package edu.internet2.middleware.psp.ldap;

import edu.internet2.middleware.psp.PspException;
import edu.internet2.middleware.psp.spml.config.Pso;
import edu.internet2.middleware.psp.spml.config.PsoIdentifyingAttribute;
import edu.internet2.middleware.psp.spml.config.PsoReferences;
import edu.internet2.middleware.psp.spml.provider.BaseSpmlTarget;
import edu.internet2.middleware.psp.spml.request.AlternateIdentifier;
import edu.internet2.middleware.psp.util.PSPUtil;
import edu.internet2.middleware.shibboleth.common.service.ServiceException;
import edu.internet2.middleware.subject.provider.SourceManager;
import edu.vt.middleware.ldap.BaseLdap;
import edu.vt.middleware.ldap.Ldap;
import edu.vt.middleware.ldap.SearchFilter;
import edu.vt.middleware.ldap.bean.LdapAttribute;
import edu.vt.middleware.ldap.bean.LdapAttributes;
import edu.vt.middleware.ldap.bean.LdapEntry;
import edu.vt.middleware.ldap.bean.LdapResult;
import edu.vt.middleware.ldap.bean.OrderedLdapBeanFactory;
import edu.vt.middleware.ldap.bean.SortedLdapBeanFactory;
import edu.vt.middleware.ldap.ldif.Ldif;
import edu.vt.middleware.ldap.ldif.LdifResultConverter;
import edu.vt.middleware.ldap.pool.LdapPool;
import edu.vt.middleware.ldap.pool.LdapPoolException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TreeMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.naming.InvalidNameException;
import javax.naming.NameAlreadyBoundException;
import javax.naming.NameNotFoundException;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SchemaViolationException;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import org.opensaml.xml.util.DatatypeHelper;
import org.openspml.v2.msg.OpenContentElement;
import org.openspml.v2.msg.spml.AddRequest;
import org.openspml.v2.msg.spml.AddResponse;
import org.openspml.v2.msg.spml.DeleteRequest;
import org.openspml.v2.msg.spml.DeleteResponse;
import org.openspml.v2.msg.spml.ErrorCode;
import org.openspml.v2.msg.spml.Extensible;
import org.openspml.v2.msg.spml.LookupRequest;
import org.openspml.v2.msg.spml.LookupResponse;
import org.openspml.v2.msg.spml.Modification;
import org.openspml.v2.msg.spml.ModificationMode;
import org.openspml.v2.msg.spml.ModifyRequest;
import org.openspml.v2.msg.spml.ModifyResponse;
import org.openspml.v2.msg.spml.PSO;
import org.openspml.v2.msg.spml.PSOIdentifier;
import org.openspml.v2.msg.spml.ReturnData;
import org.openspml.v2.msg.spml.StatusCode;
import org.openspml.v2.msg.spmlref.HasReference;
import org.openspml.v2.msg.spmlref.Reference;
import org.openspml.v2.msg.spmlsearch.Query;
import org.openspml.v2.msg.spmlsearch.Scope;
import org.openspml.v2.msg.spmlsearch.SearchRequest;
import org.openspml.v2.msg.spmlsearch.SearchResponse;
import org.openspml.v2.profiles.dsml.DSMLAttr;
import org.openspml.v2.profiles.dsml.DSMLModification;
import org.openspml.v2.profiles.dsml.DSMLProfileException;
import org.openspml.v2.profiles.dsml.DSMLValue;
import org.openspml.v2.profiles.dsml.EqualityMatch;
import org.openspml.v2.profiles.dsml.Filter;
import org.openspml.v2.util.Spml2Exception;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;

/* loaded from: input_file:edu/internet2/middleware/psp/ldap/LdapSpmlTarget.class */
public class LdapSpmlTarget extends BaseSpmlTarget {
    public static final String GROUP_OF_NAMES_ERROR = "[LDAP: error code 65 - object class 'groupOfNames' requires attribute 'member']";
    public static final String GROUP_OF_UNIQUE_NAMES_ERROR = "[LDAP: error code 65 - object class 'groupOfUniqueNames' requires attribute 'uniqueMember']";
    private LdapPool<Ldap> ldapPool;
    private String ldapPoolId;
    private String ldapPoolIdSource;
    private boolean logLdif;
    private static Pattern escapedforwardSlashPattern = Pattern.compile("\\\\/");
    private static Pattern forwardSlashPattern = Pattern.compile("([^\\\\])/");
    private static final Logger LOG = LoggerFactory.getLogger(LdapSpmlTarget.class);

    public static String canonicalizeDn(String str) throws InvalidNameException {
        return new LdapName(unescapeForwardSlash(str)).toString();
    }

    public static String escapeForwardSlash(String str) {
        Matcher matcher = forwardSlashPattern.matcher(str);
        return matcher.find() ? matcher.replaceAll("$1\\\\/") : str;
    }

    public static String unescapeForwardSlash(String str) {
        Matcher matcher = escapedforwardSlashPattern.matcher(str);
        return matcher.find() ? matcher.replaceAll("/") : str;
    }

