package org.apache.manifoldcf.authorities.mappers.ldap;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InterruptedIOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.regex.Pattern;
import javax.naming.AuthenticationException;
import javax.naming.CommunicationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.StartTlsRequest;
import javax.naming.ldap.StartTlsResponse;
import org.apache.manifoldcf.authorities.mappers.BaseMappingConnector;
import org.apache.manifoldcf.authorities.system.Logging;
import org.apache.manifoldcf.connectorcommon.interfaces.IKeystoreManager;
import org.apache.manifoldcf.connectorcommon.interfaces.KeystoreManagerFactory;
import org.apache.manifoldcf.core.common.LDAPSSLSocketFactory;
import org.apache.manifoldcf.core.interfaces.ConfigNode;
import org.apache.manifoldcf.core.interfaces.ConfigParams;
import org.apache.manifoldcf.core.interfaces.IDFactory;
import org.apache.manifoldcf.core.interfaces.IHTTPOutput;
import org.apache.manifoldcf.core.interfaces.IPostParameters;
import org.apache.manifoldcf.core.interfaces.IThreadContext;
import org.apache.manifoldcf.core.interfaces.ManifoldCFException;

/* loaded from: input_file:org/apache/manifoldcf/authorities/mappers/ldap/LDAPMapper.class */
public class LDAPMapper extends BaseMappingConnector {
    public static final String _rcsid = "@(#)$Id$";
    private String bindUser;
    private String bindPass;
    private String serverProtocol;
    private String serverName;
    private String serverPort;
    private String serverBase;
    private String userBase;
    private String userSearch;
    private String ldapUserNameReplace;
    private String ldapAttributeCondition;
    private String ldapAttributeRegexpCondition;
    private Pattern ldapAttributeRegexpConditionPattern;
    private String ldapUserNameReplaceTrue;
    private List<String> forcedTokens;
    private String userNameAttr;
    private String sslKeystoreData;
    private IKeystoreManager sslKeystore;
    private LdapContext session = null;
    private StartTlsResponse tls = null;
    private long sessionExpirationTime = -1;
    private final long responseLifetime = 60000;
    private final int LRUsize = 1000;

    public String check() throws ManifoldCFException {
        disconnectSession();
        getSession();
        return super.check();
    }

    public boolean isConnected() {
        return this.session != null;
    }

    public void poll() throws ManifoldCFException {
        if (this.session != null && System.currentTimeMillis() > this.sessionExpirationTime) {
            disconnectSession();
        }
        super.poll();
    }

    protected void disconnectSession() {
        if (this.session != null) {
            try {
                if (this.tls != null) {
                    this.tls.close();
                }
                this.session.close();
            } catch (NamingException e) {
            } catch (IOException e2) {
            }
            this.tls = null;
            this.session = null;
            this.sessionExpirationTime = -1L;
        }
    }

    public void disconnect() throws ManifoldCFException {
        disconnectSession();
        super.disconnect();
        this.serverName = null;
        this.serverPort = null;
        this.serverBase = null;
        this.userBase = null;
        this.userSearch = null;
        this.userNameAttr = null;
        this.ldapUserNameReplace = null;
        this.ldapAttributeCondition = null;
        this.ldapAttributeRegexpCondition = null;
        this.ldapAttributeRegexpConditionPattern = null;
        this.ldapUserNameReplaceTrue = null;
        this.forcedTokens = null;
        this.sslKeystoreData = null;
        this.sslKeystore = null;
    }

    private LDAPProtocolEnum retrieveLDAPProtocol() {
        LDAPProtocolEnum lDAPProtocolEnum;
        if (this.serverProtocol == null || this.serverProtocol.length() == 0) {
            return LDAPProtocolEnum.LDAP;
        }
        String upperCase = this.serverProtocol.toUpperCase(Locale.ENGLISH);
        boolean z = -1;
        switch (upperCase.hashCode()) {
            case -1749021604:
                if (upperCase.equals("LDAPS+TLS")) {
                    z = 3;
                    break;
                }
                break;
            case 2331559:
                if (upperCase.equals("LDAP")) {
                    z = false;
                    break;
                }
                break;
            case 72278412:
                if (upperCase.equals("LDAPS")) {
                    z = true;
                    break;
                }
                break;
            case 1466448119:
                if (upperCase.equals("LDAP+TLS")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                lDAPProtocolEnum = LDAPProtocolEnum.LDAP;
                break;
            case true:
                lDAPProtocolEnum = LDAPProtocolEnum.LDAPS;
                break;
            case true:
                lDAPProtocolEnum = LDAPProtocolEnum.LDAP_TLS;
                break;
            case true:
                lDAPProtocolEnum = LDAPProtocolEnum.LDAPS_TLS;
                break;
            default:
                lDAPProtocolEnum = LDAPProtocolEnum.LDAP;
                break;
        }
        return lDAPProtocolEnum;
    }

