package org.exist.security.realm.ldap.xquery;

import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import org.exist.dom.QName;
import org.exist.security.Account;
import org.exist.security.AuthenticationException;
import org.exist.security.PermissionDeniedException;
import org.exist.security.SecurityManager;
import org.exist.security.realm.Realm;
import org.exist.security.realm.ldap.LDAPRealm;
import org.exist.xquery.BasicFunction;
import org.exist.xquery.FunctionSignature;
import org.exist.xquery.XPathException;
import org.exist.xquery.XQueryContext;
import org.exist.xquery.value.Sequence;
import org.exist.xquery.value.SequenceType;

/* loaded from: input_file:org/exist/security/realm/ldap/xquery/AccountFunctions.class */
public class AccountFunctions extends BasicFunction {
    public static final FunctionSignature[] signatures = {new FunctionSignature(new QName("update-account", LDAPModule.NAMESPACE_URI, LDAPModule.PREFIX), "Refreshed the cached LDAP account details from the LDAP directory", new SequenceType[]{new SequenceType(22, 2)}, new SequenceType(10, 1))};

    public AccountFunctions(XQueryContext xQueryContext, FunctionSignature functionSignature) {
        super(xQueryContext, functionSignature);
    }

    public Sequence eval(Sequence[] sequenceArr, Sequence sequence) throws XPathException {
        SecurityManager securityManager = this.context.getBroker().getBrokerPool().getSecurityManager();
        LDAPRealm ldapRealm = getLdapRealm(securityManager);
        String stringValue = sequenceArr[0].itemAt(0).getStringValue();
        Account account = securityManager.getAccount(stringValue);
        if (account == null) {
            throw new XPathException("The Account '" + stringValue + "' does not exist!");
        }
        try {
            ldapRealm.refreshAccountFromLdap(account);
            return Sequence.EMPTY_SEQUENCE;
        } catch (PermissionDeniedException | AuthenticationException e) {
            throw new XPathException(this, e);
        }
    }

    private LDAPRealm getLdapRealm(SecurityManager securityManager) throws XPathException {
        try {
            Method declaredMethod = securityManager.getClass().getDeclaredMethod("findRealmForRealmId", String.class);
            declaredMethod.setAccessible(true);
            LDAPRealm lDAPRealm = (Realm) declaredMethod.invoke(securityManager, LDAPRealm.ID);
            if (lDAPRealm == null) {
                throw new XPathException("The LDAP Realm is not in use!");
            }
            return lDAPRealm;
        } catch (IllegalAccessException | IllegalArgumentException | SecurityException e) {
            throw new XPathException(this, "Permission to access the LDAP Realm is denied: " + e.getMessage(), e);
        } catch (NoSuchMethodException e2) {
            throw new XPathException(this, "The LDAP Realm is not in use!", e2);
        } catch (InvocationTargetException e3) {
            throw new XPathException(this, "An error occured whilst accessing the LDAP Realm: " + e3.getMessage(), e3);
        }
    }
}