    public void execute(AddRequest addRequest, AddResponse addResponse) {
        try {
            handleEmptyReferences(addRequest);
            try {
                try {
                    try {
                        SortedLdapBeanFactory sortedLdapBeanFactory = new SortedLdapBeanFactory();
                        LdapAttributes newLdapAttributes = sortedLdapBeanFactory.newLdapAttributes();
                        for (DSMLAttr dSMLAttr : PSPUtil.getDSMLAttrMap(addRequest.getData()).values()) {
                            BasicAttribute basicAttribute = new BasicAttribute(dSMLAttr.getName());
                            for (DSMLValue dSMLValue : dSMLAttr.getValues()) {
                                basicAttribute.add(dSMLValue.getValue());
                            }
                            LdapAttribute newLdapAttribute = sortedLdapBeanFactory.newLdapAttribute();
                            newLdapAttribute.setAttribute(basicAttribute);
                            newLdapAttributes.addAttribute(newLdapAttribute);
                        }
                        Map references = PSPUtil.getReferences(addRequest.getCapabilityData());
                        for (String str : references.keySet()) {
                            BasicAttribute basicAttribute2 = new BasicAttribute(str);
                            for (Reference reference : (List) references.get(str)) {
                                if (reference.getToPsoID().getTargetID().equals(getId())) {
                                    String id = reference.getToPsoID().getID();
                                    if (id == null) {
                                        id = "";
                                    }
                                    basicAttribute2.add(id);
                                }
                            }
                            LdapAttribute newLdapAttribute2 = sortedLdapBeanFactory.newLdapAttribute();
                            newLdapAttribute2.setAttribute(basicAttribute2);
                            newLdapAttributes.addAttribute(newLdapAttribute2);
                        }
                        String id2 = addRequest.getPsoID().getID();
                        String escapeForwardSlash = escapeForwardSlash(id2);
                        Ldap checkOut = this.ldapPool.checkOut();
                        LOG.debug("Target '{}' - Create '{}'", getId(), PSPUtil.toString(addRequest));
                        LOG.debug("Target '{}' - Create DN '{}'", getId(), escapeForwardSlash);
                        checkOut.create(escapeForwardSlash, newLdapAttributes.toAttributes());
                        LOG.info("Target '{}' - Created '{}'", getId(), PSPUtil.toString(addRequest));
                        if (isLogLdif()) {
                            LdapEntry newLdapEntry = sortedLdapBeanFactory.newLdapEntry();
                            newLdapEntry.setDn(id2);
                            newLdapEntry.setLdapAttributes(newLdapAttributes);
                            LdapResult newLdapResult = sortedLdapBeanFactory.newLdapResult();
                            newLdapResult.addEntry(newLdapEntry);
                            LOG.info("Target '{}' - LDIF\n{}", getId(), new Ldif().createLdif(newLdapResult));
                        }
                        if (addRequest.getReturnData().equals(ReturnData.IDENTIFIER)) {
                            PSO pso = new PSO();
                            pso.setPsoID(addRequest.getPsoID());
                            addResponse.setPso(pso);
                        } else {
                            LookupRequest lookupRequest = new LookupRequest();
                            lookupRequest.setPsoID(addRequest.getPsoID());
                            lookupRequest.setReturnData(addRequest.getReturnData());
                            LookupResponse execute = execute(lookupRequest);
                            if (execute.getStatus() == StatusCode.SUCCESS) {
                                addResponse.setPso(execute.getPso());
                            } else {
                                fail(addResponse, execute.getError(), new String[]{"Unable to lookup object after create."});
                            }
                        }
                        this.ldapPool.checkIn(checkOut);
                    } catch (PspException e) {
                        fail(addResponse, ErrorCode.CUSTOM_ERROR, e);
                        this.ldapPool.checkIn((BaseLdap) null);
                    } catch (NameAlreadyBoundException e2) {
                        fail(addResponse, ErrorCode.ALREADY_EXISTS, e2);
                        this.ldapPool.checkIn((BaseLdap) null);
                    }
                } catch (LdapPoolException e3) {
                    fail(addResponse, ErrorCode.CUSTOM_ERROR, e3);
                    this.ldapPool.checkIn((BaseLdap) null);
                } catch (NamingException e4) {
                    fail(addResponse, ErrorCode.CUSTOM_ERROR, e4);
                    this.ldapPool.checkIn((BaseLdap) null);
                }
            } catch (Throwable th) {
                this.ldapPool.checkIn((BaseLdap) null);
                throw th;
            }
        } catch (PspException e5) {
            fail(addResponse, ErrorCode.CUSTOM_ERROR, e5);
        } catch (DSMLProfileException e6) {
            fail(addResponse, ErrorCode.CUSTOM_ERROR, e6);
        }
    }