    private boolean isLDAPTLS(LDAPProtocolEnum lDAPProtocolEnum) {
        return LDAPProtocolEnum.LDAP_TLS.equals(lDAPProtocolEnum) || LDAPProtocolEnum.LDAPS_TLS.equals(lDAPProtocolEnum);
    }

    private boolean isLDAPS(LDAPProtocolEnum lDAPProtocolEnum) {
        return LDAPProtocolEnum.LDAPS.equals(lDAPProtocolEnum) || LDAPProtocolEnum.LDAPS_TLS.equals(lDAPProtocolEnum);
    }

    private String printLdapContextEnvironment(Hashtable hashtable) {
        Hashtable hashtable2 = new Hashtable(hashtable);
        if (hashtable2.containsKey("java.naming.security.credentials")) {
            hashtable2.put("java.naming.security.credentials", "********");
        }
        return Arrays.toString(hashtable2.entrySet().toArray());
    }

    public void connect(ConfigParams configParams) {
        super.connect(configParams);
        this.bindUser = configParams.getParameter("ldapBindUser");
        this.bindPass = configParams.getObfuscatedParameter("ldapBindPass");
        this.serverProtocol = configParams.getParameter("ldapProtocol");
        this.serverName = configParams.getParameter("ldapServerName");
        this.serverPort = configParams.getParameter("ldapServerPort");
        this.serverBase = configParams.getParameter("ldapServerBase");
        this.sslKeystoreData = configParams.getParameter("sslKeystore");
        this.userBase = configParams.getParameter("ldapUserBase");
        this.userSearch = configParams.getParameter("ldapUserSearch");
        this.userNameAttr = configParams.getParameter("ldapUserNameAttr");
        this.ldapAttributeCondition = configParams.getParameter("ldapAttributeCondition");
        this.ldapAttributeRegexpCondition = configParams.getParameter("ldapAttributeRegexpCondition");
        this.ldapUserNameReplaceTrue = configParams.getParameter("ldapUserNameReplaceTrue");
        this.ldapUserNameReplace = configParams.getParameter("ldapUserNameReplace");
        if (this.ldapAttributeCondition != null) {
            this.ldapAttributeRegexpConditionPattern = Pattern.compile(this.ldapAttributeRegexpCondition);
        }
        this.forcedTokens = new ArrayList();
        int i = 0;
        while (i < configParams.getChildCount()) {
            int i2 = i;
            i++;
            ConfigNode child = configParams.getChild(i2);
            if (child.getType().equals("access")) {
                this.forcedTokens.add(child.getAttributeValue("token"));
            }
        }
    }

