        if (search == null) {
            log.error("searchType: \"searchSubject\" not defined.");
            return null;
        }
        try {
            subject = createSubject(getLdapUnique(search, str, this.allAttributeNames));
        } catch (SubjectNotFoundException e) {
            if (z) {
                throw e;
            }
        }
        if (subject == null && z) {
            throw new SubjectNotFoundException("Subject " + str + " not found.");
        }
        return subject;
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    @Deprecated
    public Subject getSubject(String str) throws SubjectNotFoundException, SubjectNotUniqueException {
        return getSubject(str, true);
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public Subject getSubjectByIdentifier(String str, boolean z) throws SubjectNotFoundException, SubjectNotUniqueException {
        LinkedHashMap linkedHashMap = null;
        try {
            if (log.isDebugEnabled()) {
                linkedHashMap = new LinkedHashMap();
                linkedHashMap.put("method", "getSubjectByIdentifier");
                linkedHashMap.put("id", str);
                linkedHashMap.put("exceptionIfNull", Boolean.valueOf(z));
            }
            Search search = getSearch("searchSubjectByIdentifier");
            if (linkedHashMap != null) {
                linkedHashMap.put("search", search);
            }
            if (search == null) {
                log.error("searchType: \"searchSubjectByIdentifier\" not defined.");
                if (log.isDebugEnabled()) {
                    log.debug(SubjectUtils.mapToString(linkedHashMap));
                }
                return null;
            }
            try {
                Subject createSubject = createSubject(getLdapUnique(search, str, this.allAttributeNames));
                if (linkedHashMap != null) {
                    linkedHashMap.put("foundSubject", Boolean.valueOf(createSubject != null));
                }
                if (createSubject == null && z) {
                    throw new SubjectNotFoundException("Subject " + str + " not found.");
                }
                Search search2 = getSearch("searchSubjectByIdentifierAttributes");
                if (linkedHashMap != null) {
                    linkedHashMap.put("searchSubjectByIdentifierAttributesNotNull", Boolean.valueOf(search2 != null));
                }
                if (log.isDebugEnabled()) {
                    log.debug(SubjectUtils.mapToString(linkedHashMap));
                }
                return createSubject;
            } catch (SubjectNotFoundException e) {
                if (z) {
                    throw e;
                }
                if (log.isDebugEnabled()) {
                    log.debug(SubjectUtils.mapToString(linkedHashMap));
                }
                return null;
            }
        } catch (Throwable th) {
            if (log.isDebugEnabled()) {
                log.debug(SubjectUtils.mapToString(linkedHashMap));
            }
            throw th;
        }
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    @Deprecated
    public Subject getSubjectByIdentifier(String str) throws SubjectNotFoundException, SubjectNotUniqueException {
        return getSubjectByIdentifier(str, true);
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public SearchPageResult searchPage(String str) {
        return searchHelper(str, true);
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public Set<Subject> search(String str) {
        return searchHelper(str, false).getResults();
    }

    private SearchPageResult searchHelper(String str, boolean z) {
        Iterator<LdapEntry> ldapResultsHelper;
        boolean z2 = false;
        TreeSet treeSet = new TreeSet(new LdapComparator());
        Search search = getSearch("search");
        if (search == null) {
            log.error("searchType: \"search\" not defined.");
            return new SearchPageResult(false, treeSet);
        }
        if (getSearch("searchAttributes") != null) {
        }
        try {
            ldapResultsHelper = getLdapResultsHelper(search, str, this.allAttributeNames, z);
        } catch (Exception e) {
            if (e instanceof SubjectTooManyResults) {
                throw ((SubjectTooManyResults) e);
            }
            if (this.throwErrorOnFindAllFailure) {
                throw new SourceUnavailableException(e.getMessage() + ", source: " + getId() + ", sql: " + search.getParam("sql"), e);
            }
            log.error("LDAP Naming Except: " + e.getMessage() + ", " + this.id + ", " + str, e);
        }
        if (ldapResultsHelper == null) {
            return new SearchPageResult(false, treeSet);
        }
        while (true) {
            if (!ldapResultsHelper.hasNext()) {
                break;
            }
            if (z && this.maxPage != null && treeSet.size() >= this.maxPage.intValue()) {
                z2 = true;
                break;
            }
            if (this.maxResults == null || treeSet.size() < this.maxResults.intValue()) {
                LdapEntry next = ldapResultsHelper.next();
                Subject createSubject = createSubject(next);
                if (createSubject != null) {
                    treeSet.add(createSubject);
                } else {
                    log.error("Failed to create subject with attributes: " + next.toString());
                }
            } else if (this.errorOnMaxResults) {
                throw new SubjectTooManyResults("More results than allowed: " + this.maxResults + " for search '" + str + "'");
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("set has " + treeSet.size() + " subjects");
            if (treeSet.size() > 0) {
                log.debug("first is " + ((Subject) treeSet.first()).getName());
            }
        }
        return new SearchPageResult(z2, treeSet);
    }