    public void execute(DeleteRequest deleteRequest, DeleteResponse deleteResponse) {
        if (deleteRequest.isRecursive()) {
            fail(deleteResponse, ErrorCode.UNSUPPORTED_OPERATION, new String[]{"Recursive delete requests are not yet supported."});
            return;
        }
        Ldap ldap = null;
        try {
            try {
                try {
                    String escapeForwardSlash = escapeForwardSlash(deleteRequest.getPsoID().getID());
                    ldap = (Ldap) this.ldapPool.checkOut();
                    LOG.debug("Target '{}' - Delete '{}'", getId(), PSPUtil.toString(deleteRequest));
                    LOG.debug("Target '{}' - Delete DN '{}'", getId(), escapeForwardSlash);
                    ldap.delete(escapeForwardSlash);
                    LOG.info("Target '{}' - Deleted '{}'", getId(), PSPUtil.toString(deleteRequest));
                    this.ldapPool.checkIn(ldap);
                } catch (NameNotFoundException e) {
                    fail(deleteResponse, ErrorCode.NO_SUCH_IDENTIFIER, e);
                    this.ldapPool.checkIn(ldap);
                }
            } catch (LdapPoolException e2) {
                fail(deleteResponse, ErrorCode.CUSTOM_ERROR, e2);
                this.ldapPool.checkIn(ldap);
            } catch (NamingException e3) {
                fail(deleteResponse, ErrorCode.CUSTOM_ERROR, e3);
                this.ldapPool.checkIn(ldap);
            }
        } catch (Throwable th) {
            this.ldapPool.checkIn(ldap);
            throw th;
        }
    }

    public void execute(LookupRequest lookupRequest, LookupResponse lookupResponse) {
        try {
            try {
                try {
                    try {
                        try {
                            try {
                                SearchFilter searchFilter = new SearchFilter();
                                searchFilter.setFilter("objectclass=*");
                                SearchControls searchControls = new SearchControls();
                                searchControls.setSearchScope(0);
                                String[] strArr = (String[]) getPSP().getNames(getId(), lookupRequest.getReturnData()).toArray(new String[0]);
                                searchControls.setReturningAttributes(strArr);
                                String id = lookupRequest.getPsoID().getID();
                                String escapeForwardSlash = escapeForwardSlash(id);
                                Ldap checkOut = this.ldapPool.checkOut();
                                LOG.debug("Target '{}' - Searching '{}'", getId(), PSPUtil.toString(lookupRequest));
                                Iterator search = checkOut.search(escapeForwardSlash, searchFilter, searchControls);
                                LOG.debug("Target '{}' - Searched '{}'", getId(), PSPUtil.toString(lookupRequest));
                                if (!search.hasNext()) {
                                    fail(lookupResponse, ErrorCode.NO_SUCH_IDENTIFIER, new String[0]);
                                    if (checkOut != null) {
                                        this.ldapPool.checkIn(checkOut);
                                        return;
                                    }
                                    return;
                                }
                                SearchResult searchResult = (SearchResult) search.next();
                                if (search.hasNext()) {
                                    fail(lookupResponse, ErrorCode.CUSTOM_ERROR, new String[]{"More than one result found."});
                                    if (checkOut != null) {
                                        this.ldapPool.checkIn(checkOut);
                                        return;
                                    }
                                    return;
                                }
                                Attributes attributes = searchResult.getAttributes();
                                OrderedLdapBeanFactory orderedLdapBeanFactory = new OrderedLdapBeanFactory();
                                SortedLdapBeanFactory sortedLdapBeanFactory = new SortedLdapBeanFactory();
                                LdapAttributes newLdapAttributes = orderedLdapBeanFactory.newLdapAttributes();
                                for (String str : strArr) {
                                    Attribute attribute = attributes.get(str);
                                    if (attribute != null) {
                                        LdapAttribute newLdapAttribute = sortedLdapBeanFactory.newLdapAttribute();
                                        newLdapAttribute.setAttribute(attribute);
                                        newLdapAttributes.addAttribute(newLdapAttribute);
                                    }
                                }
                                LdapEntry newLdapEntry = sortedLdapBeanFactory.newLdapEntry();
                                newLdapEntry.setDn(id);
                                newLdapEntry.setLdapAttributes(newLdapAttributes);
                                if (isLogLdif()) {
                                    LdapResult newLdapResult = sortedLdapBeanFactory.newLdapResult();
                                    newLdapResult.addEntry(newLdapEntry);
                                    LOG.info("Target '{}' - LDIF\n{}", getId(), new LdifResultConverter().toLdif(newLdapResult));
                                }
                                lookupResponse.setPso(getPSO(newLdapEntry, lookupRequest.getReturnData()));
                                if (checkOut != null) {
                                    this.ldapPool.checkIn(checkOut);
                                }
                            } catch (NameNotFoundException e) {
                                fail(lookupResponse, ErrorCode.NO_SUCH_IDENTIFIER, new String[0]);
                                if (0 != 0) {
                                    this.ldapPool.checkIn((BaseLdap) null);
                                }
                            }
                        } catch (Spml2Exception e2) {
                            fail(lookupResponse, ErrorCode.CUSTOM_ERROR, e2);
                            if (0 != 0) {
                                this.ldapPool.checkIn((BaseLdap) null);
                            }
                        }
                    } catch (LdapPoolException e3) {
                        fail(lookupResponse, ErrorCode.CUSTOM_ERROR, e3);
                        if (0 != 0) {
                            this.ldapPool.checkIn((BaseLdap) null);
                        }
                    }
                } catch (NamingException e4) {
                    fail(lookupResponse, ErrorCode.CUSTOM_ERROR, e4);
                    if (0 != 0) {
                        this.ldapPool.checkIn((BaseLdap) null);
                    }
                } catch (InvalidNameException e5) {
                    fail(lookupResponse, ErrorCode.CUSTOM_ERROR, e5);
                    if (0 != 0) {
                        this.ldapPool.checkIn((BaseLdap) null);
                    }
                }
            } catch (DSMLProfileException e6) {
                fail(lookupResponse, ErrorCode.CUSTOM_ERROR, e6);
                if (0 != 0) {
                    this.ldapPool.checkIn((BaseLdap) null);
                }
            } catch (PspException e7) {
                fail(lookupResponse, ErrorCode.CUSTOM_ERROR, e7);
                if (0 != 0) {
                    this.ldapPool.checkIn((BaseLdap) null);
                }
            }
        } catch (Throwable th) {
            if (0 != 0) {
                this.ldapPool.checkIn((BaseLdap) null);
            }
            throw th;
        }
    }

