package pl.edu.icm.unity.ldap.client.config.common;

import com.unboundid.ldap.sdk.Filter;
import com.unboundid.ldap.sdk.LDAPException;
import eu.unicore.util.configuration.ConfigurationException;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
import pl.edu.icm.unity.MessageSource;
import pl.edu.icm.unity.engine.api.PKIManagement;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.ldap.client.LdapUtils;
import pl.edu.icm.unity.ldap.client.config.ServerSpecification;
import pl.edu.icm.unity.ldap.client.config.common.LDAPConnectionProperties;

/* loaded from: input_file:pl/edu/icm/unity/ldap/client/config/common/LDAPCommonConfiguration.class */
public abstract class LDAPCommonConfiguration {
    public static final String USERNAME_TOKEN = "{USERNAME}";
    public static final String USER_DN_SEARCH_KEY = "searchUserDN";
    private String systemDN;
    private String systemPassword;
    private String validUserFilter;
    private UserDNResolving userDNResolving;
    private String userDNTemplate;
    private List<ServerSpecification> servers;
    private LDAPConnectionProperties.ConnectionMode connectionMode;
    private int followReferrals;
    private int searchTimeLimit;
    private int socketTimeout;
    private boolean trustAllCerts;
    private String clientTrustStore;
    private int resultEntriesLimit;
    private String usernameExtractorRegexp;
    private String ldapSearchBaseName;
    private String ldapSearchFilter;
    private LDAPConnectionProperties.SearchScope ldapSearchScope;

    /* loaded from: input_file:pl/edu/icm/unity/ldap/client/config/common/LDAPCommonConfiguration$UserDNResolving.class */
    public enum UserDNResolving {
        template,
        ldapSearch
    }

    public LDAPCommonConfiguration() {
        setUserDNResolving(UserDNResolving.template);
        setValidUserFilter("objectclass=*");
        this.servers = new ArrayList();
        setConnectionMode(LDAPConnectionProperties.DEFAULT_CONNECTION_MODE);
        setFollowReferrals(2);
        setSearchTimeLimit(30);
        setSocketTimeout(LDAPConnectionProperties.DEFAULT_SOCKET_TIMEOUT);
        setLdapSearchScope(LDAPConnectionProperties.SearchScope.base);
        setResultEntriesLimit(LDAPConnectionProperties.DEFAULT_RESULT_ENTRIES_LIMIT);
    }