    public Subject createSubject(LdapEntry ldapEntry) {
        if (ldapEntry == null) {
            log.error("Ldap createSubject called with null entry.");
            return null;
        }
        LdapAttribute attribute = ldapEntry.getAttribute(this.subjectIDAttributeName);
        if (attribute == null || attribute.getStringValues().size() == 0) {
            log.error("No value for LDAP attribute \"" + this.subjectIDAttributeName + "\". It is Grouper attribute \"SubjectID\".\".  Subject's problematic attributes : " + ldapEntry.toString());
            return null;
        }
        String next = attribute.getStringValues().iterator().next();
        if (this.subjectIDFormatToLowerCase) {
            next = next.toLowerCase();
        }
        SubjectImpl subjectImpl = new SubjectImpl(next, null, null, getSubjectType().getName(), getId(), this.nameAttributeName, this.descriptionAttributeName);
        SubjectCaseInsensitiveMapImpl subjectCaseInsensitiveMapImpl = new SubjectCaseInsensitiveMapImpl();
        for (LdapAttribute ldapAttribute : ldapEntry.getAttributes()) {
            String convertSourceAttributeToSubjectAttribute = convertSourceAttributeToSubjectAttribute(ldapAttribute.getName());
            HashSet hashSet = new HashSet();
            hashSet.addAll(ldapAttribute.getStringValues());
            subjectCaseInsensitiveMapImpl.put(convertSourceAttributeToSubjectAttribute, hashSet);
        }
        subjectImpl.setAttributes(subjectCaseInsensitiveMapImpl);
        return subjectImpl;
    }

    protected String getNeededProperty(Properties properties, String str) {
        String property = properties.getProperty(str);
        if (property == null) {
            log.error("Property '" + str + "' is not defined!");
        }
        return property;
    }

    protected Map<String, Set<String>> getAllAttributes(SubjectImpl subjectImpl) {
        SubjectCaseInsensitiveMapImpl subjectCaseInsensitiveMapImpl = new SubjectCaseInsensitiveMapImpl();
        if (log.isDebugEnabled()) {
            log.debug("getAllAttributes for " + subjectImpl.getName());
        }
        Search search = getSearch("searchSubjectAttributes");
        if (search == null) {
            log.debug("searchType: \"searchSubjectAttributes\" not defined.");
            return subjectCaseInsensitiveMapImpl;
        }
        try {
            for (LdapAttribute ldapAttribute : getLdapUnique(search, subjectImpl.getName(), this.allAttributeNames).getAttributes()) {
                String name = ldapAttribute.getName();
                HashSet hashSet = new HashSet();
                hashSet.addAll(ldapAttribute.getStringValues());
                subjectCaseInsensitiveMapImpl.put(name, hashSet);
            }
            subjectImpl.setAttributes(subjectCaseInsensitiveMapImpl);
        } catch (SubjectNotFoundException e) {
            log.error("SubjectNotFound: " + subjectImpl.getId() + " " + e.getMessage(), e);
        } catch (SubjectNotUniqueException e2) {
            log.error("SubjectNotUnique: " + subjectImpl.getId() + " " + e2.getMessage(), e2);
        }
        return subjectCaseInsensitiveMapImpl;
    }