    public void execute(ModifyRequest modifyRequest, ModifyResponse modifyResponse) {
        execute(modifyRequest, modifyResponse, true);
    }

    public void execute(ModifyRequest modifyRequest, ModifyResponse modifyResponse, boolean z) {
        try {
            try {
                try {
                    try {
                        try {
                            String id = modifyRequest.getPsoID().getID();
                            ArrayList arrayList = new ArrayList();
                            ArrayList arrayList2 = new ArrayList();
                            for (Modification modification : modifyRequest.getModifications()) {
                                arrayList2.addAll(getDsmlMods(modification));
                                arrayList2.addAll(getReferenceMods(modification));
                                arrayList.addAll(PSPUtil.getAlternateIdentifiers(modification));
                            }
                            if (arrayList.size() == 1 && !((AlternateIdentifier) arrayList.get(0)).getTargetID().equals(getId())) {
                                fail(modifyResponse, ErrorCode.CUSTOM_ERROR, new String[]{"Unable to rename object with a different target ID."});
                                this.ldapPool.checkIn((BaseLdap) null);
                                return;
                            }
                            Ldap checkOut = this.ldapPool.checkOut();
                            PSOIdentifier psoID = modifyRequest.getPsoID();
                            if (arrayList.size() == 1) {
                                String escapeForwardSlash = escapeForwardSlash(id);
                                String escapeForwardSlash2 = escapeForwardSlash(((AlternateIdentifier) arrayList.get(0)).getID());
                                LOG.info("Target '{}' - Renaming '{}' to '{}'", new Object[]{getId(), escapeForwardSlash, escapeForwardSlash2});
                                checkOut.rename(escapeForwardSlash, escapeForwardSlash2);
                                id = escapeForwardSlash2;
                                psoID = ((AlternateIdentifier) arrayList.get(0)).getPSOIdentifier();
                            }
                            LOG.debug("Target '{}' - Modifying '{}'", getId(), PSPUtil.toString(modifyRequest));
                            LOG.debug("Target '{}' - Modifications '{}'", getId(), arrayList2);
                            String escapeForwardSlash3 = escapeForwardSlash(id);
                            LOG.debug("Target '{}' - Modify DN '{}'", getId(), escapeForwardSlash3);
                            checkOut.modifyAttributes(escapeForwardSlash3, (ModificationItem[]) arrayList2.toArray(new ModificationItem[0]));
                            LOG.debug("Target '{}' - Modified '{}'", getId(), PSPUtil.toString(modifyRequest));
                            if (modifyRequest.getReturnData().equals(ReturnData.IDENTIFIER)) {
                                PSO pso = new PSO();
                                pso.setPsoID(psoID);
                                modifyResponse.setPso(pso);
                            } else {
                                LookupRequest lookupRequest = new LookupRequest();
                                lookupRequest.setPsoID(psoID);
                                lookupRequest.setReturnData(modifyRequest.getReturnData());
                                LookupResponse execute = execute(lookupRequest);
                                if (execute.getStatus() == StatusCode.SUCCESS) {
                                    modifyResponse.setPso(execute.getPso());
                                } else {
                                    fail(modifyResponse, execute.getError(), new String[0]);
                                }
                            }
                            this.ldapPool.checkIn(checkOut);
                        } catch (PspException e) {
                            fail(modifyResponse, ErrorCode.CUSTOM_ERROR, e);
                            this.ldapPool.checkIn((BaseLdap) null);
                        }
                    } catch (SchemaViolationException e2) {
                        if (!z) {
                            fail(modifyResponse, ErrorCode.CUSTOM_ERROR, e2);
                            this.ldapPool.checkIn((BaseLdap) null);
                            return;
                        }
                        LOG.error("Target '{}' - A schema violation occurred {}", getId(), e2);
                        if (!GROUP_OF_NAMES_ERROR.equals(e2.getMessage()) && !GROUP_OF_UNIQUE_NAMES_ERROR.equals(e2.getMessage())) {
                            fail(modifyResponse, ErrorCode.CUSTOM_ERROR, e2);
                            this.ldapPool.checkIn((BaseLdap) null);
                            return;
                        }
                        try {
                            ModifyRequest handleEmptyReferences = handleEmptyReferences(modifyRequest);
                            if (handleEmptyReferences != null) {
                                LOG.info("Target '{}' - Retrying modify request", getId(), PSPUtil.toString(handleEmptyReferences));
                                execute(handleEmptyReferences, modifyResponse, false);
                            }
                            this.ldapPool.checkIn((BaseLdap) null);
                        } catch (PspException e3) {
                            fail(modifyResponse, ErrorCode.CUSTOM_ERROR, e3);
                            this.ldapPool.checkIn((BaseLdap) null);
                        }
                    }
                } catch (NamingException e4) {
                    fail(modifyResponse, ErrorCode.CUSTOM_ERROR, e4);
                    this.ldapPool.checkIn((BaseLdap) null);
                }
            } catch (LdapPoolException e5) {
                fail(modifyResponse, ErrorCode.CUSTOM_ERROR, e5);
                this.ldapPool.checkIn((BaseLdap) null);
            }
        } catch (Throwable th) {
            this.ldapPool.checkIn((BaseLdap) null);
            throw th;
        }
    }