    protected LdapContext getSession() throws ManifoldCFException {
        try {
            LDAPProtocolEnum retrieveLDAPProtocol = retrieveLDAPProtocol();
            if (this.session != null) {
                if (isLDAPS(retrieveLDAPProtocol)) {
                    LDAPSSLSocketFactory.setSocketFactoryProducer(this.sslKeystore);
                }
                this.session.reconnect((Control[]) null);
            } else {
                if (this.serverName == null || this.serverName.length() == 0) {
                    Logging.mappingConnectors.error("Server name parameter missing but required");
                    throw new ManifoldCFException("Server name parameter missing but required");
                }
                if (this.serverPort == null || this.serverPort.length() == 0) {
                    Logging.mappingConnectors.error("Server port parameter missing but required");
                    throw new ManifoldCFException("Server port parameter missing but required");
                }
                if (this.serverBase == null) {
                    Logging.mappingConnectors.error("Server base parameter missing but required");
                    throw new ManifoldCFException("Server base parameter missing but required");
                }
                if (this.userBase == null) {
                    Logging.mappingConnectors.error("User base parameter missing but required");
                    throw new ManifoldCFException("User base parameter missing but required");
                }
                if (this.userSearch == null || this.userSearch.length() == 0) {
                    Logging.mappingConnectors.error("User search expression missing but required");
                    throw new ManifoldCFException("User search expression missing but required");
                }
                if (this.ldapUserNameReplace == null || this.ldapUserNameReplace.length() == 0) {
                    Logging.mappingConnectors.error("User name replace attribute missing but required");
                    throw new ManifoldCFException("User name replace attribute missing but required");
                }
                if (this.userNameAttr == null || this.userNameAttr.length() == 0) {
                    Logging.mappingConnectors.error("User name attribute missing but required");
                    throw new ManifoldCFException("User name attribute missing but required");
                }
                if (this.sslKeystoreData != null) {
                    this.sslKeystore = KeystoreManagerFactory.make("", this.sslKeystoreData);
                } else {
                    this.sslKeystore = KeystoreManagerFactory.make("");
                }
                Hashtable hashtable = new Hashtable();
                hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
                hashtable.put("java.naming.provider.url", "ldap://" + this.serverName + ":" + this.serverPort + "/" + this.serverBase);
                if (LDAPProtocolEnum.LDAPS.equals(retrieveLDAPProtocol)) {
                    LDAPSSLSocketFactory.setSocketFactoryProducer(this.sslKeystore);
                    hashtable.put("java.naming.security.protocol", "ssl");
                    hashtable.put("java.naming.ldap.factory.socket", "org.apache.manifoldcf.core.common.LDAPSSLSocketFactory");
                }
                if (this.bindUser != null && !this.bindUser.isEmpty()) {
                    hashtable.put("java.naming.security.authentication", "simple");
                    hashtable.put("java.naming.security.principal", this.bindUser);
                    hashtable.put("java.naming.security.credentials", this.bindPass);
                }
                Logging.mappingConnectors.info("LDAP Context environment properties: " + printLdapContextEnvironment(hashtable));
                this.session = new InitialLdapContext(hashtable, (Control[]) null);
                if (isLDAPTLS(retrieveLDAPProtocol)) {
                    this.session.extendedOperation(new StartTlsRequest()).negotiate(this.sslKeystore.getSecureSocketFactory());
                }
            }
            this.sessionExpirationTime = System.currentTimeMillis() + 300000;
            return this.session;
        } catch (CommunicationException e) {
            this.session = null;
            this.sessionExpirationTime = -1L;
            Logging.mappingConnectors.error("Communication error: " + e.getMessage(), e);
            throw new ManifoldCFException("Communication error: " + e.getMessage(), e);
        } catch (InterruptedIOException e2) {
            this.session = null;
            this.sessionExpirationTime = -1L;
            Logging.mappingConnectors.error("Interrupted IO error: " + e2.getMessage());
            throw new ManifoldCFException(e2.getMessage(), 2);
        } catch (AuthenticationException e3) {
            this.session = null;
            this.sessionExpirationTime = -1L;
            Logging.mappingConnectors.error("Authentication error: " + e3.getMessage() + ", explanation: " + e3.getExplanation(), e3);
            throw new ManifoldCFException("Authentication error: " + e3.getMessage() + ", explanation: " + e3.getExplanation(), e3);
        } catch (NamingException e4) {
            this.session = null;
            this.sessionExpirationTime = -1L;
            Logging.mappingConnectors.error("Naming exception: " + e4.getMessage(), e4);
            throw new ManifoldCFException("Naming exception: " + e4.getMessage(), e4);
        } catch (IOException e5) {
            this.session = null;
            this.sessionExpirationTime = -1L;
            Logging.mappingConnectors.error("IO error: " + e5.getMessage(), e5);
            throw new ManifoldCFException("IO error: " + e5.getMessage(), e5);
        }
    }

    protected SearchResult getUserEntry(LdapContext ldapContext, String str) throws ManifoldCFException {
        String replaceAll = this.userSearch.replaceAll("\\{0\\}", escapeDN(str));
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        String[] strArr = new String[4];
        strArr[0] = this.userNameAttr;
        strArr[1] = this.ldapUserNameReplace;
        if (this.ldapAttributeCondition != null && this.ldapAttributeCondition.length() > 0) {
            strArr[2] = this.ldapAttributeCondition;
            strArr[3] = this.ldapUserNameReplaceTrue;
        }
        searchControls.setReturningAttributes(strArr);
        try {
            NamingEnumeration search = ldapContext.search(this.userBase, replaceAll, searchControls);
            if (search.hasMoreElements()) {
                return (SearchResult) search.next();
            }
            return null;
        } catch (Exception e) {
            throw new ManifoldCFException(e.getMessage(), e);
        }
    }