    public void fromProperties(LDAPConnectionProperties lDAPConnectionProperties) {
        if (lDAPConnectionProperties.isSet(LDAPConnectionProperties.VALID_USERS_FILTER)) {
            setValidUserFilter(lDAPConnectionProperties.getValue(LDAPConnectionProperties.VALID_USERS_FILTER));
        }
        setSystemDN(lDAPConnectionProperties.getValue(LDAPConnectionProperties.SYSTEM_DN));
        setSystemPassword(lDAPConnectionProperties.getValue(LDAPConnectionProperties.SYSTEM_PASSWORD));
        setUserDNTemplate(lDAPConnectionProperties.getValue(LDAPConnectionProperties.USER_DN_TEMPLATE));
        List listOfValues = lDAPConnectionProperties.getListOfValues(LDAPConnectionProperties.SERVERS);
        List listOfValues2 = lDAPConnectionProperties.getListOfValues(LDAPConnectionProperties.PORTS);
        int i = 0;
        while (i < Math.max(listOfValues.size(), listOfValues2.size())) {
            int i2 = -1;
            try {
                i2 = listOfValues2.size() > i ? Integer.parseInt((String) listOfValues2.get(i)) : -1;
            } catch (NumberFormatException e) {
            }
            this.servers.add(new ServerSpecification(listOfValues.size() > i ? (String) listOfValues.get(i) : "", i2));
            i++;
        }
        if (lDAPConnectionProperties.isSet(LDAPConnectionProperties.CONNECTION_MODE)) {
            setConnectionMode((LDAPConnectionProperties.ConnectionMode) lDAPConnectionProperties.getEnumValue(LDAPConnectionProperties.CONNECTION_MODE, LDAPConnectionProperties.ConnectionMode.class));
        }
        if (lDAPConnectionProperties.isSet(LDAPConnectionProperties.FOLLOW_REFERRALS)) {
            setFollowReferrals(lDAPConnectionProperties.getIntValue(LDAPConnectionProperties.FOLLOW_REFERRALS).intValue());
        }
        if (lDAPConnectionProperties.isSet(LDAPConnectionProperties.SEARCH_TIME_LIMIT)) {
            setSearchTimeLimit(lDAPConnectionProperties.getIntValue(LDAPConnectionProperties.SEARCH_TIME_LIMIT).intValue());
        }
        if (lDAPConnectionProperties.isSet(LDAPConnectionProperties.SOCKET_TIMEOUT)) {
            setSocketTimeout(lDAPConnectionProperties.getIntValue(LDAPConnectionProperties.SOCKET_TIMEOUT).intValue());
        }
        if (lDAPConnectionProperties.isSet(LDAPConnectionProperties.RESULT_ENTRIES_LIMIT)) {
            setResultEntriesLimit(lDAPConnectionProperties.getIntValue(LDAPConnectionProperties.RESULT_ENTRIES_LIMIT).intValue());
        }
        setTrustAllCerts(lDAPConnectionProperties.getBooleanValue(LDAPConnectionProperties.TLS_TRUST_ALL).booleanValue());
        setClientTrustStore(lDAPConnectionProperties.getValue(LDAPConnectionProperties.TRUSTSTORE));
        setUsernameExtractorRegexp(lDAPConnectionProperties.getValue(LDAPConnectionProperties.USER_ID_EXTRACTOR_REGEXP));
    }

    public void toProperties(String str, Properties properties, MessageSource messageSource) throws ConfigurationException {
        if (getValidUserFilter() != null) {
            properties.put(str + "validUsersFilter", getValidUserFilter());
        }
        for (int i = 0; i < this.servers.size(); i++) {
            ServerSpecification serverSpecification = this.servers.get(i);
            properties.put(str + "servers." + (i + 1), serverSpecification.getServer());
            properties.put(str + "ports." + (i + 1), String.valueOf(serverSpecification.getPort()));
        }
        properties.put(str + "connectionMode", String.valueOf(getConnectionMode()));
        properties.put(str + "referralHopLimit", String.valueOf(getFollowReferrals()));
        properties.put(str + "searchTimeLimit", String.valueOf(getSearchTimeLimit()));
        properties.put(str + "socketTimeout", String.valueOf(getSocketTimeout()));
        properties.put(str + "trustAllServerCertificates", String.valueOf(isTrustAllCerts()));
        properties.put(str + "returnedEntriesLimit", String.valueOf(getResultEntriesLimit()));
        if (getClientTrustStore() != null) {
            properties.put(str + "truststore", String.valueOf(getClientTrustStore()));
        }
        if (getUsernameExtractorRegexp() == null || getUsernameExtractorRegexp().isEmpty()) {
            return;
        }
        properties.put(str + "usernameExtractorRegexp", getUsernameExtractorRegexp());
    }

    public void validateConfiguration(PKIManagement pKIManagement) throws ConfigurationException {
        validateServersConfiguration();
        validateUserDNTemplate();
        validateValidUserFilter();
        validateClientTrustStore(pKIManagement);
    }

    private void validateServersConfiguration() throws ConfigurationException {
        for (ServerSpecification serverSpecification : this.servers) {
            if (serverSpecification.getPort() > 65535 || serverSpecification.getPort() < 1) {
                throw new ConfigurationException("LDAP server port is out of range: " + serverSpecification.getPort());
            }
            if (!LdapUtils.nonEmpty(serverSpecification.getServer())) {
                throw new ConfigurationException("LDAP server name is invalid: " + serverSpecification.getServer());
            }
        }
    }