    public void execute(SearchRequest searchRequest, SearchResponse searchResponse) {
        Query query = searchRequest.getQuery();
        String str = null;
        for (HasReference hasReference : query.getQueryClauses()) {
            if (hasReference instanceof HasReference) {
                HasReference hasReference2 = hasReference;
                if (hasReference2.getTypeOfReference() != null && hasReference2.getToPsoID() != null && hasReference2.getToPsoID().getID() != null) {
                    str = "(" + hasReference2.getTypeOfReference() + "=" + hasReference2.getToPsoID().getID() + ")";
                }
            } else {
                if (!(hasReference instanceof Filter)) {
                    fail(searchResponse, ErrorCode.MALFORMED_REQUEST, new String[]{"Unsupported query."});
                    return;
                }
                EqualityMatch item = ((Filter) hasReference).getItem();
                if (item instanceof EqualityMatch) {
                    str = "(" + item.getName() + "=" + item.getValue().getValue() + ")";
                }
            }
        }
        if (DatatypeHelper.isEmpty(str)) {
            fail(searchResponse, ErrorCode.MALFORMED_REQUEST, new String[]{"A filter is required."});
            return;
        }
        if (query.getBasePsoID() == null || query.getBasePsoID().getID() == null) {
            fail(searchResponse, ErrorCode.MALFORMED_REQUEST, new String[]{"A basePsoID is required."});
            return;
        }
        String id = query.getBasePsoID().getID();
        SearchControls searchControls = new SearchControls();
        Scope scope = query.getScope();
        if (scope != null) {
            searchControls.setSearchScope(PSPUtil.getScope(scope));
        }
        ReturnData returnData = searchRequest.getReturnData();
        if (returnData == null) {
            returnData = ReturnData.EVERYTHING;
        }
        String[] strArr = (String[]) getPSP().getNames(getId(), returnData).toArray(new String[0]);
        searchControls.setReturningAttributes(strArr);
        Ldap ldap = null;
        try {
            try {
                try {
                    try {
                        try {
                            ldap = this.ldapPool.checkOut();
                            LOG.debug("Target '{}' - Search will return attributes '{}'", getId(), Arrays.asList(strArr));
                            LOG.debug("Target '{}' - Searching '{}'", getId(), PSPUtil.toString(searchRequest));
                            Iterator search = ldap.search(id, new SearchFilter(str), searchControls);
                            LOG.debug("Target '{}' - Searched '{}'", getId(), PSPUtil.toString(searchRequest));
                            LdapResult newLdapResult = new SortedLdapBeanFactory().newLdapResult();
                            newLdapResult.addEntries(search);
                            Collection entries = newLdapResult.getEntries();
                            LOG.debug("Target '{}' - Search found {} entries.", getId(), Integer.valueOf(entries.size()));
                            Iterator it = entries.iterator();
                            while (it.hasNext()) {
                                searchResponse.addPSO(getPSO((LdapEntry) it.next(), returnData));
                            }
                            if (this.logLdif) {
                                LOG.info("Target '{}' - LDIF\n{}", getId(), new Ldif().createLdif(newLdapResult));
                            }
                            this.ldapPool.checkIn(ldap);
                        } catch (PspException e) {
                            fail(searchResponse, ErrorCode.CUSTOM_ERROR, e);
                            this.ldapPool.checkIn(ldap);
                        }
                    } catch (LdapPoolException e2) {
                        fail(searchResponse, ErrorCode.CUSTOM_ERROR, e2);
                        this.ldapPool.checkIn(ldap);
                    }
                } catch (NamingException e3) {
                    fail(searchResponse, ErrorCode.CUSTOM_ERROR, e3);
                    this.ldapPool.checkIn(ldap);
                }
            } catch (NameNotFoundException e4) {
                fail(searchResponse, ErrorCode.NO_SUCH_IDENTIFIER, e4);
                this.ldapPool.checkIn(ldap);
            } catch (Spml2Exception e5) {
                fail(searchResponse, ErrorCode.CUSTOM_ERROR, e5);
                this.ldapPool.checkIn(ldap);
            }
        } catch (Throwable th) {
            this.ldapPool.checkIn(ldap);
            throw th;
        }
    }