    public static String escapeDN(String str) {
        StringBuilder sb = new StringBuilder();
        if (str.length() > 0 && (str.charAt(0) == ' ' || str.charAt(0) == '#')) {
            sb.append('\\');
        }
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case '\"':
                    sb.append("\\\"");
                    break;
                case '+':
                    sb.append("\\+");
                    break;
                case ',':
                    sb.append("\\,");
                    break;
                case ';':
                    sb.append("\\;");
                    break;
                case '<':
                    sb.append("\\<");
                    break;
                case '>':
                    sb.append("\\>");
                    break;
                case '\\':
                    sb.append("\\\\");
                    break;
                default:
                    sb.append(charAt);
                    break;
            }
        }
        if (str.length() > 1 && str.charAt(str.length() - 1) == ' ') {
            sb.insert(sb.length() - 1, '\\');
        }
        return sb.toString();
    }

    public String mapUser(String str) throws ManifoldCFException {
        Attribute attribute;
        LdapContext session = getSession();
        try {
            String replaceAll = this.userSearch.replaceAll("\\{0\\}", escapeDN(str));
            if (Logging.mappingConnectors.isDebugEnabled()) {
                Logging.mappingConnectors.debug("SearchFilter=" + replaceAll);
            }
            SearchResult userEntry = getUserEntry(session, str);
            if (userEntry == null) {
                if (Logging.mappingConnectors.isDebugEnabled()) {
                    Logging.mappingConnectors.debug("No Found answer for userName =" + str);
                }
                return str;
            }
            if (Logging.mappingConnectors.isDebugEnabled()) {
                Logging.mappingConnectors.debug("Found answer=" + userEntry.toString());
            }
            Attributes attributes = userEntry.getAttributes();
            Attribute attribute2 = attributes.get(this.ldapUserNameReplace);
            if (this.ldapAttributeCondition != null && this.ldapAttributeCondition.length() > 0 && (attribute = attributes.get(this.ldapAttributeCondition)) != null) {
                if (this.ldapAttributeRegexpConditionPattern.matcher((String) attribute.get(0)).find()) {
                    attribute2 = attributes.get(this.ldapUserNameReplaceTrue);
                    if (Logging.mappingConnectors.isDebugEnabled()) {
                        Logging.mappingConnectors.debug("LDAPMapper: condition matches");
                    }
                } else if (Logging.mappingConnectors.isDebugEnabled()) {
                    Logging.mappingConnectors.debug("LDAPMapper: condition not matches");
                }
            }
            String str2 = (String) attribute2.get(0);
            if (Logging.mappingConnectors.isDebugEnabled()) {
                Logging.mappingConnectors.debug("LDAPMapper: Input user name '" + str + "'; output user name '" + str2 + "'");
            }
            return str2;
        } catch (Exception e) {
            Logging.mappingConnectors.error("replace error for user : '" + str + "' error :" + e.getMessage());
            throw new ManifoldCFException("replace error: " + e.getMessage(), e);
        }
    }

    public void outputConfigurationHeader(IThreadContext iThreadContext, IHTTPOutput iHTTPOutput, Locale locale, ConfigParams configParams, List<String> list) throws ManifoldCFException, IOException {
        list.add(Messages.getString(locale, "LDAP.LDAPMapperTab"));
        Logging.mappingConnectors.info("LDAP.LDAPMapperTab=" + Messages.getString(locale, "LDAP.LDAPMapperTab"));
        list.add(Messages.getString(locale, "LDAP.ForcedTokens"));
        HashMap hashMap = new HashMap();
        fillInLDAPTab(hashMap, iHTTPOutput, configParams);
        fillInForcedTokensTab(hashMap, iHTTPOutput, configParams);
        Messages.outputResourceWithVelocity(iHTTPOutput, locale, "editConfiguration.js", hashMap);
        Messages.outputResourceWithVelocity(iHTTPOutput, locale, "configuration.css", hashMap);
    }

    private static String getParam(ConfigParams configParams, String str, String str2) {
        String parameter = configParams.getParameter(str);
        return parameter != null ? parameter : str2;
    }