    protected Iterator<LdapEntry> getLdapResults(Search search, String str, String[] strArr) {
        return getLdapResultsHelper(search, str, strArr, false);
    }

    private Iterator<LdapEntry> getLdapResultsHelper(Search search, String str, String[] strArr, boolean z) {
        String replace;
        int indexOf;
        if (str == null) {
            return null;
        }
        SubjectStatusResult subjectStatusResult = null;
        boolean equals = StringUtils.equals("search", search.getSearchType());
        if (equals) {
            subjectStatusResult = new SubjectStatusProcessor(str, getSubjectStatusConfig()).processSearch();
            str = subjectStatusResult.getStrippedQuery();
        }
        String str2 = null;
        int indexOf2 = str.indexOf(44);
        if (indexOf2 > 0) {
            int indexOf3 = str.indexOf(91);
            if (indexOf3 <= indexOf2 || (indexOf = str.indexOf(93)) <= indexOf3) {
                replace = search.getParam("firstlastfilter");
            } else {
                str2 = str.substring(indexOf3 + 1, indexOf);
                str = str.substring(0, indexOf3);
                replace = search.getParam("affiliationfilter");
            }
            if (replace == null) {
                replace = search.getParam("filter");
            }
            if (replace == null) {
                log.error("Search filter not found for search type:  " + search.getSearchType());
                return null;
            }
            String substring = str.substring(0, indexOf2);
            String substring2 = str.substring(indexOf2 + 1);
            if (substring != null) {
                replace = GrouperClientUtils.replace(replace, "%LAST%", escapeSearchFilter(substring));
            }
            if (substring2 != null) {
                replace = GrouperClientUtils.replace(replace, "%FIRST%", escapeSearchFilter(substring2));
            }
            if (str2 != null) {
                replace = GrouperClientUtils.replace(replace, "%AFFILIATION%", escapeSearchFilter(str2));
            }
        } else {
            String param = search.getParam("filter");
            if (param == null) {
                log.error("Search filter not found for search type:  " + search.getSearchType());
                return null;
            }
            replace = GrouperClientUtils.replace(param, "%TERM%", escapeSearchFilter(str));
        }
        String str3 = replace;
        if (equals && !subjectStatusResult.isAll() && !StringUtils.isBlank(subjectStatusResult.getDatastoreFieldName())) {
            if (!subjectStatusResult.getDatastoreValue().matches("[a-zA-Z0-9_-]+")) {
                throw new RuntimeException("Invalid status value: " + subjectStatusResult.getDatastoreValue());
            }
            replace = "(&" + replace + "(" + (subjectStatusResult.isEquals() ? "" : " ! ( ") + subjectStatusResult.getDatastoreFieldName() + "=" + subjectStatusResult.getDatastoreValue() + (subjectStatusResult.isEquals() ? "" : " ) ") + "))";
        }
        if (StringUtils.equals(str3, replace)) {
            if (log.isDebugEnabled()) {
                log.debug("searchType: " + search.getSearchType() + ", filter: " + replace);
            }
        } else if (log.isDebugEnabled()) {
            log.debug("searchType: " + search.getSearchType() + ", preStatusFilter: " + str3 + ", filter: " + replace);
        }
        try {
            Integer resultSetLimit = resultSetLimit(z, getMaxPage(), this.maxResults);
            Integer num = null;
            if (resultSetLimit != null) {
                num = Integer.valueOf(resultSetLimit.intValue() + 1);
            }
            String param2 = search.getParam("base");
            String param3 = search.getParam("scope");
            LdapSearchScope ldapSearchScope = null;
            if (param3 != null) {
                ldapSearchScope = LdapSearchScope.valueOf(param3);
            }
            if (StringUtils.isEmpty(this.ldapServerId)) {
                throw new SourceUnavailableException("Missing property subjectApi.source." + this.id + ".param.ldapServerId.value in subject.properties.  The value of this property should point to your LDAP configuration in the grouper-loader.properties file. e.g. if your grouper-loader.properties has ldap.personLdap.url, then the value of this property would be personLdap.");
            }
            return LdapSessionUtils.ldapSession().list(this.ldapServerId, param2, ldapSearchScope, replace, strArr, num).iterator();
        } catch (Exception e) {
            log.error("Ldap Exception: " + e.getMessage(), e);
            throw new SourceUnavailableException("Ldap Exception: " + e.getMessage(), e);
        }
    }