    protected List<ModificationItem> getDsmlMods(Modification modification) throws PspException {
        int i;
        ArrayList arrayList = new ArrayList();
        for (DSMLModification dSMLModification : modification.getOpenContentElements(DSMLModification.class)) {
            BasicAttribute basicAttribute = new BasicAttribute(dSMLModification.getName());
            for (DSMLValue dSMLValue : dSMLModification.getValues()) {
                if (!DatatypeHelper.isEmpty(dSMLValue.getValue())) {
                    basicAttribute.add(dSMLValue.getValue());
                }
            }
            if (dSMLModification.getOperation().equals(ModificationMode.ADD)) {
                i = 1;
            } else if (dSMLModification.getOperation().equals(ModificationMode.DELETE)) {
                i = 3;
            } else {
                if (!dSMLModification.getOperation().equals(ModificationMode.REPLACE)) {
                    throw new PspException("Unknown dsml modification operation : " + dSMLModification.getOperation());
                }
                i = 2;
            }
            arrayList.add(new ModificationItem(i, basicAttribute));
        }
        return arrayList;
    }

    public LdapPool<Ldap> getLdapPool() {
        return this.ldapPool;
    }

    public String getLdapPoolId() {
        return this.ldapPoolId;
    }

    public String getLdapPoolIdSource() {
        return this.ldapPoolIdSource;
    }

    protected PSO getPSO(LdapEntry ldapEntry, ReturnData returnData) throws Spml2Exception, PspException {
        String str = "get pso for '" + ldapEntry.getDn() + "' target '" + getId() + "'";
        PSO pso = new PSO();
        Pso pSODefinition = getPSODefinition(ldapEntry);
        LOG.debug("{} schema entity '{}'", str, pSODefinition.getId());
        pso.addOpenContentAttr("entityName", pSODefinition.getId());
        PSOIdentifier pSOIdentifier = new PSOIdentifier();
        pSOIdentifier.setTargetID(getId());
        try {
            pSOIdentifier.setID(canonicalizeDn(ldapEntry.getDn()));
            pso.setPsoID(pSOIdentifier);
            if (returnData.equals(ReturnData.DATA) || returnData.equals(ReturnData.EVERYTHING)) {
                LdapAttributes ldapAttributes = ldapEntry.getLdapAttributes();
                TreeMap treeMap = new TreeMap(String.CASE_INSENSITIVE_ORDER);
                for (String str2 : pSODefinition.getAttributeNames()) {
                    treeMap.put(str2, str2);
                }
                TreeMap treeMap2 = new TreeMap(String.CASE_INSENSITIVE_ORDER);
                if (returnData.equals(ReturnData.EVERYTHING)) {
                    for (String str3 : pSODefinition.getReferenceNames()) {
                        treeMap2.put(str3, str3);
                    }
                }
                HashMap hashMap = new HashMap();
                HashMap hashMap2 = new HashMap();
                for (LdapAttribute ldapAttribute : ldapAttributes.getAttributes()) {
                    if (treeMap.containsKey(ldapAttribute.getName())) {
                        String str4 = (String) treeMap.get(ldapAttribute.getName());
                        hashMap.put(str4, getDsmlAttr(str4, ldapAttribute.getStringValues()));
                    } else if (returnData.equals(ReturnData.EVERYTHING) && treeMap2.containsKey(ldapAttribute.getName())) {
                        String str5 = (String) treeMap2.get(ldapAttribute.getName());
                        hashMap2.put(str5, getReferences(str5, ldapAttribute.getStringValues()));
                    } else {
                        LOG.trace("{} ignoring attribute '{}'", str, ldapAttribute.getName());
                    }
                }
                Extensible extensible = new Extensible();
                for (String str6 : pSODefinition.getAttributeNames()) {
                    if (hashMap.containsKey(str6)) {
                        extensible.addOpenContentElement((OpenContentElement) hashMap.get(str6));
                    }
                }
                if (extensible.getOpenContentElements().length > 0) {
                    pso.setData(extensible);
                }
                if (returnData.equals(ReturnData.EVERYTHING)) {
                    ArrayList arrayList = new ArrayList();
                    for (String str7 : pSODefinition.getReferenceNames()) {
                        if (hashMap2.containsKey(str7)) {
                            arrayList.addAll((Collection) hashMap2.get(str7));
                        }
                    }
                    PSPUtil.setReferences(pso, arrayList);
                }
            }
            return pso;
        } catch (InvalidNameException e) {
            LOG.error(str + " Unable to canonicalize entry dn.", e);
            throw new Spml2Exception(e);
        }
    }