    protected static void fillInForcedTokensTab(Map<String, Object> map, IHTTPOutput iHTTPOutput, ConfigParams configParams) {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < configParams.getChildCount(); i++) {
            ConfigNode child = configParams.getChild(i);
            if (child.getType().equals("access")) {
                arrayList.add(child.getAttributeValue("token"));
            }
        }
        map.put("FORCEDTOKENS", arrayList);
    }

    protected static void fillInLDAPTab(Map<String, Object> map, IHTTPOutput iHTTPOutput, ConfigParams configParams) {
        map.put("FSERVERPROTOCOL", getParam(configParams, "ldapProtocol", "ldap"));
        map.put("FSERVERNAME", getParam(configParams, "ldapServerName", ""));
        map.put("FSERVERPORT", getParam(configParams, "ldapServerPort", "389"));
        map.put("FSERVERBASE", getParam(configParams, "ldapServerBase", ""));
        String parameter = configParams.getParameter("sslkeystore");
        if (parameter != null) {
            map.put("SSLKEYSTOREDATA", parameter);
        }
        map.put("FUSERBASE", getParam(configParams, "ldapUserBase", "ou=People"));
        map.put("FUSERSEARCH", getParam(configParams, "ldapUserSearch", "(&(objectClass=inetOrgPerson)(mail={0}))"));
        map.put("FUSERNAMEATTR", getParam(configParams, "ldapUserNameAttr", "mail"));
        map.put("FUSERNAMEREPLACE", getParam(configParams, "ldapUserNameReplace", "cn"));
        map.put("ATTRIBUTECONDITION", getParam(configParams, "ldapAttributeCondition", "displayName"));
        map.put("ATTRIBUTEREGEXPCONDITION", getParam(configParams, "ldapAttributeRegexpCondition", "^a.*$"));
        map.put("FUSERNAMETRUEREPLACE", getParam(configParams, "ldapUserNameReplaceTrue", "givenName"));
        map.put("FBINDUSER", getParam(configParams, "ldapBindUser", ""));
        String obfuscatedParameter = configParams.getObfuscatedParameter("ldapBindPass");
        map.put("FBINDPASS", obfuscatedParameter == null ? "" : iHTTPOutput.mapPasswordToKey(obfuscatedParameter));
        HashMap hashMap = null;
        Object obj = null;
        try {
            IKeystoreManager make = parameter == null ? KeystoreManagerFactory.make("") : KeystoreManagerFactory.make("", parameter);
            String[] contents = make.getContents();
            if (contents.length > 0) {
                hashMap = new HashMap();
                for (String str : contents) {
                    String description = make.getDescription(str);
                    if (description.length() > 128) {
                        description = description.substring(0, 125) + "...";
                    }
                    hashMap.put(str, description);
                }
            }
        } catch (ManifoldCFException e) {
            obj = e.getMessage();
            Logging.mappingConnectors.warn(e);
        }
        if (hashMap != null) {
            map.put("SSLCERTIFICATESMAP", hashMap);
        }
        if (obj != null) {
            map.put("MESSAGE", obj);
        }
    }

    public void outputConfigurationBody(IThreadContext iThreadContext, IHTTPOutput iHTTPOutput, Locale locale, ConfigParams configParams, String str) throws ManifoldCFException, IOException {
        HashMap hashMap = new HashMap();
        hashMap.put("TabName", str);
        fillInLDAPTab(hashMap, iHTTPOutput, configParams);
        fillInForcedTokensTab(hashMap, iHTTPOutput, configParams);
        Messages.outputResourceWithVelocity(iHTTPOutput, locale, "editConfiguration_LDAP.html", hashMap);
        Messages.outputResourceWithVelocity(iHTTPOutput, locale, "editConfiguration_ForcedTokens.html", hashMap);
    }

    private boolean copyParam(IPostParameters iPostParameters, ConfigParams configParams, String str) {
        String parameter = iPostParameters.getParameter(str);
        if (parameter == null) {
            return false;
        }
        configParams.setParameter(str, parameter);
        return true;
    }