    protected LdapEntry getLdapUnique(Search search, String str, String[] strArr) throws SubjectNotFoundException, SubjectNotUniqueException, SourceUnavailableException {
        LinkedHashMap linkedHashMap = null;
        try {
            if (log.isDebugEnabled()) {
                linkedHashMap = new LinkedHashMap();
                linkedHashMap.put("method", "getLdapUnique");
                linkedHashMap.put("search", search);
                linkedHashMap.put("searchValue", str);
                linkedHashMap.put("attributeNames", SubjectUtils.toStringForLog(strArr, 200));
            }
            Iterator<LdapEntry> ldapResults = getLdapResults(search, str, strArr);
            if (ldapResults == null || !ldapResults.hasNext()) {
                throw new SubjectNotFoundException("No results: " + search.getSearchType() + " filter:" + search.getParam("filter") + " searchValue: " + str);
            }
            LdapEntry next = ldapResults.next();
            if (linkedHashMap != null) {
                linkedHashMap.put("dn", next.getDn());
            }
            LdapAttribute ldapAttribute = new LdapAttribute("dn");
            ldapAttribute.addStringValue(next.getDn());
            next.addAttribute(ldapAttribute);
            if (ldapResults.hasNext()) {
                LdapEntry next2 = ldapResults.next();
                if (linkedHashMap != null) {
                    linkedHashMap.put("dn2", next2.getDn());
                }
                if (!this.multipleResults) {
                    if (linkedHashMap != null) {
                        linkedHashMap.put("searchIsNotUnique", true);
                    }
                    throw new SubjectNotUniqueException("Search is not unique:" + next2.getDn() + "\n");
                }
                for (LdapAttribute ldapAttribute2 : next2.getAttributes()) {
                    if (log.isDebugEnabled()) {
                        log.debug("checking attribute " + ldapAttribute2.getName());
                    }
                    if (next.getAttribute(ldapAttribute2.getName()) == null || (next.getAttribute(ldapAttribute2.getName()).getStringValues().size() == 0 && next.getAttribute(ldapAttribute2.getName()).getBinaryValues().size() == 0)) {
                        if (log.isDebugEnabled()) {
                            log.debug("adding " + ldapAttribute2.getName());
                        }
                        next.addAttribute(ldapAttribute2);
                    }
                }
                next.getAttribute("dn").addStringValue(next2.getDn());
            }
            if (log.isDebugEnabled()) {
                log.debug(SubjectUtils.mapToString(linkedHashMap));
            }
            return next;
        } catch (Throwable th) {
            if (log.isDebugEnabled()) {
                log.debug(SubjectUtils.mapToString(null));
            }
            throw th;
        }
    }

    protected String escapeSearchFilter(String str) {
        return new String(str).replaceAll("\\\\", "\\\\5c").replaceAll(GroovyFilter.LEFT_PARENS, "\\\\28").replaceAll("\\)", "\\\\29").replaceAll("\\" + Character.toString((char) 0), "\\\\00");
    }

    @Override // edu.internet2.middleware.subject.Source
    public void checkConfig() {
    }

    @Override // edu.internet2.middleware.subject.Source
    public String printConfig() {
        StringBuilder append = new StringBuilder("subject.properties ldap source id:   ").append(getId()).append(": ");
        append.append(this.ldapServerId);
        return append.toString();
    }

    public void setMultipleResults(boolean z) {
        this.multipleResults = z;
    }

    public Integer getMaxPage() {
        return this.maxPage;
    }
}