    protected Pso getPSODefinition(LdapEntry ldapEntry) throws PspException {
        Attributes attributes = ldapEntry.getLdapAttributes().toAttributes();
        Pso pso = null;
        for (Pso pso2 : getPSP().getPsos(getId())) {
            PsoIdentifyingAttribute psoIdentifyingAttribute = pso2.getPsoIdentifyingAttribute();
            if (psoIdentifyingAttribute != null) {
                String name = psoIdentifyingAttribute.getName();
                String value = psoIdentifyingAttribute.getValue();
                Attribute attribute = attributes.get(name);
                if (attribute != null && attribute.contains(value)) {
                    if (pso != null) {
                        LOG.error("More than one schema entity found for " + ldapEntry.getDn());
                        throw new PspException("More than one schema entity found for " + ldapEntry.getDn());
                    }
                    pso = pso2;
                }
            }
        }
        if (pso != null) {
            return pso;
        }
        LOG.error("Unable to determine schema entity for " + ldapEntry.getDn());
        throw new PspException("Unable to determine schema entity for " + ldapEntry.getDn());
    }

    protected List<ModificationItem> getReferenceMods(Modification modification) throws PspException {
        int i;
        ArrayList arrayList = new ArrayList();
        Map references = PSPUtil.getReferences(modification.getCapabilityData());
        if (references.isEmpty()) {
            return arrayList;
        }
        for (String str : references.keySet()) {
            ArrayList arrayList2 = new ArrayList();
            for (Reference reference : (List) references.get(str)) {
                if (reference.getToPsoID().getTargetID().equals(getId())) {
                    String id = reference.getToPsoID().getID();
                    if (id == null) {
                        id = "";
                    }
                    arrayList2.add(id);
                }
            }
            BasicAttribute basicAttribute = new BasicAttribute(str);
            Iterator it = arrayList2.iterator();
            while (it.hasNext()) {
                basicAttribute.add((String) it.next());
            }
            if (modification.getModificationMode().equals(ModificationMode.ADD)) {
                i = 1;
            } else if (modification.getModificationMode().equals(ModificationMode.DELETE)) {
                i = 3;
            } else {
                if (!modification.getModificationMode().equals(ModificationMode.REPLACE)) {
                    throw new PspException("Unknown modification operation : " + modification.getModificationMode());
                }
                i = 2;
            }
            arrayList.add(new ModificationItem(i, basicAttribute));
        }
        return arrayList;
    }

    protected List<Reference> getReferences(String str, Collection<String> collection) throws Spml2Exception {
        try {
            ArrayList arrayList = new ArrayList();
            for (String str2 : collection) {
                Reference reference = new Reference();
                PSOIdentifier pSOIdentifier = new PSOIdentifier();
                pSOIdentifier.setID(canonicalizeDn(str2));
                pSOIdentifier.setTargetID(getId());
                reference.setToPsoID(pSOIdentifier);
                reference.setTypeOfReference(str);
                arrayList.add(reference);
            }
            return arrayList;
        } catch (InvalidNameException e) {
            LOG.error("Unable to canonicalize name", e);
            throw new Spml2Exception(e);
        }
    }

    protected void handleEmptyReferences(AddRequest addRequest) throws PspException, DSMLProfileException {
        DSMLAttr dSMLAttr;
        if (addRequest.getReturnData().equals(ReturnData.DATA)) {
            String findOpenContentAttrValueByName = addRequest.findOpenContentAttrValueByName("entityName");
            if (findOpenContentAttrValueByName == null) {
                throw new PspException("Null entity name.");
            }
            Pso pso = getPSP().getPso(getId(), findOpenContentAttrValueByName);
            if (pso == null) {
                throw new PspException("Unknown pso.");
            }
            Map dSMLAttrMap = PSPUtil.getDSMLAttrMap(addRequest.getData());
            for (PsoReferences psoReferences : pso.getReferences()) {
                if (psoReferences.getEmptyValue() != null && ((dSMLAttr = (DSMLAttr) dSMLAttrMap.get(psoReferences.getName())) == null || dSMLAttr.getValues().length == 0)) {
                    addRequest.getData().addOpenContentElement(new DSMLAttr(psoReferences.getName(), psoReferences.getEmptyValue()));
                }
            }
        }
    }