    public String processConfigurationPost(IThreadContext iThreadContext, IPostParameters iPostParameters, Locale locale, ConfigParams configParams) throws ManifoldCFException {
        copyParam(iPostParameters, configParams, "ldapProtocol");
        copyParam(iPostParameters, configParams, "ldapServerName");
        copyParam(iPostParameters, configParams, "ldapServerPort");
        copyParam(iPostParameters, configParams, "ldapServerBase");
        copyParam(iPostParameters, configParams, "ldapUserBase");
        copyParam(iPostParameters, configParams, "ldapUserSearch");
        copyParam(iPostParameters, configParams, "ldapUserNameAttr");
        copyParam(iPostParameters, configParams, "ldapUserNameReplace");
        copyParam(iPostParameters, configParams, "ldapAttributeCondition");
        copyParam(iPostParameters, configParams, "ldapAttributeRegexpCondition");
        copyParam(iPostParameters, configParams, "ldapUserNameReplaceTrue");
        copyParam(iPostParameters, configParams, "ldapBindUser");
        String parameter = iPostParameters.getParameter("ldapBindPass");
        if (parameter != null) {
            configParams.setObfuscatedParameter("ldapBindPass", iPostParameters.mapKeyToPassword(parameter));
        }
        String parameter2 = iPostParameters.getParameter("tokencount");
        if (parameter2 != null) {
            int i = 0;
            while (i < configParams.getChildCount()) {
                if (configParams.getChild(i).getType().equals("access")) {
                    configParams.removeChild(i);
                } else {
                    i++;
                }
            }
            int parseInt = Integer.parseInt(parameter2);
            int i2 = 0;
            while (i2 < parseInt) {
                String str = "_" + Integer.toString(i2);
                String parameter3 = iPostParameters.getParameter("accessop" + str);
                if (parameter3 == null || !parameter3.equals("Delete")) {
                    String parameter4 = iPostParameters.getParameter("spectoken" + str);
                    ConfigNode configNode = new ConfigNode("access");
                    configNode.setAttribute("token", parameter4);
                    configParams.addChild(configParams.getChildCount(), configNode);
                    i2++;
                } else {
                    i2++;
                }
            }
            String parameter5 = iPostParameters.getParameter("accessop");
            if (parameter5 != null && parameter5.equals("Add")) {
                String parameter6 = iPostParameters.getParameter("spectoken");
                ConfigNode configNode2 = new ConfigNode("access");
                configNode2.setAttribute("token", parameter6);
                configParams.addChild(configParams.getChildCount(), configNode2);
            }
        }
        String parameter7 = iPostParameters.getParameter("sslkeystoredata");
        String parameter8 = iPostParameters.getParameter("sslconfigop");
        if (parameter8 != null) {
            if (parameter8.equals("Delete")) {
                String parameter9 = iPostParameters.getParameter("sslkeystorealias");
                IKeystoreManager make = parameter7 != null ? KeystoreManagerFactory.make("", parameter7) : KeystoreManagerFactory.make("");
                make.remove(parameter9);
                parameter7 = make.getString();
            } else if (parameter8.equals("Add")) {
                String make2 = IDFactory.make(iThreadContext);
                byte[] binaryBytes = iPostParameters.getBinaryBytes("sslcertificate");
                IKeystoreManager make3 = parameter7 != null ? KeystoreManagerFactory.make("", parameter7) : KeystoreManagerFactory.make("");
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(binaryBytes);
                String str2 = null;
                try {
                    try {
                        make3.importCertificate(make2, byteArrayInputStream);
                        try {
                            byteArrayInputStream.close();
                        } catch (IOException e) {
                        }
                    } catch (Throwable th) {
                        str2 = th.getMessage();
                        try {
                            byteArrayInputStream.close();
                        } catch (IOException e2) {
                        }
                    }
                    if (str2 != null) {
                        return "Illegal certificate: " + str2;
                    }
                    parameter7 = make3.getString();
                } catch (Throwable th2) {
                    try {
                        byteArrayInputStream.close();
                    } catch (IOException e3) {
                    }
                    throw th2;
                }
            }
        }
        if (parameter7 == null) {
            return null;
        }
        configParams.setParameter("sslkeystore", parameter7);
        return null;
    }

    public void viewConfiguration(IThreadContext iThreadContext, IHTTPOutput iHTTPOutput, Locale locale, ConfigParams configParams) throws ManifoldCFException, IOException {
        HashMap hashMap = new HashMap();
        fillInLDAPTab(hashMap, iHTTPOutput, configParams);
        fillInForcedTokensTab(hashMap, iHTTPOutput, configParams);
        Messages.outputResourceWithVelocity(iHTTPOutput, locale, "configuration.css", hashMap);
        Messages.outputResourceWithVelocity(iHTTPOutput, locale, "viewConfiguration.html", hashMap);
    }
}