    private void validateUserDNTemplate() throws ConfigurationException {
        if (LdapUtils.nonEmpty(this.userDNTemplate) && !this.userDNTemplate.contains(USERNAME_TOKEN)) {
            throw new ConfigurationException("DN template doesn't contain the mandatory token {USERNAME}: " + this.userDNTemplate);
        }
    }

    private void validateValidUserFilter() throws ConfigurationException {
        if (this.validUserFilter != null) {
            try {
                Filter.create(this.validUserFilter);
            } catch (LDAPException e) {
                throw new ConfigurationException("Valid users filter is invalid.", e);
            }
        }
    }

    private void validateClientTrustStore(PKIManagement pKIManagement) throws ConfigurationException {
        if (this.connectionMode == LDAPConnectionProperties.ConnectionMode.plain || this.trustAllCerts) {
            return;
        }
        try {
            pKIManagement.getValidator(this.clientTrustStore);
        } catch (EngineException e) {
            throw new ConfigurationException("Invalid client truststore for the ldap client", e);
        }
    }

    public String getSystemDN() {
        return this.systemDN;
    }

    public void setSystemDN(String str) {
        this.systemDN = str;
    }

    public String getSystemPassword() {
        return this.systemPassword;
    }

    public void setSystemPassword(String str) {
        this.systemPassword = str;
    }

    public String getValidUserFilter() {
        return this.validUserFilter;
    }

    public void setValidUserFilter(String str) {
        this.validUserFilter = str;
    }

    public String getUserDNTemplate() {
        return this.userDNTemplate;
    }

    public void setUserDNTemplate(String str) {
        this.userDNTemplate = str;
    }

    public LDAPConnectionProperties.ConnectionMode getConnectionMode() {
        return this.connectionMode;
    }

    public void setConnectionMode(LDAPConnectionProperties.ConnectionMode connectionMode) {
        this.connectionMode = connectionMode;
    }

    public List<ServerSpecification> getServers() {
        return this.servers;
    }

    public void setServers(List<ServerSpecification> list) {
        this.servers = list;
    }

    public int getFollowReferrals() {
        return this.followReferrals;
    }

    public void setFollowReferrals(int i) {
        this.followReferrals = i;
    }

    public int getSearchTimeLimit() {
        return this.searchTimeLimit;
    }

    public void setSearchTimeLimit(int i) {
        this.searchTimeLimit = i;
    }

    public int getSocketTimeout() {
        return this.socketTimeout;
    }

    public void setSocketTimeout(int i) {
        this.socketTimeout = i;
    }

    public boolean isTrustAllCerts() {
        return this.trustAllCerts;
    }

    public void setTrustAllCerts(boolean z) {
        this.trustAllCerts = z;
    }

    public String getClientTrustStore() {
        return this.clientTrustStore;
    }

    public void setClientTrustStore(String str) {
        this.clientTrustStore = str;
    }

    public String getUsernameExtractorRegexp() {
        return this.usernameExtractorRegexp;
    }

    public void setUsernameExtractorRegexp(String str) {
        this.usernameExtractorRegexp = str;
    }

    public UserDNResolving getUserDNResolving() {
        return this.userDNResolving;
    }

    public void setUserDNResolving(UserDNResolving userDNResolving) {
        this.userDNResolving = userDNResolving;
    }

    public String getLdapSearchBaseName() {
        return this.ldapSearchBaseName;
    }

    public void setLdapSearchBaseName(String str) {
        this.ldapSearchBaseName = str;
    }

    public String getLdapSearchFilter() {
        return this.ldapSearchFilter;
    }

    public void setLdapSearchFilter(String str) {
        this.ldapSearchFilter = str;
    }

    public LDAPConnectionProperties.SearchScope getLdapSearchScope() {
        return this.ldapSearchScope;
    }

    public void setLdapSearchScope(LDAPConnectionProperties.SearchScope searchScope) {
        this.ldapSearchScope = searchScope;
    }

    public int getResultEntriesLimit() {
        return this.resultEntriesLimit;
    }

    public void setResultEntriesLimit(int i) {
        this.resultEntriesLimit = i;
    }
}