    protected ModifyRequest handleEmptyReferences(ModifyRequest modifyRequest) throws PspException {
        LOG.debug("Modify request before:\n{}", toXML(modifyRequest));
        String findOpenContentAttrValueByName = modifyRequest.findOpenContentAttrValueByName("entityName");
        if (findOpenContentAttrValueByName == null) {
            LOG.error("Unable to determine entity " + PSPUtil.toString(modifyRequest));
            return null;
        }
        Pso pso = getPSP().getPso(getId(), findOpenContentAttrValueByName);
        if (pso == null) {
            LOG.error("Unable to determine provisioned object " + PSPUtil.toString(modifyRequest));
            return null;
        }
        Modification[] modifications = modifyRequest.getModifications();
        if (modifications.length != 1) {
            LOG.debug("Only one modification is supported " + PSPUtil.toString(modifyRequest));
            return null;
        }
        Modification modification = modifications[0];
        if (!modification.getModificationMode().equals(ModificationMode.DELETE)) {
            LOG.debug("Only the delete modification mode is supported " + PSPUtil.toString(modifyRequest));
            return null;
        }
        List<ModificationItem> referenceMods = getReferenceMods(modification);
        if (referenceMods.size() != 1) {
            LOG.debug("Only one reference modification is supported " + PSPUtil.toString(modifyRequest));
            return null;
        }
        PsoReferences references = pso.getReferences(referenceMods.get(0).getAttribute().getID());
        if (references == null) {
            LOG.debug("Unable to determine references definition " + PSPUtil.toString(modifyRequest));
            return null;
        }
        String emptyValue = references.getEmptyValue();
        if (emptyValue == null) {
            LOG.debug("An empty value is not configured for references definition '" + references.getName() + "' " + PSPUtil.toString(modifyRequest));
            return null;
        }
        Reference reference = new Reference();
        reference.setToPsoID(new PSOIdentifier(emptyValue, (PSOIdentifier) null, getId()));
        reference.setTypeOfReference(references.getName());
        Modification modification2 = new Modification();
        try {
            modification2.addCapabilityData(PSPUtil.fromReferences(Arrays.asList(reference)));
            modification2.setModificationMode(ModificationMode.ADD);
            modifyRequest.clearModifications();
            modifyRequest.addModification(modification2);
            modifyRequest.addModification(modification);
            LOG.debug("Modify request after:\n{}", toXML(modifyRequest));
            return modifyRequest;
        } catch (Spml2Exception e) {
            LOG.error("Unable to add reference capability data " + PSPUtil.toString(modifyRequest), e);
            return null;
        }
    }

    public boolean isLogLdif() {
        return this.logLdif;
    }

    protected void onNewContextCreated(ApplicationContext applicationContext) throws ServiceException {
        LdapPool<Ldap> ldapPool = this.ldapPool;
        try {
            LOG.debug("Target '{}' - Loading ldap pool '{}'", getId(), getLdapPoolId());
            if (this.ldapPoolIdSource.equals("spring")) {
                LOG.debug("Target '{}' - Loading ldap pool '{}' from spring", getId(), getLdapPoolId());
                this.ldapPool = (LdapPool) applicationContext.getBean(getLdapPoolId());
            }
            if (this.ldapPoolIdSource.equals("grouper")) {
                LOG.debug("Target '{}' - Loading ldap pool '{}' from grouper", getId(), getLdapPoolId());
                this.ldapPool = SourceManager.getInstance().getSource(getLdapPoolId()).getLdapPool();
            }
        } catch (Exception e) {
            this.ldapPool = ldapPool;
            LOG.error(getId() + " configuration is not valid, retaining old configuration", e);
            throw new ServiceException(getId() + " configuration is not valid, retaining old configuration", e);
        }
    }

    public Set<PSOIdentifier> orderForDeletion(Set<PSOIdentifier> set) throws PspException {
        TreeMap treeMap = new TreeMap();
        try {
            for (PSOIdentifier pSOIdentifier : set) {
                treeMap.put(new LdapName(pSOIdentifier.getID()), pSOIdentifier);
            }
            LinkedHashSet linkedHashSet = new LinkedHashSet();
            ArrayList arrayList = new ArrayList(treeMap.keySet());
            Collections.reverse(arrayList);
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                linkedHashSet.add(treeMap.get((LdapName) it.next()));
            }
            if (LOG.isTraceEnabled()) {
                Iterator it2 = linkedHashSet.iterator();
                while (it2.hasNext()) {
                    LOG.trace("correct pso id '{}'", PSPUtil.toString((PSOIdentifier) it2.next()));
                }
            }
            return linkedHashSet;
        } catch (InvalidNameException e) {
            LOG.error("An error occurred ordering the PSO identifiers.", e);
            throw new PspException(e);
        }
    }

    public void setLdapPoolId(String str) {
        this.ldapPoolId = str;
    }

    public void setLdapPoolIdSource(String str) {
        this.ldapPoolIdSource = str;
    }

    public void setLogLdif(boolean z) {
        this.logLdif = z;
    }
}
